It's mind boggling that after years of hearing and reading about identity theft, it's all too easy to let it happen. I have several friends and many, many acquaintances who are in transition -- that is, unemployed and looking for work. Most of them are in IT. Gone are the days when you sent a cover letter and resume by snail mail. Today you go online. Sites such as www.dice.com send you daily job leads. Some of those direct you to recruiters; others direct you to the web sites of large organizations such as Citibank. Recruiters are efficient because they just want the resume so they can forward it to hiring managers. Corporations and other large organizations such as hospitals have long, complicated online forms which require you to reinvent the wheel each time.
That's bad enough, but I was surprised to learn that some of these web sites require the job applicant to put his entire Social Security number and date of birth. Unless someone works in network security in that organization, there is no way to gauge its vulnerability to intrusion.
As I mentioned in an earlier post, The Great Pretenders, all you need to steal someone's identity is the name, Social Security number, date of birth and current address. All of the above are on those online job applications, which go to Human Resources. If the organization is also a health care provider and the security is outdated and/or weak, there is more opportunity for identity theft from hacking into medical records. Oops! Someone forgot about security or the powers that be did not want to spend the money on upgrades.
Part of the problem is that these online applications were written and authorized by individuals who were trying to make things easy for themselves. It's understandable, but they really need to talk the network security people in IT. There are ways to prevent identity theft, but once it happens, it's a nightmare for the victim. A quick fix by the company is all that's needed: remove the part that requires the Social Security number. It's that simple.
That's scary. Thanks for bringing that to our attention.
ReplyDelete