Data Theft Victims, and Their Response to Breach Notifications
Data VizPublished Apr 14, 2016
Data VizPublished Apr 14, 2016
A summary of the results of RAND's first-of-its-kind survey aimed at learning about consumer response to security breaches is available on RAND dot org.
Data theft cuts across all demographics -- about 105 million Americans, or about 43% of all U.S. adults -- have been affected. More than half (56%) didn't know their data had been stolen before receiving a notification of the breach. Nearly two-thirds (62%) reported accepting an offer of free credit monitoring. While the median loss was around $500, an estimated 6 million adults reported perceived costs to them as $10,000 or more. Companies do a good job at responding, with more than three-quarters of adults reporting being very satisfied with post-breach responses. But 11%, or an estimated 11.5 million Americans, stopped dealing with the responsible company entirely as the result of a breach.
This infographic summarizes the results of a nationally representative survey of 2,038 adults regarding the last breach notification they received. Dollar losses and population numbers are estimates extrapolated from those survey data.
Types of data lost or stolen
Participants were able to check all that applied, so percentages add up to more than 100%.
Victims value these improvements more than monetary compensation.
Adapted from Consumer Attitudes Toward Data Breach Notifications and Loss of Personal Information, by Lillian Ablon, Paul Heaton, Diana Catherine Lavery, and Sasha Romanosky, RAND Corporation, RR-1187-ICJ, 2016.
Man with glasses: mediaphotos/iStock; icons: Askold Romanov/iStock; office building, Steppeua/iStock; credit card: L_amica/iStock.
IG-126 (2016)
This publication is part of the RAND infographic series. RAND infographics are design-focused, visual representations of data and information based on a published, peer-reviewed product or a body of published work.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.