As someone who’s knows some stuff about computers, shouldn’t the SSN be encrypted just like a password? Just like a password is never stored in plaintext, shouldn’t something similar be applicable for SSN when being stored? If so, when a data breach occurs, the SSN should not be available right?
In: 0
At some level somebody has to have access to the key to decrypt the SSN. If you can get access to the key, you can get access to the data. If somebody breaches your entire system they’ll have access to all the keys and the data.
Sometimes even if an attacker doesn’t have the keys, the encryption is so poor that an attacker can break it (happens more than you think).
And sometimes eventhough you think an organization would have your data encrypted, they don’t. This is why you need to be careful about who you give your data to.
Latest Answers