James Walker: Take the initiative when precious data is hacked

Marriott Hotels faced a fine of almost £100m. Picture: Scott Olson/GettyMarriott Hotels faced a fine of almost £100m. Picture: Scott Olson/Getty
Marriott Hotels faced a fine of almost £100m. Picture: Scott Olson/Getty
We trust businesses and organisations with a huge amount of our data. But what happens when that trust is misplaced?

Millions of people got a nasty surprise recently as British Airways and Marriott Hotels were given enormous fines for allowing their customer’s data to be compromised. But these businesses are just the first to be fined under the new GDPR rules – expect many more to follow. Over the last year banks, ticket companies, retailers and many other business sectors have hit the headlines either for revealing their customers’ private details or having computer systems that hackers found easy to compromise. But if you’ve been affected,what are your rights?

Well, the rules say that a business has to tell you if you’ve been “seriously affected” by a hack or data breach. Of course, many firms simply don’t know the scale of the hack or what some fraudsters may or may not have seen. So we’d expect them to tell you if there’s a possibility your data has been compromised. However, don’t wait for them to get in touch. Make a complaint or send an enquiry to them if you’re concerned – you can do this through Resolver for free by visiting the website below.

Your rights

Hide Ad
Hide Ad

Traditionally, it’s always been rather hard to draw a direct link between your data being compromised and fraudsters stealing money from you or using your identity as a result.

That’s why Resolver believes that more resources must go into tracking the sources of fraud, rather than just patching things up after the fraud has occurred – tell your MP! However, if you are making a complaint to a business that you think has compromised your data here’s what to mention:

 List any unique or specific data that the business had that you know has been used by the fraudster. This could be passport numbers, reference numbers, passwords or security questions and their answers.

 Explain what happened with the fraud and how it occurred after or around the time you heard the news of the data breach.

 Explain what you’ve lost in terms of actual money and money you’ve lost as a “consequence” of not having funds or being able to use them.

You should also explain whether the fraud has had an emotional impact on you if you’re looking for further compensation.

Hide Ad
Hide Ad

What to do if you’re 
worried your data has 
been compromised

 Change your passwords. Fraud is actually really low-tech. Fraudsters find one password and username and enter it in to every shop, bank or credit provider to see if they get a hit.

 Replace them with different passwords for banking, shopping, fun stuff and bills and utilities. That way if one “batch” of passwords is compromised you don’t have to spend ages going through each website.

 Keep an eye on your credit report – though just the free ones. You should never have to pay the full £15 a month for the “premium service”. You have the right to your full “statutory” credit file for free and you can change or dispute things too.

 Your bank or card providers can shut down accounts and transfer the details over to a new one in a worst case scenario. This includes all your regular payments. Don’t be afraid to ask for this.

Related topics: