Registered: Aug 2000
Location: b0ulder
Posts: 5128

Late last year, I read an article which opened my eyes regarding identity theft. It's one of those things I perked up to during newscasts, but never really thought about. It was entertaining to learn some of the elaborate ways one might steal an identity. Several years ago a news report explained how a thief had figured out the mailman's schedule in the victim's neighborhood and waited for their mail to be delivered before he rifled through it, looking for credit cards ordered in the victim's name, and replaced the rest so as not to arouse suspicion. This and other cunning methods for thefts have been exposed over time. What's more interesting these days is huge numbers of identities stolen in one effort.

The amount of large volume theft announcements this year alone is staggering. It pretty much goes without saying that if you've ever had credit you're information has likely fallen into crimal hands. Whether it's been used innapropriately is not likely, but not impossible. Regardless of whether or not your identity has been stolen, the companies that are allowing these breaches are insanely powerful. Datamining firms, banks, credit card processors and HR/payroll companies have all been compromised. Not to mention several colleges and universities. In most of these cases you have never intentionally shared your information with the target companies. Who's ever signed up for a credit card from LexisNexis or ChoicePoint? Your spending habits, mother's maiden name, social security number and other information has been gathered over time by these companies attempting to profile you as a consumer, so they can later sell the information for credit checks and future employers.

ChoicePoint and CardSystems seem to be the biggest news makers in the frey. ChoicePoint, because it willingly sold credit information without verifying the identities of the customers who were buying. And CardSystems for the sheer number of affected card holders, over 40 million. Not only that, but CardSystems wasn't supposed to be holding the data in the first place.

An immediate solution to this might be for citizens of the US to stop using credit, but this is obviously not a viable option in America's debt based society. Another option is to have large service companies hold client companies to some form of security standards. Regulation is yet another form of prevention however bloated, expensive and slow that might be. At this point, the level of compromises, hacking, insider attacks and other mischief has got to reach a boiling point. Something has to come down to prevent this, before credit cards become as unsafe as email.

The following chart shows some of the larger breaches this year:
While putting this together I found a much more comprehensive chart and edited mine to coincide.

ChoicePoint (Story)

• Data Collection/Credit Reporting
  
• Feb 15
  
• Social Engineering
  
• Called in posing as prospective employers, bought credit checks
  
• 145,000
  

Report this post to a moderator | IP: Logged