Tuesday, March 20, 2007

Are You At Risk?

Is anyone’s identity really safe these days? There are two big issues that identity theft educators, investigators, and law makers are trying to convey. One is the risk of business identity theft and its ramifications to businesses (of all sizes) and the other is the risk to individuals. Of course, there is overlap with both, because one affects the other. Right now, I want to focus on the personal side of identity theft—your personal risk. The big question is. . . Are you at risk? The answer is absolutely YES!

According to Privacy Rights Clearinghouse, a non-profit consumer information and advocacy organization, security breaches of personal identifying information are accelerating and putting all Americans at HIGH risk for identity theft. Over 104 million data records have been breached in the past two years. Visit www.privacyrights.org to see the National Data Breach List. I have noted this before, but since the total is increasing so fast, you really must see why for yourself.

Types of Identity Theft
Are you aware that there are 5 types of identity theft? Most people are not aware of this fact. Financial identity theft may be the most common, but it is about 28 percent of all identity theft. In the United States, driver’s license, medical, Social Security, and criminal identity theft are just as serious, especially to their victims. Did you know that 12 percent of all identity theft victims end up with a wrongful criminal record?

Think about it. You could be arrested during a routine traffic stop for crimes you did not commit. A thief could use your SS# for employment and you become responsible for paying the taxes on that income. Your medical insurance rates could go up or your health insurance coverage could be cancelled or used up. Unfortunately, in all areas of identity theft, innocent victims are considered guilty until proven innocent. In addition, laws hold victims partially responsible for fraudulent debt after 48 hours, and hold them fully responsible if not reported within 60 days.

The Federal Trade Commission (FTC) says, “People whose identities have been stolen can spend months or years—and thousands of dollars—cleaning up the mess the thieves have made of a good name and credit record.”

Laws Protect Consumers
New federal privacy and identity theft laws protect the consumer. These laws are putting the responsibility on all businesses to protect personal identifying information that is maintained, stored, or discarded.

Consumers are not yet aware that if any size or type of business is in violation of a data security breach resulting in identity theft, then the victims may likely win a class action lawsuit. Some law firms around the country are advertising to represent identity theft victims. Victims of winning cases can be awarded damages with no statutory limitation, including payment of actual losses and attorney fees. Hefty penalty fines can be assessed to the business and executives. And, prison terms for executives may be enforced, depending on which privacy laws were violated.

Based on existing federal and state laws, consumers have the right and power to blow the whistle on businesses not compliant to federal/state security regulations. Some states give a whistleblower reward up to 15 percent of the fines collected. (More on this at a later date.)

The ultimate power consumers have is to stop doing business with privacy and security offenders who are negligent and disrespectful of safekeeping personal identifying information about their customers and employees.

The Reality
The worldwide reality is--identity theft cannot be prevented. It is out of the individual’s control how others use and store personal identifying information. However, increasing your awareness and adopting safe habits at home, in public, and at work will help to lower your risk.

The Best Wall of Defense
The strongest defense for identity theft includes a credit report, daily credit monitoring, and true restoration of your identity (restoration of all 5 of them), plus more. It is a defense system that clicks in immediately when the unexpected happens. I know of only one company that performs all three of these services.

Be Proactive, Not Reactive
The risk is very high for all forms of identity theft and will continue to increase. People need to take protective measures, understand the threats, and not ignore the warning signs. While identity theft emerges as the immensely destructive villain that it is, its wrath is devastating victims and its path is forcing change to lifestyle habits and business practices.

Lois Hale, MS, CITRMS Reno, Nevada USA
ICFE Certified Identity Theft Risk Management Specialist
ADRS Certified Group Security Specialist

Labels: , , , , , ,

Thursday, March 15, 2007

Industry of Ignorance or Greed?

I have stated in my book as well as my lectures and seminars that in my opinion identity theft “insurance” or a “monitoring service” that is proactive as well as reactive will be a must in everyone’s insurance portfolio within three to five years.

You do not have to like this, it is a matter of necessity.

