Identity Theft

When will we have laws to impose strict fines for companies that are so careless with consumers personal information?

Personal information on about 650,000 customers of J.C. Penney and up to 100 other retailers could be compromised after a computer tape went missing.

GE Money, which handles credit card operations for Penney and many other retailers, said Thursday night that the missing information includes Social Security numbers for about 150,000 people.

The information was on a backup computer tape that was discovered missing last October. It was being stored at a warehouse run by Iron Mountain Inc., a data storage company, and was never checked out but can’t be found either, said Richard C. Jones, a spokesman for GE Money, part of General Electric Capital Corp.

What is really absurd is the fact that GE Money knew about this since last October and it is just now being reported. If someone did steal that computer then they have had a three month head start on destroying people's credit.

This one from right here in the Buckeye state:

A 22-year-old intern was given the responsibility of safeguarding the personal information of thousands of state employees, a security procedure that ended up backfiring.

The names and Social Security numbers of all 64,000 Ohio state employees were stolen last weekend from a state agency intern who left a backup data storage device in his car, Gov. Ted Strickland said.

An additional review of data revealed that the storage device also held information on 53,797 participants enrolled in the state's pharmacy benefits management program, as well as names and Social Security numbers of about 75,532 dependents, the governor's office confirmed Saturday. Strickland has asked Ohio Inspector General Tom Charles to investigate.

There is a major difference in this one is that the state's top politician is taking notice and making changes:

Either way, Strickland said the security procedure failed, and he issued an executive order to change the practices for handling state data.

See that George Bush? Instead of playing a blame game, like you did on all the breaches of U.S. data, Ted Strickland is pissed off and working to correct the situation to make sure private information is more secure. That is a big difference between a do nothing President and an active governor.

Here we go with the government run by the party of "small government" trying to expand their powers even more:

FBI Director Robert Mueller on Tuesday called on Internet service providers to record their customers' online activities, a move that anticipates a fierce debate over privacy and law enforcement in Washington next year. "Terrorists coordinate their plans cloaked in the anonymity of the Internet, as do violent sexual predators prowling chat rooms," Mueller said in a speech at the International Association of Chiefs of Police conference in Boston.

ISP snooping time line In events that were first reported by CNET News.com, Bush administration officials have said Internet providers must keep track of what Americans are doing online.

"All too often, we find that before we can catch these offenders, Internet service providers have unwittingly deleted the very records that would help us identify these offenders and protect future victims," Mueller said. "We must find a balance between the legitimate need for privacy and law enforcement's clear need for access."

Yeah because that information would be so secured once it is stored. Hell has the FBI even fixed their major security loop holes? I doubt it and personal information being stolen from government computers is on a drastic rise and already at an all time high. Hey Mueller - fix your own problems first.

It's no secret that privacy has been under serious attack this year. I have documented numerous cases here, and now we have a new one for the files:

In a breach of privacy, the Republican National Committee erroneously e-mailed a list that contained the names, races, and Social Security numbers of dozens of top Republican donors — and that identified two of the contributors as Muslim — to this reporter.

In the course of preparing for a Washington fund-raiser on Friday headlined by President Bush, an RNC staffer, Dee Dee Lancaster, intended to e-mail a security list of confirmed guests to other event planners and the Secret Service. But Ms. Lancaster mistyped one of the addresses, and the e-mail wound up in the Gmail account of this reporter.

The RNC confirmed the slip-up, which raised questions about how the committee handles sensitive personal information and what records it keeps of its supporters.The e-mail was sent to four other addresses, including one with the Secret Service.

These so called "slip ups" are amazing. If the people at the RNC, as well as other companies that have had similar problems, are so overworked that they can not ensure the privacy of their own donors, then how can they be trusted to ensure the privacy of our nation? These type of incidents must be followed up by strict criminal investigation that can be pursued with serious punishments.

Well to give them credit they haven't lost one in a couple of weeks now.

As many as 38,000 veterans may be at risk of identity theft because a Veterans Affairs Department subcontractor lost a desktop computer containing their sensitive personal data.

VA Secretary Jim Nicholson said that Unisys Corp., a subcontractor hired to assist in insurance collections for VA medical centers in Philadelphia and Pittsburgh, reported the missing computer last Thursday. The computer was being used in Unisys offices in Reston, Va.

It is not yet known what happened to the computer, Nicholson said, adding that local and federal authorities are investigating.

So, how safe do you feel with your information?

Finally we have a case of identity theft hit someone who might be able to do something:

Senate Minority Leader Harry Reid discovered this week he was the victim of identity theft after someone used his MasterCard number to charge about $2,000 at a Wal-Mart and other stores in Monroe, North Carolina.

The Nevada Democrat said he found out someone had obtained the number after opening his bill Tuesday night.

"It's not a tremendous inconvenience for me," he said. "I won't have to pay it."

But Reid said he is steamed about the fact the perpetrator likely will never be caught. "Something has to be done," he said, holding up his now-deactivated card.

Reid said he does not know how someone obtained the number or whether he has been the victim of a broader identity theft -- a problem that affects millions of Americans every year.

Considering the tens of millions of citizens that have had their identity stolen from government computers alone over the past several weeks, it is time for this to get the much needed attention. This can be a great platform for the Democrats in 2006, as current estimates have it at 1 out of 4 Americans have their personal information stolen.

Via the AP

Personal data, including the Social Security numbers of 28,000 sailors and members of their families, have been found on a civilian Web site, triggering a criminal investigation.

