Survey: Majority of U.S. holiday shoppers worry about cyber hacks

As more holiday sales gravitate online the fear increases of data breaches that could put shoppers’ personal data at risk, according to a recent survey report from cloud communications firm Infobip.

The survey found 64% of respondents worry about cyber attacks or data breaches when ordering online, and 55% said they admit doing nothing once a data leak occurs. However, data leaks and identity theft top the list of security concerns, with 94% of respondents acknowledging the overall importance of cyber security.

The survey reports that 55% find it challenging to keep their data safe online, showcasing strong concerns regarding digital security. A sizable majority (74.4%) believe it is increasingly difficult to safeguard their data online, while 62.6% perceive the online environment as “increasingly unsafe” due to the growing sophistication of scammers.

“These findings underscore the pressing need for businesses to prioritize consumer education and implement robust cybersecurity measures, especially during the holiday season,” said Infobip Chief Business Officer Ivan Ostojić.

Other findings from the survey include 40% who admitted using free public Wi-Fi without proper safeguards, and 29% confessed to opening email attachments from unknown senders. One big consensus is 55% said they use the same password across multiple platforms, exposing themselves to heightened cybersecurity risks. Only 23% feel uncomfortable providing payment information for online retail, but trust is heavily influenced by website familiarity as 63% said the feel safest when purchasing from well-known retailer sights.

“The data paints a vivid picture of heightened concerns among Americans. However, the statistics unveil a multifaceted challenge that transcends mere numbers,” said Ostojić. “It’s a call to action for businesses to prioritize consumer education and fortify their cybersecurity measures – to not only deliver festive cheer but also ensure a secure and trustworthy environment for consumers.”

Also this week VF Corp reported a cyber attack that exposed some company data, including personal data of customers and employees of North Face, Timberland and Vans, each owned by VF Corp. The breach was disclosed in a filing with the U.S. Securities and Exchange Commission on Dec. 13.

Upon detecting the unauthorized occurrences, VF Corp. said it immediately began taking steps to contain, assess and remediate the incident, including beginning an investigation with external cybersecurity experts, activating its incident response plan, shutting down some systems and cooperating with federal law enforcement.

The company said a cyberintruder was able to encrypt some of its IT systems and steal data that included personal data. VF Corp. has not yet disclosed what type of personal data, how many people may have been affected, or whether the data came from customers, current or former employees, current or former contractors, or other types of people.

VF-operated retail stores globally are open, and consumers can purchase merchandise, but the company said it is experiencing an impact on its ability to fulfill online orders. According to VF Corp., the full scope, nature and impact of the incident are not yet known, but it has had and is “reasonably likely” to continue to have a material impact on business operations until it completes recovery efforts.

Retailers and cyber security experts expect hackers to use artificial intelligence to improve the spelling and grammar of phishing emails, making it easier for hackers to convince their victims to engage with malicious links and attachments. Cyber security firm NordVPN also expects more non-professional hackers will attempt to commit cybercrime in 2024 based on the numerous dark web forum posts from people wanting to learn or teach others to perform cyberattacks.

NordVPN analysis also found that 55% of discussion threads on the dark web focused on leaked customer data. The stolen information included social media credentials, driver’s licenses, home addresses and personal email addresses.

Customer data can end up being sold on the dark web for large sums of money, and NordVPN expects this trend will continue into 2024. This will likely include data from corporate breaches being sold in large bundles to cybercriminals, who can use this information to launch scams, hijack accounts, or steal peoples’ identities.