Ask yourself, when is the last time you have made a claim under your auto insurance? What about your home owners insurance? Then why do most of you carry it? It is the same reason you will start to carry identity theft insurance.

The problem with insurance products on the market today is they are not robust enough. Until someone starts to listen to the masses and builds a product for the good of the people instead of for corporate greed the individual will continue to lose.

I am convinced the insurance industry is to lazy and greedy to do the research needed to build a product that will have some real teeth. I am also convinced that the congress is to lazy, greedy and worried about being re-elected to make any "real" changes to the law that, god forbid, is on the side of the public instead of "corporate america." I want to assure the insurance industry, if you get your head out of the sand and realize what opportunity you have in front of you there is a lot of money to be made, while truly fulfilling your client's needs.

In a meeting, roughly one year ago, I attended with a large company that provides an identity theft protection product, I voiced my concern with their product and the lack of “true” proactive coverage and the false sense of security the consumer was getting from it. The answer I received from their managers was flabbergasting. They said their product was … (Another Post for another Time) Even I was shocked.

This is not a local, state, regional, or national issue, this is a global issue that can and will cause financial destruction on a global scale. This global issue will soon become an epidemic if unchecked as the below article from South Africa demonstrates.

In an article written by Nabelah Adams on 15 March 2007 for BusinessOwner.Co.ZA, Nabelah quotes Caroline Buthelezi of the Credit Information Ombud’s Office of South Africa as stating, “Clearing one’s name involves a great deal of effort as many people only discover the consequences of not reporting their ID book stolen when the credit bureau has already handed the matter over to their lawyers.”

“The consequences of ID theft might be even more exacerbated by the fact that attempts to have matters resolved are complicated by having to deal with attorneys,” Buthelezi says. This is of course if you can afford to hire an attorney.

© 2007 Michael R. McCoy

Labels: , , , ,

Monday, March 05, 2007

The Endless War on Privacy, Security and Protection

Here is the latest in the endless war on privacy, security and protection -


Dubai eGovernment foils hack attacks, 28/02/2007

Dubai eGovernment, the public initiative to provide online services, announced that it has successfully foiled an attempt by hackers to corrupt data and impair some government websites that it hosts.

“We have yet to ascertain the identities of the hackers and the exact location of their operation, but we have generated significant leads that will ultimately lead us to the persons behind this act. The hackers have attacked some of the Dubai eGovernment's sites on eHost, which has caused malfunction to some of the services and loss of data. We have also checked other sites and guarantee that they are safe and secure from future attacks,” said Salem Al Shair, eServices Director, Dubai eGovernment.

“Our primary technical investigation showed that the hackers were based in Turkey, but we are still probing further into the case because hackers are known to spoof and mask their identity and location. Our technical teams and our partner are following the source of the hacking and we'll announce the results of the investigation at an appropriate time,” he added.

“One of the positive outcomes from this incident is that it has allowed Dubai eGovernment to learn more about the latest techniques and strategies used by the hackers. This way, we were able to close the gaps in our system and take the appropriate action to prevent similar incidents,” said Al Shair.

Dubai eGovernment has two Web hosts, eHost Plus and eHost. eHost Plus is highly developed and hosts the sites that are very sensitive and have high digital content. eHost is less developed and hosts sites with limited data. eHost, which was the victim of the hacking attack, uses open source programming, which makes it less secure.

Hacking incidents are on the rise all over the world. According to US-CERT, in the US, there were 5,000 incidents reported in 2005, which rose to 23,000 in 2006 and there are already 19,000 incidents reported in the first quarter of 2007.

The US government allocates 8% of its total IT budget (US$ 64 billion) for IT security, while the private sector in Europe allocated 9 % of their total IT budget for the same, as per a study by the UK Department of Trade and Industry. 62% of UK corporations have reported hacking incidents, while 87% of the larger corporations have reported security breaches in IT.

We are aware that ID attacks are a huge crisis world wide and that out ID Theft Prevention courses and seminars are more and more important to companies, individuals, NGO's, and government.

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft - www.ftc.gov/idtheft