40 Million People Hacked - YOU as Identity Theft Victim

Saturday, MasterCard blamed a vendor of ALL credit card providers called CardSystems Solutions, Inc., a third-party processor of payment card data, as the source of loss of 40 million consumers credit card information.

As is pointed out by several newspaper and web articles over the last few weeks, each recapping long lists of financial information data breaches, something's gotta give before we entirely lose trust in financial institutions, data brokers and credit bureaus. How much privacy loss can we take without acting?

These types of data loss were very likely common and have very probably been going on for a very long time. The difference is that now, THEY ARE REQUIRED BY LAW TO DISCLOSE THOSE LOSSES - not just in California, but in many states. National disclosure laws on data security breaches are being considered in Congress.

I suggest that these breaches of data security all came to light due to the California law requiring disclosure from companies suffering hacking loss or leaks or social engineering or crooked employees or organized crime rings posing as "legitimate" customers. All of the above have been given as reasons for security lapses or poor security policies.

About three years ago, a friend told me his paycheck deposit to Bank of America went missing from account records after he took his check to the bank on Friday. By Monday, Bank of America was in the news claiming a computer glitch had disappeared the entire day's deposits. I mumbled to myself, "I'll bet that was a hack and that hacker just made a huge offshore banking deposit with B of A depositors' money."

But we didn't find out why it happened in that particular case because there was no disclosure law in place at the time. Now we have disclosure laws that mandate notice of security breaches. Now suddenly - huge financial services hacks and devious criminal social engineering outfits posing as legitimate customers and apparently "innocent" losses by transport companies of backup tapes begin to come to light.

This spate of data loss incidents is proof of the need for corporate "sunshine laws" that make public notice mandatory of those data losses that threaten customer information.

Who is going to lose here - the public, the corporations, the criminals, or the government? I'd prefer that the bad guys get the shaft and take down crooked company insiders that either facilitate data loss by underfunding security and encryption or participate in data theft or loss in any form - even if that participation is security negligence.

Financial companies and data brokers have been covering up the losses and keeping quiet about hacks so as not to worry or frighten their customers. But that practice is essentially ended now that they must notify the public and disclose those losses instead of hushing them up.

Keeping the breaches hidden from public view is bad practice as it maintains the status quo. Disclosure will facilitate internal corporate lockdowns on the data and all access to it. Disclosure will educate the public to the lack of security and danger to the sensitive information we all provide rather casually and routinely to businesses.

As the following link to a silicon.com story suggests, we cannot take much more of this lack of regard to privacy and must lock down financially sensitive data securely and must begin to hold data brokers, bureaus and handlers VERY accountable.

Insist to your elected representatives that your financial data be locked down, encrypted and guarded by those entrusted with storing, transporting and using it. Since our financial, medical and legal lives are increasingly being housed in digital form and transmitted between data centers of multiple handlers - we need to know it is secure. We also need to know when that security has been breached and our data compromised or lost.

Thieves are becoming more aware of the ease with which they can find and access financial data. Hacking is not the source of the greatest losses.

Organized crime has easily found their way into our financial records by simply paying for it by posing as "legitimate" business customers of information brokers such as ChoicePoint and Lexis/Nexis. Any business can buy financial and credit information from those information bureaus and credit reporting agencies by meeting rather lax requirements for "need to know" that data.

As long as it is possible to purchase our sensitive data from brokers and bureaus, organized crime will "legitimately" buy it from those sources, then ruin our credit by selling that information at a higher price in identity theft schemes.

Since disclosure laws have come into effect, those breaches have been made public, credit cards cancelled before losses can occur and credit reports monitored to watch for suspicious activity. The bad guys activities are squelched because we are made aware of the possibility our information has been compromised.

Not all blame can go to financial institutions and data brokers. Protect your own private data by protecting your computer records at home, in the office, on your laptop and in your PDA by using basic keyword security and locking down files. Use built in encryption on your operating system and your home network to keep data secure. Then be certain to clear that sensitive data off the computer when you sell it or throw it away.

