2008 boasts more data breaches than ever...are you at risk?

Credit Fraud

According to the American Payroll Association’s recent “Getting Paid in America” survey, 88% of employees are confident that their companies are adequately protecting them from identity theft. But with 2008 boasting more data breaches across the board than ever before, is that confidence unfounded?

Chances are that a majority of people, who claim they think their companies are doing just fine, don’t actually realize the myriad of ways in which they could be exposed to identity theft. Don’t let ignorance leave you vulnerable.

What Information May Be at Risk

More of your personal information is available at your workplace than you might think. In fact, all someone might need to completely steal your identity and thrash your credit might easily be found at your place of employment. Take a moment and think through which of the items below are on file somewhere in your office.

1. Social Security Numbers. In order to be paid by your employer it is highly likely that you had to submit some sort of tax form that included your social security number. In fact, you may have even been asked to bring in your original social security card so it could be photocopied or scanned and kept on file. Whether these forms were submitted electronically or the old fashioned way doesn’t really matter. The hard reality is that your social security number is on file somewhere in your office (or the corporate office) and if the wrong person finds it, you are at risk.

2. Records of your wages or salary. People tend to be very private when it comes to being open about their earnings with other people. But despite what most people say or believe, the size of a person’s paycheck isn’t as confidential as you may think. And this probably isn’t information you want in the hands of an office snoop or a potential identity thief. Someone might decide you are a target worth ripping off based solely on the size of your income.

3. Bank account numbers. If you are enrolled in a direct deposit program through your employer that means your bank account number is on file somewhere in your human resources department. And if it’s on file, someone else can gain access to it through legal or illegal means. With access to your bank account, an identity thief can literally spend until you have absolutely nothing left. 

4. 401 K (or equivalent) information. Many companies offer employer sponsored retirement plans. Since the employer matches all or some of your own contribution, detailed information regarding your retirement account (what’s in it, how to access it, who your beneficiary is, etc…) is on file somewhere in your office. If this information fell into the wrong hands, your retirement could be pilfered in a matter of minutes without you even knowing it.  

5. Health insurance information. Medical identity theft is a huge problem, and countless cases are being reported every day. Identity thieves have been known to check into hospitals for major surgeries using the names, social security numbers and medical record numbers of other people. Many times the victim doesn’t even know about medical id theft until unpaid deductibles get sent to collections agencies.

6. Your home address. This might seem like an innocent piece of information, but really it’s all an identity thief would need to have your mail rerouted to another location so he or she could sort through it and steal your bank and credit card information. Within a matter of days an identity thief could go on a spending spree that leaves you penniless while you are simply wondering what happened to your mail.

All of this information is stored in electronic or hard copy form somewhere in your office. Some of this information even lies around the office where anyone can see it—employee pay stubs, interoffice mail, etc… In fact, your credit card number or driver’s license number might even be at risk if you ever run into a meeting or to the vending machine while leaving your purse stashed beneath your desk. Your office presents more identity theft risk than experts even fully realize. But who is it exactly that might be out to steal your information?

The Potential Culprits

1. A fellow employee. In most cases of workplace identity theft, the culprit is none other than an actual fellow employee. Some times these people use the information that they steal for their own gain. But in many cases they simply serve as the middleman (or woman) for an expert thief. Big time identity thieves have been known to approach employees of target companies and offer them relatively small sums of money to pass on sensitive and secure information. In some cases, the employees have access to the information and can easily begin stealing it and passing it along. But in other cases, they have to lie or sneak around to even get clearance to view the information. CEOs can certainly be fraudsters, but there’s a better chance that an identity thief would turn out to be the gal answering the phones.

2. A contract worker. Many offices have contracts with cleaning services or temp agencies that send workers into your office environment on a fairly regular basis. Since these people aren’t as well known in your office, they tend to go virtually undetected. Cleaning people, who may be in your office after hours, are more easily able to snoop in places they aren’t supposed to be. Or they have easy access to sensitive information that might not have been disposed of correctly. Temporary contract workers are also prone to move much more quickly as their access to the information might be limited.

3. A disgruntled former employee. If past employees were terminated in ways they deem unfair, they might have an ax to grind with the company. A data breach might target specific employees they thought were involved in their unfair dismissal, or (most likely) an attack would be more about retaliating against the company than it would be about hurting you. In some cases, keys aren’t returned and passwords or key codes aren’t changed immediately when employees are terminated leaving them with access to sensitive information that they really shouldn’t be able to see. In some cases, employees who know they are about to get fired go on stealing sprees just before it happens and they email sensitive files to their home email accounts so they can access them or do damage to the company once they are gone.

4. An outside hacker. A computer hacker who isn’t even involved with your company might randomly hack into your company’s system exposing all of your personal information. Although outside break ins aren’t as common as inside jobs, they do happen. And if your company isn’t properly protected from such threats, you could be at risk.   

How to Protect Yourself

Even though the risks are high, there are several things you can do to make sure you that are protecting yourself in areas where your company might (unknowingly) be leaving you vulnerable.

1. Talk to your Human Resources department. Your company might not be aware of all of their (and your) vulnerabilities to data breaches. Consider printing out this article and giving it (or emailing it) to someone in your company’s Human Resources department. Don’t be afraid to ask questions about what your company is currently doing to safeguard your information. And don’t be timid in expressing concern over areas where you think they might be failing completely. The squeaky wheel gets grease. If no one else is willing to step up to the plate, offer to take on some of the identity theft prevention responsibilities yourself.

2. Safeguard yourself with ID Secure. No matter how protected your office is, it will never leave you completely free from all identity theft risks. Purchasing a product like ID Secure might greatly increase your peace of mind as well as the level of protection guarding your identity. For just $1 for the first month, and just  $12.99 a month after that, a professional identity monitoring company will use advanced web crawling technology to search the internet and public records to make sure that your social security number, credit and ATM cards and other personal information isn’t being fraudulently used in any way. ID Secure makes sure your identity is being monitored 24 hours a day seven days a week helping to keep it safe. If fraudulent activity is suspected, you will be informed immediately. You can learn more by clicking here.

3. Use strong passwords. If your personal information is accessible by online accounts, or you access sensitive company information on your work computer, that information may be in danger of being compromised. So make sure you do your part to safeguard that information by using strong passwords. Really, you shouldn’t use passwords at all. Instead you should use pass phrases that consist of a mix of letters, numbers and symbols. This way, even if someone finds his or her way to your computer he or she will be greeted with nothing but a dead end.

The Federal Trade Commission reports that 10 million people fall victim to identity theft each year. Don’t be one of them. Do your part and protect yourself. Your identity may depend on it.