The Dynamic Duo: Data Breaches And Employers

James Keenan
Automation and Anonymity Evangelist   Smartproxy

Before you fill out your next employment form, look at it and assess how much of your personal information you are handing over. Your full name, where you studied in college, your home address – this is just a snippet of the information employers request from us.  You always hear tips about staying private on social media; however, what about privacy at work? May 2021 data shows that an average American spends 34.9 hours a week at work, and constantly interacts with their colleagues and superiors. Think about all of the information an employee discloses during this period and how many of these conversations could have possibly been recorded.

If you still think data breaches are exclusive to social media networks, think again. Palo Alto Networks reported that a “third-party vendor leaked the personal details of seven current and former employees”.  Facebook suffered the loss of payroll details for 20,000 employees in a car smash-and-grab, a burglary which saw the theft of unencrypted hard drives.

In this article, we’ll be explaining why your employer may be the most significant threat to your personal information.

Why Are Employers an Even Bigger Risk than Social Media Sites?

We don’t want to belabor the point here, but your workplace knows almost everything about you, while you probably know surprisingly very little about how they handle your information. Corporations, such as Facebook disclose how they protect their users’ data. Do you know how your data is protected by your employer?

When you consider the fact that major companies like Facebook suffer data breaches, despite their increased security budget, it isn’t a stretch that your firm could be compromised. Comparatively, it has fewer resources in terms of capital and manpower, making it an easy mark for experienced hackers.

Here’s something else to consider: if your workplace suffers a data breach, it would be even more damaging than if it happened on a social media site.

When a malicious actor targets a social media site, they are usually just trying to embarrass the company and sell any personal information they find. However, when they specifically target one company out of the thousands of others in the same industry, it is an even greater cause for concern.

If, for example, your pharmaceutical company suffered a breach, it most likely means that the cybercriminal has an interest in what your company sells or an interest in specific staff members. Can you see how much worse a data breach at a workplace would be compared to a social media site?

What is at Stake with your data and employers?

The natural question is this: should a breach happen, what information would be disclosed?

While bad actors have their own motivations in targeting specific companies, it’s safe to say that once there’s been a breach, all of your information is at risk. This includes everything your employer knows about you, from official documents you have filled out to anything else about you that has been digitized, such as your annual performance reports. If this information is made public, would it damage your reputation? Would it put your safety at risk? These are all necessary questions you need to ask yourself before you fill out another line on a work-issued form.

What Can You Do to Protect Yourself?

1. Demand that your employers take better care of your data. Question the status quo. You do not have to sit back and let your employers use your data however they wish. Of course, we are not asking you to incite a riot at your workplace. We are, however, telling you that you need to call out risky behavior when you see it. For example, if you hear about your superiors not using necessary encryption software because “No one would try to break into their systems”, you need to address it.

2. Be careful about what information you give them in the first place. Not everything that’s printed in black and white is compulsory. Be clear on what information is necessary and what is good to have. Your privacy is in your hands, so it’s up to you to go the extra mile.

3. Find out how your data is being protected. This might seem excessive, but it never hurts to know more about how the business runs itself. You don’t need to launch a full-scale investigation here. A breakroom discussion with the IT guy should tell you everything you need to know about how security is dealt with.

Remember, this is your data. You have every right to make sure it’s safeguarded and used as you intended. 

James Keenan

Tags: , , , , ,