Data security is something we all need to take seriously and the corporate breaches are dramatic illustrations of how important it has become to build digital fortresses around our critical financial, legal and medical information.

Mike Banks Valentine is a privacy advocate and blogs about privacy issues at PrivacyNotes.com You can read more about identity theft issues at: Publish101

Contact MikeValentine for Search Engine Optimization http://www.seoptimism.com

Backlog jam grows for Social Security Minneapolis Star Tribune, MN - 2 hours ago He waited about two years for his Social Security disability benefit claim to be resolved. His wife, Linda, returned to work full time to see them through. ...

The Associated Press

Envoy: US-Iraq Security Pact Pertains to Iraqis Fars News Agency, Iran - 13 hours ago Speaking in an interview by the Los Angeles Times, he noted the security pact is one-sided and emphasized the US should respect Iraq's internal affairs. ... Iran opposes US-Iraq security deal The Associated Press Wars without end Cobar Age US-Iraq security pact a "pure Iraqi issue": Iran's Ambassador Payvand Tehran Times - International Herald Tribune all 317 news articles

US Security Agency operators eavesdrop on Americans abroad Press Trust of India, India - Oct 9, 2008 New York, Oct 10 (PTI) The US' National Security Agency's (NSA) intercept operators spent their time eavesdropping on saucy conversations between Americans ... No harm, no law broken? Augusta Chronicle NSA SPIED ON RED CROSS AND INNOCENT AMERICANS American Chronicle Inside Operation Highlander: the NSA's Wiretapping of Americans ... Wired News CNET News - Islam Online all 145 news articles

RNC Announces New Security Measures Following Violence & Vandalism MarketWatch - 10 hours ago We are making this investment in protective security because our staff and volunteers deserve to know they are safe as they work to elect the next President ...

WKRG-TV

Thousands may lose out on stimulus checks Salt Lake Tribune, United States - 20 hours ago Residents need to bring specific paperwork with them, including photo identification, Social Security number and other statements. ... IRS: 1475 Daviess Countians owed thousands in 'free money' TMCnet Volunteers help Utahns still eligible for economic stimulus payment KSL-TV Stimulus $$ unclaimed The Salinas Californian San Francisco Chronicle - Youngstown Vindicator all 204 news articles

ABC News

Pirate saga a security wake-up call Daily Nation, Kenya - 8 hours ago But even more important, the incident should serve to focus attention on the many serious security challenges faced by countries in the region. ... somalia-UN-AU panel warns Kenya to intervene in hijacked ship Mareeg Official says Pakistani employee of Canadian oil company abducted ... Prince George Citizen Nato joins Somalia piracy fight Aljazeera.net Washington Post - The Media Line all 1,781 news articles

Boston Globe

Forum: This year's soccer moms Traverse City Record Eagle, MI - 15 hours ago Beyond that, this survey shows that these voters have serious concerns about their long-term financial and health care security: -- 59 percent are worried ... Elections officials deny illegally purging voters The Associated Press Colorado to Review How It Purges Voters’ Names New York Times DELAWARE: Officials: state won't purge its voting pool Delmarva Daily Times News & Observer - New York Times all 684 news articles

Review: Tiny flash drives improve their security San Jose Mercury News,  USA - 22 hours ago Beyond these three storage techniques, I also tried something else for people who want plug-in computer security: the $149 Yoggie Gatekeeper Pico. ...

The Associated Press

Ford shares post 8th-straight day of declines Forbes, NY - Oct 10, 2008 The low marked Ford's lowest share price since May 31, 1983, according to the Center for Research in Security Prices at the University of Chicago. ... GM shares fall 30 percent after S&P statement The Associated Press GM shares tumble to 58-year low International Herald Tribune Dow falls below 8600; GM stock drops 30 percent, hits lowest level ... DetNews.com Detroit Free Press - USA Today all 310 news articles

Man sentenced for taking mother's Social Security | KXNet.com ... Reiten Television KXMB Bismarck, ND - 11 hours ago (AP) A Three Forks man has been ordered to repay his mother more than $4000 for living off her Social Security checks while she lived, neglected, ...