I read Where can I set environment variables that crontab will use? about how to set ENV variables for my scripts running by cron.

The most obvious and working solution is to put variables on top of crontab schedule file like this:

MYVAR=something
* * * * * /somescript.sh

This seems to be fine until I want my script to use sensitive values like login/password to login to, e.g. a database to make a dump.

How do I keep this data safe and still being able to send it to my scripts that are ran by cron?

I see this questions is related to the scripts and password/account management in general, which is kind of open topic still and to my knowledge there is no "simple" way to solve this. Just storing the credentials in a separate file that you would load then through the script. Limiting the credentials access to that file (i.e. root only). If the service you trying to access already has some kind of load system in place, like ~/.mysqlrc, you could make use of that directly to access the service.

More info can be found here: https://unix.stackexchange.com/questions/212329/hiding-password-in-shell-scripts