The Personal Impact of Data Breaches

December 2018
An Equifax hack results in millions of Social Security numbers, birthdays, addresses, and driver’s license numbers being stolen. A Cambridge Analytica data breach exposes the details of 50 million users. Hundreds of millions of pounds have been stolen from banks around the world that have been the victim of enterprise cyber attacks.  

Despite the huge amount of data breaches that occur in companies both large and small around the world, the real implications of having your data stolen can sometimes seem removed from everyday life; after all, it’s not like someone has broken into your house and stolen something right out of your hands. You might not want you information being used by criminals for fraudulent activities, or money being taken from your bank account, but there are systems in place to prevent it affecting you in the long run. We know that our details may have been taken but the odds of anything negatively impacting your day-to-day life aren’t that large are they? But it does happen.


On a recent work trip to Las Vegas for the World Crypto Con I found myself unable to use my debit card. I found this out after a long flight with no sleep as I was trying to pay for the resort fee of my hotel. I was not too happy but my first thought was that my bank had blocked my card for being used abroad (as someone who has never been to Vegas and doesn’t gamble it might have triggered some safeguards in an attempted payment in a casino-hotel) but there was no notification from my bank to this effect. I had to investigate further.


Following a number of long and inconvenient phone calls I managed to determine the reason for my card issues. A while beforehand, a merchant I had used my card with had been hacked and data had been stolen. My bank could not confirm whether or not my details had been amongst those stolen and would not name the merchant involved but, as a precaution, they had blocked my card from being used online. Despite being able to prove who I was and an offer to provide verbal approval for transactions, or even just to have the block lifted for a couple of days, my card remained blocked.


Whilst on a normal day this would have been an inconvenience, being in a foreign country and accustomed to relying on card payments, it became a more significant problem. Much of how we transact is now online – much more than I had realised until the possibility was restricted. To start with, paying the resort fee for my hotel room was not possible (the hotel using an online-payment-based system), which meant that after an 11 hour flight and long wait through immigration, I had to spend time finding a cash point (which of course charged for withdrawals) before I could gain access to my room and prepare for the next day’s work. Secondly, for the duration of my trip and on my return home (where my replacement card would be waiting) using Uber was not an option, which meant I was reliant on traditional taxis and had to pay in cash. In addition to this, I had been trying to make an online purchase of a present for a family member whose birthday I would be missing – a purchase that was now not possible. Ordering items online for the trip, accessing some wi-fi, paying for extra luggage allowance for my return journey; nothing that I needed to make an online payment for was accessible (if only payment in Bitcoin had been an option!).  


Fortunately I was able to sort out solutions for everything but it was a lot of hassle and it wasted a lot of time when time was at a premium. I was in the middle of this, lamenting why we have to put up with this type of situation, when I suddenly realised that blockchain technology is attempting to stamp out exactly this kind of issue. If I had been able to use bitcoin - a decentralised currency under my control - my funds would have been secure I would not have been cut off from access to them when I needed it; similarly, if the merchant I had interacted with had been using a self-sovereign Blockpass solution to secure identities then being hacked would not affect the users.


The goal of Blockpass’ human identity application is to provide cryptographically secure  self-sovereign identities where the user has complete privacy over their details. Even without a decentralised currency being involved, if financial institutions and merchants used a self-sovereign identity system then the user would have no reason to lose access to their services.


With the ultimate goal of a self-sovereign, blockchain-secured identity, data theft as we know it would become a thing of the past. Whilst my experience was simply an inconvenience, there are many for whom the same thing happening would be far more disastrous; imagine someone urgently needing to pay for medical care, or trying to fill up a petrol tank at a service station, or trying to pay for a meal they’d just finished with their family. In many situations the inability to make payments can range from embarrassing to potentially life-threatening, and that is just one aspect of identity theft and data breaches. Hopefully soon, when Blockpass’ vision is realised, it will become no more than a memory.