By Phillip Adcock, Managing Director, Shopping Behaviour Xplained Ltd

Shopping online has become the standard way to do things. But with many shoppers wary of online services, site owners should be aware that there are serious consequences for sites that have been hacked.

With it becoming easier and easier to have your identity stolen, shoppers are becoming hyper-cautious, with many people afraid to bank online due to security fears. In addition, Google has stiff penalties for hacked sites with consequences that can be hard to reverse.

Younger generations are the most likely to use online services, with 65% of millennials using their phones to shop online. As well as being more technologically savvy, they often work long hours. The convenience of not having to shop in-store and instead have products delivered is attractive, with many choosing to shop online over physical stores.

But as well as being quick to adopt online services, they are quick to jump ship if the site is having security issues, especially if the site has been hacked. This, in combination with Google’s policy of delisting sites with security issues, means that you need to pay a lot of attention to your online security.

Loss of Customer Trust: The Short-Term Effects of a Hack or Data Breach
Hackers like to make their work obvious to the site owner and visitors, leaving a signature of some kind. And even when they don’t, they often leave behind malicious code which is visible to Google.

If you are hacked, many customers will leave you out of fear for their own online privacy, whether their information was leaked or not. It’s little wonder, as a hacked site is inherently unsafe. It may bombard your customers with ads or even steal their payment information. The recent hack of TalkTalk led to a loss of 101,000 customers.

But what happens in the long term after a breach?

The Long-Term Effects
You might think that once the malicious code is removed, your site can return to its former ranking and reliability. But it’s more than likely that the hacking activity will have been noticed by search engines. Google is quick to penalize suspicious activity, with penalties including having your site delisted from Google altogether. That may not sound too major an issue. However, most of the world uses Google as a search engine, with
processing around 40,000 searches per second. It is likely that the majority of your traffic will be coming from there.

Penalties from Google are difficult to remove and your site’s trust rating can take time to heal. In some cases, with a low-ranking site, it is better to start again with a new domain. This may sound drastic, but a website that no one can find is essentially useless.

Why Does Google Downgrade?
You might be wondering why Google downgrades sites if it has such a drastic effect on the sites that it hits. In short, Google has its own reputation to maintain. By delisting sites with spammy or negative behavior, Google gives more reliable results and prevents users from visiting sites with malware. Google’s search engine covers millions of sites, so rather than visiting each one manually, Google has software that detects suspicious activity. Telling the difference between a site that was hacked and then restored and a site owner with consistently suspicious behavior is tricky, so Google errs on the side of caution.

What Can You Do to Protect Your Website?
The best way to protect yourself is to be prepared and to have up-to-date online security. Know who you need to contact in the event of a hack and move quickly. The smoothest way to restore your site is to keep previous versions of your site on-hand to replace it with, should there be any issues.

Like any business, you should also have a backup plan ready and waiting in case the worst happens and your site is delisted. For example, are you able to increase your social media following through giveaways or paid advertising? Or would you benefit from email marketing (perhaps offering vouchers to any customer who has been affected)? The key is restoring customer trust.

About the Author
My name is Phillip Adcock and I am the founder and Managing Director of Shopping Behaviour Xplained Ltd. We use psychological consumer insight and retail technology to explain and predict customer behavior. SBXL operates in seventeen countries for hundreds of clients, including Mars, Tesco, and B&Q. Phillip can be reached online at or on Twitter @SBXplained, Facebook, LinkedIn, and our company website