Privacy Week: Sensitive information stored online can hurt you
Have you ever stopped to think about how much of your personal information is stored online?
You might be surprised to know that a considerable amount of your most sensitive information is has been filed away in the cloud by the companies and government departments you deal with your medical records, private conversations you've had with others, financial information, purchases you've made and more.
This kind of data is routinely accessed by cybercriminals. In fact, it's possible some of your sensitive data is available on the dark web right now.
It all comes down to what information you share with organisations and how they protect it. Do they take their role as guardian of your data seriously?
The sad reality is, we live in a country where many businesses don't. And even the companies that do take cyber security seriously can't guarantee your data will be safe from a cyber-attack.
As Privacy Week 2025 begins, it's a good reminder for you to be careful with the information you share, and who you share it with.
The truth is, in the modern world you often have no choice but to share personal information. You may be able to limit what you share on social media or the number of online accounts you sign up to, but it's a lot more difficult to control how organisations store your essential records like your medical data or financial information.
Privacy Week should really be less about individuals, and more about business leaders considering the data they hold and what they are doing to ensure it's protected.
The personal impact of a cyber breach
When personal data is leaked, depending how sensitive the information is, it can cause significant harm to victims. However, cybercriminals don't care about the damaged caused to individuals. For them, personal data is a valuable bargaining chip to force the companies they hack into paying an extortion demand.
In February this year Genea Fertility in Australia was breached with up to 700GB of data stolen and listed on the dark web.
It was reported that contact details, Medicare card numbers, medical histories, test results, and medications were compromised, although Genea is yet to confirm this.
Genea's silence has only deepened the anxiety, adding stress and turmoil to what is already a deeply personal and emotional fertility journey.
There are also growing international trends of cybercriminals blackmailing individuals. This can profoundly impact wellbeing and have harrowing consequences. Take the case of Swedish psychotherapy provider Vastaamo whose databases containing confidential mental health information were breached in 2020.
When the company refused to pay the ransom demand, the hacker emailed thousands of patients asking for 200 Euros and threatening to publicly share their personal details.
At least one suicide has been linked to the case, a devasting outcome of what can happen when private data is weaponised.
It's about the stick
So, what's going to get New Zealand businesses to take cyber security seriously? I think it's more about the stick than the carrot.
In 2016, company directors became personally liable for health and safety negligence. This prompted a significant rise in due diligence and New Zealanders were better protected at work.
Protecting personal data should be treated in the same regard as health and safety.
At the very least, we need to look at the fines the government can issue to businesses hit by cyber-attacks.
Currently in New Zealand, the maximum fine that can be issued is $10,000, and that's for not disclosing a data breach to the Privacy Commissioner. Compare that to Australia where their maximum fine for serious interference with privacy is $50 million.
That's an incentive that would really get business leaders to take their responsibility seriously.
What can individuals do?
New Zealand legislation won't change overnight, but we should continue to put pressure on organisations collecting data to uphold our privacy.
However, protecting yourself online can help you avoid, or better manage your affairs, if your personal or financial details are breached.
Here are four basic tips: Never save your credit card details
Sure, it's nice to have your credit card details saved into your browser, but it's not worth the risk. If your device or the shopping site is compromised, a hacker can easily steal your credentials and fraudulently charge your cards. Always use multi-factor authentication (MFA)
Having to get your phone out each time you log in to an important app or website to verify yourself is a hassle, but it's one of the best ways to lock hackers out.
It is easy to ignore device updates to your phone or computer, but you should install them as soon as they're available. Secure your most used apps.
There are a range of built-in privacy tools from WhatsApp, Facebook, and Google that allow you to review and tighten your security settings. Be sure to do this! You might be surprised how much information can be scraped from public profiles. Only share what you need to.
Limit what information you share online, whether that be on social media or through surveys, online forms, competitions or other mechanisms companies use to collect personal data. Only share what is necessary.
My parting advice is to remember your private data is valuable, especially to cybercriminals.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Scoop
15-05-2025
- Scoop
Privacy Week 2025: Public Concern About Privacy Remains High
Press Release – Office of the Privacy Commissioner Privacy Commissioner Michael Webster says public concern about privacy remains high, with particular unease around childrens privacy, social media use, and AI decision-making. The annual privacy survey of New Zealanders was released today during Privacy Week 2025. Privacy Commissioner Michael Webster says public concern about privacy remains high, with particular unease around children's privacy, social media use, and AI decision-making. 'More people are worried about the impact of technology on their privacy and are questioning what their personal information is being used for and why.' The impact of technology is reflected in people's privacy concerns: – 67% of respondents are concerned about the privacy of children, including when using social media – 63% are concerned about the management of personal information by social media companies – 62% are concerned about government agencies or businesses using AI in decision-making. 'New Zealanders are great adopters of technology, but this survey suggests that we're increasing becoming aware there's also a price to pay through the loss of control over our personal information and we're increasing worried about the implications of that.' Nearly half of respondents say they've become more concerned about issues of individual privacy and personal information over the past few years. Two thirds of respondents now say protecting their personal information is a major concern in their lives. Over 80% said they wanted more control and choice over the collection and use of their personal information. The level of concern also means many New Zealanders are willing to consider taking action if they think their right to privacy is not being protected and of respondents said they would consider changing service providers – such as businesses – due to poor privacy practices. Privacy Week runs from 12-16 May and we're running a series of webinars on a wide range of topics.
