Company storing SSNs in plaintext in MSQL database

Hi everyone, thanks for taking the time to read.

I joined a small software company that sells CRM/Accounting software in early 2022 as a software developer and it recently came to my attention that in our client databases, we hold the SSNs of employees in plaintext.

I asked the senior engineer about it, and he said that the encryption on the MSQL server was sufficient and that I shouldn’t worry. I didn’t agree, voiced my concerns but nothing came of …

accounting accounting software attention client crm cybersecurity database databases developer employees engineer joined plaintext software software developer