When we think of all the ways thieves can nab our personal information, we usually envision data breaches and hacking events, or large-scale attacks that unleash viruses and malware on our computers. But too often, the culprit is something far more ordinary, and doesn’t require Hollywood cyberthriller levels of tech know-how.

Identity theft goes all the way back to the old days of “dumpster diving” for your discarded mail, or outright stealing it straight out of your mailbox. Back then, thieves had to rely on the one-victim-at-a-time approach and use tactics like check washing to drain your checking account. And while identity theft has gone 21st century and turned into a global problem that can affect millions of people at once, the old methods are still in use; they don’t make news headlines as readily as a major retail data breach, simply because the pool of victims is much smaller.

One of the most overlooked places for identity theft to occur is right in your own workplace. You handed over almost every piece of sensitive data you had when you applied and were hired. You certainly had to provide your name, birthdate, and Social Security number, but depending on the type of job you have, you might have also supplied them with your marriage certificate, your fingerprints, and even a DNA sample. If your workplace relies on direct deposit to pay its employees, you even gave them your bank account number and routing number.

So that begs the questions, where is all that data now, and who can see it? Here are some important things to keep in mind in order to protect your identity from workplace theft:

  1. Guard your SSN – You had to provide your SSN when you were hired, but don’t make the mistake of putting it on your job application. It might sound like a red flag to refuse to turn it over during the selection process, but simply write in, “Will provide upon employment.” Potential employers may even appreciate an applicant who is savvy enough to protect his data and not just hand out information to anyone who asks.

When the time comes to supply it, make sure you’re not emailing your sensitive information. Besides the risk of that email falling into the wrong hands or sitting in an email inbox for anyone to find, you don’t look very responsible with your data, which could cause an employer to think you won’t be responsible with the company’s data.

  1. Password protect your tech – Again, depending on the type of job you do, you may be called upon to use a variety of technology. From desktop computers to tablets to a company-issued phone, it’s important that you password or passcode protect it. It will help keep any co-workers’ prying eyes out of your personal details, and it will also secure your company’s products if your hardware is lost or stolen.
  1. Watch that Wi-Fi – A lot of companies have come to understand that their employees have lives outside of work, and as such have transitioned to a computer policy that lets you use your work computer for personal use during your lunchtime or breaks, or lets you use the company’s Wi-Fi with your personal smartphone, tablet, or laptop. But don’t make the mistake of thinking that a corporate network means it’s secure.

Just like the warnings against logging into your bank account or other sensitive accounts at a coffee shop or mall, be aware that your company’s network might be just as unsecure as any other public Wi-Fi. Avoid logging into sensitive accounts if you don’t know what type of security is in place, and if you don’t know who’s able to see it.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.