News Release
One-Fourth of American Adults Notified of Data Breach in Past Year; Few Consumers Penalize Hacked Companies
Apr 13, 2016
Although spending on cybersecurity continues to grow, companies, government agencies, and nonprofit organizations are still being breached, and sensitive personal, financial, and health information is still being compromised. This report sets out the results of a study of consumer attitudes toward data breaches, notifications that a breach has occurred, and company responses to such events.
Format | File Size | Notes |
---|---|---|
PDF file | 0.5 MB | Best for desktop computers. Use Adobe Acrobat Reader version 10 or higher for the best experience. |
ePub file | 3.2 MB | Best for mobile devices. On desktop computers and some mobile devices, you may need to download an eBook reader to view ePub files. Calibre is an example of a free and open source e-book library management application. |
mobi file | 8.7 MB | Best for Kindle 1-3. On desktop computers and some mobile devices, you may need to download an eBook reader to view mobi files. Amazon Kindle is the most popular reader for mobi files. |
Format | List Price | Price | |
---|---|---|---|
Add to Cart | Paperback78 pages | $16.50 | $13.20 20% Web Discount |
Data breaches continue to plague private-sector companies, nonprofit organizations, and government agencies. Despite the mounting rate of these breaches, the continuing harms imposed on consumers and firms, and over a decade of breach notification laws, very little research exists that examines consumer response to these developments. This report sets out the results of a nationally representative survey of the consumer experience with data breaches: the frequency of notifications of data breaches and the type of data taken; consumer attitudes toward data breaches, breach notifications, and company follow-on responses; and perceived personal costs resulting from the breach, with the goal to establish a baseline of information about consumer attitudes toward data loss and company practices in responding to such events. Key findings include: (1) Twenty-six percent of respondents, or an estimated 64 million U.S. adults, recalled a breach notification in the past 12 months; (2) 44 percent of those notified were already aware of the breach; (3) 62 percent of respondents accepted offers of free credit monitoring; (4) only 11 percent of respondents stopped dealing with the affected company following a breach; (5) 32 percent of respondents reported no costs of the breach and any inconvenience it garnered, while, among those reporting some cost, the median cost was $500; and (6) 77 percent of respondents were highly satisfied with the company's post-breach response.
Chapter One
Introduction
Chapter Two
Survey Results
Chapter Three
Conclusions and Implications
Appendix A
Survey Instrument
Appendix B
Supporting Tables and Charts
The research described in this report was conducted by the RAND Institute for Civil Justice, a part of RAND Justice, Infrastructure, and Environment.
This report is part of the RAND Corporation Research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.