Indians know that their online data is under threat, but they’re still careless

Not in your hands?
Not in your hands?
Image: AP Photo/Aijaz Rahi
We may earn a commission from links on this page.

Indians are nervous about rising cybersecurity threats.

Nearly six in ten Indians feel that businesses don’t take the security of customer data very seriously, according to a survey of 10,000 customers using online or mobile banking, social media accounts, or online retail accounts, including over 1,000 from India.

Consumers’ security concerns run so high that 68% of Indian respondents said they were worried about become victims of a data breach in the near future, the survey by digital security company Gemalto reported.

Their worries are hardly unfounded. In just the first half of 2017, as many as 18 data breaches took place, leaking 203.7 million data records, as per Gemalto’s own Breach Level Index—a marked increase by 167 million from the number of lost, stolen, or compromised records logged in the last six months of 2016. In May 2017, the hacking of restaurant search portal Zomato was one of the biggest breaches during this period, leaving the data of more than 17 million users exposed. Then, in October, over 6,000 Indian companies fell prey to data breaches after hackers attacked the Indian National Internet Registry. The list of victims included government agencies, internet service providers, banks, and private firms, among others.

Despite the fears, Indians remain careless about protecting their information, Gemalto found. Data hygiene is dismal, the survey showed, with over half the Indian respondents reusing passwords for multiple accounts. More than a quarter of the respondents haven’t secured their social media accounts with additional layers of security, like two-factor authentication.

Why should I care?

Nonetheless, nearly two-thirds of the Indian respondents said that the onus of keeping a consumer’s data safe should be in the hands of the business that holds the information.

“Consumers are evidently happy to relinquish the responsibility of protecting their data to a business, but are expecting it to be kept secure without any effort on their part,” said Jason Hart, chief technology officer of Gemalto’s identity and data protection division.

“…it’s now up to businesses to ensure they are forcing security protocols on their customers to keep data secure,” Hart added. “It’s no longer enough to offer these solutions as an option. These protocols must be mandatory from the start—otherwise, businesses will face not only financial consequences but also potentially legal action from consumers.”

And if things go south, Indians are more than willing to drag a business to court. The survey found that 96% of respondents said they’d consider taking legal action against the compromised business. But before that happens, perhaps they should consider fixing their passwords first.