2007 Data Breaches Due to Lack of Proper Policies and Procedures
There is another disturbing contributor to the emerging Identity Theft epidemic and that is the lack of proper procedure and policies to secure our personal information. Governments, institutions, and companies are exposing our records foolishly and this makes the job of an identity thief all too easy.
Here are some examples of personal data that was compromised due to this negligence.
- In California Secretary of State Debra Bowen’s office had the Social Security numbers, addresses and signatures of more than 650,000 Californians available for sale on a website for $6 each.
- The University of Idaho posted the names, birth dates and Social Security numbers of 2700 University employees on their web site.
- The Census Bureau posted personal information from 302 households on a public Internet site.
- RadioShack in Portland, Texas threw thousands of unshredded records containing customer names, addresses, telephone numbers and other data in an alley dumpster.
- CVS Pharmacy store in Texas dumped 1000’s of unshredded customer records in an alley trash can.
- An identity theft activist in Virginia provides the links to government websites that have the SSN’s of numerous congressman, judges, and district attorneys posted for all to see.
- The Federal Emergency Management Agency (FEMA) printed 100’s of Social Security numbers of employees on the outside address labels of reappointment letters.
- Concord Hospital announced 9,000 patient’s personal information was exposed on the Internet for more than a month.
- The state of Massachusetts warned 150,000 members of its Prescription Advantage insurance program that their personal information may have been snatched by an identity thief. No means of loss were disclosed as their is an ongoing criminal investigation. One suspect is in
- Social Security Numbers and private information of over 300 employees of American Airlines were exposed on the company Web site.
- 200,000 customers of Blockbuster in Florida had their private information exposed when they threw out unshredded membership applications in to the trash.
- Georgia Tech announced a brief internet exposure of 23,000 current and former students.
- The credit card and checking account information of 1,200 parents who enrolled their children in youth recreation programs in Encinitas, California were posted on the city’s website.
- Milwaukee PC exposed 65,000 credit card numbers.
- Louisiana Board of Regents exposed the Social Security numbers, names, and addresses of students and staff on the web for up to two years.
- SAIC, a military contractor, announced they compromised the personal records of 580,000 military personnel when they failed to encrypt transmitted data.
- 5,000 customers of ABM Amro Mortgage Group had their Social Security Numbers and other personal details accidentally leaked over a file sharing network by a former employee.
- A Commerce Bancorp Inc. employee gave out personal information on an unspecified number of its customers.
- 1,800 Pfizer employees and their families were informed of a data breach at Wheels Inc. who rents them cars.
- In a study by The Washington Post personal information including the SSN of Colin Powell and Troy Aikmen were found in public government records on the internet. This information was readily available from land deeds. Think of how many people in Washington own a house.
Identity theft is a major problem costing our economy an estimated 57 Billion dollars each year. Part of the problem is that we make it all too easy for perpetrators of identity theft to acquire our information. Often they do not even have to commit a crime to obtain this information.
Governments are reluctant to clean up their mess due to costs associated with blacking out SSN’s and manpower required to pull records and change the in place systems.
This has got to change, they need to be setting an example for the rest of the Country to follow.
Identity theft is one situation where lawyers might actually be the cure by holding accountable those responsible for exposing our records. Its hard to admit that, but government action has been inadequate and their is an unwillingness to fix the problem in many areas. We will have more on that later.
As we have been saying throughout this 4 part series, your identity is not safe. Already in 2008 over 1.3 Million Americans have had their private information compromised. The trend continues and we hope you decide to protect yourself from the ongoing threat of identity theft. It does not matter if you use an identity protection company or do it yourself. What does matter is that you realize the inherent dangers and take action to protect yourself and your loved ones.