rot-717018 (7/28/2014)

---

Jeff Moden (7/28/2014)

---

I totally disagree as written above especially when it comes to private information such a Social Security Numbers. It [font="Arial Black"]MUST [/font]be proven if it exists and action must be taken. I consider it to be one of those unwritten laws that is the responsibility of every IT worker.

I had a training 10ish years ago about money laundry. After a while I wondered why I was sitting there; I had no contact with customers nor with Financial institutes, so what? "Except that you are one of the first persons who can see strange behaviours in the data! These need to be reported immediately to your compliance officer" was the answer.

The same applies to security and you may be held for responsible if you do not report it. Now it's up to the management to decide what to do ...