The Navy said Friday the information was in five documents and included people's names, birth dates and Social Security numbers. Navy spokesman Lt. Justin Cole would not identify the Web site or its owner, but said the information had been removed. He would not provide any details about how the information ended up on the site.

Cole said there was no indication so far that the information was used illegally, but individuals involved were being contacted and encouraged to monitor their bank accounts and credit cards.

And this is most likely from the first incident in the latest rash of personal information theft. This is going to become more common and people are going to have to fight harder to get their information back. Lack of security is the number one cause of this and the people who offered an easy way for thieves to get this information are like the drug pushers getting the junkies to buy more stuff. We need an overhaul in data protection when it comes to our federal government.

I no longer get done posting my last article and look at what pops up:

A hacker breached the Agriculture Department's computer system and may have taken personal information on 26,000 employees, retirees and contractors, the department said, making it the latest federal agency to have had personal data compromised.

The potential loss is less dramatic than the one that occurred last month with the theft of a laptop computer and hard drive containing personal information on up to 26.5 million veterans and military personnel from the home of a Department of Veterans Affairs employee.

It is interesting that this one was actually done by hackers. I can't believe it was not a "stolen" computer. Perhaps they had to change the story or people might start asking questions.

The number of thefts on this one are not as high but it is still a sign of how little respect the government has for our personal data:

The government agency charged with fighting identity theft said Thursday it had lost two government laptops containing sensitive personal data, the latest in a series of breaches encompassing millions of people.

The Federal Trade Commission said it would provide free credit monitoring for 110 people targeted for investigation whose names, addresses, Social Security numbers - and in some instances, financial account numbers - were taken from an FTC attorney's locked car.

The car theft occurred about 10 days ago and managers were immediately notified. Many of the people whose data were compromised were being investigated for possible fraud and identity theft, said Joel Winston, associate director of the FTC's Division of Privacy and Identity Theft Protection.

"Basically these were attorneys who were going to file a lawsuit, and they had relevant evidence on their laptops," Winston said, noting that the FTC employees did not violate security procedures by storing the password-protected laptops in their cars.

Again - why in the hell is government employees taking this stuff home? The government has a nice intranet and the information should be accessible from that. Leaving a laptop in a car? Why not just leave $1500 in cash laying there. I am sure there are identifying features on this car that shows it is a government employee (parking sticker?). That just adds to how hot of an item this would be.

The article has this interesting tidbit also:

"We will be reassessing what procedures we have to make sure reasonable measures are taken to protect data," he said.

And the numbers keep growing and growing and growing.

A laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees has been stolen, officials said.

The computer was stolen Monday from the Washington home of an employee of ING U.S. Financial Services, said officials with the company, which administers the district's retirement plan.

The company did not notify city employees of the theft until late Friday because it took officials several days to determine what information was stored on the laptop, ING spokeswoman Caroline Campbell said.

The laptop was not password-protected and the data was not encrypted, Campbell said.

So I lied. We do hear about it every day and it is getting beyond ridiculous. There is a lot here that does not make sense, which is usual.

And here we go yet again. Another company, another theft, another computer, another million people having their information exposed:

A thief recently stole a computer server belonging to a major U.S. insurance company, and company officials now fear that the personal data of nearly 1 million people could be at risk, insurance industry sources tell NBC News.

The computer server contains personal electronic data for 930,000 Americans, including names, Social Security numbers and tens of thousands of medical records. The server was stolen on March 31, along with a camcorder and other office equipment, during a break-in at a Midwest office of American Insurance Group (AIG), company officials confirm.

An AIG spokesman says that there's no evidence that the thief has accessed the personal data on the server or used it for any illicit purpose. The server is password protected, the AIG spokesman adds

Now let's see if we can sum this up. We got the VA Computer with 26.5 million. This one adds another million. Another 1.3 million in a Texas Student Loan corporation. 1,300 from the University of Kentucky and 1,500 from a Department of Energy computer (which happened last September but not reported to anyone, including the victims, until a couple of weeks ago). We are up to almost 30 million people who have had their personal information stolen within the last few weeks. That is 10% of the population. That number is not acceptable at all.

So what is the United States Congress doing to help with this problem? What is on the agenda for the great Republicans? They are working on legislation to make it easier for the people who steal this information to use it:

Congress is considering pre-empting laws in 17 states that allow anyone to freeze their own credit and instead restricting the privilege to ID theft victims. The proposed Financial Data Protection Act of 2006, expected to be voted on by the House as soon as next week, comes on the heels of the recent theft of sensitive data for 26 million veterans and active duty military personnel. If it becomes law, vets and military personnel who live in states that permit unrestricted credit freezes would lose that option.

A credit freeze cuts off access to your credit history. Since most banks and merchants insist on seeing a credit report before issuing credit, identity thieves can't open bogus accounts using ill-gotten data. Under the bill, backed by the financial services industry, simply having your data lost or stolen isn't enough. You must file a police report describing a specific instance of it being used to commit a crime.

"It's like telling someone you can't put a deadbolt on your front door until after you've been burglarized," says Washington state Attorney General Rob McKenna.

Exactly - the Americans are getting fucked in the ass while the corporate world merits from the reach around. The Republicans have declared a Jihad on America. They are out to destroy the working families and doing whatever they can to keep these people down. At the least they need to be replaced. At the most they should be charged with crimes against humanity.