The built-in Polish Social Security Number (PESEL) data identifier allows false positives for strings that are not valid PESEL numbers.
To resolve this, we recommend that you create a new custom data identifier (DI) to use in conjunction with a custom policy.
Now, let's create the custom policy to detect PESEL numbers.
\d{2}(0[1-9]|1[0-2]|2[1-9]|3[0-2])(0[1-9]|[1-2][0-9]|3[0-1])\d{5}
At this point, you have a policy that will correctly detect PESEL numbers while excluding invalid numbers. You can edit this policy to add other rules, exclusions, and response rules as needed.
PESEL numbers are in YYMMDDXXXXX format, however, the month is adjusted based on what year people were born. People born from 1900-1999 has no adjustment, 2000-2099 is the month +20, 2100-2199 is +40, 2200-2299 is +60. For example, if someone was born December 16, 2016, their PESEL would be 163216XXXXX.
Customers have found the stock DI will allow numbers through that have 00 (not possible) for the month or the day.
Due to earlier versions of the PESEL, it is best practice to include this custom DI as an OR statement in the same policy with the DI version included in the DLP release.