Episode 44: Personally Identifiable Information (PII)


We’ve talked a lot about social engineering on Privacy Files. It’s commonly said that the human is the weakest link in data security.

In this episode, we talk about what you could call unintentional social engineering.
What if you had a story so compelling that employees of retail businesses would eagerly hand over personally identifiable information (PII) about strangers?

In this interview, we talk to someone who recently had his wallet stolen while at the local gym. While the story about the stolen wallet, the ensuing investigation and eventual recovery is interesting in and of itself, it’s not the most important lesson.
Shockingly, what we discover is how easy it can be to persuade employees to freely share personal information about others, especially when the mission appears to be a noble one.

But it leaves us wondering how many bad actors try this approach by concocting a story that sounds convincing.

It’s yet another lesson highlighting just how easy it is for your personal data to end up in the hands of someone with bad intentions.

This episode will also leave you rethinking just how much you really need to take with you in your wallet or purse when leaving home.

Overall, we hope this story encourages you to compartmentalize your online and offline life to limit your personal data trail and ultimately your exposure to data leaks and breaches.

Related Episodes

Episode 46: Privacy as a Business Model

Episode 46: Privacy as a Business Model

Privacy is a hot topic. There are headline news stories about data privacy concerns, laws and breaches appearing virtually every single day. Polls show that the public worries about protecting personal data. However, people often don't know where to start. Yes, there...

Episode 45: Confessions of a Former Intelligence Officer

Episode 45: Confessions of a Former Intelligence Officer

There has been a giant spotlight shining on cybersecurity at Las Vegas casinos. Recently a hacking group pretended to be an IT support employee with Caesars Entertainment, Inc. and gained access to the company's computer systems. Hackers made off with Social Security...