Lol same here. Some for ecomm, but the most egregious was underwriting PPP loans. There was a database none of us could access after the loans were underwritten and sent to processing. But most of those documents came in thru the portal and we had to download that package and combine it with anything we got in email… Tax forms, IDs, and all the most sensitive personal info as a lot of businesses that applied were sole proprietors. All those documents say on my local HDD and I catalogued them in case they were needed again.
None of that was handled securely, it was on my home network with no VPN, and after the project was over very suddenly I sat on that laptop for 6 months until they sent a return label. I was a good worker but it was a mass hire and not a lot of vetting that happened.
Lol same here. Some for ecomm, but the most egregious was underwriting PPP loans. There was a database none of us could access after the loans were underwritten and sent to processing. But most of those documents came in thru the portal and we had to download that package and combine it with anything we got in email… Tax forms, IDs, and all the most sensitive personal info as a lot of businesses that applied were sole proprietors. All those documents say on my local HDD and I catalogued them in case they were needed again.
None of that was handled securely, it was on my home network with no VPN, and after the project was over very suddenly I sat on that laptop for 6 months until they sent a return label. I was a good worker but it was a mass hire and not a lot of vetting that happened.