 |
 |
|
|||
Financial Privacy & Security In the NewsFort Worth Star-Telegram - 12/25/2005
We can all learn from data scareMy personal data were missing. My name, address, Social Security number and other personal information might have fallen into the hands of identity thieves. I learned this in an apologetic letter that arrived last week from my mortgage company. "We are writing to let you know that a computer tape containing information about you and your mortgage account with ABN AMRO Mortgage Group, Inc. has been lost while being transported by DHL courier service to a credit reporting agency," the letter stated. The letter announced that the company paid to enroll its 2.1 million affected customers in a credit-monitoring service that will help the customers watch for fraudulent use of their information. When I called the enrollment phone number, it was busy. When I tried the enrollment Web site, it locked up. Too many people, like me, were worried about identity theft. "We were overwhelmed by how many people were doing it at the same time," Robert Darmanin, a spokesman for LaSalle Bank Corp, which owns ABN AMRO Mortgage, told me in a phone interview. A few days after the letter arrived, the data tape was found at a DHL shipment center. Apparently, the identifying label had fallen off the package. The tape's contents, ABN AMRO told its customers, were never compromised. But during those days I learned as much as I could about this type of corporate data loss - a fairly common occurence known as a data breach. This year alone there have been 142 data breaches in the United States, potentially affecting more than 57 million individuals, according to the nonprofit Identity Theft Resource Center. A few: A Houston hospital reported that 16,000 patients' confidential information, including their medical records and Social Security numbers, was lost in a computer theft. GMAC Financial Services reported that personal data belonging to 200,000 customers were kept on two laptop computers stolen from an employee's car. Bank of America announced that it lost computer tapes containing information on 1.2 million customers. Ameritrade lost a backup computer tape containing the personal information of 200,000 current and former customers. Motorola reported the theft of computers that contained personal information on about 30,000 U.S. employees. Sam's Club reported credit-card fraud affecting cardholders who purchased gas at Sam's Club stations between Sept. 21 and Oct. 2. The temporary loss of my mortgage company's data tape angered me after I learned that the data was not encrypted. Encryption is a method in which the data is kept in code, so anyone finding it must have expensive equipment to decode it. You would think that most corporations encrypt their sensitive information, but I learned during my research that many do not. The ABN AMRO spokesman told me that from now on encryption will always be done and that the data will also be shipped electronically, rather than by courier. But I also learned that there are several ways we can work to protect ourselves in situations caused by data breaches. A state law that went into effect in September requires any company with a data breach to notify its Texas customers. The state attorney general can seek civil penalties for violations. Good for us in Texas, because the Federal Trade Commission reported two years ago that our state had one of the highest rates of identity theft in the nation. Texas also allows its residents to place a security freeze on their credit information at a cost of $8. This prevents your credit information from being released to others and stops new accounts from being opened in your name. Information can only be released with your consent. But to qualify, you must be the victim of identity theft and submit a police report showing it. Other states, including California and New Jersey, allow anyone to place a security freeze on their accounts, regardless of whether they have been victims of ID theft, says Luke Metzger of the Texas Public Interest Research Group in Austin. Another action you can take is placing a fraud alert on your credit information. This notes on your credit report that lenders are urged to contact you by phone to verify that you actually want to open an account. But usually, these fraud alerts are only temporary. The best preventive measure is to regularly check your credit report for suspicious activity. A Web site - www.annualcreditreport.com - lets you request a free credit report from each of the three major credit bureaus each year. Chris Hoofnagle, senior counsel with the Electronic Privacy Information Center, suggests you ask for one report every four months. "You end up monitoring your credit so if something bad happens, you can quickly intervene," he said. What are you looking for? "Anything that appears out of the ordinary," he said. Credit card "accounts that do not belong to you. Also, addresses and personal information that do not pertain to you. If there are errors, you call the credit reporting agencies and try to correct them." Frederick Scholl, a security expert in New York, told me that he monitors his credit reports and his bank statements. "People have gotten too lax," he said. "If you have Internet access, you can go in and check your statements on a regular basis and look for charges on your accounts. It just means you need to look at your own personal information statements on a regular basis more than you did in the past." Hoofnagle says: "There's little an individual can do to prevent crime, but there are things you can do to reduce the risk. "But when your bank has all the information and loses it, the consumer is in a state of vulnerability that is not easily addressed." My mortgage company lost my information for a few days. Now I understand that there is nothing I can do about their poor protection of my information. But there is a lot I can do to protect myself. IN THE KNOW Protecting your information Use www.annualcreditreport.com to request a free credit report from one of the three major credit reporting agencies every three or four months. When you wish to place a fraud alert or a credit freeze on your credit information, contact one of the bureaus: Equifax Experian TransUnion For more information on how to protect yourself: Electronic Privacy Information Center Identity Theft Resource Center |
SEARCH THIS SITE |