Breached: What It’s Like to Have Your Payment Data Stolen

By Kirsty Pritchard, Project Manager

While I’ve always been well aware that data breaches are a far too common occurrence, I had never stopped to think about how I would react if I happened to become a victim of one myself. Unfortunately, a recent experience has meant I’ve had the chance to find out.

It all started with an unusual text from my bank. So, being the responsible consumer that I am, I called the number they supplied in the message to get some more information, only to find that a large sum of money had been deducted out of my account. Apparently ‘I’ had paid online for goods from a well-known high street retailer. The only problem? I hadn’t made that purchase.

As the panic started to set in, I couldn’t help but ask a million questions – how did this happen? Is this a legitimate number I’m calling? Should I check who I’m speaking with? What if I’m giving my information to someone I shouldn’t be? Anyone who has gone through what I have will understand the panic and alarming lack of control.

Speaking with the contact centre agent at the bank presented its own challenge. With a barrage of questions and answers, I felt as if I was being treated as the perpetrator, rather than as the victim of a crime. It’s understandable that they need to verify that I am who I say I am, however, the situation only served to add to my stress levels.

Once it was clear that I was telling the truth, the money was placed back into my account and the card was cancelled. In an ideal world, this would have been the perfect solution. But unfortunately, I had planned to travel into central London, on a tube strike day no less, and I was left to struggle through the inconvenience of living without a payment card for four days.

Even after I had spoken to the bank, I was still paranoid that it had all been a scam and that I’d provided my details to a fraudster. To allay my fears, I called the bank back and they put me in touch with the fraud department, who reassured me that I had indeed spoken with them initially. They also let me know that the retailer had seen a number of other fraudulent transactions that morning. But nonetheless, I kept checking my bank balance to make sure another suspicious transaction didn’t slip by me unnoticed.

At the end of the day, the experience was incredibly distressing. While I can’t say I’m happy that it happened to me, at least I now know the reality of what it is like for thousands of consumers who are the victims of data breaches. And I can say with certainty that I will be holding every company that I do business with accountable for the privacy and security of my personal details.

After all of this, there are a few tips that I think every consumer should keep in mind, should they find themselves in a similar position:

  1. If you are called by someone claiming to be from your bank, don’t take it for granted that they’re telling the truth. If anything seems suspicious, tell the person that you will return their call on the company’s official number, which you can find easily online. It’s also best to call back using a different phone from the one they called you on initially.
  2. If you do determine that the call is genuine, don’t let your guard down; if you’re asked to read any sensitive personal details out loud (date of birth, address, payment card number), ask if there are any other ways to provide these details, i.e. typing them into your telephone keypad.
  3. Review your online security. In this day and age of social media, it is far too easy for fraudsters to find out simple details that are typically used to verify your identity e.g. pet’s name, first school or mother’s maiden name.

With these tips in mind, you’ll hopefully be a more conscious consumer and avoid the situation I recently found myself in. Even if you do, just know that it’s not the end of the world, and there are ways to amend the damage.

Breached: What It’s Like to Have Your Payment Data Stolen
Semafone