Businesses held responsible for data breaches – study finds

2016 Data Breaches and Customer Loyalty report from Gemalto revealed that consumers put responsibility for protecting their personal data firmly at the hands of the organizations holding their data – and not themselves. 

According to the 9,000 consumers surveyed in Australia, Benelux, France, Germany, Russia, UAE, Saudi Arabia, India, Japan, United Kingdom, and United States, 70% of the responsibility for protecting and securing customer data lies with companies and only 30% of the responsibility with themselves.

Still, less than a third (29%) consumers believe companies are taking protection of their personal data very seriously. As more than 4.8 billion data records have been exposed since 2013 with identity theft being the leading type of data breach accounting for 64% of all data breaches, consumers are becoming increasingly fearful of their data being stolen, with 58% believing it will happen to them in the future.

Despite becoming more aware of the threats posed to them online, only 11% believe there are no apps or websites out there that pose the greatest risk to them and consumers are not changing behaviour as a result:

• 80% use social media, despite 59% believing these networks pose a great risk
• 87% use online or mobile banking, with 34% believing they leave them vulnerable to cybercriminals

Despite 21% admitting the threat of cybercrime increases a lot during Black Friday and Christmas, consumers are also more likely to shop online during these busy commercial periods (2% increase online versus -2% decrease in store).

Furthermore, the study found that fraudulent use of financial information has affected 21% of consumers, with others experiencing fraudulent use of their personal details (15%) and identity theft (14%). More than a third (36%) of those who have been a victim of a breach attribute this to a fraudulent website. Clicking a bad link (34%) and phishing (33%) were the next highest methods consumers were caught by. In keeping with the theme of putting the blame at the organization’s hands, over a quarter (27%) attributed the breach to a failure of the company’s data security solutions.