Why Background Checks Matter More Than You Think

When Background Checks Fail, Everyone Pays

A government contractor recently hired twin brothers for IT positions with access to protected systems. One year later, both were indicted for aggravated identity theft, wire fraud, and unauthorized computer access. This wasn't a sophisticated hack. This was a preventable hiring failure that put sensitive data at risk.

The Details: What Went Wrong

The contractor gave these employees access to sensitive systems without catching their criminal backgrounds during screening. For an entire year, they had the keys to protected information. The indictments reveal charges of identity theft and wire fraud, suggesting they may have misused their access.

This case highlights a critical vulnerability. Organizations handling sensitive data must verify who they're trusting with access. When background checks fail or get skipped entirely, criminals can walk right through the front door.

The scary part? If a government contractor with compliance requirements can miss this, smaller organizations without dedicated HR teams face even greater risk. Many small businesses rely on basic reference checks or skip formal screening altogether.

Who Is Affected

This matters most for small business owners. Your employees have access to customer data, financial records, and business secrets. Your IT person can see emails, banking credentials, and proprietary information. Your bookkeeper handles payroll with social security numbers and bank accounts.

Families should also pay attention. The businesses you trust with personal information (your dentist, your accountant, your child's school) may not be properly screening their staff. When these organizations fail at hiring security, your data becomes vulnerable.

What You Should Do Right Now

1. Ask your doctor, dentist, and accountant about their hiring practices. You have every right to know if they conduct background checks on staff who handle your records.

The Bigger Picture: Insider Threats Are Growing

Cybersecurity often focuses on external hackers, but insider threats are equally dangerous. Sometimes insiders are malicious from day one. Other times, trusted employees make mistakes or get compromised. Either way, organizations must verify trust before granting access. As more businesses digitize operations, screening processes become critical infrastructure, not optional paperwork.

How GetCyberRight Can Help

Our Identity Theft Protection Checklist provides comprehensive guidance on protecting sensitive data access within your organization. It includes screening best practices, access control guidelines, and steps to take if you suspect insider threats. Whether you're a small business owner or simply want to understand how organizations should protect your data, this checklist gives you the framework to ask the right questions and implement stronger protections.