Research: Ransomware Significantly Affects Customer Loyalty

In spring 2023, Object First launched a study to gauge consumer perspectives on ransomware attacks and their expectations from companies entrusted with their personal information. Gathering responses from 1,000 U.S. consumers aged 18 and above, the survey provided key insights into varied generational responses to ransomware incidents. The data underscores the imperative need for businesses to bolster their ransomware prevention and data recovery strategies to uphold customer trust and retain loyalty in the face of increasing cyber threats.

1. 75% of consumers will switch to a competitor if a company experiences a ransomware attack

Consumers are more aware of cyberattack repercussions and want more from the vendors they entrust their data to. 39% of consumers are very likely (36% somewhat likely) to switch their business to a competitor if their current vendor experiences a ransomware attack in which their data was stolen or lost indefinitely. If vendors suffer a second attack, 61%  say it will change their perspective on the company’s data protection and recovery practices. However, it’s not impossible to win trust back; consumers also shared their preference on handling a data breach. While 37% of Gen Zers value an apology from companies (ranking 12% higher than financial compensation), Baby Boomers are less forgiving. 74% agreed their trust vendors changes completely after suffering more than one ransomware attack, compared to only 34% of Gen Z.

Bar chart showing consumer loyalty after a data breach, with 30% very likely and over 20% somewhat likely to switch to a competitor, against a smaller percentage not at all likely or dependent on impact

2. 81% are worried about cyberattacks against personal data

Consumers are concerned about their personal data being stolen by cybercriminals, with 81% indicating they are very or slightly worried. Additionally, 40% said they are not confident that companies/organizations are adequately protecting their data, and 23% shared they have already had their personal data compromised by a ransomware attack.

Bar graph depicting consumer concerns about data breaches, with over 35% very worried, another 35% slightly worried, a smaller percentage neutral, and the least not worried

3. Almost all (92%) expect vendors to have some sort of data protection strategy in place

55% prefer vendors to have all the following protections in place: data backup and recovery, password protection including multi-factor authentication, and identity and access management. Additionally, consumers are taking matters into their own hands by following privacy best practices – 48% avoid submitting personal information to create new accounts, profiles, etc., and 44% change their passwords every three months.

Bar chart illustrating that over 50% of consumers value a combination of backup & recovery, password protection, and IAM as data protection practices, with lower percentages for singular strategies

*Source: April 2023 Dynata survey of 1,000 U.S. based consumers ranging from 18+ years of age.