Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/10/2015
03:05 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Global survey by Gemalto reveals impact of data breaches on customer loyalty

Global survey by Gemalto reveals impact of data breaches on customer loyalty. SHARE THIS Nearly two-thirds of consumers surveyed say they are unlikely to do business again with a company that had experienced a data breach where financial information was stolen.

AMSTERDAM – December 10, 2015 – Nearly two-thirds (64%) of consumers surveyed worldwide say they are unlikely to shop or do business again with a company that had experienced a breach where financial information was stolen, and almost half (49%) had the same opinion when it came to data breaches where personal information was stolen. This is according to a recent global survey by Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, titled "Broken Trust: 'Tis the Season to Be Wary", which surveyed 5,750 consumers in Australia, Brazil, France, Germany, Japan, United Kingdom and United States.

Key Findings
The survey findings are revealing as more consumers rush to complete their shopping during the holiday season. Six in ten people surveyed (59%) believe that threats to their personal information increases during the festive season, and two in ten (18%) believe that they are likely to be a victim of a breach during the holiday season.

Confidence in corporate data security is low
Only a quarter (25%) of all respondents feel that companies take the protection and security of customer data very seriously. More than twice as many respondents feel that the responsibility of protecting and securing customer data falls on the company (69%) versus the customer (31%). Of the employed respondents, only around two fifths (38%) feel that their employer takes the protection and security of employee data very seriously.

Consumers have been hit hard before
The survey revealed that 31% of respondents have already been affected by data breach in the past. Around four in ten state the most likely causes for being a victim of a breach are visiting a fraudulent website (42%), phishing attacks (40%) or clicking a fraudulent web link (37%). The emotional impact of data breaches has also created apprehensive feelings towards businesses with nearly one fifth surveyed (19%) feeling they are likely to be a victim of one within twelve months to three years.

Ninety percent of surveyed consumers feel that there are apps and websites that pose significant risks to the protection and security of their personal information. Fifty-five percent believe that social media sites expose them to the greatest risk, and around two in five respondents believe adult content and torrent apps/websites carry the greatest risk to the security of personal information.

Customers are getting increasingly impatient with breached companies
Around a quarter (23%) of respondents who have been a victim of a data breach, either have, or would, consider taking legal action against the breached company involved in exposing their personal information. Almost half (49%) of respondents said they would take or would consider taking legal action against any of the parties involved in exposing their personal information.

Security is a two-way street
However, the consumer is not completely absolved of responsibility. Despite the many risks involved, the survey also found that a majority (54%) of respondents are using the same password for all or some of their online accounts. Of the respondents who actively use social media accounts, only a quarter (25%) use two-factor authentication to secure all of their social media accounts. Of the respondents who actively use online/mobile banking, around three fifths (58%) say that all of their banks use two-factor authentication to secure their internet banking. This isn't as widespread amongst retailers, however. Of the respondents who actively use online retail accounts, one in four (25%) state that all of the online retail apps/websites they use, require two-factor authentication to secure online transactions.

"The media coverage of massive data breaches has done little to instil consumers' confidence in how well companies, big and small, are protecting their data," said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. "The fact that employees don't even feel that their employers are taking the protection of their personal data security very seriously rings alarm bells. Either companies need to increase their security measures or, assuming that they already have these in place, they need to communicate this to their customers."
"As companies collect ever-increasing amounts of customer data and as our digital interactions become more diverse, more data about what we do, who we are and what we like is being stored online," continued Hart. "The survey proves that the traditional data security mind-set needs to evolve, this goes for companies and consumer adoption of advanced security measures like two-factor authentication. Otherwise, an increasing numbers of consumers will cut ties with companies who aren't taking data protection seriously, and take their business to someone they can trust."

About the Survey
Independent technology market research specialist Vanson Bourne was commissioned by Gemalto to undertake the research on which this report is based. 5,750 consumers were interviewed during October and November 2015. 1,500 interviews in the US, 500 in Brazil and 750 in each of the following countries: UK, Australia, Japan, France and Germany. To qualify for the study, consumers had to actively use online/mobile banking, social media accounts or online retail accounts.
Related Resources
Customer Loyalty and Data Breach Report
Customer Loyalty and Data Breach Infographic

About Gemalto
Gemalto (Euronext NL0000400653 GTO) is the world leader in digital security, with 2014 annual revenues of €2.5 billion and blue-chip customers in over 180 countries.
Gemalto helps people trust one another in an increasingly connected digital world. Billions of people want better lifestyles, smarter living environments, and the freedom to communicate, shop, travel, bank, entertain and work – anytime, everywhere – in ways that are enjoyable and safe. In this fast moving mobile and digital environment, we enable companies and administrations to offer a wide range of trusted and convenient services by securing financial transactions, mobile services, public and private clouds, eHealthcare systems, access to eGovernment services, the Internet and internet-of-things and transport ticketing systems.
Gemalto’s unique technology portfolio - from advanced cryptographic software embedded in a variety of familiar objects, to highly robust and scalable back-office platforms for authentication, encryption and digital credential management - is delivered by our world-class service teams. Our 14,000 employees operate out of 99 offices, 34 personalization and data centers, and 24 research and software development centers located in 46 countries.

For more information visit www.gemalto.com, www.justaskgemalto.com, blog.gemalto.com, or follow @gemalto on Twitter.
Gemalto media contacts:
Philippe Benitez
North America
+1 512 257 3869
[email protected]

Ernesto Haikewitsch
Latin America
+55 11 5105 9220
[email protected] Edoire
Europe & CIS
+33 4 42 36 45 40
[email protected]

Kristel Teyras
Middle East & Africa
+33 1 55 01 57 89
[email protected] Vivian Liang
大中华地区 (Greater China)
+86 1059373046 [email protected]

Pierre Lelievre
Asia Pacific
+65 6317 3802
[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...