Do data breaches really hurt retailers?

Do data breaches really hurt retailers?

Summary: Updated below: Three in four consumers say they will stop shopping at a merchant if a data breach occurs, according to a study be Javelin Strategy & Research. That finding could be especially painful for TJX, which operates T.

SHARE:
TOPICS: Big Data
7

Updated below: Three in four consumers say they will stop shopping at a merchant if a data breach occurs, according to a study be Javelin Strategy & Research.

That finding could be especially painful for TJX, which operates T.J. Maxx and Marshalls. TJX has said 45.7 million accounts were compromised over two years. Javelin notes that data breaches account for only 3 percent of known ID-fraud, but merchants nevertheless take the hit.

According to the Javelin report:

  • 77 percent of consumers intend to stop shopping at merchants that had data breaches.
  • 63 percent of consumers see retailers and merchants as the least secure about protecting data. For comparison, 16 percent saw processors as least secure and 5 percent cited credit card networks and issuers.
  • 85 percent of consumers said they would reward merchants who are security leaders.

Those findings sound damning--if they were believable. What consumers say they will do and their actual behavior are two different things. If Javelin's findings were on target retailers would be a lot more secure. TJX would be on the ropes. Why? The bottom line would actually suffer if three out of four customers stopped shopping. Instead, breach occurs, merchant apologizes and offers credit report monitoring and life--and the shopping--goes on.

The reality is the shopping continues at TJX and other places where data breaches have occurred. TJX shares are higher than they were in late March when it disclosed the full extent of its data breach. The company also increased its dividend. TJX is likely to take a financial hit as it beefs up security--and pays IBM and General Dynamics for their time--but it may not be that material.  TJX's  finances haven't been dinged at all.

The true test of Javelin's survey will appear in TJX's same store sales in upcoming months. My bet: The effects of the data breach will result in a blip at best.

Update 4/13: TJX had no ill effects from their data breach. In fact, same store sales were pretty strong. I guess any publicity is good publicity. Also there's some additional commentary on the Javelin study on Techmeme.  

Topic: Big Data

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • 3 in 4 people say

    they never masturbate too. Pfffttt....
    No_Ax_to_Grind
    • couldnt of said it better

      NT
      Been_Done_Before
  • The simple answer is:

    If nothing happens to someone, they tend to forget easily, but if something does happen, they never forget.

    There are very few people in this world who remember things like this that didnt directly happen to them AND act on them.

    Its like knowing someone got food poisoning at a restaraunt and still going there vs not going there again because you got the food poisoning.
    Been_Done_Before
  • Consumers excel at exaggerating/lying.

    The bottom line is that most consumers don't give a rat's behind about what happens to other consumers. If any given incident doesn't directly cost them money, cause them a huge inconvenience, or place them in a palpably dangerous situation, they forget about it within hours.

    Retailers know this and generally just need to make a few good PR moves then let it all blow over. No big deal.
    shawkins
  • I'd say it depends

    If it's online the impact will be felt greater. If it's the only place one can shop for that price the effect will be nothing more than a blip. If there is strong competition the competition will gain.

    One thing I do know is I don't know what TJX is so even if I felt I wouldn't shop at place that had data breaches I'd probably still do because I would be clueless.

    Also I pay with cash so big deal. They had a data breach. No effect on me or my cash.
    voska
  • It's like "voters"

    It's like all of the pre-election surveys that you read about. Some polling firm asks "Who would you vote for?" and then reports that "60% would vote for Joe Blow." Now, if they first ask the question "Did you vote in the last election?" first, they all of a sudden find that only 35% did, and of THAT number, only 20% would vote for Joe Blow. What does it mean? You have to frame the question correctly, and in THIS case, it means that 81.5% of the people who DIDN'T vote prefer Joe Blow but only 20% of the people who DID vote prefer him. If you take these numbers and don't question them, you will be surprised on Election day when Joe gets buried in a landslide. Similarly, Everyone you ask is going to want to appear knowledgeable and responsible-no one is going to say "Heck, I don't care if someone steals my data and my identity." The one in four in the TJX survey probably don't even understand the question.
    justanitguy
  • Downside to branding

    The thing is, if your actions tarnish your brand's reputation, you alienate potential new customers.
    It's been over 15 years since Taco Bell had whatever infected its patrons, so far I haven't patonied Taco Bell yet.
    Microsoft provided an ecology to the virus writers. After pricing Windows 95 I took up Linux and look back every now and then bemused.
    Easisest way for your bank to get me to switch bank accounts is to specify Internet Explorer as best fo your website.
    Perhaps that's just me, though.
    epcraig