Everyone reading this has probably had personal information exposed in a breach. They happen frequently these days; companies you've entrusted with your data are hacked often enough that your email address, phone number, or—worse—passwords, Social Security number, and credit card information are compromised. That data can be sold on the Dark Web or simply posted for anyone to see.
It happens so often that many of us are complacent about it. That's the takeaway from a survey conducted by The Identity Theft Resource Center (ITRC) and DIG.Works of 1,050 adults in the US. You can see the donuts full of stats below (click the arrows to cycle through them). The pertinent info is this: 73% say their data has been breached; 72% can confirm it, having received a notice from a company that was breached. And of that 73%, almost half did the bare minimum required (changed their password on the breached account). Sixteen percent said they did bupkis.
There should be a happy medium for adequate responses to data breaches, but perhaps there isn't. Some victims were panicked enough to change all their passwords (22%) or freeze their credit (3%).
Only 11% said they enrolled in a credit/data monitoring service such as HaveIBeenPwned. Everyone should, though: They're free!
Why did 16% of people do nothing? Some believed the breached company would take care of everything (but they can't—no one can get the data genie back in the breached bottle). A fatalistic quarter were resigned to the data already being out there. A few were confused about what they could do. A handful said they thought the breach was a scam, so why bother doing anything? Only 8.9% said they belong to a service they paid to help protect them in a breach.
As always, a little preventive action and a dose of common sense is the best protection. We cover all that and more in our story, So You've Been Pwned: What To Do When Your Private Data Goes Public. Follow the recommended steps, such as using a password manager and enabling two-factor authentication on your accounts, and maybe you can prevent your private information from being stolen.
Head over to the ITRC report for more insights from their research, including the usual scary stats about how many people reuse the same password over and over on multiple sites and services.