Study sheds light on poor online habits behind data breaches in Malaysia

A study commissioned by Google and conducted by market research agency YouGov last month shows that nearly three in five internet users in Malaysia have experienced a personal data breach or know someone who has, with poor security practices and the habit of “recycling” passwords identified as possible factors.

The study, which involved over 13,000 respondents aged 18 and above across Hong Kong, Japan, Korea, India, Indonesia, Malaysia, Philippines, Singapore, Taiwan, Thailand and Vietnam, found that 80% of respondents in the country were using the same passwords for multiple sites.

Of these, two in five or 45% said they recycle passwords for up to 10 unique sites, with 40% saying they worry about forgetting new passwords and 41% citing convenience.

Meanwhile, 51% of respondents said they use “guessable” passwords or those that are easily cracked, with combintations of significant dates, significant others, pet names and even postal codes.

Another 25% said they save their passwords in the “notes” app on their phones.

Noting the e-commerce boom heralded by Covid-19, Google said online activity had grown to the point where the average internet user has 25% more passwords than they did before the pandemic.

“This brings the average person to owning a whopping 80 passwords or so,” it said in a press release, adding that password recyclers are almost twice as likely (13% vs 7%) to have their financial data stolen online.

It said breaches occur “often anywhere that data is being shared”.

The study found that 57% of respondents have no qualms about sharing their passwords with friends or family, and also share their passwords with streaming platforms, food delivery services and e-commerce sites for shopping.

In terms of online transactions, 60% said they make purchases on pages without the secure symbol while 70% of respondents who save financial information online also share their passwords with friends and families, putting themselves at greater risk of a personal data breach with passwords used across multiple devices.

“The sum of these bad habits may have resulted in 57% of respondents in Malaysia experiencing a data breach or knowing someone who has,” it said.