(BOSTON, Mass. – Feb. 14, 2007 – IDTheftSecurity.com) Data records lost or compromised as the result of just four security breaches reported last month left nearly one million consumers possibly at risk of identity theft and related crimes. The scope, scale, and consequences of these data losses throw into question large companies’ parallel efforts to blunt the strength of proposed data breach–notification legislation, said Robert Siciliano, a widely televised and quoted personal security and identity theft expert.
"January wasn’t the only month that saw hundreds of thousands of consumers’ sensitive information go missing to thieves," said Siciliano. "And apparent carelessness and lack of concern on the part of businesses everywhere is a major factor leading to these kinds of breaches. Furthermore, with the exception of token yearlong access to free credit report monitoring, consumers end up with the bill. For industry then to fight legislation aimed at protecting these same consumers is unconscionable."
CEO of IDTheftSecurity.com and a member of the Bank Fraud & IT Security Report‘s editorial board, Siciliano leads Fortune 500 companies and their clients in workshops that explore consumer education solutions for security issues. An experienced identity theft speaker and author of "The Safety Minute: 01," he has discussed data security and consumer protection on CNBC, on NBC’s "Today Show," on FOX News, and elsewhere.
Already, data breaches have plagued numerous organizations in 2008, which has seen 28 incidents since the beginning of January, according to sources cited in a Jan. 30th article by InformationWeek. Just four of the many breaches in January saw a total of nearly one million consumers’ data records go missing:
- A Jan. 18th article in InformationWeek reported that a backup data tape had gone missing at an Iron Mountain Inc. storage facility in October. The tape contains identifying data on 650,000 customers of retailers such as J.C. Penney and around 100 others, the article said, and belongs to GE Money USA, the company that processes credit card purchases for the various merchants involved. About 150,000 Social Security numbers are among the data on the tapes, the InformationWeek article and a Jan. 28th write-up in Computerworld both noted.
- A Jan. 30th report from InformationWeek indicated that "sophisticated network intrusion" had compromised a computer database belonging to Davidson Companies. The breach affected data records on 226,000 current and past clients of the Montana-based financial services holding company, the article said.
- As noted by Computerworld on Jan. 29, earlier that month T. Rowe Price had begun to inform a number of current and former customers that a data breach had occurred involving their sensitive data. A computer belonging to CBIZ Benefits and Insurance Services Inc., a third-party tax-preparer, had gone missing to thieves, according to the Computerworld report, which went on to say the machine housed about 35,000 T. Rowe Price customers’ Social Security numbers and corresponding names.
- On Jan. 24, the Fort Worth, TX–based Star-Telegram reported that an "international gang of cyber criminals [had] hacked into" the computers of that city’s OmniAmerican Bank. Fewer than 100 accounts were directly affected, according to a bank spokesperson quoted in the article, but the Star-Telegram went on to note that OmniAmerican had issued new debit cards to about 40,000 customers.
Various state legislatures, including California’s, have regrouped their efforts to fight the hemorrhaging of data by proposing tougher laws that govern "how businesses and government agencies should notify consumers when…personal data is stolen or exposed," a Feb. 4th article in InformationWeek notes. At the same time, according to a Feb. 5th blog posting on CNET.com, large industry players such as Microsoft, Verizon, and AT&T are working to block similar legislation under consideration in the Indiana State Senate.
"One million is a very large number," said Siciliano. "And, at this very early date in 2008, the total number of lost or missing data records is actually much higher. A smart organization recognizes the value of looking out for its customers’ best interests and of nurturing the perception that it in fact does so. But nobody wins when industry fights good-faith legislative efforts that endeavor to help customers who have no say over how large companies handle and secure data."
Readers may view YouTube video below of Siciliano on "FOX News," where he explains how the ubiquity of Social Security numbers as universal identifiers helps thieves online and off-line. Those wishing to learn how to protect themselves against identity theft, a major concern for anyone who has fallen prey to online scammers, may view video of Siciliano at VideoJug.
Identity theft affects us all. Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report‘s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients.
A leader of personal safety and security seminars nationwide, Siciliano has been featured on "The Today Show," CNN, MSNBC, CNBC, "FOX News," "The Suze Orman Show," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael," "The Howard Stern Show," and "Inside Edition." The Privacy Learning Institute features him on its Website. Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others.
The media are encouraged to get in touch with Siciliano directly:
The media may also contact: