Recent Breaches Appear To Be Hitting Home With Consumers

It’s one thing to note that a merchant’s payment-data system has been breached, but the reality of what that means really hits home when consumers start saying they’ve been affected. And new Pew Research Center survey data show a significant rise in the percentage of respondents who say they’ve had personal information, including credit card data, compromised, with many apparently affected by the breaches late last year at Target, Neiman Marcus and other large retailers.

By Jeffrey Green (@epaymentsguy)

About one in five online consumers has had valuable personal information stolen, and about the same percentage have had an email of social-networking account compromised, new research suggests.

In a survey of online adults Princeton Survey Research Associates International conducted for Pew Research Center in January, 18 percent of participants said they have had their Social Security number, credit card or bank account information stolen, up from 11 percent who said so in a similar survey in June 2013. Moreover, 21 percent said they had their email or social-network account accessed without their permission, no change from last summer’s survey,

For the project, researchers obtained telephone interviews from Jan. 23 to 26 with a nationally representative sample of 1,002 adults living in the continental United States. The margin of sampling error for the complete set of weighted data is ± 3.5 percentage points, Pew said.

Recent data breaches, including the one at Target that began a string of others, including at Neiman Marcus, plus the recently announced Heartbleed OpenSSL bug that affected two-thirds of active Internet sites, have made consumers especially vulnerable and increasingly aware of the extent to which their personal information is not necessarily safe, both from a perception and actual basis, Pew’s data suggests.

“The consequences of these flaws and breaches may add insult to injury for those who have already experienced some kind of personal information theft,” Mary Madden, senior researcher for the Pew Research Center’s Internet & American Life Project, said of the findings. “And research suggests that young adults and younger baby boomers may have been especially hard hit in the second half of 2013.”

Different age groups seemed particularly vulnerable, Pew data show. In Pew’s survey last July, 7% of responding online adults ages 18 to 29 said they were aware that they had important personal information stolen such as their Social Security Number, credit card or bank account information. In January, the percentage jumped to 15 percent. Moreover, respondents ages 50 to 64 became significantly more likely to report that they had personal information stolen, Pew found, jumping to 20 percent of respondents in January from 11% who said so last July.

Among other age groups, the percentage jumped to 20 percent from 15 percent for respondents ages 30 to 49, and to 13 percent from 9 percent for those ages 65 and older.

In a March 2014 podcast interview with Market Platform Dynamics CEO Karen Webster, Dan Charron, president ad CEO of Chase Paymentech, noted that one of the biggest challenges facing the payments industry is to obtain a mindset around security, looking at security solutions versus security programs, or solving a static problem versus having a dynamic environment.

Indeed, crooks breaching the payment-data systems treat their activities as a business, Charron said. “They wake up every morning, (and) they’re trying to find holes. And they are constantly changing and probing, he said. “So I would say the biggest thing (necessary) is a mindset there around a very robust, dynamic program that covers the entire landscape and having that in place is probably the biggest challenge that we face today in the industry.”

As online Americans have become ever more engaged with online life, their concerns about the amount of personal information available about them online have shifted as well. When we look at how broad measures of concern among adults have changed over the past five years, we find that internet users have become more worried about the amount of personal information available about them online—50% reported this concern in January 2014, up from 33% in 2009.