Search:

Newsletter:

Victims of identity theft top 100m

By Tom Sanders
18 December 2006 02:59PM
Tags: victims | identity | theft | top | 100m

Related Articles

• US clamps down on identity theft
• ISPs suspected of massive identity theft in Korea
• Poor company policy aids identity theft
• Identity theft costs an average of US$31K
• Online job applications raise fears of identity theft

Watchdog calls for tighter legislation and higher fines.

More than 100 million US individuals have had personal information stolen since early 2005, according to an overview published by the Privacy Rights Clearinghouse (PRC). 

The counter passed the 100 million mark on Wednesday when Boeing admitted that it had lost a laptop containing confidential information including social security numbers for 382,000 current and former employees.

The PRC maintains a website that tracks cases of identity theft and accidental data disclosures.

The list was prompted by a high profile incident in which data thieves used a bogus account with ChoicePoint to access confidential information on about 163,000 individuals.

ChoicePoint is a data broker for the insurance industry and was later fined $15m by the Federal Trade Commission.

But the 100 million figure is just the "tip of the iceberg", warned PRC director Beth Givens. The number of breached data records in many cases is unknown.

"We want to show that it's a big number and that it's getting bigger," Givens told vnunet.com. 

"I really don't see that entities compiling and storing sensitive data have the collective will to take the proper steps to secure the data adequately."

This week's Boeing case is one of the higher ranking incidents, but is overshadowed by the 40 million records that hackers accessed when they broke into the computers of credit card payment processor CardSystems in June 2005.

The second highest ranking incident took place in May, when a laptop with data from the US Department of Veterans Affairs was stolen, exposing the records of 28.6 million servicemen who were discharged since 1975. 

The list contains seven incidents in which one million or more identities were exposed.

As companies, government and educational institutions continue to insufficiently secure their data, Givens called for tighter regulations, increased oversight and stiff penalties.

Organisations could limit the data theft risk if they ceased storing social security numbers, she suggested.

Many educational institutions, for instance, hold on to the social security numbers for alumni, even though they have no use for such sensitive data.

Copyright © 2008 vnunet.com