New research from ESET reveals growing fears over data breaches are reshaping UK consumer shopping habits
With high-profile attacks against the likes of M&S, Co-op and Harrods still fresh in consumer minds, new research from cybersecurity provider ESET finds that over three-quarters (78%) of consumers are concerned about their personal and financial details being compromised as a result of online retail transactions. And it’s no surprise. Less than two-thirds (65%) admit they trust online retailers to protect them – a clear sign that cybersecurity is no longer just an IT issue, but a matter of brand trust and commercial resilience.
Despite these concerns, and the fact that almost two-fifths (38%) of consumers say they are now more cautious about shopping online, fewer than half (47%) admit to checking a retailer’s security or privacy credentials before making a purchase. Compounding the problem, 20% say they don’t even know which security certifications to look for.
At a time when consumer confidence is already fragile, this knowledge gap has serious repercussions for retailers to consider. Over two-thirds of consumers (68%) now say strong cybersecurity measures or clear privacy policies would make them more likely to shop with a brand. But once that trust is lost, it’s a long road back, with nearly half (46%) admitting it would take them more than five months to shop with a brand again after a breach.
The cost of lost trust
When a breach happens, the fallout can be immediate and severe. Just over four in five (22%) consumers say they have stopped shopping with a brand after a cyber attack, and only 2% would be willing to return within less than a month of an incident. Fear of fraud (31%) and loss of trust (26%) are the leading reasons cited for abandoning retailers after a breach.
Notably, younger consumers (aged 16-34) are nearly twice as likely as over-55s to be influenced by the fear of fraud to stop shopping with a brand post-breach. For some, the damage is permanent; 13% of consumers say they would never shop with a brand again following a cybersecurity breach.
And the concerns are understandable, over a third (35%) of people are aware of having their personal or financial details being compromised in the last three years alone due to a retailer’s attack and of those, 43% lost £100 or more as a result.
The findings show that action is required to win customers back, not just apologies. Almost half of consumers say they will only return to a brand post-breach if the company demonstrates security improvements over time with no further incidents (49%). Meanwhile, 47% expect compensation for personal losses and just over a third (34%) would be satisfied with a public apology.
Turning security into a competitive advantage
It’s clear that cybersecurity isn’t just about risk mitigation; it’s a business opportunity. Almost half (49%2) of consumers say they would pay more for a secure shopping experience, and 59% say this starts by offering recognisable payment methods, which they believe signal a trustworthy online shopping experience. Currently, there’s a communication gap that retailers must overcome. Forty per cent of people reveal they don’t believe retailers are clear enough about their data protection measures. A clear missed opportunity for brands to lead with transparency.
“Strong security isn’t just a business expense, it’s a differentiator”, said Matt Knell, UK Country Manager at ESET. “Brands that invest in cybersecurity and clearly communicate those efforts can boost conversion, retention and even margin. Today’s shopper is increasingly security-savvy, and retailers who ignore that do so at their peril. But for those who embrace transparency and security innovation, there’s a clear competitive edge to be gained.”
