Almost a quarter (24%) of UK consumers have had their account hacked or data stolen for an online service, with 5% having been compromised more than once, research commissioned by CertiVox has found.
As consumers continue to head online in their droves to do their Christmas shopping, they exhacked, it was found that 25% of the incidents involved Hotmail, 21% involved Facebook and 11% involved Yahoo!, Yahoo! Mail or Y! Mail accounts.
Considering a lot of consumers use the same password across a number of sites and many retail sites have customers using email addresses as usernames or allow users to login through Facebook, this will be a worry for online Christmas shoppers. Retail and payment services also featured in the research with 6% of hacking incidents involving PayPal and 4% involving eBay.
The research, conducted by Populus among a representative sample of 2,012 UK respondents, also looked at the actions consumers would take following a data breach, and found that a huge 25% of respondents said that they would terminate a service immediately if their account was compromised or data stolen. This is an alarming figure for companies that have experienced breaches, and those still relying on the flawed username and password system. In addition to this, some 16% of respondents also said that that they would look for an alternative service and move if a suitable replacement was found. Only 37% say they would reset their details and carry on using the service as normal.
Perhaps unsurprisingly, given the number of people who have had accounts or data compromised, the research also found that only 60% of respondents trust the username and password authentication process as a secure way to access online services. 26% do not trust the process and a further 14% are unsure.
Commenting on the findings, Brian Spector, CEO of CertiVox said: "This research shows that despite the rush of Christmas shopping online, many consumers are wary and believe that the username and password authentication system is not secure enough to protect their data. When you consider this coupled with the fact that the services identified as being hacked the most are some of the biggest names in technology with hundreds of millions, or even billions of users, it is amazing that there hasn’t been a whole-scale move away from usernames and passwords.
"It is clear from the research that services which do not secure their users’ data adequately are likely to start seeing users move away. This should act as a prompt to businesses everywhere to consider their security more carefully than ever before."
The research surveyed a UK representative sample of 2012 adults (18-plus) on their views on online security in December 2013. Specifically consumers were asked about their views on the username and password system, additional security measures, and their own experience of online security breaches.
