Home Page » Backup Systems Disaster Recovery Blog » New research shows how cyber-attacks damage customer confidence

New research shows how cyber-attacks damage customer confidence


British Airways (BA) has been involved in a cyber-attack yet again. The second high-profile attack in as many years. This time the firm that manages BA’s executive club members got hacked. So how does this affect customer confidence?

We tend to think of cyber-attacks as a problem the IT Department needs to solve. But if it damages customer confidence then the Marketing team need to also be concerned.

To add some evidence on the issue, we commissioned independent research with a very simple question; “After a company has been the victim of a cyber-attack and personal data has been stolen, how would you react if you were a customer?”


The result from over 200 UK consumers is on the chart.

Some may take comfort from the fact that 27% would continue to use the company affected. Indeed, only 28% would use a new company.

But perhaps the most damaging result is the 45% that ‘may’ use a new company. They are the largest cohort and are people that could easily be persuaded by a competitor to switch allegiance.

Even more worrying is they are highly unlikely to recommend the brand to friends and family. Their confidence has been damaged.

The rising number of attacks affects everyone

High profile attacks, such as BA, Woodland Trust and Amey, grab the headlines, but they mask the huge number of phishing, ransomware and cyber-attacks that affect thousands of organisations every day.

In the latest attack, BA did the right thing and informed all the customers that may have been affected. No doubt Sita, the Swiss-based company that manages BA’s executive club data, would also have informed the data regulators as part of their GDPR commitment.

Although Switzerland is not part of the EU, Sita would still need to inform the data regulators within 72 hours of the data breach. That’s because the data included information on EU citizens.

Organisations in the UK also have a legal duty to inform the Information Commissioner’s Office (ICO) and any customers affected. So there is nowhere to hide if you are a victim. Everyone will know.

A third attack on BA may leave travellers questioning if their personal data is in safe hands. Very few companies have a monopoly and customers always have a choice of supplier.

The role that data security plays in customer acquisition and retention has not really been explored. However, our research shows it has an effect on customer confidence.

We will be conducting more research on this and other data security subjects. Please sign-up for our Backup Bulletin if you want to be kept informed.

Share this article with colleagues:

Recent posts: