When it comes to our rights as consumers, constant data breaches put our privacy and our safety at risk, often without our knowing it. We are at the mercy of large corporations, government organizations, financial institutions, and healthcare providers. Each time we open an online account, enter our contact information and make a purchase we are increasing the chances that our personally identifiable information (Pii) may fall into the wrong hands.
With over 800 reported data breaches in 2018 alone, it’s no wonder most consumers are becoming increasingly fed up and more distrustful of our service providers and if they actually have our back when it comes to information security. After all, some estimates peg the global economic cost of cybercrime at up to US $600 billion. IBM’s “Cost of a Data Breach” study reports the global average cost of a data breaches is up 6.4 percent over the previous year to $3.86 million. And the average cost for each lost or stolen record containing sensitive and confidential information also increased by 4.8 percent year after year. As cyber attacks become more sophisticated, large companies are increasingly victimized, especially those that we entrust with our financial information.
A PR Nightmare for Corporations
And, the hacks keep coming. Most recently to Facebook, the federal government’s health insurance sites, and, Cathay Pacific Airways Limited. The flagship carrier of Hong Kong, with has its head office and main hub at Hong Kong International Airport, that has been awarded “World’s Best Airline” four times.
As blue-chip brands’ security concerns increase, consumer trust in online security systems disintegrates along with them. During the first half of this year, 3.2 billion consumer files were compromised worldwide, up 72 percent over last year.
Last week, Cathay Pacific Airways announced a data breach impacting 9.4 million passengers. The airline says personal information accessed included names, birth dates, contact information, passport numbers, and ID card information. Cathay says it has no indication that any of this data was misused. The airline told its Twitter followers, “We have discovered unauthorized access to some of our passenger data.” Reading between the lines, it’s probably safe to assume the passengers who traveled with Cathay should consider their personal information officially stolen.
The airline first learned about suspicious activity on its network in March. In early May, officials discovered that personal data was accessed, and have been working to identify affected customers. No word why the airline is only now making these findings public. Cathay says it is contacting impacted customers.
A Bigger Nightmare for Unsuspecting Consumers
So, can we really rely on companies like Cathay Airways to contact us in a prompt and efficient manner? It only takes seconds for our data to be used in a malicious manner—but once the damage is done, it can be a total nightmare for the average person to recover lost funds, or worse, their stolen identity.
Biometrics and multi-factor authentication tools will eventually replace passwords, making it much harder for someone to crack the passcode to our cell phones. This month, California passed legislation banning weak default passwords for companies manufacturing internet-connected devices after 2020. But broad new approaches are still a few years away, experts say.
Portland-based consumer identity and access-management services provider, Janrain, conducted a survey among 1,097 consumers in August 2018. The firm sought to measure how ongoing data breaches have affected consumer trust in brands and their security practices. They found that many consumers are dropping their end of the security bargain. 61 percent of consumers claim to be vigilant about protecting their computer and mobile security, but 38 percent have given up on being careful. And 15 percent of these people have simply given up because they don’t have time to manage all the different passwords.
Restoring Consumer Trust, A Team Effort
Protecting personal data is a responsibility shared among consumers, businesses, and government organizations. Many consumers say they’d be willing to forgive a data breach if the company was transparent about the event and offered a timely response. Forgiveness doesn’t necessarily translate into open data sharing, though.
One reliable source for consumer and industry guidance is the Electronic Frontier Foundation (EFF). On October 11, EFF sent a clear message to Congress with respect to ways in which consumers can be proactive in protecting their data and privacy following a Senate Committee hearing. This time was different. As reported by the EFF, Chairman Thune kicked off the hearing by reminding the Committee of the importance of hearing from independent stakeholders and experts. Chairman Thune stated that industry self-regulation is not enough to protect consumer privacy, and that new standards are needed.