Protecting Pa5$w0rds and Personal Information

In a digital age characterized by big data, Internet security is as much a concern globally as it is at the dinner table. Last month, news broke that a group of Russian hackers stole more than one billion user name and password combinations as well as more than 500 million email addresses. This came only months after the Heartbleed bug threatened the security of sites such as Yahoo and Facebook in April.

When such a breach occurs, Internet users are usually advised to change the passwords to their online accounts. Even if credit card information was not compromised, hackers could potentially use other personal information to attempt identity theft. But how many users actually take the extra measure of security by changing their passwords after a breach?

According to a survey conducted by the Pew Research Center at the end of April, only 39% of Internet users chose to change their passwords or otherwise protect their accounts after learning about the Heartbleed bug. Furthermore, only 29% of Internet users believed the breach posed a threat to their personal information. These numbers stand in stark contrast to the millions of websites said to have been affected by the bug, and to the 71% of adult Internet users that have a Facebook account as of September 2013. If most Internet users had the potential to be affected, why were so few concerned?

Changing a password is only a minor inconvenience, but to many, the benefit of keeping the same login outweighs the cost of potentially stolen information. While it’s true that frequent password changes are difficult to track, one could argue that the risk of stolen information simply isn’t threatening for many Internet users. For instance, it is commonplace for credit card companies to inform cardholders if there is suspicious activity on their accounts, so users are unlikely to assume any responsibility in the event of their credit card information being compromised.

What about personal information? Because most social networking sites are free, the sites make money by selling the users’ information, which is available to marketers for targeted advertising. This isn’t a secret; users are well aware that their privacy isn’t the top priority of sites like Facebook or Google, but for most, it does not warrant a call to action. While many notice that the ads on their sidebars are specifically targeted toward their demographics—a clear indication that their information isn’t strictly private—users often continue to use the same sites and divulge the same information. When Internet security breaches occur, many users don’t so much as bat an eyelid. This begs the question: in the world of big data, what would make someone change their passwords?

The University of St. Thomas offers a non-degree Executive Education program, Business Analytics Using Microsoft Excel® 2013, for those interested in learning more about analyzing data.