Analysts cite myriad reasons. Home Depot disclosed the breach shortly before Apple unveiled its latest gadgets and distracted us all, said Javelin Strategy & Research analyst Al Pascual. Unlike last year’s data breach at Target, it didn’t happen around the holidays, said Forrester Research analyst John Kindervag. “Data breach fatigue,” said Gartner analyst Avivah Litan.
We just don’t care. And why should we? After the hubbub around the 40 million credit and debit card numbers getting stolen from Target over less than three weeks last year, few of us actually felt defrauded. Banks replaced our cards. Some of us had money stolen, but by and large, it was repaid. There was no massive hit to our bank accounts.
Pascual, who right after the breach predicted that consumers would lose $4 billion directly and indirectly, now says that that number will likely be lower – and that’s because of banks' proactive response. More than half of the cards were replaced, ten-fold the number that normally are, said Pascual. The value of the card numbers on the black market plummeted amid banks decisive action.
“The response was kind of extraordinary,” said Pascual.
Will the reaction be the same again this time?
Don’t be so sure, says Pascual.
“You may not have the same degree of response,” he said. “Many issuers and banks reacted not only to the breach itself, but the brouhaha around it.”
And this time, with little uproar, financial institutions are likely to be less cautious about replacing cards, he said.
“If it’s not top of the mind for the public - [if banks are] not getting constant calls about it - they may be less incentivized” to replace cards, he said. Because of that, he said, “odds are that the rate of fraud because of the Home Depot breach will probably be higher [than at Target].”
The logic is a little akin to the way the vaccines’ effectiveness has led to an anti-vaxx movement among people who have never known anyone with mumps. People who aren’t the victims of credit card fraud get complacent about having their numbers stolen.
“All we [need] is the next polio outbreak and then people will see that it’s a really big deal,” said Pascual.
Not everyone agrees. Kindervag said that he expected banks to be as proactive as they had been over the Target breach. Companies may soon feel additional pressure to crack down on fraud because of competition from the upcoming ApplePay, a contactless payment system that will be available on the iPhone 6 and iWatch, which may be more secure, he said.
Litan also said that banks are likely to keep up their anti-fraud efforts, saying that financial institutions are motivated by profit, not public relations.
“They’re liable for the fraud, [and in some cases] it’s cheaper for them to go ahead and reissue the cards,” in addition to their other fraud mitigation efforts, said Litan. “It’s not like they did it out of the goodness of their heart.”
--Written by Simone Baribeau for MainStreet