Scoop
14-05-2025
- Scoop
Privacy Week 2025: Public Concern About Privacy Remains High
The annual privacy survey of New Zealanders was released today during Privacy Week 2025. Privacy Commissioner Michael Webster says public concern about privacy remains high, with particular unease around children's privacy, social media use, and AI decision-making. "More people are worried about the impact of technology on their privacy and are questioning what their personal information is being used for and why." The impact of technology is reflected in people's privacy concerns: - 67% of respondents are concerned about the privacy of children, including when using social media - 63% are concerned about the management of personal information by social media companies - 62% are concerned about government agencies or businesses using AI in decision-making. "New Zealanders are great adopters of technology, but this survey suggests that we're increasing becoming aware there's also a price to pay through the loss of control over our personal information and we're increasing worried about the implications of that." Nearly half of respondents say they've become more concerned about issues of individual privacy and personal information over the past few years. Two thirds of respondents now say protecting their personal information is a major concern in their lives. Over 80% said they wanted more control and choice over the collection and use of their personal information. The level of concern also means many New Zealanders are willing to consider taking action if they think their right to privacy is not being protected and of respondents said they would consider changing service providers - such as businesses - due to poor privacy practices. Privacy Week runs from 12-16 May and we're running a series of webinars on a wide range of topics.
Techday NZ
11-05-2025
- Techday NZ
Privacy Week: Sensitive information stored online can hurt you
Have you ever stopped to think about how much of your personal information is stored online? You might be surprised to know that a considerable amount of your most sensitive information is has been filed away in the cloud by the companies and government departments you deal with your medical records, private conversations you've had with others, financial information, purchases you've made and more. This kind of data is routinely accessed by cybercriminals. In fact, it's possible some of your sensitive data is available on the dark web right now. It all comes down to what information you share with organisations and how they protect it. Do they take their role as guardian of your data seriously? The sad reality is, we live in a country where many businesses don't. And even the companies that do take cyber security seriously can't guarantee your data will be safe from a cyber-attack. As Privacy Week 2025 begins, it's a good reminder for you to be careful with the information you share, and who you share it with. The truth is, in the modern world you often have no choice but to share personal information. You may be able to limit what you share on social media or the number of online accounts you sign up to, but it's a lot more difficult to control how organisations store your essential records like your medical data or financial information. Privacy Week should really be less about individuals, and more about business leaders considering the data they hold and what they are doing to ensure it's protected. The personal impact of a cyber breach When personal data is leaked, depending how sensitive the information is, it can cause significant harm to victims. However, cybercriminals don't care about the damaged caused to individuals. For them, personal data is a valuable bargaining chip to force the companies they hack into paying an extortion demand. In February this year Genea Fertility in Australia was breached with up to 700GB of data stolen and listed on the dark web. It was reported that contact details, Medicare card numbers, medical histories, test results, and medications were compromised, although Genea is yet to confirm this. Genea's silence has only deepened the anxiety, adding stress and turmoil to what is already a deeply personal and emotional fertility journey. There are also growing international trends of cybercriminals blackmailing individuals. This can profoundly impact wellbeing and have harrowing consequences. Take the case of Swedish psychotherapy provider Vastaamo whose databases containing confidential mental health information were breached in 2020. When the company refused to pay the ransom demand, the hacker emailed thousands of patients asking for 200 Euros and threatening to publicly share their personal details. At least one suicide has been linked to the case, a devasting outcome of what can happen when private data is weaponised. It's about the stick So, what's going to get New Zealand businesses to take cyber security seriously? I think it's more about the stick than the carrot. In 2016, company directors became personally liable for health and safety negligence. This prompted a significant rise in due diligence and New Zealanders were better protected at work. Protecting personal data should be treated in the same regard as health and safety. At the very least, we need to look at the fines the government can issue to businesses hit by cyber-attacks. Currently in New Zealand, the maximum fine that can be issued is $10,000, and that's for not disclosing a data breach to the Privacy Commissioner. Compare that to Australia where their maximum fine for serious interference with privacy is $50 million. That's an incentive that would really get business leaders to take their responsibility seriously. What can individuals do? New Zealand legislation won't change overnight, but we should continue to put pressure on organisations collecting data to uphold our privacy. However, protecting yourself online can help you avoid, or better manage your affairs, if your personal or financial details are breached. Here are four basic tips: Never save your credit card details Sure, it's nice to have your credit card details saved into your browser, but it's not worth the risk. If your device or the shopping site is compromised, a hacker can easily steal your credentials and fraudulently charge your cards. Always use multi-factor authentication (MFA) Having to get your phone out each time you log in to an important app or website to verify yourself is a hassle, but it's one of the best ways to lock hackers out. It is easy to ignore device updates to your phone or computer, but you should install them as soon as they're available. Secure your most used apps. There are a range of built-in privacy tools from WhatsApp, Facebook, and Google that allow you to review and tighten your security settings. Be sure to do this! You might be surprised how much information can be scraped from public profiles. Only share what you need to. Limit what information you share online, whether that be on social media or through surveys, online forms, competitions or other mechanisms companies use to collect personal data. Only share what is necessary. My parting advice is to remember your private data is valuable, especially to cybercriminals.
