target
Bebe Triplett checks out her purchases at a Target store in Dallas. Reuters

Shoppers say they’re concerned about credit card fraud after this year’s spike in retail data breaches, but their clicks and purchases tell a different story: They’re not retreating from retailers — or from using plastic cards.

Nearly half of Americans say they try to avoid shopping at stores hit by hackers in the last year, including Home Depot, Kmart and Target, according to surveys by mobile commerce company Omlis and by CreditCards.com. But annualized in-store sales among brick-and-mortar retailers are growing in the single digits and online sales are expanding by double digits.

“Most retailers out there continue to see online sales gaining strength,” said Brian Yarbrough, senior retail analyst at Edward Jones. “If people were worried, they wouldn’t be buying online, because you have to use a credit card or debit card.”

In stores, consumers are using cash slightly more, but only for transactions below $20, BCG analysts say. The average transaction above $100 is usually paid for with plastic, much unchanged from past years. According to Bankrate.com, 38 percent of in-store Black Friday shoppers say they will pay with cash, 34 percent plan to use debit cards and 24 percent plan to use credit cards.

So far this year, at least 644 data breaches have been reported, a 25.3 percent rise from the same period last year, the Identity Theft Resource Center says. Hackers have stolen millions of customers’ email addresses and credit and debit card information given to Target, Neiman Marcus, Michaels, UPS, Dairy Queen, Goodwill and others.

Nevertheless, online shopping on Thanksgiving is expected to increase 27 percent from last year to $1.35 billion, Black Friday shopping by 28 percent to $2.48 billion, and Cyber Monday shopping by 15 percent to $2.6 billion, according to the industry’s closely watched holiday forecast from Adobe, which sells e-commerce analysis software to thousands of top retailers. Retail sales overall in November to December are projected to increase 3.5 percent to 4.5 percent from last year by trade groups and consulting firms, like the National Retail Federation, Deloitte and FTI Consulting.

According to Klarna, a Swedish e-commerce company that works with retailers such as Zara, more than two-thirds of American millennials, ages 18 to 33, say they’re concerned or very concerned about credit card fraud and identity theft. Retailers are focused on millennials’ shopping habits, such as reading product reviews and price comparisons online before buying off the Web or in stores, because their spending is projected to grow from a current $600 billion a year to $1.4 trillion by 2020, according to consulting firm Accenture.

“I’ve been surprised at both the consumer sentiment that suggests in reality that millennials are, if not equal, very close to equal in their concerns about the use of data and their data privacy, and the persistent belief that exists in the more broadly defined marketing and retail community that that is actually not the case and they are actually quite insensitive and unconcerned about those issues,” said John Rose, retail analyst for Boston Consulting Group.

The “year of the hack,” so dubbed by tech and retail analysts, hit Target the hardest. Credit and debit card and contact information from more than 110 million customers was exposed. The nation’s No. 2 retailer behind Walmart posted its lowest store traffic in three years shortly after the breach was announced in January. First-quarter profit fell 46 percent and second-quarter earnings fell 16 percent, but third-quarter earnings, announced last week, rose by 2.7 percent.

But the cost to Target, about $140 million, is much less than T.J. Maxx’s in 2006 when it suffered a similar but much smaller data breach, said Alan Rifkin, a managing director and senior equity retail analyst for Barclays.

Home Depot cited its data breach between April and September as an impact to earnings in its latest quarterly report, but profit rose 12.3 percent and sales increased 5.4 percent.

The trend indicates a new normal. Consumers are becoming immune to data hacking, Yarbrough said. So while cybersecurity experts say more data breaches this holiday season are a near-certainty, shoppers are going to shop.

“At the end of the day, it’s a pain and you may have to get a new credit card,” Yarbrough said. “But most of the time it doesn’t cost customers anything.”