By collecting these credentials using zero-knowledge proofs, it doesn’t re-identify you. Because of that, the attack surface is much smaller. Even if attackers gain control of the system, they do not have sufficient information to retrieve this personal data.