News Database Security

Most Consumers Don't Understand Breach Notifications

Kelly Jackson Higgins

See more from Kelly
Connect directly with Kelly: Bio  |  Contact

Victims say breach notification letter didn't include enough detail, or they had trouble understanding it

Kelly Jackson Higgins June 07, 2012

Most consumers affected by data breaches are disappointed or confused about the notifications they get about the hacks, a new study finds.

More than 70 percent of people who had received breach notification letters said they weren't satisfied with the alerts and needed more information, according to a new report by The Ponemon Institute and Experian Data Breach Resolution.

More Security Insights

White Papers
More >>
Reports
More >>
Webcasts
More >>

Unclear breach notification appears to be a big issue: Sixty-seven percent of the 700 survey respondents said the notification didn't include enough detail, and 61 percent said they had trouble understanding it. More than 40 percent said their data was likely stolen, while 37 percent said they didn't know what the incident was about.

"While it's important for companies to do everything possible to safeguard consumer data, it's just as important to communicate effectively in the event of a breach," said Michael Bruemmer, vice president at Experian Data Breach Resolution. "Effective and appropriate communication to customers who have been impacted by a breach includes describing the type of data that was lost or taken, an estimate of probability that the data will be abused and the business recourse that the company will offer."

Then there's what to do in the aftermath. More than 60 percent of the victims said the breached organization should be forced to compensate them with cash or their products or services. Meanwhile, 58 percent said they should provide them with identity protection services, and 55 percent said they should offer credit-monitoring services.

"In the aftermath of a data breach, it is imperative to a company's reputation that it take the necessary steps to inform those affected by the incident in a timely and transparent fashion," said Larry Ponemon, chairman and founder of Ponemon Institute. "As shown in the findings of this consumer study, resources spent on personalizing the message, offering assistance to reduce the likelihood of identity theft and providing specific information about the nature of the incident help reassure victims that the organization truly has the customer's well-being in mind."

The full consumer breach notification study is available here for download.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins

See more from Kelly
Connect directly with Kelly: Bio  |  Contact

Related Reading

News

Commentary

Most Popular

On the Web

More On the Web»

Slideshow

Dark Reading Discussions

Start the Discussion


InformationWeek encourages readers to engage in spirited, healthy debate, including taking us to task. However, InformationWeek moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. InformationWeek further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.