Data breaches add up to lost sales

There's new evidence to suggest that the series of data breaches at national retailers are having an effect on the bottom line.

Consumers are avoiding breached organizations at an alarming rate: roughly 33 percent of shoppers will take their business elsewhere if their favored retailer is breached, according to a new study conducted by Javelin Strategy and Research.

Retailers also stand to have significantly increased expenses and lose up to one-third of their customer base after a data breach. Consumers are taking these events so seriously that 30 percent of survey respondents said they would find new a healthcare provider if a hospital or doctor's office is breached.

"A significant proportion of affected consumers discontinue or reduce their patronage post-breach," said Al Pascual, senior analyst of security, risk and fraud, Javelin Strategy and Research. "That's real money lost in customer churn and reduced sales, and certainly demonstrates how the reputation of the organization hits the bottom line. It's noteworthy that about a third of people will go as far as to find a new doctor, if their provider is breached, as we all know healthcare services can be a big hassle to change."

Target (NYSE:TGT) recently quantified the reputational damage and sales impact of their data breach and posted significantly reduced revenue following the announcement on December 19, 2013. And the impact extends well beyond sales to market value and reputation, a much more difficult commodity to put a price tag on.

Target, Michael's, Neiman Marcus and Sally Beauty — data breach victims all — are shouldering legal expenses and the cost of security monitoring services to those shoppers whose personal and credit information was at risk.

"Businesses are experiencing pressure to protect sensitive data not only from industry and government regulators, but also customers and shareholders. Consumer behavior indicates that data breaches impact both expenses and revenue," said Todd Feinman, CEO, Identity Finder, sponsor of the study. "Organizations must be more proactive in preventing a breach by understanding where a data leak can originate. By discovering and managing sensitive information at its source and not at the perimeter or after the fact, businesses can identify risk, change employee behavior, and justify where to spend security dollars."

For more:
-See this Javelin Research press release

Related stories:
Target names DeRodes CIO, adds MasterCard chip-and-PIN
Michaels confirms 3 million affected in data breach, as more shoppers victims of fraud
NRF issues industry-wide directive regarding data security, calls for chip and PIN
Shoppers blame retailers for data breaches, Congress blames Target
Target: Timeline of a data breach