According to a recent TSYS survey, 64% of consumers hold merchants responsible for a data breach
We all know that feeling of euphoria that a retail purchase can bring – especially snatching up a bargain.
And then there is the call, email or letter in the mail telling you that your credit card may have been compromised due to a possible breach. How many of us have gotten that kind of communication in the last year?
The Identity Theft Resource Center has recorded all reported breaches in 2014 – from credit card fraud, to stolen patient records, to email hacks – and the results are alarming. Year to date, an astonishing 381 breaches have been reported and over 11 million individual records compromised.
You’d need to be living under a rock not to be aware of the rash of recent breaches. And with no shortage of media reports on big-box retailers, consumers want to know how these criminal acts will affect them personally. Merchants and card issuers would be foolish not consider how this concern will affect consumer spending behavior, particularly with the big holidays coming up.
- 83% of respondents said that they were aware of recent data breaches
- 64% held merchants responsible
- 63% were willing to switch banks for one that offered better security feature
- 37% indicated that breaches have changed their shopping behavior
That’s right – 64% of consumers held merchants responsible for a breach. If that’s not enough indication that merchants need to rethink their security strategies, consider that as of February 2014, Target had spent over $61 million in legal fees, software updates, customer reimbursement and credit card monitoring due to their cyber failure, as Washington Post reported. Additional sales have been lost due to the breach, as customer trust has been shattered – the result was a near 50% drop in profit in last year’s fourth fiscal quarter and more than 1/3 profit loss for 2013 overall.
Kevin Haley, director or Symantec’s security response program advises companies to strengthen their security infrastructure with “data loss prevention, network security, endpoint security, encryption, and strong authentication and defensive measures.”He recommends companies of all sizes to re-examine and re-architect their security.
Bluefin’s security stack adopts a holistic approach to security with our PCI-validated P2PE solution, which prevents clear-text cardholder data from being available in a point of entry device or in the systems or networks – which in our opinion is a crucial technology along with EMV and tokenization.
“While it’s not difficult to quantify the impact of data breaches, the damage to a company’s reputation and the loss of consumer trust can be much harder to recover,” Haley insists. It’s unfortunate – but consumers don’t forget.