Public Awareness of Major Data Breaches

Exploring Public Perceptions of and Responses to Data Breaches

All of our content is written by humans, not robots. Learn More
By Aliza Vigderman Aliza Vigderman, Senior Editor, Industry Analyst

In 2018, hackers leaked the information of 2.8 billion consumer data records, costing $654 billion in damages to U.S. organizations. According to the Verizon Data Breach Investigations Report, more than 4 in 5 breaches are linked to a combination of stolen or weak passwords. Among the most hacked passwords across the country? “123456,” “qwerty,” and “password”. In 2023, GoodFirms research group found that 59% of Americans use names or birthdays in their passwords.

Has Your Data Been Breached? If you’re looking to remove your personal information from the internet, there are digital tools that can help.

Considering how many Americans don’t take password security seriously enough, we wanted to see how many people treated their bank information with the same indifference. For a closer look at how people access their money online, we surveyed over 1,000 respondents who’ve used online financial services. Keep reading to learn how many people use the same passwords for all of their online accounts, which generation is the best at protecting their login information, and whether saving your credit card information on a personal device could lead to a data breach.

Anxious to Access Money

ATMs can also be the target of cybercrime. While more than 1 in 3 Americans weren’t worried about their safety while using an ATM, 43% of people were concerned about ATM fraud, followed by 42% who were apprehensive about being robbed. While less common, 17% of Americans did worry about identity theft while withdrawing or depositing money, and 7% were anxious about receiving counterfeit bills.

Risky Online Behavior

Recycling might be good for the environment, but reusing the same password can be bad news for your online security. The same GoodFirms survey found that 45.7% of people use the same password for different  The survey also found that 13% of Americans used the same password for every account – including banking and social media). And speaking of bad habits, over 1 in 4 people admitted to never changing their online banking passwords.

Not only were millennials the most likely generation to take advantage of online financial services (including money transfers, tax filing, and investing), but they were also the most likely to change their financial passwords at least once a month.

>> Deep Dive: Five Easy Opt-Outs to Protect Your Identity and Privacy

Exposed Credentials

According to the Federal Trade Commission, public Wi-Fi hot spots can be convenient, but they’re typically less secure than private networks and may be accessible to third parties. Despite these safety concerns, 1 in 4 people admitted to accessing their bank account on a public Wi-Fi network, including over 33% of millennials and 26% of Gen Xers. Another 28% of respondents also acknowledged using their credit or debit cards on public Wi-Fi, a trend also more common among millennials (nearly 40%) and Gen Xers (27%) than baby boomers (17%).

Among the people accessing private information on public and potentially unsecured networks, 38% didn’t utilize anti-virus software, and 71% didn’t use a VPN service. VPNs – or virtual private networks – establish an encrypted bridge between your device and a remote server that helps protect your data. Connecting to a public network with a VPN can reduce the likelihood that your information is hacked or stolen by cybercriminals.

Evaluating the Risk

In 2018, more than 6,500 data breaches and malicious hacking attempts exposed the personal information of 5 billion people. Unfortunately, these breaches seem to have become a “routine part of American consumerism“, affecting hundreds of millions of consumers.

In some cases, being exposed to a data breach can be attributed to risky online behavior. Roughly 1 in 4 people who’d been exposed to a breach admitted to saving credit card information on their personal devices, and nearly 28% accessed their bank accounts on public Wi-Fi. Even worse, 29% of respondents had accessed their banking information from a device that wasn’t their own.

Peer-to-Peer Services

Every quarter, person-to-person payment services (including Venmo and Zelle) process billions of dollars. In 2018, consumers transferred over $172 billion to other people, not including the $142 billion processed through PayPal. Despite the popularity of money transfer services, people who’ve experienced a data breach may be less comfortable transferring money online.

Establishing Better Security

As a consumer, it can be hard to avoid massive data breaches and hacking attempts against corporations holding your personal information. 2018 was the second-most active year for data breaches globally, yet many Americans could be making it worse by not properly protecting their bank account information. As we found, many people didn’t change their passwords regularly, and many reused the same passwords for a variety of accounts. Even among people who had been exposed to data breaches, many exhibited risky behavior regarding public Wi-Fi networks and storing their credit card information on their devices.

Methodology and Limitations

For this project, we surveyed 1,007 respondents who had used online banking or other online financial services and apps at least once a month during the past year. Respondents ranged in age from 22 to 76 with an average age of 45 and a standard deviation of 13.1. Fifty-one percent of respondents identified as women, and 49% identified as men. Thirty-two percent of respondents were baby boomers, 35% were millennials, and 33% were from Generation X. Twenty percent of respondents had experienced a data breach of an online financial account.

This data is survey-based and depends on the self-reported recollections of respondents regarding their financial experiences. Limitations with such data include telescoping, selective memory, and exaggeration. We did not statistically test our data, and our campaign is exploratory. The data were not weighted.

Fair Use Statement

Do you want to share these findings on people’s habits when using online financial services? The graphics and information found on this website are available for use in any noncommercial capacity. Feel free to share them as much as you’d like across the web and on social media, but please make sure to link back to this page. Thank you!

FAQs About Our Data Breach Survey

What’s the best way to prevent my data from leaking in a breach?

Using secure passwords is the single best way to keep your data safe. That goes for everything from your Netflix account to your online banking apps. We recommend passwords that are at least 12 characters long and include a mix of upper case, lower case, numbers, and special characters.

How can I tell if my data was in a data breach?

There are tons of data breach websites that track data breaches. They let you put your email address in and then they search for your credentials in any known data breaches. Always verify the authenticity of these sites when using them and avoid giving any personally identifiable information.

Do companies need to notify me if my data was leaked in a breach?

In most cases within the United States and the European Union, companies need to notify all victims after a data breach occurs.

Can I sue if my data was leaked in a breach?

Usually, corporations are absolved from the responsibility of making victims of a data breach whole again in the United States. But, we still recommend speaking to a lawyer to go through your options as local regulations vary.

Will I get compensated for a data breach that included my data?

In the United States, it’s rare you’ll get any compensation if your data is leaked in a data breach. But, the General Data Protection Regulation (GDPR) in the European Union gives citizens a process for claiming compensation after suffering damages caused by a data breach.

>> Related Reading: A 2024 Guide to Data Removal Services

Citations

  1. Sebastion, Nathan. (2023). Top Password Strengths and Vulnerabilities: Threats, Preventive Measures, and Recoveries.
    goodfirms.co/resources/top-password-strengths-and-vulnerabilities