(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for January 2023

The Road To PII Hell Is Lined With Job Applications

Due to unfortunate circumstances, I found myself in the position of looking for work after twelve years in one place. As I have been applying for new positions, I have been astonished and appalled at the amount of very personal information that companies are now collecting from prospective applicants. Gone are the days of simple applications where you fill out details about your location, work history, and education. Now, companies are asking the deeper personal questions about your sex, sexuality, status as protected persons, veteran status, veteran status as a protected vet, and other data points that should have us all kinda perturbed.

This story was in my Masto feed this morning and clearly to me, is a harbinger of things to come. While people may openly proclaim their sexuality now, with pronouns and the like, not all of them I am sure, would be overly comfortable with a scenario like the one above happening to them. Now, consider it is not only the university you are attending, but also the companies that you applied for in the past as well as the one perhaps you got your job with, that have this data in some database and they get hacked and all this stuff is up for sale in the darknet as well?

If you all thought that your data was in disparate places and could not be married together easily, well, those days are over, and with the successive hacks and dumps being sold in the darknet and on forums, a savvy collector could create quiete a dossier on you with all this kind of personal information. Never mind, that the government of late, seems to be in a space where, at least in the US, certain factions have gained a foothold, and are setting up agenda’s to abuse your data as well.

Case in point, Florida…

Florida’s mini Trump wants all the Trans Data for unclear reasons, but, I think you all can get a sense of what he might be up to with his rhetoric in the past and his dark ambissions of a White House run maybe in 24. What is clear though, should be that seeking such data is likely going to lead to abuse of it either deliberately, or by being careless in caring for it and you all should be afraid. By all, I mean anyone and everyone, not just trans people, this kind of data being collected, just as I mentioned above in the applications process today, is basically a single stop shop for someone looking to know about you pretty completely in one handy data dump.

Your email address

Your phone numbers

Your address

Your work history

Your certifications and education

…and now

Your sexual preferences

Your pronouns

Your protected status

Your vet status

Your major ailments (I have even seen them asking if you have IBS etc)

Your Instagram address

Your blog addresses

Your twitter address

Your LinkedIN address

Hell, I even got asked on one of the applications (well, technically, it was an email after, separately with a form to fill out) asking about my religious affiliation as well! (This was a remote job, but the firm was in Northern Ireland)

Quite the collection of data just to get a job these days….

All of this data, being handed to every company that you apply for, specifically, online in a form that is saved on a server database somewhere, that likely will not be purged or encypted.

It all waits to be stolen.

Of course, this is just my considered opinion, just a security practitioner off the street so to speak..

Be afraid.


Written by Krypt3ia

2023/01/20 at 16:54