Put another way, 40 million would be a very big number if we were talking about people filing for unemployment, sick with a virus or displaced by a natural disaster. But when it’s people victimized by a data breach, it hardly registers.
“I think the public is already at the point of seeing tens of millions of customer accounts compromised as a non-story,” Maurice Turner, cybersecurity fellow at the German Marshall Fund’s Alliance for Securing Democracy, told me.
That breach fatigue has made it harder for any single data breach to galvanize action in Washington or state legislatures.
“The sheer volume of this latest breach … can make it difficult to appreciate the tremendous damage being done to individuals when their information is seized by hackers,” Rep. Jim Langevin, co-chair of the Congressional Cybersecurity Caucus, told me.
It has also made it far more difficult for cyber educators to persuade people to adopt better behavior, such as adding extra authentication procedures to access accounts and not clicking on suspicious-looking links.
“There’s a sense of learned helplessness, Lisa Plaggemier, interim executive director of the National Cybersecurity Alliance, which advocates for good cyber hygiene, told me. “There’s a sense that, ‘this is going to happen no matter what I do, so I’m not going to do anything because it’s out of my hands.’
Source: Washington Post