Hacked Consumers Don’t Forgive Companies Who Lose Their Data. Bad news for Yahoo.

hacked consumers lose confidence in companyCaption: The majority of hacked consumers won’t forgive a company who compromises their data security..

Think back through your life about the times when you trusted a person or company … and they let you down. You can probably still remember it like it was yesterday. You see, the human psyche has a great capacity for remembering when it feels betrayed or abused.

So it should come as no surprise that hacked consumers harbor those same negative thoughts against companies who allow their personal data to be stolen. You trusted that company … and then they let you down.

A couple of recent studies show that a very high percentage of hacked customers would cease to do business with a company who had been hacked. Sure, in real life not all of those customers really would walk away … but they’d certainly remember and have a negative brand association for years to come.

Take the Consumer Trust Survey (link below) from Centrify. They reported that 75% of UK, 66% of US and 57% of German consumers would be ‘likely to stop doing business with a hacked organization’.

Reporting on another survey by F5 networks, IT Pro magazine (link below) identified a more forgiving side of the UK consumer’s nature by finding that just 50% of people would say ‘cheerio’ to a hacked company.

But whether the figure is 75% or 50%, risking the affections and loyalty of even half your customers would be a massive setback to any business.

 

Verizon and the Yahoo ‘half billion’ breach.

So with those ‘forgiveness’ figures in mind, Verizon – the new owner of Yahoo following their $4.83 acquisition – must be seriously concerned that 500 million Yahoo customer records have been hacked.

Those records include email addresses, date of birth, phone numbers and passwords. In short, a lot of the information that criminals need for identity theft.

“500 million Yahoo hacked consumers”

In terms of litigation, it remains to be seen what type of class action lawsuit will follow. But what is certainly the case is that 500 million consumers will now have to change their Yahoo password and, worse, worry about whether they used the same password and personal data for other websites. This is compounded by the fact that the Yahoo breach happened two years ago and has only just been discovered.

If we take the median figure of 66% of US consumers not forgiving a company that compromises their personal data, that means Verizon paid big money to get 330 million brand detractors.

In a c|net article (link below) titled ‘Yahoo hit in worst hack ever, 500 million accounts swiped’, a Verizon spokesperson is quoted as saying “We will evaluate, as the investigation continues, through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities.”

“Cybercriminals know that consumers use the same passwords across websites and applications, which is why these millions of leaked password credentials are so useful for perpetuating fraud,” said Brett McDowell, executive director of the FIDO Alliance, an organization that vets the security of password alternatives. “We need to take that ability away from criminals, and the only way to do that is to stop relying on passwords altogether.”

Brett McDowell
FIDO Alliance
c|net article (link below).

 

SecludIT identifies cyber risk with KRI tools.

Today’s C-Suites use KPIs to create dashboard of how the business is performing across a number of functional areas. But as the Yahoo breach has demonstrated, even tech-savvy companies find it hard to deal with the issue of cyber attack Key Risk Indicators.

“That’s why SecludIT has developed an automated KRI Cyber Risk application which will assess, score and prioritize a company’s IT vulnerabilities.”

Sergio Loureiro, co-founder of SecludIT, says that the KRI application deep scans a network for over 60,000 vulnerabilities and has four key advantages for the C-Suite and CISO:

    1. 1 – Metrics. Our KRI assigns a value to risks for key IT areas.
    1. 2 – The risks are prioritized, and presented in a format for the C-suite.
    1. 3 – There is also a remediation report for the CISO team, to fastback fixes.
    1. 4 – Progress can be monitored by subsequent KRI scans, to measure the decreasing risk.

SecludIT has carried out over one million network scans for businesses around the world, and over 98% of those security audits identified vulnerabilities. And yet the SecludIT package is easily installed, can be run in a morning for most networks, and has no effect on network performance for employees and web-based consumers.

 

 

Hacked consumers attitudes to IT security. Research reports.

Half of Brits say they’d ditch firms that leak their data, but experience suggests otherwise.
http://www.itpro.co.uk/security/27251/would-you-drop-a-company-because-it-was-hacked-of-course-not

Statistics Reveal Consumer Attitudes Toward Corporate Hacking.
https://www.centrify.com/lp/full-identity-security

Infographic. Businesses are [punished] for cyberattacks in 2016.
https://www.centrify.com/resources/consumer-trust-survey-infographic/

75% of UK consumers won’t do biz with a company that has been hacked.
http://www.scmagazineuk.com/75-of-uk-consumers-wont-do-biz-with-a-company-that-has-been-hacked/article/501677/

Yahoo hit in worst hack ever, 500 million accounts swiped.
https://www.cnet.com/news/yahoo-500-million-accounts-hacked-data-breach/

Leave a Reply