Data Breaches' Impact on Consumers

While a singular data breach may not have an immediate effect on the consumer, each one chips away at the security of their identity.

Data breaches are perhaps more harrowing an experience than many realize. In the latest, the vast majority of LinkedIn users—about 92%—have been affected. Experts say it's not just the magnitude of this breach that's worrying; it's the type of information compromised that should give LinkedIn users pause. The breach was announced June 22 by the alleged hacker, offering the data of 700 million users for sale. The breach reportedly contains email addresses, full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experience or background, genders and other social media accounts and usernames. It's easy to imagine creating a digital profile impersonating any of the 700 million victims. 

As urgent as this sounds, most breach victims do very little, if anything, in response. Some may find slight solace in the fact that many others (and, by many, we mean millions) have also been affected in the same way. This feeling can sometimes help to dampen the blow, along with the fact that most consumers are realizing there is virtually nothing they could have done to prevent the breach from happening in the first place: Data breaches are just par for the course in today’s digital world. 

But this limited consolation offers nothing to protect victims from the uncertain, but very real risk of future identity fraud. Over time, with breach after breach, the uncertainty grows, consumer trust in businesses weakens and new anxieties take hold. There’s an oft-overlooked psychological aspect to it all that even consumers themselves may not realize is happening. 

Living in a constant state of worry about being affected by identity theft can be exhausting. And while it may not be a frequent topic of conversation—and breach notifications often aren't triggering specific precautions to be taken—we still know it weighs heavily on consumers' mental state. Customer trust in organizations is eroding, and it's happening rather quickly. Customers no longer have confidence that corporations can safely house the data they’re asking of customers. 

Moreover, there's a subconscious pleasure that comes with feeling loyal to and cared for by organizations that one chooses to spend money with; all that goes away when the company experiences a data breach. The consumer no longer feels appreciated or valued and may be left wondering, are there any organizations left that I can trust with my data? Sadly, the answer may be an unstated but emphatic "no."

See also: How Machine Learning Halts Data Breaches

The more definable and palpable sentiments of the consumer are still telling, though. Over the last few years, we at Generali Global Assistance have been keeping our finger on the pulse of the consumer to gain a better understanding of the consumer mentality. Earlier this year, we released findings from our second market study and found that, since 2017, concerns about identity theft—and especially about cybercrime—have continued to increase.

The very large majority of consumers (90%) believe that becoming a victim of identity theft or cybercrime is something that could happen to them at any time; this is up five points from 2017. Eighty percent of consumers said that they’re often scared by the number of ways in which their identity may be compromised, which is up 6 points from 2017. And 76% of consumers agreed that companies and institutions are not doing enough to protect their personal information. A holiday survey of ours in 2017 showed that 40% of consumers believe that businesses are not doing all they can to protect their personal information. The rate at which this gap has widened is striking.

Outside of the psychological impact, we must not forget what it actually means when one's personal data is exposed. While a leak of your email address may leave you shrugging your shoulders, the combination of your name, address and birthdate can be ample data for a fraudster to do damage. It's the aggregation of years' worth of mega breaches that are leaving consumers wildly exposed. We already got a sneak peak of that this past year when unemployment fraud reached frightening levels in the midst of the pandemic—in our Resolution Center alone, we saw a 5,630% increase in employment-related fraud from 2019 to last year. Unfortunately, that may have been just the beginning. 

So while a singular data breach may not have an immediate effect on the consumer, each one chips away at the security of their identity. Data point by data point, our identities will be left in such a fragile state that the resulting fraud will not only be inevitable, but difficult to come back from. 

At the risk of sounding trite, the time is now for consumers to take action. It's true that one cannot prevent hackers from infiltrating the companies they choose to do business with, but there are certainly ways to strengthen their identity so that any potential damages are greatly reduced.

Read More