In a previous post, I emphasized that simply deleting a file from a hard drive before disposing of it or selling it is not enough. If the file is not securely wiped from the hard drive with digital shredding software, the file may be retrieved if it falls into the hands of someone tech savvy enough. This may not seem like a big deal, but with people doing their banking and making purchases on their computers or storing tax records, it is extremely important that your data is securely removed before the computer or hard drive changes hands. Otherwise, the information you leave on the machine can be used to make you an identity theft victim.
This is even more important for companies that use computers to store credit card numbers, insurance information, or medical records. Companies that upgrade must be sure that old data is securely wiped before the machine is given away or sold. According to ScienceDaily, the number of second-hand hard drives that have been securely wiped has fallen to 33%. This puts the customers with information on those machines at risk of identity theft.
I'm not sure whether to be disappointed or extremely concerned. Granted, companies don't need to upgrade their computer hardware everyday, but the fact that we have second hand computers out there containing credit card or insurance information isn't exactly encouraging. After all, more and more people are acquiring the technical skills that would help them retrieve this information, especially kids growing up in this information age.
Keep your data safe and wipe those hard drives before getting rid of them. It's a small price to pay to prevent identity theft.
Showing posts with label identity theft victim. Show all posts
Showing posts with label identity theft victim. Show all posts
Thursday, November 06, 2008
Friday, October 31, 2008
State Department Announces 400 at Risk of Identity Theft
The State Department announced that it has notified nearly 400 passport applicants of a security breach that may have put them at risk of identity theft. Most of the applicants at risk are in the Washington, D.C. area, and their passport applications may have been illegally accessed and used to open fraudulent credit card accounts. The applications contained identifying information, including Social Security numbers. More potential identity theft victims may be notified as the investigation continues.
Most of the people contacted have not become identity theft victims at this point, but they have all been offered free credit monitoring for a year. The breach was discovered when a man was arrested with 19 credit cards in different names and eight completed passport applications. While the State Department declines to comment on how he obtained these applications, it was confirmed that one State Department employee has been fired as a result of this breach.
The department has since stepped up its security for passport records management. While specifics about the method of this security breach have not been disclosed, it is no less disturbing. We don't know how many people were involved, but it's definitely possible that many of these people may already be victims of identity theft and not even know it.
Most of the people contacted have not become identity theft victims at this point, but they have all been offered free credit monitoring for a year. The breach was discovered when a man was arrested with 19 credit cards in different names and eight completed passport applications. While the State Department declines to comment on how he obtained these applications, it was confirmed that one State Department employee has been fired as a result of this breach.
The department has since stepped up its security for passport records management. While specifics about the method of this security breach have not been disclosed, it is no less disturbing. We don't know how many people were involved, but it's definitely possible that many of these people may already be victims of identity theft and not even know it.
Thursday, October 02, 2008
Update for Identity Theft Enforcement and Restitution Act
As a brief update, according to this article from The Washington Post, President Bush did, in fact, sign the Identity Theft Enforcement and Restitution Act. This will make it easier for prosecutors to go after cyber criminals. It will also allow identity theft victims to not only be compensated for their direct losses from identity theft, but also their indirect losses (like time spent restoring credit or possible job denials as a result of ID theft) once their identity thieves are brought to justice.
Keep in mind the victim is only compensated for the indirect losses caused by identity theft if those responsible are brought to justice. Most identity thieves are never caught, so this will not help many identity theft victims.
Keep in mind the victim is only compensated for the indirect losses caused by identity theft if those responsible are brought to justice. Most identity thieves are never caught, so this will not help many identity theft victims.
Thursday, September 18, 2008
House Passes Identity Theft and Restitution Act! But Will the President Sign It?
The Senate and House of Representatives have passed the Identity Theft and Restitution Act. This bill offers more flexibility to identity theft victims, such as allowing them to seek restitution for indirect losses like time and money spent rebuilding credit. Currently, the identity theft victim is only compensated for direct losses (charges on a credit card or money taken from a bank account).
The other provisions are more computer related and refer specifically to cyber crimes, particularly those that result in identity theft. For example, it enables prosecution of those who steal personal information from a computer when the victim's computer is in the same state as the identity thief's computer (now there can only be prosecution when the thief uses interstate communication). There are other provisions involving the use of keyloggers and damage to a victim's computer.
The Senate and House have already passed it, and it awaits President Bush's signature. While this bill has some good provisions to help identity theft victims recover and law enforcement punish thieves, this will not necessarily slow down the rate of ID theft much. After all, many identity theft crimes are not reported, and most identity thieves are never caught. Punishment will not deter a crime if the thief knows he is not likely to get caught.
The other provisions are more computer related and refer specifically to cyber crimes, particularly those that result in identity theft. For example, it enables prosecution of those who steal personal information from a computer when the victim's computer is in the same state as the identity thief's computer (now there can only be prosecution when the thief uses interstate communication). There are other provisions involving the use of keyloggers and damage to a victim's computer.
The Senate and House have already passed it, and it awaits President Bush's signature. While this bill has some good provisions to help identity theft victims recover and law enforcement punish thieves, this will not necessarily slow down the rate of ID theft much. After all, many identity theft crimes are not reported, and most identity thieves are never caught. Punishment will not deter a crime if the thief knows he is not likely to get caught.
Subscribe to:
Posts (Atom)
