Hotmail
Is your personal data next?
Rash of data heists points to fundamental ID theft problem
Another day, another massive data leak. Another 100,000 or so Americans exposed to identity theft. And still, we don't seem ready to talk about the real problem: Consumers are being forced to live in the personal data flood plain, often against their will. And the river keeps rising.
What's more, however bad the news may sound now, the size of the problem has been generally underestimated . Companies have shown a tendency to lowball the size of the data theft flood in their initial disclosures. For example:
- On Feb. 14, ChoicePoint Inc. said its data theft involved 30,000 to 35,000 people, and only California residents were involved. Only later did the firm admit the crime involved about 150,000 people all around the country.
- On March 9, LexisNexis said information about 30,000 people had been stolen from its databases. The number was revised upward to 310,000 on April 12.
- DSW Shoe Warehouse told the world 100,000 credit card numbers were stolen in early March, only to reveal last week that the true size of the theft was more like 1.4 million.
The obvious question must be asked -- at some point, will everyone's identity be stolen?
That's not as far fetched as it sounds. The Federal Trade Commission estimates that 27 million Americans were victims of some kind of ID theft in the past five years. Other studies suggest 1 in 20 U.S. citizens had been hit by this kind of electronic fraud. Last year, an industry group suggested that about 100 million credit card numbers had been stolen in one way or another.
The numbers are staggering. Just adding up the news from 13 recent high-profile data theft incidents shows 5.2 million consumers were exposed to identity theft through data leaks. It's undeniable that high-tech financial firms are selling, sharing, and hemorrhaging personal data like a leaky dam. But yelling at the leaky dam won't do much good, and neither will spackling over the holes. A more fundamental change is needed.
The data is too valuable
Theft of personal data is prevalent for one simple reason: the data is incredibly valuable. It's time Congress and U.S. financial institutions take an honest look at why that is, an honest look at the only reason anyone wants to steal all that personal data in the first place: the free-flowing, overflowing issuance of instant credit.
Today, consumers can walk into virtually any electronics store with an empty wallet and walk out with a $3,000 television set in a few moments. Often, all that's required is a Social Security number that happens to be attached to a decent credit rating. As long as these stolen nine digits are worth $3,000 or more, criminals will always find a way to take them.
Only meaningful reform of the way our nation distributes instant credit will change this equation. Hackers will always steal what's valuable; only by de-valuing personal information like Social Security numbers will the rash of high-tech data thefts stop.
The credit and retail industries fear any interruption in the free-flow of credit, saying it will cut down on consumer impulse buys. So we sacrifice the privacy of millions to protect the ability to spend much of our future earnings in an instant. It's time to openly debate the wisdom of that trade-off.
- Discuss Story On Newsvine
-
Rate Story:
View popularLowHigh - Instant Message
MORE FROM SECURITY |
 Security Section Front |
| Add Security headlines to your news reader: |
Resource guide