Information about a data leak from the Good Finance database for several days was number one in the media. Many Poles were afraid that when a criminal gains possession of their data, he could easily take a loan in their name.
Is there really such a threat? What did the alleged leak from the Good Finance database really look like?
Security of personal data in the Good Finance database and the alleged data leakage
It is worth starting with the fact that no leakage from the Good Finance database occurred and data security was not at risk. Contrary to appearances, hacking into this system is not easy.
The Good Finance register stores the most important and best kept personal data, such as name, surname, date, and place of birth, ID number, address and finally the Good Finance number. Only selected entities have access to this data, including courts, prosecutor’s office, police, and court bailiffs.
Recently, the number of inquiries directed to the Good Finance database increased, in addition, they were submitted at night. This drew the attention of specialists. However, no leakage took place. It turned out that the reason for all the confusion was large bailiffs’ offices, collecting information on debtors.
This time the alarm turned out to be false. However, is personal data in the Good Finance database safe? Can they be taken over by the hacker? It turns out that the probability of committing such a crime is negligible. Computers with the Good Finance database are not connected to the Internet. They work on dedicated connections. The computer through which the authorized entity downloads data also has no right to be connected to the network. So even the best-trained group of hackers can’t get to the base.
Let’s assume, however, that you want to trace whether recently no one has downloaded information about you. You have the right to do this.
Twice a year you can check who has applied for your data and for what purpose. To do this, you must submit an application to the Ministry of Digitization. You can also contact the Credit Information Bureau and check if someone took a Good Finance loan or loan in your name.
Security of personal data and the possibility of taking a loan for Good Finance
The criminal does not have to perform breakneck stunts by hacking the Good Finance database to steal information about us. It can come into possession of personal data in a simpler way, for example by capturing a scan of an ID. Suppose someone has taken over your data. Should you start to worry that an unauthorized person will take a loan in your name? It turns out that phishing a Good Finance loan is not easy. That the cash goes to the right person is also in her interest, as is the security of clients’ personal data.
The first method to verify the identity of the person taking out the loan is to transfer the registration fee (the amount of such fee is symbolic). This fee must be paid via a transfer from an account you own. If the name of the transfer sender differs from the name of the person applying for the loan, registration will be rejected. Thus, even a person who has your data but without access to your account will not be able to take a loan in your name.
Another method of verifying the identity of people taking out loans is confirming the data using the INSTANTOR system. In this case, there is no need to make a transfer with a registration fee. Thanks to this system, your data will be verified much faster and you will receive money instantly.
It is also worth being prepared for the fact that during the completion of formalities the loan company will ask you to present a certificate confirming receipt of income. This can be, for example, the GFIC print, a statement of earnings or a bank statement from the last three months. Such documents will not be able to be presented by a third party, even if it acquires all of your personal data.
Phishing a Good Finance loan is not a simple matter. The security of personal data is protected by appropriate security features of the Good Finance database, and a good loan company additionally checks whether the person lending money is surely the owner of the personal data provided.