01/27/2017

Americans don't agree on much these days, but on one topic, we're united -- most of us have been data breach victims, according to a new study.

Democratic Party leaders were famously hacked, possibly by the Russian government. Hackers made off with private information from at least 1 billion Yahoo email accounts. Records of the World Anti-Doping Agency were stolen and released.

The list goes on, and, according to a study from the Pew Research Center, at least 64% of Americans have personally experienced a major data breach, while 49% feel that their personal information is less secure than it was five years ago.

Pew also found that 41% of Americans have dealt with fraudulent charges on their credit card, and 15% have received notice that their Social Security number had been compromised. A substantial majority (70%) of Americans anticipate major cyberattacks in the next five years on our nation's public infrastructure.

Perhaps more ominously, many Americans lack faith in government and business to keep their information safe. They express concern about telecommunications firms and credit card companies but have even less faith in the federal government and social media platforms.

In fact, says Pew, 28% of Americans are not confident at all that the federal government can keep their personal information safe and secure from unauthorized users, while 24% of social media users lack any confidence in these sites to protect their data.

It begins at home

Given this somewhat alarming lack of confidence in business and government institutions, you might think that Americans would respond by tightening up their own cybersecurity measures.

Not so. The study found that consumers largely fail to pursue even the simplest method of protecting themselves by ignoring password safety guidelines.

Only 12% of internet users say they use password management software, with about two-thirds saying the simply memorize their passwords while 18% write them down on a piece of paper.

"In other words, fully 84% of online adults rely primarily on memorization or pen and paper as their main (or only) approach to password management," Pew researchers said. As a result, many if not most use the same or very similar password for most of their online accounts.

About 25% said they use simple, easy-to-guess passwords because -- no surprise -- they're easier to remember.

Cybersecurity experts find this surprising, given the large number of highly effective, free, and easy-to-use password management tools, like LastPass, KeePassX, Dashlane, and Sticky Password, to name just a few. These and many others have both free and paid premium versions that will not only remember your passwords but also generate new, secure ones and keep all your devices in sync. (PC Magazine recently rounded up the best of the latest password managers).

Why so lax?

Why are Americans so lackadaisical about cybersecurity when they feel so threatened by imaginary or at least highly unlikely threats dreamed up by politicians, scam artists, and snake-oil peddlers of various descriptions?

Good question. The Pew study didn't offer any answers but did confirm the "What? Me Worry?" attitude that seems to prevail. Researchers found that fully 69% of adult Americans say they don't worry about how secure their passwords are. Even those who have experienced a major data breach generally don't do anything to prevent the next one from happening.

Ah, but when it comes to encryption -- a method of coding data that makes it difficult if not impossible to decipher -- Pew found American consumers lined up along the same lines that so markedly divide them politically, almost as if encryption were a metaphorical wall.

About 46% believe that government forces should be able to decipher encrypted communications to spy on individuals while 44% believe that technology companies should be able to use encryption that governments can't hack.