US 2005: THE YEAR IN ID FRAUD2005 The Year In ID FraudIt's been a busy year for cyber security and perhaps no area was busier than identity fraud. Dozens of companies fell victim to various forms of theft regarding their customers' personal information. Let's take a look at some of the problems this year.


Looking at 2005's ID Fraud


There are certainly many ways people can become victims. It could be a phishing scam on their computer. It could also be a Trojan following keystrokes and gathering other information as you use the Internet. None is more frustrating, however, than security breaches with the companies people do business.

The Privacy Rights Clearing House put together their list of security breaches that ended up costing people some sanity at the least and a possibly a small fortune. The year started back in February when bogus accounts were established affecting 145,000 people. A fair amount, but small in the scheme of things perhaps. Then later that month, the Bank of America reported they lost a backup take with 1.2 million names on it.

DSW got hit for 100,000 names in March and the next month another 1.4 million names were added. CitiFinancial lost backup tapes covering about 3.9 million customers in June. La Salle Bank shipped backup tapes via DHL and those tapes with 2 million names turned up missing last week. Fortunately, DHL reported they have found those tapes. Even Lexis Nexis got nailed for about 312,000 passwords.

The award for 2005 goes to one company who stands alone in the stories of identity fraud. This company is in a league all its own. At a record 40 million identities compromised, no one else is even close. As a matter of fact, all the other breaches together don't stand up to CardSystems. The company was a third-party processor for credit card payment and had held onto a lot of information they shouldn't have. Perhaps the most mind-boggling aspect of this whole CardSystems fiasco is the company is still in business.

The are some other interesting things to note about these instances though. Of the over 100 breaches mentioned, 48 were tied to universities and colleges or some aspect of them. Also consider hacking was the most prominent form of attack but in many cases, about one third of those in the list were due to stolen computers and laptops.

If you think your banking information was safe, it's doubtful. Consider Bank of America lost 1.2 million names on a backup tape. So did Ameritrade and CitiFinancial. Even the FDIC got hit. Then there's everyone's favorite credit bureau, TransUnion. The had a computer stolen with 3,623 names on it.

Right now, a number of states are looking at creating laws to protect consumers in identity fraud cases. The federal government is also looking into passing laws. California has been the only state with a law on the books however. People should call their congresspeople to make sure these laws get through.

So?what can you do to protect your information. As consumers, people must demand higher security levels for their banking. Sure, and armed guard and some cameras are great by the vault but the real value is in the networks. Tighter security measure must be called for. Demand multiple passwords. Also demand other forms of security like a fingerprint scanner or other forms of biometrics. If not, our identities and all our financial well being are an open book waiting for anyone to lose a computer or hack a network. These companies obviously don't take the problem seriously and don't have the financial incentive to do so. Consumers must take it upon themselves to demand better from their universities, banks, retailers and even the federal government.




View All Articles by John Stith