User Perception of Data Breaches

Zahra Hassanzadeh, Robert Biddle, Sky Marsen

Research output: Contribution to journalReview articlepeer-review

1 Citation (Scopus)


Background: Data breaches happen when an unauthorized party gains access to personally identifiable information. They are becoming more common and impactful, raising serious concerns for individuals as well as companies.

Literature review: Although there is considerable literature on users' mental models in security and privacy, there has been limited study of mental models related to data breaches.

Research questions: 1. How do users understand data breaches? 2. What are their perceptions of the causes, responsibilities, and consequences, as well as possible prevention and appropriate follow up?

Methodology: We explored end-user understanding of internet data breaches by conducting a study with 35 participants. They were asked to draw their understanding of data breaches and answer some open-ended and closed-ended questions afterwards.

Results/discussion: Although their drawings varied in detail and complexity, we identified four patterns in the participants' drawings: they illustrated abstractions of attacks to gain administrator access, end-user access, backdoor access, or access using database server vulnerabilities. We found that participants had a basic model of how an internet data breach happens, but with significant uncertainties regarding system vulnerabilities, causes, consequences, prevention methods, and follow-up steps after a breach.

Conclusions: In all, end-user mental models of internet data breaches are basic and show gaps that emphasize the need for improved communication to increase users' awareness and help them hold companies accountable.

Original languageEnglish
Pages (from-to)374-389
Number of pages16
JournalIEEE Transactions on Professional Communication
Issue number4
Publication statusPublished - Dec 2021


  • Cybersecurity
  • internet data breaches
  • mental models


Dive into the research topics of 'User Perception of Data Breaches'. Together they form a unique fingerprint.

Cite this