Home | News Alerts | Data breaches hit one-quarter of consumers

Data breaches hit one-quarter of consumers

Study: 2009 breaches cost card issuers $252 million

June 7, 2010

More than one quarter of all U.S. consumers received a “data breach” notification last year that their personal or financial information had been compromised, according to a recent study by the research company Javelin.

Javelin Strategy & Research’s study, released last week, said that 26 percent of U.S. consumers had received a data-breach notification last year from a company or agency holding their personal data, including credit and debit card or checking-account information, according to a report on the study at digitaltrends.net. Javelin’s study estimated that credit and debit card issuers spent $252.7 million in 2009 replacing the more than 70 million cards compromised by data breaches.

Data breaches occur when a consumer’s personal information — which can include bank account and credit card or debit card account information, or the consumer's Social Security numbers — are stolen or unwittingly released through a lost or stolen storage device, a database hack, accidental exposure on the Internet, or other means. Breaches can put affected consumers at greater risk of identity theft — and the breaches bring significant costs to credit card companies or companies responsible for the breach as they try to protect exposed consumers.

Javelin analyst Robert Vamosi made his estimate on costs to debit card or credit card companies based on two recent Javelin surveys of consumers affected by data breaches and identity fraud. Vamosi assumed what he considered a conservative $3.50 per-card replacement cost for each of the 39 million debit cards and 33.3 million credit cards replaced last year because of data breaches.

Javelin’s study found that of those notified that their data had been breached, 11.5 percent had become victims of identity theft. Among consumers who had never received a data breach notification, 2.4 percent had been victims of identity theft.

Javelin’s study also cited an estimate from the non-profit Identity Theft Resource Center that there were 222.5 million consumer records breached in 2009.