Data Breach Notice Research by the Identity Theft Resource Center Shows Consumers Don’t Act After a Data Theft

Sixteen (16) percent of respondents didn’t act after a data breach notice, leaving them and their employers vulnerable to identity crimes

The Identity Theft Resource Center (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, published research conducted by DIG.Works that explored several issues related to data and account compromises, as well as data breach notices.

Marketing Technology News: AX Semantics Wins Gold for Best Business Technology Solution – AI and Machine Learning in the…

The ITRC and DIG.Works surveyed 1,050 U.S. adult consumers about the issues and discovered that, overall, consumers reported a high level of awareness of data compromises and the range of actions they can take to protect themselves before and after a data breach. However, there is a significant gap between consumers’ level of awareness and actions that leave most people open to additional attacks and identity crimes.

  • A shockingly high number of respondents (16 percent) took no action after receiving a notice of data breach; less than half (48 percent) changed the password only on the breached account; only 22 percent changed all of their passwords.
  • Just three (3) percent of respondents said they placed a credit freeze to block new accounts from being created.
  • Only 15 percent of respondents say they use unique passwords for each of their accounts; the other 85 percent admit to reusing passwords on multiple accounts.
  • Thirty-three (33) percent of the respondents who do not follow suggested password practices answered that their practices are good enough; 13 percent say they don’t think strong and unique passphrases are important.

“Most people know what they should do, but choose not to in the areas of data protection and password practices,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center. “Organizations need to review how they notify consumers of data breaches to reduce the level of inaction and improve the credit freeze adoption rates. Also, businesses should recommend to consumers that they reset any passwords that are not unique and offer multi-factor authentication with an app.”

Marketing Technology News: MarTech Interview with Ajay Khanna, Chief Marketing Officer at Explorium

Other findings include:

  • Seventy-three (73) percent of respondents believe their personal information has been impacted by a data breach; 72 percent have received a notice of data breach letter.
  • Fifty-five (55) percent of social media accounts have been compromised, including 42 percent of Facebook users and 32 percent of Instagram users.
  • When asked why they didn’t act after receiving a breach notice, 26 percent said “my data is already out there;” 29 percent believed organizations responsible for protecting their data would address the issue; 17 percent did not know what to do; 14 percent thought the notice was a scam.

Consumers can receive free live victim support or guidance from a knowledgeable advisor by calling 888.400.5530 or visiting idtheftcenter.org to live-chat.