Companies send confusing alerts about data breaches
Isn’t this what I’ve been saying for more than a decade now?
Now there’s a study that agrees with me. Laurel Thomas-Michigan reports on a study called, “You `Might’ Be Affected: An Empirical Analysis of Readability and Usability Issues in Data Breach Notifications” by Yixin Zou, Shawn Danino, Kaiwen Sun, Florian Schau. She reports:
Building on their previous research that showed consumers often take little action when facing security breaches, researchers analyzed the data breach notifications companies sent to consumers to see if the communications might be responsible for some of the inaction.
They found that 97 percent of the 161 sampled notifications were difficult or fairly difficult to read based on readability metrics, and that the language used in them may have contributed to confusion about whether the recipient of the communication was at risk and should take action.
Read more on Futurity.
You can access the full report in html or pdf from here.