Will You Avoid Data-Breached Retailers This Holiday Season?

The massive 2013 holiday data breach of Target, which siphoned off the personal and payment information for more than 100 million shoppers, provided an eye-opening moment for consumers who had previously assumed that this sort of ID theft mostly happened when shopping online. The Target debacle was followed by attacks on big-name businesses like Home Depot, Dairy Queen, P.F. Chang’s, Jimmy John’s, Kmart, and the Albertsons/Jewel-Osco/ACME, Shaw’s chains of supermarketstwice. But will all these lapses in security actually drive shoppers elsewhere this holiday season?

According to a new survey by CreditCards.com, nearly half of America is at least giving some thought to avoiding stores that have been the subject of a data breach.

The good news for the retailers, is that only 16% of survey respondents said they would definitely not shop at a store that had been recently hacked. That means that the overwhelming majority of Americans have not completely written these particular businesses off just yet.

Interestingly, those consumers with the most to lose from ID theft — people earning $75,000/year or more — were significantly more likely than shoppers earning $30,000/year or less to forgive retailers and try again.

Female survey respondents were also more likely than males to let breach bygones be bygones, with 56% of women saying they would either definitely or probably shop at a store where a security breach had occurred, compared to 48% of men.

In terms of age, the older the consumer, the less willing they were to be bitten by the breach bug twice. According to the survey 55% of people over the age of 65 would avoid a store with a recent data breach, compared to 41% for those in the 30-49 age group.

What will ultimately determine whether or not previous hacks keep shoppers away is how the 29% of shoppers who says they would “probably not” shop at these stores behave. A lot of people claim “never again,” but only a few ever hold true to that pledge when it comes to retail businesses, especially if they really liked that store before the hack.

“I’m guessing a lot of people have the initial emotional reaction of, ‘Wow, I don’t want to shop there anymore if they’re going to be that loose with that data,'” explains David Just, professor of applied economics management and director of graduate studies at Cornell University. “Your initial response is fear. You feel like you’ve been violated. You don’t know what’s going to happen to your credit.”

One’s decision to forgive a retailer for a data breach may be tied to how integral that store is to one’s shopping plans.

“It depends on the type of retailer,” says Jeff Foresman, information security compliance lead at Rook Security in Indianapolis. “A retailer such as Target where consumers have other options for shopping might lead people to shop elsewhere. But if a building contractor has a business account at Home Depot, he won’t necessarily go elsewhere after a breach.”

Let’s see if our readers’ reactions are similar to the survey results:

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.