Re: Thought exercise
The main problem you have with this kind of thing is that if you can compromise the app you can access an data/systems the app can access. If the app needs to show you your details, it needs access to them.
One option is to encrypt at rest, but then you have the key management problem - the app needs access to the key, so an attacker that compromises the app can get the key.
You can (partially) solve this using a HSM - the encryption key is itself encrypted using a HSM. When the app needs the key it passes the encrypted key to the HSM and asks it to decrypt it. There are still issues with this (performance vs security, eg do you use a single key, one per user etc). However it means at the very least the attacker either needs to extract the key as well as the DB, or individually exfil every record. If you have a blue team the idea is they spot this behaviour before too much damage is done. If you don’t, the you(r customers) are boned either way.
Neither HSMs nor blue teams are particularly cheap. Guess what businesses value most when asked to choose between definitely spending a wad of cash to protect someone else’s data, or pocketing larger dividends with a risk they *might* get popped?...