Employee Records Are a Major Source of Identity Theft

20 June 2015

With all the information that companies collect on their employees, it makes sense that workplace records are one of the major sources of data exploited by identity thieves. According to Eva Del Rio of the Society for Human Resource Management (SHRM), it’s estimated that 30 to 60 percent of identity theft cases originate with workplace information.

A recent case in Victoria, B.C., demonstrates how easy it can be for fraudsters to get ahold of business documents containing personnel information. An employee of CTV News recently discovered that a sporting goods company called Sports Traders had tossed out six boxes full of files containing employees’ sensitive information into an open dumpster behind their facility. According to the CTV employee, Ross Butcher, the boxes were clearly visible and could have been stolen and used for identity theft.

“I looked into this dumpster and I could see these file folders, and you could clearly see people’s names on them. The boxes were plainly open, and you could see employee files in there,” Butcher told CTV News.

He ended up calling the police, who came to collect the boxes and are now investigating the situation. The police do not believe that any of the information was used for fraud, but are still crediting Butcher with avoiding “potentially significant identity theft and fraud.”

“We do not have any information right now that would lead us to believe that the public’s information is at risk, and our detective division is actively investigating,” reads a statement from the Victoria Police. “It is very likely that [the CTV] staff member did prevent further frauds and identity thefts, and we are grateful for their call.”

According to the store’s owner, Greg Penno, the boxes were thrown out due to human error and no one at the store knew there was employee information stored in them, although one of them was labelled “Employee Payroll.” He threw them out while cleaning the attic and assumed they belonged to the old owner of the store.

“I didn’t bother opening the boxes,” he told CTV News. “I just kind of assumed that that’s what they would be. There were quite a few of them up there, so I didn’t bother to actually open them.”

Local lawyers, meanwhile, are surprised by Penno’s cavalier reaction to the discovery of the documents. Lawyer Michael Mulligan says that if fraud had occurred as a result of the boxes being thrown out, Penno would have been liable.

This case demonstrates the importance of proper employee training and business practices to help protect workers’ valuable information. According to the SHRM, all paper documents containing employees’ information should be kept in “a locked cabinet inside a secure area”, rather than some cardboard boxes in an attic. Business owners should be aware of the risk of fraud posed by collecting employees’ information and be prepared to take steps to prevent it from being accessed by anyone outside of the business.

A credit monitoring service can help to alert you to certain activity that could indicate fraud on your credit file.