Massive Data Breach Not Enough to Change Americans’ Habits

According to a recent Associated Press-GfK poll, the massive security breach at the retail giant Target, which compromised over 40 million debit and credit card numbers and the personal information of at least 70 million people, has done little to encourage the American public to take a more active role in the security of their personal data.

Since the breach:

  • Nearly 50% of Americans say they are worried about their personal information when shopping in stores
  • 61% say they are worried about spending online
  • 62% are worried when they use their mobile phones to make purchases

Despite the concerns Americans have about electronic purchases, the poll indicates that citizens are still refusing to take steps to combat the threats from a cyber attack.

  • Only 37% of Americans have made the switch to cash as opposed to credit or debit cards
  • 41% have started checking their credit reports

And an even smaller percentage have elected to take simpler protective measures, such as:

  • changing passwords to online accounts,
  • requesting new credit and debit card numbers, or
  • signing up for a credit monitoring service.

Why are Americans so apathetic about cyber security? According to AP, security experts think that while Americans understand that these types of information thefts are a possibility, they have just come to expect it. It just comes with the territory when using credit and debit cards or giving retailers personal information and it seems Americans just are not ready to give that part of their lives up.  Additionally,

Experts say the results show another expectation Americans have: While nearly 4 out of 10 say they have been victimized by personal data theft, most expect credit card companies, banks or retailers to take responsibility when that happens.

[Which, as we have discussed in other posts, is not exactly the case.]

But, those who have actually suffered a theft of their personal data have different views

52% check their credit report

41% have started using more cash

28% have signed up form credit monitoring service

In my opinion, at least based on this poll, it seems no matter how large the data breach is, no matter how many people affected or millions of dollars lost, if it does not personally affect them, a cyber attack is not likely to change Americans’ attitudes or habits.

Please follow and like us:


3 Responses to “Massive Data Breach Not Enough to Change Americans’ Habits”

  1. wcsnyder says:

    So, what do you think it will take to get Americans to practice safe cyber hygiene short of personal victimization? Nothing? Will Americans always choose convenience over safety until such an event, and someone has to change the incentives through taxes, regulation, etc.? Is your solution to cyber security in the long run to speed up the rate of cyber crime now so that we can sooner get to the point where the majority has been personally victimized?

    • Jason says:

      When it comes to practicing cyber hygiene I think Americans engage in a cost-benefits analysis of sorts. With credit and debit cards, Americans get a large amount of convenience as well as a sense of security. The security comes from the idea that the banks and credit card companies will take the losses that result from a cyber attack. Americans balance that convenience and sense of security against the danger of failing to securing their information. If they do not feel that the a data breach will have a significant adverse effect of if they feel a data breach is not likely to occur then they won’t accept the burden of losing the convenience they have become accustomed to.
      Americans do not feel a great urgency in practicing proper cyber hygiene because Americans do not view the likelihood of being a victim of cyber attack as very high. They look at the risk of being a victim of a cyber-theft of their personal information as being so remote that it is not worth the investment to prevent.
      I do not think one solution will solve this problem but the first thing that needs to be done is education. If we can alter the cost-benefit analysis and make the benefit of practicing cyber hygiene outweigh the costs then Americans will be more likely to take steps to secure their information. This can be accomplished by educating Americans so they understand the impact of theft of their personal data may be a more significant problem than they imagine it is. If Americans understand this then the benefits of convenience might not carry as much weight. If Americans think that there is a significant risk associated with failing to secure their information and a strong likelihood of a security breach and theft of that information then they will be more likely to accept the costs of securing it.
      As evidence by numerous bad habits including smoking, something is difficult to change once it becomes a habit. Educating Americans earlier is the key to developing proper habits with cyber. If we educate Americans at a young age on the nature of cyber space and the inherent dangers of interacting with it they will be more likely to engage in safe cyber practices in the longer term.

  2. […] breach notification than the implementation of standardized security measures. At the same time, Jason’s post on how Target’s massive data breach has been found not to change the habits of the population […]

Leave a Reply

You must be logged in to post a comment.


Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. She is the 2018-9 Editor in Chief of the Syracuse Law Review, as well as a member of the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography


Follow by Email