Less than Half of Consumers Change Passwords Post-Breach

Less than Half of Consumers Change Passwords Post-Breach

There’s a “shockingly high” disconnect between awareness of best practices following a data breach and actions taken, according to a new study from the Identity Theft Resource Center (ITRC).

The non-profit polled over 1000 US consumers to gauge their understanding of and response to breach incidents involving personal information.

The report found that more than half (55%) of social media users have had their accounts compromised in the past, so there’s generally a high level of awareness about what can be done to enhance personal security.

However, nearly a fifth (16%) of respondents said they took no action following a breach. Less than half (48%) changed affected passwords, and only a fifth (22%) changed all of their passwords.

That’s particularly worrying when 85% admitted to reusing log-ins across multiple accounts, putting them at risk of credential stuffing.

“When asked why they don’t use unique passwords, 52% said it’s too difficult to remember their passwords, 48% don’t trust or know how to use password managers, and 46% don’t think it’s important or believe their password practices are good enough,” the report noted.

Just 3% followed best practice advice following a breach notice and put a credit freeze in

Read More: https://www.infosecurity-magazine.com/news/less-half-consumers-change/