Welcome!
If you have an account, please:
Log in

Fraud Alerts Don’t Work

One of the first things you’ll be told to do after a data breach or an instance of ID theft is to put a fraud alert on your credit reports. Learn what that actually does and why it’s almost always a waste of your time.

This page is part of my Goodbye Identity Theft course and is restricted to members.
Tags: , , ,

UK Loses Data on Over Half its Entire Population

What's a 50% data loss for a whole country?
(Image is in the Public Domain)

They had it, they shouldn't have, now they lost it. Same story all over.

The funniest part of this is that they're trying to convince their public that it's a good idea to have a national ID card containing even more data and that they'll be responsible with that data.

Said someone from an anti-ID card group:

"It's inevitably good news for our campaign because it proves to people that this government, and indeed any government, cannot be trusted with this amount of information. For 25 million people this is a catastrophe but it is just a small herald of the national ID scheme which would mean a potential catastrophe for 60 million of us."

Tags: , ,

Insult to Injury: Countrywide Data Breach Affects Millions

(Image is in the Public Domain)

It isn't bad enough that Countrywide was engaging in questionable loan practices , but now they've lost the data on millions of customers as well.

And, as usual, the completely worthless response:

The company nevertheless promised to provide two years of free credit monitoring to affected individuals through the ConsumerInfo.com division of the Experian credit bureau.

*Sigh*

Tags: ,

Best Western Loses Full Details of All Customers From 2008 in Data Breach

Data breaches are about negligence; every time
(Image is in the Public Domain)
Details of how to access the information - which included home addresses, place of employment and credit card details - were sold through an underground network operated by the Russian mafia.

And, again, if these companies would stop holding our credit card numbers far past the date that we used them, we wouldn't be having this problem.

Update

Best Western is contradicting the story saying that it's exaggerated. More importantly this:
Most importantly, whereas the reporter asserted the recent compromise of data for past guests from as far back as 2007, Best Western purges all online reservations promptly upon guest departure.

If this is true, then how did they lose anything? Did they? The details are unclear.

Tags: , ,

California Court Leaks SSNs and Medical Data Online

Leak
(Image is in the Public Domain)

In case you didn't already know, state offices posting "public" records online for anyone in the world to see is a huge and persistent problem.

Tags: , , , ,

Make Companies Pay for Losing Your Data

Leak
(Image is in the Public Domain)

Data breaches are common, but shouldn't be. They could easily stem the flow by putting better security in place, taking personal data offline, stop sending employees home with laptops that have personal data on them, and, above all stop storing our data once you no longer have need of it (you can't lose my credit card number if you don't have it).

Anyway, class action suits don't often work so one man decided to take a company to small claims court instead (and won!). A $700 settlement might not seem like much, but as he says:

...it was likely more than most consumers who filed class-action lawsuits ever received (after attorney fees are paid) and it would be received much more quickly.
Tags: , ,

Georgetown University Data Loss – ID Theft to Follow?

Keep data safe? Pshaw.
(Image is in the Public Domain)

Georgetown U lost a hard drive full of personal data on students and staff. Of course, if they get a credit freeze, they won't have as much to worry about.

Tags: , ,

TJX Blames Weak Wireless Security

Darn those hackers... so clever.
(Image used under: Creative Commons 2.0 [SRC])

This is so, so stupid. It's not weak security, its that you data-abused us for all our customer data that we didn't want you to keep anyway. If you hadn't stored all the data on us, you couldn't have lost it.

In addition to pilfering over 45 million—and possibly as many as 200 million—credit card and debit card numbers, the hackers were also able to obtain other personal data from over 450,000 customers. This included driver's license numbers and Social Security numbers.

I already know they don't need to store our credit cards, but licenses and SSNs?

Tags: , ,

TJX/TJ Maxx Data Breach Hits Home

No security, no accountability. TJ Maxx
(Image is in the Public Domain)

So today my wife received a letter from our bank saying that her card was included in the data breach. They were very pleasant and helpful (as credit unions tend to be), but one thing caught my attention:

If at any time you suspect you may be a victim of fraud or identity theft, you may place a fraud alert on your credit file with one of the three major credit-reporting [companies]. A fraud alert will require any company or creditor to contact you to authorize any new accounts or loans.

For the record, fraud alerts are required, but can be ignored. The problem is that it's the issuing company's responsibility to check for the fraud alert and act accordingly. Since it hurts their business to do so, it's far more likely that they will "miss" the flag (especially when they're on commission). That means that it may help and it may not.

Tags: , , , ,

Privacy Bill Introduced in Senate?

Better late than never...
(Image is in the Public Domain)

Not a bad start at all. Granted, I think we should be able to block data brokers from having our information, but we have to begin somewhere.

(article found at Slashdot.)

Tags: , , ,

If you want to learn more about my professional background, click here to learn more. Otherwise, let’s get started - how can I help?

Online learning
On-site learning
Read my blog