Almost 20% Of Consumers Would Avoid A Retailer After A Breach

As the list of retailers and service providers breached by hackers seems to be ever-growing, it seems the organizations that suffer at the hands of data thieves have a related but separate problem to worry about.

Customers are watching and making decisions about where to shop based on security questions more than they ever have.

According to new data released by KPMG, 19 percent of consumers would stop shopping at a retailer that had been breached — no matter what said retailer did to remediate the issue. Meanwhile, 33 percent of consumers surveyed indicated that a breach would at least cause a temporary hiatus in their shopping of three months or more over worries about the safety of their data.

Retail executives surveyed separately by KPMG indicated that, thus far, they have not made capital investments in cybersecurity in the last year, and 42 percent noted that there is not a designated head of information security at their firm.

The goods news out of the survey is the inverse of those numbers: A large percentage of consumers seem relatively unconcerned about breaches and would, more or less, leave their shopping habits unaltered by breaches.

Some have speculated that this is because consumers are not directly financially liable for breach-related costs (though identity theft can have long-ranging and difficult-to-fix consequences for consumer credit). Others have noted that breaches have simply become so endemic to the retail and service environment that consumers simply cannot alter their shopping habits enough to avoid them.

And endemic is perhaps the best way to describe the ongoing war with retail point-of-sale systems that hackers have been waging in some form or another for the last several years. In just the last two weeks, Eddie Bauer reported all of its locations in the U.S. and Canada had been compromised by malware, while an attack on Oracle’s MICROS POS system left many businesses and their customers potentially exposed.