A data breach at short-term lender Trusted Quid may have left up to 66,000 customers at greater risk of fraud.
Customer names, phone numbers, dates of birth, addresses, income information, loan information, employment information and bank account details are among the data stolen during the unauthorised access to Trusted Quid’s website.
We explain what personal information was stolen, and how you can protect yourself if you’re affected by a data breach.
How did the Trusted Quid data breach happen?
The stolen data was gleaned from loan applications made on the Trusted Quid website between 1 July 2016 and 17 February 2018. Applications made outside that timeframe are unaffected by the breach.
The firm says it’s made three attempts to contact all affected customers by email and text, and is vowing to support and reimburse victims of identity fraud in certain circumstances. It told Which? its systems have now been secured.
In a statement, Trusted Quid said: ‘We sincerely regret what has happened and are fully committed to supporting those affected.’
How can I protect myself from fraudsters?
If you’ve received a breach notification from Trusted Quid, or if you suspect you’re affected, there’s no need to panic.
You can call the firm’s fraud line (provided by third-party company CyberScout) on 0808 101 1022 between 8am-8pm Monday to Friday, to verify any message you’ve received and check whether your data has been compromised.
This helpline will also be available to assist if you subsequently become a victim of identity fraud. Trusted Quid has said it will issue refunds for ‘certain out-of-pocket expenses you may incur’, though at this stage it’s not clear what expenses will be eligible for reimbursement.
Suspected fraud cases should always be reported to police fraud and cybercrime reporting centre Action Fraud.
Trusted Quid says it’s working to ensure financial institutions are alerted to this incident. However, it’s worth notifying your bank directly if you fear your bank account details have been breached, so they can conduct additional monitoring.
- Find out more: my data has been lost, what are my rights?
How to protect yourself after a data breach
Fraudsters can use breached personal data to win your trust and con you out of further information or money.
Beware the following:
- Requests to move money: A genuine bank or organisation will never contact you unexpectedly to ask for your Pin, full password or to move money to another account. Requests of this nature are almost certainly bogus. If in doubt, end the conversation and contact the company directly on a trusted email address or phone number.
- Clicking on links/files: Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text.
- Reusing passwords: If you reuse the same or similar passwords across different sites, stop now. A breach of one password could lead to your other accounts being accessed. Make sure you set a unique password for every account you use.
- Unusual activity on your bank account or credit report: keep a close eye on your bank accounts, and report any unauthorised activity immediately. It’s also important to monitor your credit report with all three agencies – Call Credit, Experian and Equifax – to see if anyone is taking out credit in your name.
You can find out more about identity theft, and how to protect yourself in our guide: what is identify theft?