There’s been a lot of talk about privacy, financial security, and Social Security numbers lately–and with good reason.
Though it was by no means the first of such breaches, the massive data leak at Equifax over the summer shoved the worsening issue of identity theft and cyber crime into the spotlight. Many Americans who previously felt secure in the belief they had control over their personal information found in the blink of an eye, they, too, could become another identity for sale on the dark web.
But as we examine how identity thieves obtain and abuse your information, the spotlight stretches far past just hackers breaking into sensitive databases. We’re also paying more attention to the social engineers who can extract the same information from a victim using only a cleverly disguised email, pop-up, or convincing story over the phone.
Both kinds of thieves rely heavily on a culture where sensitive data, like Social Security numbers, are handed back and forth constantly. So much of what we do in our everyday lives involves businesses and agencies asking us to provide our SSNs for verification–it’s such a common occurrence, many of us probably don’t question it. A company asks, we give, and then we receive service.
But the more we give this data out, the higher the risk. The more offices it’s on file. The more databases it’s saved in. The more hard copies of it are floating around. And the more opportunities a thief has to steal it.
Now, more than ever, it’s important that we understand when it is and isn’t necessary to provide our SSNs, who has the lawful right to ask for them, and why an organization would even need it in the first place.
And perhaps most importantly, that we don’t always need to hand those numbers over every single time we’re asked.