I used PageUp from the other side of the fence a few years ago…for recruitment and managing candidate applications. It also appears that other data collected by PageUp may have also been compromised. This includes Bank Account Details, Tax File Numbers, superannuation details, home addresses and drivers licence numbers. Why PageUP needs this information is anyone’s guess and it may be data harvesting by the company.
Possibly information like names, addresses and mobile numbers by themselves are possibly not much of an issue (most of these are publicly available), but when other information like that listed above is also liked to these, it makes it easier for a person to create a false identity.
As a general rule, I never give anything they don’t need. If they say need a driver licence number or other details for security checks, in the past I have made direct contact with them to provide the information verbally over the phone…and indicating that I don’t want the information stored electronically. This could reduce the chances of the information being lost/hacked online.
I also check regularly and reconcile bank account transactions with those I have kept records. I also monitor all other usage such as phones etc. I also change passwords to important online services regularly (banks, email, phone, utilities etc)…one must have a password manager to do this as it would be impossible to change passwords regularly and remember them all.
We also have a friend who works in online security and something he never does is use his real birthday date when registering for an online service…unless it is required for for legal/legislative reasons (e.g. application for a bank account/credit card, passport etc). He instead uses a ‘phoney’ birthday date which he uses on any websites that require mandatory birthday date completion to register. He also refuses to give out any other personal information for website registration purposes (e.g. licence number, passport number etc) unless it is specifically required (e.g. international booking flights).
He also does not join any of the social media platforms (such as Facebook, Instagram, Linkedin) as his view is that it is highly likely they any personal information on these platforms will be compromised at some time either through hacking or internal employee data breaches.
He also says that no data is safe and has potential to be breached. Even the strongest security systems can be breached as the weakest link is humans managing the system.
He also takes the view that don’t put anything online which one would not feel comfortable in seeing on the front page of the paper. I have also adopted his principles.
Unfortunately many think of clouds (storing data on remote servers) as being as safe as storing on ones own hard drive. It may be for data recovery purposes, but not potentially for security.