Identity theft is scary. A friend of mine several years ago had his voter registration revoked because the Commonwealth of Virginia thought he was a convicted felon. It turns out that a former roommate of his was the convict, but had given the police my friend's name and social security number. It took The Washington Post running a full page article on the story to get Virginia to correct its mistake. So I was very interested to learn of a resource that lists current scams and security breaches in which social security numbers and other highly confidential information may have been stolen. The site is run by a non-profit organization called the Identify Theft Resource Center.
Scam Alerts
ITRC provides a list of current scams on its scam warning page. Here is an example of a current scam listed on the ITRC site:
BofA Customers Targeted - 9/3/07
An email with the heading “Security Update Alert” and Bank of America’s logo is being sent out to consumers. It then states that BofA is putting in new security measures and asks you to fill in your information at a given website. This is a scam. This letter and website are not connected to Bank of America. Bank of America never asks for their customers to reveal information via email. If you receive this email do not respond. Report it to BofA’s fraud department.
Breach List
The most interesting aspect of the site, however, is the breach list. This page provides links to ITRC's reports on security breaches that may have resulted in the loss of personal data. You will find links to reports for 2006, 2007 and 2008. The report for 2008 is already 16 pages long and lists 47 security breaches with the potential loss of more than 390,000 records. The 2007 report is 137 pages long and lists 448 breaches that may have exposed more than 127 million records. And many of these breaches come from government databases or well known companies like Wendy's and SAIC. It's definitely an eye-opener and worth reading if you've got the bandwidth to download the reports (pdf format).
Reader Question: Have you ever had your identity stolen?
{ 4 comments… read them below or add one }
Mine wasn’t stolen in 2007, but in 2004. I wrote about it a few days back.
Keep spreading the message. Identity theft is a real problem and needs to be addressed by individuals, businesses, and governments.
Here’s the link to my personal story:
http://www.thewisdomjournal.com/Blog/my-identity-was-stolen/
I haven’t had my identity stolen, but the potential was there when my purse was stolen from my car several months back. After the first hour of so trying to recall everything that was lost, and calling all my credit card companies to cancel my cards, it dawned on me that two forms of identification, including my Virginia driver’s license, and my checkbook, as well as health insurance cards and the like were stolen as well. Identity theft was the foremost thought in my mind by then.
Within a couple of hours, I had contracted with a company called LifeLock (www.lifelock.com), which offers protection in the event of identity theft. They contacted all the credit reporting bureaus to be on the lookout for potential fraud alert on my behalf, as well as monitored activity in my accounts and looked for attempts to open new accounts and the sources of inquiries into my credit ratings. When I opened a new checking account at a local bank, the fraud alert popped up on my SSN and they took an extra step to verify my identity because of it.
I know there are other services that offer fraud protection, as well as each credit card company offers it, but this service covered all of my credit and banking relationships in one fell swoop, without having to deal with each company one by one. It was worth it to me to buy a little piece of mind.
I never did recover my purse or any of its contents, so identity theft still remains a real possibility considering the ease in which it can be perpetrated. I watch my credit reports much more frequently now and will continue to do so for the foreseeable future.
Haha, that last post sounds like a planted pitch for LifeLock – what a waste…
Anyways, to answer your question – no, I have not had my identity stollen as far as I know. I am computer literate and don’t click on links in those emails. I only shop at reputable companies online and when I do make a purchase, I always use Citi’s virtual account number, sometimes even put a limit on it if it is a company that I have not dealt with before. By the way, the biggest reason is not the fear that it will be intercepted during my transaction, but because pretty much all companies store that information on their servers and it is bound to be hacked at some point. By using virtual one-time use numbers, even if they get out, oh well, they can’t be used again.
I shred all mail credit card applications and anything else that have my name/account number on it (magazine subscription offers, etc). I put my phone number on the do-not-call list so I do not get telemarketing calls. I scan my credit, banking, and housing reports regularly (and for free).
One more thing I have always wanted to do is put all phone numbers from the cards I carry in my wallet (banking, credit, insurance, etc) into my phone so if I do part with it, I can call everyone right away (and the credit bureaus of course). I have been putting it away for at least a year now (sigh…) but I am doing it now thanks to your post!
Good luck, it’s jungle out there!
Dima,
I too like you thought my identity could not be stolen because I took all of those precautions.
The other day I found out that my undergraduate University allowed 38,000 people’s SSNs (including mine) to be stolen.
The lesson here: identity theft can happen no matter how careful you are because your SSN is already out there with organizations that don’t take nearly as much precaution as you do.