As cyberbreaches rise, consumers alter spending, browsing habits

A dramatic rise in the percentage of Americans reporting that they have been victims of cyberattacks has been accompanied by changes in how consumers shop and use the internet, a new AICPA survey shows.

Twenty-five percent of Americans say they have been victims of cyberattacks, according to the survey. In a similar survey released last year, just 11% of respondents reported having been victimized by such attacks. The growing prevalence of information security breaches has made many respondents more cautious about their purchasing habits and less confident in companies’ ability to protect their personal information.

The survey, which polled more than 1,000 U.S. adults in March 2015, found that 86% of Americans are concerned about whether businesses are adequately safeguarding their personal and financial data. Their worries are growing: 51% say they are “extremely” or “very” concerned that companies aren’t protecting their data, versus 39% in last year’s survey.

Eighty-two percent of respondents said cybersecurity fears changed their shopping and internet habits, up from 69% last year. Fifty-six percent said they used cash and/or checks more often, while 40% reduced their online presence through methods such as visiting fewer sites or turning off social media accounts.

Though members of all age groups report having been victims of information security breaches, Millennials were the least likely to be victimized and the least likely to scale back their online presence in the wake of such breaches. They also reported the greatest confidence of any age group in businesses’ ability to protect their data, with just 42% saying they were “extremely” or “very” concerned that businesses weren’t up to the task.

Cybersecurity attacks can be detrimental to victims’ financial well-being. One-fifth of respondents said that identity theft had lowered their credit scores, while 26% said their credit scores had prevented them from doing something, such as obtain a loan, a credit card, or a mortgage.

The AICPA National CPA Financial Literacy Commission recommends that consumers take steps to protect their data, such as inquiring about their banks’ and credit card companies’ security features, avoiding shopping over insecure connections, and having fraud alerts put on their credit reports if they notice a problem. The commission also suggests keeping a list of credit card information in a secure place and not clicking on links in unsolicited emails.

—Courtney L. Vien (cvien@aicpa.org) is an associate editor for the AICPA.