5 Min Read

How Credit and Dark Web Monitoring Can Help in the Event of a Data Breach

Read More

By Patrick Hill & Hans Allnutt

|

Published 31 January 2022

Overview

In today’s digital economy, data is more valuable than ever. It can help businesses better understand their customers and deliver the fast, easy, safe, and personalised experiences that consumers expect. This is made possible by people sharing their data identity — a comprehensive profile and a powerful, personal asset that influences the finance, opportunities, experiences and offers an individual can access. But the value of each data identity in our society means it can be highly damaging if that data is lost or falls into the wrong hands. We’ve seen leading companies around the world experience very public data breaches in recent years, with the reasons ranging from employee error to cyber-attacks and malware. Each instance has the potential to put consumers at huge risk and damages their trust with the organisation responsible.

Recent research conducted by TransUnion found that more than one in four UK businesses experienced a data breach in the past 12-months, with 83% of businesses believing that the threat is now greater than ever.

With 30 billion IoT devices expected to be in homes and offices globally by 2025 – the equivalent of four per person – and 127 new devices connecting to the internet every second, the risk of cyber-attack is certainly growing. CEOs and business leaders across the UK are more engaged than ever on the topic of cyber security with the GDPR amongst other things on their minds, but many organisations still don’t have a full plan in place, including what to offer data subjects affected by a data breach in the future.

What is Credit Monitoring?

A credit monitoring service acts as both a personal assistant and watchdog when it comes credit. TransUnion’s TrueIdentity solution provides users with on-demand access to their credit history, allowing access to their credit report as often as required. It watches the credit report and alerts the user via email whenever there are changes to any of their accounts.

These updates can include loan applications, new bank accounts or store cards but also updates to existing financial accounts such as when a balance has increased. We’ll also update the user if we have negative information to share, like a late payment reported by a creditor. These notifications help alert the user to any potentially fraudulent credit-related activity and identity theft.

How Does Credit Monitoring Help?

Credit monitoring alerts are a powerful tool to provide confidence to those who have had data exposed in a data breach. By proactively offering a solution like TrueIdentity, businesses will be able to demonstrate that they are taking the loss of data seriously are taking steps to minimise the potentially harmful consequences of the data breach.

Our research showed that 16% of UK consumers say either data breaches and/or identity theft have impacted how they think about their credit or personal data.

In most cases, our clients provide an offer of credit monitoring at the same time as notifying the affected individual of the data breach by email or post. This can take some of the heat out of the situation and can be helpful in minimising the obvious reputational damage suffered following a data breach.

Furthermore, the offer of credit monitoring has been viewed as a mitigating factor in numerous data breach investigations conducted by the Information Commissioner’s Office (ICO).

Our partners at DAC Beachcroft have seen a significant uptick in the volume of compensation claims which arise out of data breach incidents. Providing a solution which protects the individual from identity theft and the associated financial loss, can also have a positive impact on the outcome of these claims.

Dark Web Monitoring

Phishing has been a common method of targeting businesses for some time. Nearly three quarters (74%) of businesses say the rate of phishing emails received has increased over the past three years. However, in the past 12 months, 94% of businesses have been targeted by these emails.

With phishing scams and human error common causes of data breaches, the role of the deep and dark web in laundering that data and coordinating attacks is a growing concern. In these communities, joining ransomware groups is seen as a way to use personal data gained via phishing to get easy money from businesses.

Data gleaned from phishing and ransomware attacks is increasingly being sold directly on deep and dark web forums, rather than traditional black markets, meaning data can be sold off faster than ever once stolen.

Therefore, dark web monitoring, as offered by TransUnion’s TrueIdentity platform, is an increasingly important part of responding to a data breach. The service searches for potentially exposed personal, identity and financial information to help protect consumers against identity theft.

Conclusion

With UK consumers often choosing to walk away from an organisation after a data breach, giving a clear signal that you are doing everything you can to protect customer identity can make all the difference — helping to retain customers, reduce reputational risk and protect individuals every step of the way.

Mark Read
Head of Data Breach Solutions
TransUnion

Sources:

TransUnion Ebook – Data Breach Support for Businesses – September 2021
TransUnion Consumer Pulse Report August 2021

Key Contacts