83% Avoid a Business Following Breach and 21% Never Return

October 24, 2018

Almost half (44%) of US consumers have suffered the negative consequences of a security breach or hack, according to new research conducted on behalf of secure payments provider to contact centers, PCI Pal. The findings suggest that the combination of high-profile recent breaches, headlines devoted to new data privacy regulations such as the GDPR and California Privacy Law, and personal experience have put security concerns front and center for American shoppers.

“While security breaches are not new, US consumers’ attitudes towards them seem to be changing significantly - with the vast majority of Americans now reporting that trust in security practices (or lack thereof) influences not just where but also how, and how much they spend,” explained James Barham, COO at PCI Pal.

The research found that 83% of consumers will stop spending with a business for several months in the immediate aftermath of a security breach or a hack. Even more significantly, over a fifth (21%) of consumers will never return to a brand or a business post-breach, representing a significant loss of revenue. For any consumer facing business, this figure offers a stark warning.

Consumers reported that even being perceived as having lax security practices can be enough to incur spending penalties - almost half (45%) reported that they spend less with brands they perceive to have insecure data practices, while over a quarter (26%) say they stop spending completely if they don’t trust a company with their data.

The findings suggest that it’s not just online threats that worry consumers - 28% question how their data is being recorded when on the phone and almost half (42%) are uncomfortable sharing sensitive data such as credit card details over the phone. Given that 66% of all call centers are based in The Americas, the burden of security provisions to mitigate these concerns, must be a focus for organizations and brands that rely on telephone customer service practices.

Barham continues: “What’s really interesting is how consumers are increasingly questioning data security practices. 61% know they should check a company’s security process and 28% say they question businesses directly or research how they safeguard consumer data. This suggests a real change in how consumers prioritize privacy and security. Consumer-facing brands should pay attention - not just adopting stronger security practices but incorporating them into their marketing and communications strategies if they want to keep customers loyal and spending with them.”

With the advent of Internet of Things (IoT) technology and Industrial Internet of Things (IIoT), the cyber security practices are increasingly getting integrated with the physical security practices.

We will provide insight on NDAA Section 889 and how the act has evolved and impacted business, so that organizations can better mitigate risk and stay compliant.