We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Cyber Attack - personal data

Just been notified from a former employer that they experienced a cyber incident between Feb 2023 to Sept 2023.  The employer has only just notified me of this and I have been given access to a credit reference agency free of charge to check.  My concern is that this happened almost 2 years ago and the letter indicates that my personal data was stolen, I may have already had my identity stolen.  The employer is based in the US so I am unsure what I need to do to check whether my personal data has been used outside of the UK.  Any advice would be appreciated.

Comments

  • MattMattMattUK
    MattMattMattUK Posts: 11,705 Forumite
    10,000 Posts Fifth Anniversary Name Dropper
    Yvie_1 said:
    Just been notified from a former employer that they experienced a cyber incident between Feb 2023 to Sept 2023.  The employer has only just notified me of this and I have been given access to a credit reference agency free of charge to check.  My concern is that this happened almost 2 years ago and the letter indicates that my personal data was stolen, I may have already had my identity stolen.  The employer is based in the US so I am unsure what I need to do to check whether my personal data has been used outside of the UK.  Any advice would be appreciated.
    Keep an eye on your credit reports for anything that is not financial products that you have taken out, that is pretty much it. I would say that if it happened two years ago and nothing has happened yet then it almost certainly will not. Data used for financial fraud is almost always fresh. 
  • vacheron
    vacheron Posts: 2,369 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    edited 3 September at 1:45PM
    It is possible if you have just recieved this warning that your former employer may also have just realised or been made aware that the incident took place 2 years ago. 

    Does the letter say that you details "were stolen", or instead "may have been stolen / compromised", or something of that nature?

    It may have simply been that they have identified that hacker or other unauthorised person was simply able to access these files, they may have then just browsed them or passed them by.

    Not all data that a hacker or unauthorised person accesses is necessarily stolen, in the same way that if someone leaves a department store door unlocked overnight, someone may gain unauthorised entry, and look around while being captured on CCTV, but may have no intention of stealing, or simply may not see anything they wanted to take. 
    • The rich buy assets.
    • The poor only have expenses.
    • The middle class buy liabilities they think are assets.
  • ch3shirecat4
    ch3shirecat4 Posts: 71 Forumite
    Second Anniversary 10 Posts Name Dropper
    Yvie_1 said:
    Just been notified from a former employer that they experienced a cyber incident between Feb 2023 to Sept 2023.  The employer has only just notified me of this and I have been given access to a credit reference agency free of charge to check.  My concern is that this happened almost 2 years ago and the letter indicates that my personal data was stolen, I may have already had my identity stolen.  The employer is based in the US so I am unsure what I need to do to check whether my personal data has been used outside of the UK.  Any advice would be appreciated.
    That’s really rough, especially finding out so long after it happened. Good shout keeping an eye on your credit reports and freezing them if you can. Might also be worth checking with the ICO about what you can do since it involves a US company. If you want extra peace of mind, services like CloudGuard.ai can help detect and stop threats. Hope that helps. 
  • MEM62
    MEM62 Posts: 5,383 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    edited 17 October at 9:56AM
    If the data was compromised that long ago, if anyone was going to do anything nefarious with it you would have known about it by now.  
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.2K Banking & Borrowing
  • 253.6K Reduce Debt & Boost Income
  • 454.3K Spending & Discounts
  • 245.3K Work, Benefits & Business
  • 601K Mortgages, Homes & Bills
  • 177.5K Life & Family
  • 259.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.