Let’s start with a definition: “The fraudulent acquisition
and use of a person’s private identifying information, usually for financial gain.”
http://www.oxforddictionaries.com/us/definition/american_english/identity-theft?q=identity+theft
Identity theft is a very serious issue in the digital age
that we have found ourselves. Week after week, day after day, we are
overwhelmed with the number of news stories that inform us of another hack or
another way that thieves have used to gain access to our personal information.
With this, it is becoming more and more likely that either you, or someone you
know, is being protected, for free, by one or more identity theft monitoring companies
because of some data breach at a company or government agency which had stored
your personal identifying information in an unsecure way.
Worse yet, some of the most egregious instances included
data that a person can never change, such as digital copies of finger prints,
DNA data, and perhaps even iris and hand scans. Not only that, but some of these
privacy violations have been carried out by the people we assume are protecting
us, namely the federal and state governments. The revelations of government surveillance
that Edward Snowden provided and other leaks have informed us that the cell
tower our phone is connected to may actually be a fake tower run by the FBI and
the DNA
sample we sent into a private company to find our ancestors may be used to
put us or our family members in jail.
Just how bad is it? Well, they don’t have the numbers put
together yet for 2015, a year that is sure to break all records, but the
numbers for 2014 are scary enough. According to the Bureau of Justice
Statistics, 17.6 million U.S. residents experienced identity theft in 2014.
Yes, you read that right, 17.6 million U.S. residents!
So what is it like to have your identity stolen? Check out
this amazing story from This
American Life about a man who had lived with someone else’s identity so
long that he believed he was that person!
So what can we do? How do we keep ourselves safe? Well, I
wish that I had easy answers for you but I don’t. While the bad news is that
many big corporations and government agencies suffered serious data breaches last
year, the good news is that these breaches have slapped every Chief Technology
Officer (CTO) in the face and they are waking up to the importance of serious data
security in every aspect of their companies. In addition, encryption and data
security practices have reached a point where it is clear which practices work
and which don’t. what companies should be doing to protect their data, and the
tools have been developed enough where most implementations are fairly easy to
put in place.
What you need to know and what you need to do is a fairly
broad topic and it would be difficult to put it all here so if you want to
start getting a grasp on this very important topic, click on the links below:
Identity Theft
- IdentityTheft.gov - a quick
reference chart when you realize something’s up.
- ID
Theft and kids - don’t think you need to have a credit card to be
compromised (skim the report linked at the end of the article)
- All
that testing data may put kids at risk, too!
Links provided by Dr. Siko
- There
is more to a photo than meets the eye! Check out this www.army.mil presentation which details how
MythBusters star, Adam
Savage, revealed where he lived, the car he drove, and the time he
leaves for work in an innocent Twitter post.
Finally, in all things, knowledge is power and while it may
be unrealistic to expect all of us to know everything we need to know in order
to protect our identities and data, there are things we can do and ways we can
learn, one bit at a time. Check out this amazing podcast, Security Now from Information
Security pioneer Steve Gibson.
Sure, identity theft is scary, but there are things that each of us can do to start making it harder for the criminals to gain access to our information. The key is, that each of us need to start to take the steps to make our data a harder target. By taking small steps, when we can, we will be contributing to the solution, not the problem.
Thanks for reading,
Jerry
Hey Jerry, check out this article (http://www.scmagazine.com/breach-level-index-finds-identity-data-coveted-more-than-payment-card-info/article/478697/) It is an alarming article of how really vulnerable we are to identity theft. It shows some pretty scary numbers on how there is a 5% rise on identity theft. Which doesn't sound very scary until you realize that we're talking about 1,673 attacks, and those were the detected attacks. There is a trend in the cyber-criminal trade away from record stealing (which fell 2%) toward identity theft. I don't like that this article only gives data on two years that are consecutive. That is bad science, but i digress. The rest of the article paints a bleak picture of how vulnerable we are and how it is impossible to protect everything. One would think that someone would figure out a way to make this information safe. I am sure they are trying, meanwhile people get attacked over and over. I was a victim of this crime last week. Someone tried to file for a tax return using my name. The IRS saw something unusual due to the fact that I always file jointly with my wife (who was not impersonated).
ReplyDeleteAt the school I regularly sub at would probably be a fantastic place to hunt for identities to steal. Most students come from rural poverty. High speed internet is only a dream up here. So, once an identity has been stolen the thief would be able to use it for a while before the true owner would even realize. Fortunately, all internet traffic in and out of schools are piped through the ISD and stored off-site automatically every day. If there was a breach the school, the ISD could theoretically go in and find it.
Joshua,
DeleteWow, what a crazy world we live in. Do you remember when they had these things called phone books and everyone willingly put their name, address, and phone number in there?!!!!! Now, I don’t want to even put my name and address on a petition because someone can come along and snap a photo of it. Before you know it, you are getting Spam, junk mail, and someone is knocking on your door trying to sell you a vacuum cleaner!
I am glad to hear that the IRS caught the discrepancy.
Have a great weekend,
Jerry
As I state in the agenda: using all legal means (e.g., census database), knowing someone’s gender, birthdate, and ZIP code, there’s an ~85% chance you can locate the person’s home address.
DeleteThen, all you have to do is steal some mail, credit card bills, doctor's invoices, credit card application, etc.
Scary stuff. The tax fraud issue is becoming more common. File returns with a different direct deposit account, and when the real person files their return, it gets flagged but too late.
I've had one credit card compromised four times in the past 12 months. They've caught it each time, but some of the things have been ridiculous (purchases made in Africa with a fake card with my number, for example).