NEW YORK — American shoppers say they are very concerned about the safety of their personal information following a massive security breach at Target, but many aren’t taking steps to ensure their data is more secure, says a new Associated Press—GfK Poll.
The poll finds a striking contradiction: Americans say they fear becoming victims of theft after the breach that compromised 40 million credit and debit cards and personal information of up to 70 million customers. Yet they are apathetic to try to protect their data.
In the survey, nearly half of Americans say they are extremely concerned about their personal data when shopping in stores since the breach. Sixty-one percent say they have deep worries when spending online, while 62 percent are very concerned when they buy on their mobile phones.
But just 37 percent have tried to use cash for purchases rather than pay with plastic in response to data thefts like the one at Target, while only 41 percent have checked their credit reports. And even fewer have changed their online passwords at retailers’ websites, requested new credit or debit card numbers from their bank or signed up for a credit monitoring service.
The poll offers insight into the effects big data breaches can have on consumer behavior. There have been worries that shoppers would dramatically change their habits since December, when Target announced the breach that could wind up being the largest in U.S. history. Weeks later, those concerns were elevated when luxury retailer Neiman Marcus disclosed that it too was the victim of a breach that may have compromised 1.1 million debit and credit cards.
But security experts say the results show that Americans have come to expect that security theft is a possibility when they use their credit or debit cards or provide retailers with phone numbers, emails and other personal information.
“They … just chalk it up to … ‘It’s part of life,’” says Cameron Camp, security researcher at global security firm ESET who believes people don’t think they will be liable for fraudulent charges.
Experts also say the results show another expectation Americans have: While nearly 4 out of 10 say they have been victimized by personal data theft, most expect credit card companies, banks or retailers to take responsibility when that happens.
About 38 percent report that they think they have either had someone make unauthorized purchases using their credit or debit cards without it having been physically stolen or that someone had used their personal information to apply for a fraudulent line of credit, the poll says.