Last week we revealed the results to the Thales survey investigating attitudes towards firms that have experienced data breaches. It showed us that the majority of the British public would reconsider brands affected by data breaches, with only 16% of respondents stating that they would continue to use their products or services as usual. This really shouldn’t come as a surprise, especially in the wake of incidents like last year’s TalkTalk attack, which ended up costing the company an estimated 101,000 customers.
When questioned on what they would be most concerned about following a breach of their personal information, respondents to our survey expressed that the theft of money from bank accounts (46%) was the primary concern, second to identity theft (38%).
While this result is understandable, as the theft of money from someone’s bank account as the result of a data breach is a very tangible fear, it’s the implications of identity theft that should pose far more of a concern. They can be extremely painful and long lasting, with clean-up from incidents taking months or even years, and having long term psychological effect on the individual who may be required to constantly have to prove to various authorities that they are who they say they are. Just this week it was announced that an NHS Trust fell victim to a cyber security incident, evoking public concern over potential identity theft.
With more than half of the respondents saying that in the wake of a data breach they would either immediately stop using an organisation’s products or services altogether, or use them only if they have no other choice, this survey should act as a stark reminder of the type of impact a breach can have on the brand and reputation of an organisation, as well as its bottom line.
If companies are serious about surviving in today’s digital world, it is imperative that the safety of their customers’ data is of paramount importance. The implementation of effective encryption and security controls, specifically placed around data to prevent and minimise damage from data breaches, is an absolute necessity.