Messaging Pipeline | Data Security
Free Newsletter GlossaryContact UsAbout Us
One To One Collaboration Servers & Security Business

March 20, 2006

The High Cost Of Data Loss

The Victims

Courtesy of

Page 3 of 5


The Victims
We've lost control over our identities," says Eric Drew, who speaks from experience. Three years ago, while in the hospital battling leukemia, his name, Social Security number, and date of birth were used by another person to ring up $10,000 in fraudulent charges on credit cards opened in Drew's name.

It was an inside job. A lab technician who had tested Drew's blood at the Seattle Cancer Care Alliance gained unauthorized access to the hospital's computer records and used Drew's personal information to open credit card accounts. The technician, Richard Gibson, later turned himself in to the police and pleaded guilty to violating the Health Insurance Portability and Accountability Act. Gibson became the first person charged under HIPAA with misusing a patient's medical information for financial gain.

"It's disturbing that financial institutions issued credit cards without any [due] diligence that the real Eric Drew was in a hospital," Drew says.

Unfortunately, Drew's situation is all too familiar. There have been 8.9 million adult victims of identity fraud in the United States over the past 12 months, according to a report issued earlier this year by Javelin Strategy and Research and the Better Business Bureau. That's down slightly from the 9.3 million victims a year earlier, but not a sign of great progress. The problem "is not lessening significantly," says Beth Givens, director of the Privacy Rights Clearinghouse, a watchdog group that tracks data breaches that could lead to ID theft.

Givens partly blames creditors that are too willing to extend credit to people they don't know well enough and who are sometimes impostors working with false identities. "The credit evaluation process is automated," she says. "They're not looking for obvious red flags."

J. Alex Halderman, a doctoral candidate in computer science at Princeton University, about a year ago received a letter from the University of California, Berkeley, where he had been accepted as a graduate student in 2003, advising him that his personal data had been compromised. A university computer had been stolen that contained files with names and Social Security numbers of applicants and others at the university.

Berkeley warned people affected by the breach to be on the lookout for scam artists who might try to contact them under the pretense of being affiliated with the school. Halderman was shocked that two years after he applied to UC Berkeley, the application remained susceptible to a data breach. "It's amazing that data can be on file for years, even when you think you're finished with it," he says. "There's no way to take it back."

Although there was no evidence that Halderman's personal data was misused, he had a fraud alert placed on his credit file. That service lasted only 90 days, however, and he still worries that his information may fall into the wrong hands.


Lambert gets word that his personal information may have been stolen from ChoicePoint.

Warren Lambert gets word that his personal information may have been stolen from ChoicePoint.

Halderman checks his credit record regularly. The experience has left him feeling that laws do a poor job protecting people from identity theft. "You should be able to put a lock on your credit record that would require you to provide a secret PIN known only to you if you're applying for a loan," he says. Unfortunately, most states let people lock their records only after they've been victimized.

Keith Ernst of Durham, N.C., had his debit card number posted to an Arabic-language bulletin board on the Web in 2004, making it easy to reach through simple search engine queries. Several charges were rung up on his card, including a laptop purchase and an attempted tuition payment. "I got a phone call out of the blue saying that someone is using my debit card," Ernst says.

Ernst doesn't know how his debit card number got on the Web; he suspects it had something to do with a purchase he made on the Internet. He canceled the card and the bank restored the money that came out of his checking account, but Ernst learned a lesson. "I now use credit cards instead of debit cards when I shop online. I also pay a lot more attention to the vendors that I'm buying from," he says. "I would never buy from an unknown vendor."

Consumer confidence suffers at the hands of hackers and ID thieves and lax data protection measures. That means businesses ultimately feel the pain of their own negligence.

--

E-mail This Story
Print This Story



Page 4: The Goods


Page 1 | 2 | 3 | 4 | 5



More Information


Get the latest Messaging news, product info, and trends every week.


Related Content

  Right-click and choose Copy to extract RSS Feed URL  Messaging Pipeline's Main RSS Feed
  Right-click and choose Copy to extract RSS Feed URL  Messaging Pipeline's Blog RSS Feed




Editorial and vendor perspectives






Editor's Picks
The Six Flavors Of Windows Vista
Microsoft plans to release a full six-pack of Vista versions, one for every taste. Which Vista will be right for you?

Hope is Not Enough When It Comes To Compliance

Three Ways To Authenticate E-Mail And Stop Spam

Wikis In The Workplace

Review: Google Desktop 3

Vendors are now talking about how collaboration can be improved by integrating video with messaging applications. They're even talking about adding live TV to mobile phones. How far do you go before it becomes a bandwidth and business productivity drain?
Video is a great idea
    13%
Video is fine but there needs to be size limits
    25%
It's never used for anything really productive
    38%
I draw the line at live TV
    25%


In search of messaging products? Check out our brand new Product Finder for a directory of groupware and collaboration tools, security products, archiving solutions, and more.



MESSAGING PIPELINE MARKETPLACE (sponsored links)

A technology breakthrough allows inspecting all outgoing data for confidential content and blocking unauthorized transmissions in real time. Free trial of GTB Inspector appliance is available in March 2006 only.


Control unwanted software. Prevent spyware, malware, and viruses on corporate desktops and servers. Free White Paper and Live Demo.


Encrypting data in servers and databases can address security gaps and privacy legislation. Ingrian DataSecure Platforms offer granular encryption, seamless integration, and centralized security management. Combat data theft--with unprecedented ease and cost effectiveness. Download a white paper that outlines best practices for securing data.


Used by more than 30,000 businesses and 7.5 million users, Postini's enterprise-class managed service protects your messages without burdening your IT infrastructure.


Request white paper which outlines the case for an IT Portal architecture to meet the new requirements placed on IT management. These requirements include IT security; SOX, HIPAA, FISMA compliance; managing outsourcing contracts; and more.






Sponsored Links:      
 |   |   |   |   |   | 
 |   |   |   | 
 |   |   |   |   | 
Messaging Pipeline  |   |   |   | 
 |   |   |   |   | 
© 2006 | MESSAGING PIPELINE All rights reserved. | |