Even though several surveys have found that consumers will stop doing business with a company that's been breached, a recent Tenable survey of more than 2,000 U.S. adults found that while almost all respondents (94 percent) have heard about major security breaches in the news over the past year, 43 percent haven't changed their online habits in response.
In the past 12 months, just 25 percent of respondents have implemented two-factor authentication, just 45 percent used a PIN to lock their mobile device, and just 56 percent have used a password to lock their computer.
Twenty-one percent don't know whether or not recent high-profile incidents like the Equifax breach affected them personally -- just 12 percent say their personal information was stolen in a security breach in the past 12 months.
Expecting a Breach
At the same time, 37 percent of respondents say it's likely their personal information will be stolen as a result of a security breach within the next six months.
Just 32 percent of those who've heard about major breaches have reduced their use of public Wi-Fi or unfamiliar hotspots, even though 63 percent worry about their data getting stolen when doing so.
Similarly, 58 percent of respondents worry about their personal information being stolen when shopping online, 50 percent worry when banking online, and 35 percent worry when using social media.
"It seems there is a need for a 'top down' approach where organizations provide comprehensive security, but also team up with customers and employees to educate them about what they can do [to] extend their best practices across their own personal attack surface," the report states.
Separately, a recent Netsparker survey of 2,006 U.S. adults found that 40 percent of respondents admit to using open, unsecured Wi-Fi networks, 35 percent click on unfamiliar links on social media, 31 percent download files from third-party sources, and 31 percent open email attachments from unknown sources.
Thirty-four percent of respondents use the same password for all of their online accounts.
Seven percent of respondents only update their computer's operating system once year, and 22 percent don't realize they're supposed to do so, delay doing so, or just never do it. Only 34 percent of respondents update their operating systems when prompted to do so.
Similarly, 40 percent update their smartphones when prompted, while 19 percent don't know they're supposed to update, delay doing so, or simply never do it.
"Data hacks are the threat that define our age, and consumers must be proactive about keeping their sensitive information safe," Netsparker founder and CEO Ferruh Mavituna said in a statement.
A separate ACSC survey [PDF] of 450 Massachusetts adults found that 89 percent of respondents said keeping their personal information private is a concern, and 53 percent say it's a major concern.
And while 68 percent of respondents say they're unlikely to continue doing business with an organization that suffers a data breach exposing personal data, almost 50 percent say they've done nothing to protect their personal credit information.
Ninety-two percent of respondents believe the federal government should set higher standards for companies to protect consumers' personal data.
"People clearly are calling for solutions to make them more secure and protect their data privacy, and it's time for the public and private sectors to work together to respond to this challenge," ACSC executive director Michael Figueroa said in a statement.