NEW YORK (AP) — American shoppers say they are very concerned about the safety of their personal information following a massive security breach at Target, but many aren’t taking steps to ensure their data is more secure, says a new Associated Press--GfK Poll.
The poll finds a striking contradiction: Americans say they fear becoming victims of theft after the breach that compromised 40 million credit and debit cards and personal information of up to 70 million customers. Yet they are apathetic about trying to protect their data.
In the survey, nearly half of Americans say they are extremely concerned about their personal data when shopping in stores since the breach. Sixty-one percent say they have deep worries when spending online, while 62 percent are very concerned when they buy on their mobile phones.
But just 37 percent have tried to use cash for purchases rather than pay with plastic in response to data thefts like the one at Target, while only 41 percent have checked their credit reports. And even fewer have changed their online passwords at retailers’ websites, requested new credit or debit card numbers from their bank, or signed up for a credit monitoring service.
The poll offers insight into the effects big data breaches can have on consumer behavior. There have been worries that shoppers would dramatically change their habits since December, when Target announced the breach that could wind up being the largest in U.S. history. Weeks later, those concerns were elevated when luxury retailer Neiman Marcus disclosed that it too was the victim of a breach that may have compromised 1.1 million debit and credit cards.
And this weekend, Michaels Stores said it is investigating a possible company data security breach that may have affected its customers’ payment card information.
But security experts say the results show that Americans have come to expect that security theft is a possibility when they use their credit or debit cards or provide retailers with personal information.
“They ... just chalk it up to ... ‘It’s part of life,”’ says Cameron Camp, security researcher at global security firm ESET who believes people don’t think they will be liable for fraudulent charges.
Experts also say the results show another expectation Americans have: While nearly 4 out of 10 say they have been victimized by personal data theft, most expect credit card companies, banks or retailers to take responsibility when that happens.
About 38 percent report that they think they have either had someone make unauthorized purchases using their credit or debit cards without it having been physically stolen or that someone had used their personal information to apply for a fraudulent line of credit, the poll says.
But the survey shows that just 37 percent say consumers bear most of the responsibility for keeping their data safe, while 88 percent place the burden on the retailers who are collecting it. Six in 10 say the banks that provide credit or debit cards or the credit bureaus should bear most of the responsibility.The sentiment was different among Americans who’ve been victims of personal data theft. In that group, 52 percent have checked their credit report, while 41 percent have tried to use more cash. Twenty-eight percent have signed up for a credit monitoring service.
The AP-GfK Poll was conducted Jan. 17 through Tuesday and involved interviews with 1,060 adults. The survey has a margin of sampling error of plus or minus 3.9 percentage points.
The poll used KnowledgePanel, GfK’s probability-based online panel that is designed to be representative of the U.S. population. Respondents were first selected randomly using phone or mail survey methods and later completed this survey online. People selected for KnowledgePanel who didn’t otherwise have Internet access were provided with access at no cost to them.