• Vaultree

What Happens With My Hacked Data?

Updated: Apr 28



In one of our articles we listed the severe negative impacts of a data hack on companies. Besides brand damage and long-term reputational loss, the direct impacts on revenue through churning clients and post-hack costs are resulting in many businesses failing as a result of these data hacks/leaks.


But let’s drill one level further to the consumer, YOU. What actually happens when your data is leaked? Are you personally affected by this? And if so, what can happen if the worst nightmare becomes reality and somebody takes control of your data in a fraudulent way?


Well, first of all we have to clarify what kind of data could be exposed: It can range from personally identifiable information (PII) like your ID or social security number, to sensitive medical records and sensitive information like credit card information, account usernames, and passwords.


All this information can be used in some way to your disadvantage. Unfortunately there are many disadvantages just to list some should be sufficient to paint the picture for you:


With account login data (username, email address, birthdate, etc.), malevolent people can either conduct purchases in your name and/or access further confidential information. While your social security number can be used, for example, to open new lines of credit, file fake tax returns, rent illegally an apartment, create fake citizenship documents, etc., your credit card will very likely be used for some sort of financial fraud or theft. In 2020, only in the US there were 4.7 million consumer complaints ranging from identity theft, fraud, to problems related to credit bureaus, bankers and lenders. Sadly, the current pandemic proved to be very fertile ground for identity thefts, mounting up to a whopping 1.4 million in 2020, doubling the number from 2019.


Considering the above, it becomes apparent that we have to protect ourselves. But how?

Before looking into what we have limited influence on, let’s check out some very simple but effective measures we can all take in order to reduce the likelihood of cases in which sensitive personal data is stolen, or at least mitigate the effect once our data is left disclosed and therefore vulnerable.

  • Check out our 10 golden rules to safely surf the internet with many tips like never using the same password for multiple accounts, applying two-factor authentication if available, and creating a strong password to prevent criminals from logging into your accounts.

  • Look into using identity theft protection.

  • Place fraud alerts on your credit files and cards.

  • Go to your government's identity theft site to report any identity theft and create a personal, step-by-step recovery plan.

  • Activate a fraud alert or freeze on your credit report, preventing people from opening credit accounts in your name, as an alert will require lenders or creditors to check your identity.

  • Switch to online banking, billing and financial statements, so that you receive less sensitive information via postage. Check these regularly and contact the bank or card provider right away if you realise any suspicious activity.

Nevertheless, these measures are only one way to prevent negative impacts of your data being stolen. The other way lies only partially within your influence because it is the responsibility of the companies you entrust your data with. It is essential for them to use a strong solution to protect your data and unfortunately current cybersecurity solutions are not strong enough or simple enough for the majority of businesses to implement. So this is what you can do here:

  1. Always feel free to contact the company’s customer service to request information on how they store and process your data. Unfortunately, businesses assume they are secure but 98% of solutions are not sufficient, so go ahead and suggest a solution like Vaultree’s, which is not only strong but at the same time affordable for any type of business and very easy to implement and use.

  2. Always give preference over service providers which actually care about your privacy and do not request access to multiple unnecessary personal information, and lets you give them a waiver over the unlimited usage of your information in their privacy policy and terms of use. A data protection regulation like GDPR does not mean that companies are automatically treating your data in a secure manner, it just provides the framework. In the end, only a smart toolkit provides the necessary safety.