We’ve talked a lot about social engineering on Privacy Files. It’s commonly said that the human is the weakest link in data security.

In this episode, we talk about what you could call unintentional social engineering.
What if you had a story so compelling that employees of retail businesses would eagerly hand over personally identifiable information (PII) about strangers?

In this interview, we talk to someone who recently had his wallet stolen while at the local gym. While the story about the stolen wallet, the ensuing investigation and eventual recovery is interesting in and of itself, it’s not the most important lesson.
Shockingly, what we discover is how easy it can be to persuade employees to freely share personal information about others, especially when the mission appears to be a noble one.

But it leaves us wondering how many bad actors try this approach by concocting a story that sounds convincing.

It’s yet another lesson highlighting just how easy it is for your personal data to end up in the hands of someone with bad intentions.

This episode will also leave you rethinking just how much you really need to take with you in your wallet or purse when leaving home.

Overall, we hope this story encourages you to compartmentalize your online and offline life to limit your personal data trail and ultimately your exposure to data leaks and breaches.