My SIN is 545-871-007.
Well, not really. But I might as well tell you my real Social Insurance Number, my birthdate, my home address and the tab I owe the government for three postsecondary degrees. Someone out there can easily access this information anyway.
You see, I was one of the nearly 600,000 unfortunate Canadians whose personal data – stored on a portable drive – was lost by Human Resources and Skills Development Canada late last year. Old news to you? Well, it’s still news to me because I just got a letter from the government last week, letting me know I was among the lucky lot.
In case this is news to you, let me bring you up to speed.
HRSDC came forward last month, admitting a portable hard drive containing the above personal information of individuals who took student loans from 2000-06 had been misplaced in November. Supposedly, there has been no evidence of fraud … yet.
(Let’s face it though – it’s possible some phony ‘Adela Talbot’ is opening bank accounts overseas as I type this.)
My immediate thoughts upon hearing the news, even though I’ll admit to then reserving some naïve hope of my information being safe, was – who in the world would think to store this kind of information on a USB stick or external drive? This was the second such incident HRSDC had encountered in a month.
Canada’s assistant privacy commissioner, Chantal Bernier, has called the loss of so much personal data “unprecedented.”
“This is one of the biggest breaches we’ve ever seen,” she told the CBC last month.
Personal information – mine and yours – is regularly handled by government officials one would hope are mindful, or at least trained to treat sensitive information with more care. Guess not.
Even I knew better back in 2004, when I was in university, writing essays I would back up by emailing them to myself, knowing my computer could crash and a USB stick could easily be lost.
This wasn’t even sensitive data; I just didn’t want to lose my work.
Today, I keep everything from tax returns to personal notes in my email, accessible only by me and protected by a 12-character bizarre password only I would know.
Gone are the days of the address book and photo album, even, with most of us storing photos, phone numbers and the like in ‘the Cloud.’ Naturally, to me, this begs the question – why is my personal data still sitting on some external drive?
In retrospect, I suppose it was foolish to assume my information could forever stay safe. There’s no privacy in today’s day and age, really. Technology isn’t infallible and employees aren’t without fault. Just recently, someone close to me related how a co-worker had taken home a business laptop containing employees’ personal data, one that was soon after stolen, leading to a pain-in-the-rear-end process of ensuring the security of employee identities.
Law firms across the country have launched multi-million-dollar class action lawsuits on behalf of individuals affected by this government snafu. Current and former students everywhere are voicing concerns of possible identity theft, and those affected have been urged to get credit checks. I’ve requested mine.
All this goes beyond being mildly disconcerting, if you ask me. I just know it will, for the foreseeable future, become not only an inconvenience, but also a pain in my rear end, leaving me to monitor my accounts, personal information and credit file.
To somehow compensate for the screw-up, HRSDC is offering a form of credit protection for those of us affected, having purchased a customized package from Equifax Canada, calling it a “unique solution tailored specifically to this incident.” For the next six years, Equifax will safeguard affected credit files with notes and alert memos saying personal information may have been compromised.
As if any such measure will make this any less of a problem. What this means is, the next time I try to open up an account of any kind, or sign a new cell phone contract, the process will be that much longer and that much more difficult. Companies will be requesting all sorts of information from me, asking for it by calling me on my landline at home, likely during business hours, to confirm that yes, it is in fact me who wants to upgrade my iPhone plan.
Oh, how I look forward to it.
I should mention another snafu related to this incident, too. In an attempt to inform those of us affected by this copious loss of data, the government sent out letters. It screwed up yet again, mistakenly sending notifications to supposedly less than 100 individuals who were not affected.
Sadly, I’m not one of these (un)lucky ones.