March 04, 2009

Gartner: Data breaches hit 7.5 percent of all U.S. adults

Financial fraud last year caused 7.5 percent of all adults in the United States to lose money, largely because of data breaches.

That's the finding of a survey conducted by Stamford, Conn. research firm Gartner. The survey polled 5,000 U.S. adults and also found that when compared with average consumers, nearly twice as many people who lost money to fraud changed their shopping, payment, and e-commerce behavior. In particular, victims of electronic checking and/or savings account transfer fraud were nearly five times more likely to change banks because of security concerns.

"Fraud victims are also more cautious about which brick-and-mortar stores they shop at and how they pay for goods when they get there, demonstrating more awareness of the risk of data breaches," said Avivah Litan, vice president and distinguished analyst at Gartner, in a news release.

High-tech crimes, such as data breaches (which typically involve hacking into enterprise systems) and phishing attacks against consumers, are the most prevalent causes of payment card fraud.

Gartner found that financial losses were highest with new-account, credit card and brokerage fraud, with average losses per incident totaling $1,097, $929 and $900, respectively. However, victims of brokerage, credit card and debit/ATM card fraud find it easiest to recover their losses, receiving an average of 100 percent, 86 percent, and 77 percent of the funds stolen, respectively.

Conviction rates for these crimes are low, according to the report. Less than one-third of the victims reported the crimes to law enforcement, with about five percent reported to the Federal Trade Commission. The chances of a criminal getting arrested and convicted for identity-theft-related fraud are much less than half of one percent.

As a result, Gartner recommended that any organization that is holding sensitive consumer data must act now to protect customer records and credentials, claiming that this is “a less-costly exercise than customer churn resulting from financial fraud.”

Other recommendations: Customer accounts must be assumed likely to be compromised by attack vectors outside enterprise control, and enterprises that have secured their systems should advertise the fact to gain consumer confidence and business.

Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.