Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Who Left the Barn Door Open?

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

Who’s responsible for the breaches that permit cybercriminals to rip off consumers’ data — Banks? Retailers? Credit/debit card issuers?

Why not ask consumers? Which is exactly what Brunswick Group, a business communications firm, did in their online survey of 750 U.S. consumers, “Main Street vs. Wall Street: Who is to Blame for Data Breaches?”


The survey found that consumers blame retailers for not doing enough to protect customer information. More troubling for retailers is what the survey says consumers are doing about it: “heading to the exits – with a significant number changing their buying habits.”

An article about the survey on (Link to article) has these key findings:

  • Ninety-four percent of consumers surveyed are concerned about retail data breaches.
  • Consumers are nearly as likely to hold retailers responsible for data breaches (61 percent) as the criminals themselves (79 percent). Only 34 percent blame the banks that issue debit and credit cards.
  • Seventy-five percent believe that retailers are not doing enough to prevent infiltrations into their customer data and payment systems.
  • Seventy percent of respondents believe that retailers should be held financially responsible for consumer losses that result from a breach; not banks or card issuers.
  • Finally – and most troubling – 34 percent of those surveyed report that they no longer shop at a specific retailer due to a past data breach issue.

How about Wall Street?

Brunswick’s analysis showed that of the 13 companies that recently experienced a large data breach, each experienced a sustained drop in their average daily stock price. On average, six months after a breach, company valuation had not yet rebounded to pre-breach value.

“A data breach hits a company at the cash register, on Wall Street and at the heart of their relationship with the customer,” said Mark Seifert, partner at Brunswick Group. “If consumers don’t feel the retailer is doing enough to protect their data, they will protect themselves by shopping elsewhere.”

Brandon Borrman, partner at Brunswick Group, added, “It is no longer acceptable for retailers to look to banks and issuers to protect customers; instead, the onus is on retailers to address the issue head on in their security systems.” He continued, “What is clear is that the traditional approach to addressing the inevitable data breach no longer works. Consumers, press and regulators expect more transparency and clarity, and companies must be prepared.”

By ThreatMetrix Posted