Backlash: Half of Consumers Take Business Elsewhere Post-Breach

With major data breaches making what seem like daily headlines, attention is turning to the aftermath of those hacks and the toll they take on the executive suite and the bottom line alike. New research shows that companies are paying a steep price when customers’ information is compromised: more than half of all respondents, 51%, will take their business elsewhere after a breach.

A snap poll conducted by HyTrust shows that household names, such as retailers Home Depot, Target, Goodwill and Neiman Marcus, as well as individual banks, healthcare organizations, insurance companies and ISPs, are all vulnerable to consumer backlash. In particular, customers are likely to churn in the event of a compromise of personal information, including address, social security number and credit card details.

More than a third of respondents, 34.2%, believe that the worst piece of information to be compromised is the social security number (SSN).

The number of people that will talk with their wallets and take their business elsewhere jumps to 60.2% among consumers in the 35 to 44 age range—a key consumer demographic.

Customers feel victimized as well: a full 45.6% said that the companies involved in such a breach should be considered criminally negligent the moment a breach occurs, with the majority also believing that all officers of a company should be held responsible. Famously, this is what happened at Target, which saw a few of its C-suite depart in the wake of last year’s catastrophe.

When asked who in particular should be held ultimately accountable for failures in information security, 19.7% of respondents don’t make a distinction between executives with varying responsibilities, pointing the finger at “all officers” of a company. However, men and women aged 25 to 34 identify CSOs as most responsible, while those in the 45 to 54 age bracket go easiest on them.

“There probably isn’t a single straw that broke the camel’s back—it’s just the sheer volume of stories about data breaches, many at companies that have developed a customer-friendly brand,” said Eric Chiu, president at HyTrust, in a statement. “What this poll shows is that companies are finally, and inevitably, being held to account for their security vulnerabilities. Consumers have options, and when there are endless stories about the loss of confidential information, they’re going to other vendors. Every security breach clearly has a direct impact on operations, but there’s now clear evidence that extensive brand damage happens as well, and the executives involved will have to pay the price.”

Further, it would appear that there is little wiggle room: most consumers (45.6%) blame the companies involved the moment a data breach occurs, while only 12% withhold condemnation until ‘it happens more than once.’ Additionally, this finger-pointing increases with age, with 34% of 25-34 year olds laying immediate blame versus 51% of those 65 and up.

Interestingly, the more consumers make, the more forgiving they tend to be; the top answer for those making $150,000 or more shifted to ‘when it happens more than once.’

Higher earners are also more concerned about their SSNs: 36.5% of those making $50,000 to $74,000 per year cite this potential theft as most serious, while that falls to 22.8% among those making $24,000 or less. 

What’s Hot on Infosecurity Magazine?