In today’s digital age, we give out so much of our personal information to third parties, whether it’s an online fashion store or a delivery giant, that many undervalue the risks of data disclosure. While entrusting your data to a third party should not be unsafe in any way, the dangers that can arise if that third party has poor cybersecurity and falls victim to a hack, following which the cybercriminals may put up the data for sale online, can be serious.
Even the smallest amount of information can be a powerful weapon in the arsenal of criminals. They can use this valuable resource for themselves or sell it on for profit, thus exposing the data to wider misuse.
The risks of data sale should never be underestimated, a fact that we are keen to highlight in our work as leading data protection lawyers. We advocate data breach victims who want to stand up for their right to proper data protection, so contact us to find out if you could be eligible for a compensation claim.
Data for sale online after account details stolen
As mentioned above, many of us sign up for new online shopping accounts without thinking about privacy, entering a few quick details to begin ordering a range of different products and services. We should be able to expect data security of all legitimate companies but, unfortunately, many are unable to meet basic data protection standards.
A recent Which? investigation reportedly found that millions of account passwords, from major companies such as McDonald’s, Tesco and Deliveroo, were found for sale on the so-called dark web. The data for sale online can be bought incredibly cheaply for each detail, especially when it is bought in bulk, which does happen. This can give criminals the information required to log in to compromised accounts, from which they could access further private information.
It is unclear as to what extent poor data security may have allowed criminals to access account details and then put up data for sale online. But, if the companies are responsible, they may need to seriously reconsider their current data protection measures and practices.
What can criminals do with personal data?
Although bank account or payment card details are often the most powerful tools to cybercriminals, allowing them to execute fraud and theft, there are indirect routes to financial gain which can be carried out with very few details. For example, with only phone numbers or emails, victims could be targeted with fraudulent messages known as phishing scams. In these scams, criminals can pretend to be reputable companies and lure unsuspecting recipients into handing over further personal information, such as bank account information.
Other criminal tactics can include scam calls or holding data for ransom to persuade victims to pay a ransom fee in the hope that criminals will agree to delete their exposed information.
Making a compensation claim
If companies are not prioritising data protection, they may have a lot to answer for if a data breach occurs. Putting up data for sale online is only one among many crimes that online fraudsters commit, so the dangers to data breach victims can be serious and, therefore, extremely distressing.
We can help those affected by a data breach to claim compensation for this distress, as well as any financial losses suffered. To receive free, no-obligation on your potential claim, simply contact us today and sign up for a call-back.