NewsNotables – Issue 43

Despite the rhetoric about how safe your personal information is with various financial institutions, you can’t read the news without hearing about another security breach exposing consumer information to identity thieves. Due to widespread corporate carelessness, the records of more than 46 million Americans were lost or stolen in the first half of 2005.

What Is Identity Theft?

Identity theft involves acquiring key pieces of someone’s identifying information, such as name, address, date of birth, social security number, and mother’s maiden name in order to commit fraud. With this information the thief can do such things as take over the victim’s financial accounts; open new bank accounts; purchase automobiles; apply for loans, credit cards, and social security benefits; rent apartments; and establish services with utility and phone companies.

The methods used by identity thieves include the following:

  • Theft of your wallet, purse, or checkbook.
  • Removing mail from your mailbox, either incoming or outgoing.
  • Going through your trash.
  • Phishing—obtaining information by email scams or fraudulent websites.
  • Pretext calling—using false pretenses to obtain information via telephone.
  • Hacking—illegally gaining access to computer systems containing personal or financial data.

Three articles published in the last few months illustrate how many of us have had our personal financial information stolen by hackers from trusted financial institutions who process our information.

ChoicePoint Slow to Acknowledge Data Theft

Compiled from multiple sources including The Seattle Times, Information Week, Liberty Theft Services, Network World Fusion
In October 2004, hackers gained access to the databases of ChoicePoint, a data collection company located in Atlanta, Georgia. ChoicePoint gathers very personal data on people throughout the U.S. using advanced data mining techniques, and then sells the data to credit providers, landlords, government agencies, and anyone who wants to buy the data. Estimates range from 145,000 to 400,000 people who became vulnerable to identity fraud due to this stolen data. In February 2005, ChoicePoint notified about 45,000 customers from the state of California of this theft.

40 Million Credit Cards at Risk

Los Angeles Times, June 18, 2005
More than 40 million credit card numbers belonging to U.S. consumers were accessed by a computer hacker at a card-processing center and are at risk of being used for fraud, MasterCard International said. MasterCard officials said all credit card brands were affected by the breach, the largest of its kind, including 13.9 million cards bearing the MasterCard label. American Express, Discover, VISA, and other brands were also affected.

MasterCard said names, card numbers, and expiration dates were harvested by a rogue program planted inside the computer network at CardSystems Solutions, one of the companies that process merchant requests for credit card authorization. Hackers and identity thieves trade and sell pilfered credit card numbers in online chat rooms, making it relatively easy for a single big theft to affect thousands of cards quickly.

At Online Stores, Sniffing Out Crooks Is a Matter of Survival

The Wall Street Journal, August 4, 2005
Six years ago, Neil Kugelman found himself puzzling over the very first customer to arrive at the Web site he had launched to sell jewelry online. The order—a $496 men’s diamond ring. The North Carolina address didn’t match the address tied to the credit card. The shipping address was different still. Mr. Kugelman tried to telephone the customer, but the number didn’t work. His email bounced back. He was no expert on fraud, but neither was he born yesterday. He spiked the order.

The family-controlled business now fills more than 50,000 orders a year. Mr. Kugelman has taught himself to regard each and every customer as a potential online crook—and with good reason. He says fraudulent orders have risen to a staggering 30 percent of the total, up from 5 percent when he started. Mr. Kugelman got so good at sniffing out the cons that just 0.5 percent of his sales are lost to fraud.

For Mr. Kugelman and other Internet retailers, ferreting out bogus orders is a matter of survival. When a crook uses a stolen credit card in a traditional store, the card issuing bank usually swallows the loss. For online retailers, the merchants who accept the charges from cyberspace shoulder the risk of fraud.

How to Guard Your Identity

  • Don’t give out financial information or your social security number over the telephone unless initiated by you.
  • Never give personal information to email inquiries.
  • Never loan your credit card to anyone.
  • Check your credit and debit card transactions often.
  • Check your bank accounts at least weekly.
  • Periodically check your credit report for suspicious activity.
  • Safeguard your account numbers, debit card, and ATM personal identification numbers (PIN).
  • Dispose of your financial information by shreding.
  • If you’re a victim, act fast.

By Roger Eigsti
Board President,
Institute for Business, Technology, and Ethics