New North American Consumer Research by PCI Pal Shows Significant Financial Consequences for Businesses That Suffer COVID-19 Related Data Breaches

With 64 percent of Americans and 68 percent of Canadians avoiding a business for up to several years following a COVID-19 related hack, new PCI Pal research provides insight into consumer data privacy concerns for businesses operating remotely

CHARLOTTE, N.C.--()--Since the onset of COVID-19, the FBI’s Internet Crime Complaint Center, the IC3, reported a significant uptick in cybercrime targeted at individuals, businesses and government agencies. To better understand consumer sentiment around data security amid the pandemic, PCI Pal®, the global provider of secure payment solutions, recently conducted a survey of North American consumers. The research found that a staggering 64 percent of Americans and 68 percent of Canadians would avoid buying from a company that had suffered a COVID-19 related data breach for up to several years. Another 17 percent of Americans and 24 percent of Canadians said they would never return to the business.

“Cybercriminals are shamelessly opportunistic and growing alarmingly sophisticated. Capitalizing on the remote working situation and growing consumer fears around the pandemic, hackers are working around the clock to steal data for profit. With North American consumers rightfully holding businesses accountable for lax data security practices, businesses must meet the highest compliance and security standards if they want to build and maintain customer loyalty,” said Geoff Forsyth, Chief Information Security Officer, PCI Pal.

Surprisingly, only 38 percent of Americans and 40 percent of Canadians expressed more concern about companies handling their personal data securely since COVID-19. More than half of Americans (57 percent) and Canadians (56 percent) reported having the same level of concern around data security as they did before the pandemic hit. With the Identity Theft Resource Center reporting a 17 percent spike in data breaches in 2019 from 2018, these figures suggest that North American consumers are experiencing data breach fatigue.

“The number of high-profile data breaches in 2019 were astounding - Microsoft, LabCorp, Marriott, Nintendo, T-Mobile, Capital One, Quest Diagnostics, and that’s just the very tip of the iceberg. Consumers are generally jaded by the onslaught of corporate hacks, but that doesn’t mean businesses can put security on the back burner. Our research suggests that consumers will shop elsewhere if businesses fail to deliver on data security,” explained Forsyth.

When it comes to shopping with businesses operating remotely as a result of COVID-19, 76 percent of Americans and 83 percent of Canadians expressed concerns around sharing payment details or conducting financial transactions. As COVID-19 related scams proliferate, these figures suggest that businesses must be vigilant in protecting consumer data, in particular, bank account details and credit card numbers - further evidenced by data from Experian which found that 31% of data breach victims have their identity stolen.

“As organizations continue to adapt to the changing business and threat landscape, it’ll be crucial to prioritize data security. This will include adjusting business models to meet the highest standards of security and compliance across all customer engagement channels,” concluded Forsyth.

For more information on PCI Pal, visit or follow PCI Pal on Twitter.


PCI Pal® conducted market research through AYTM, surveying 2000 consumers across the United States and through 4Media, surveying 500 consumers across Canada, aged between 18 and 65 years, to examine data privacy issues related to COVID-19. The survey findings highlighted consumer concerns and business impact around data security in the age of COVID-19.


PCI Pal® is the global provider of secure payment solutions. PCI Pal’s cloud platform empowers organizations to take payments securely without bringing their environments into scope of PCI DSS and other card payment data security rules and regulations.

With the entire product portfolio served from PCI Pal’s cloud environment, integrations with existing telephony, payment, and desktop environments are simple and light-touch, ensuring no degradation of service while achieving security and compliance.

PCI Pal has offices in London, Ipswich (UK) and Charlotte NC (USA). For more information visit or follow the team on Twitter:


Willa Hahn
SourceCode Communications for PCI Pal


Willa Hahn
SourceCode Communications for PCI Pal