Death and cyber security
Izabella STUEFLOTTEN, MBA
Cyber Risk & GRC strategist @ Elasticito | GRC Ambassador of the Year Award 2024 | Cybersecurity & GRC advocate | Trusted by hundreds of customers in BeNeLux, DACH, Nordics, and Balkans | B2B
Today, 2 November, is the Day of the Dead, and that got me thinking about what happens to our online, digital lives when we die. Am I protected by GDPR (no) and does it matter if my accounts are there after I die (yes)? Digging in to the nitty gritty of death and cyber security I quickly found out that, apart from setting up MFA in the “live” world, we also should set up systems to protect our Apple, Google, Twitter, Facebook etc accounts after we leave the world of the living.
Why is it important to have this sorted? Because firstly, you otherwise cause unnecessary heartache for your loved ones, and secondly, your accounts could be hacked and used for nefarious purposes.
BeyondTrust and the Attorney General’s Office in California point out the attractiveness of an account of an individual who is recently deceased (and who cannot flag suspicious login activity from the grave):
“Sometimes delays in reporting can provide time for identity thieves to collect enough personal information to open credit accounts or take other fraudulent actions using the deceased's information.”
Can you imagine hackers actually target accounts of dead people, causing trouble and further heartache for your living relatives and friends? According to Death.io, another reason a hacker might hack a dead person’s social media account are that they get access to readymade friend’s lists, and to networks, pages, groups information and associated contacts. These are then sold as data sets to for example marketers, trolls / troll factories, scammers or influencers.
Anybody can become an influencer with thousands of followers, raising their popularity very quickly, using dead people’s data.
Troll factories use the deceased people’s accounts to – you guessed it – troll people online. This is largely what happens when dictatorships or other unfriendly states spread propaganda or disinformation.
Sadly, some hackers use dead peoples accounts to create fake dating profiles and scam unsuspecting people who fall in love online, and others are created to post nasty comments about the dead person or their family. Dead peoples’ accounts are also at risk of being taken over by spambots which are then often used for advertising.
So, what are you waiting for? Set up your inactive account manager on your social media accounts and notify your next of kin that you have done so and tell them that they should do so, too. Once deceased, the surviving family member will have to show a death certificate to the companies, and should also report the death to the credit agencies as there is otherwise risk of bank accounts, credit ratings etc being misused (should the government be delayed in their actions).
To find out more about how to manage your Social Media accounts after you’ve deceased (do this now, do not wait), go to the respective websites such as:
Twitter and Instagram do not seem to have any legacy contact or inactive account manager options (please leave a comment below if you know there is this option), but if your family member passes away, here’s where to go:
If you have any comments or suggestions, I would love to read them in the comments below.
Start-up consultant, career/life coach, lecturer. Write to: [email protected]. See: kpzglobal.com
2 年A very useful, thought-provoking post - thank you!