http://www.kansascity.com/business/story/180429.html
By PAUL WENSKE
The Kansas City Star
July 07, 2007
Here’s something scary: Millions of personal files on consumers are
stored on laptop computers routinely left in areas accessible to
thieves.
Forget hackers that bypass sophisticated security systems. Identity
thieves are simply walking off with laptops containing lots of juicy
private and financial information.
Ask Linda J. of Lenexa. In May, she received a letter from a former
employer stating cryptically: “We are contacting you about a potential
problem involving possible identity theft.”
The letter went on to say the stolen computers contained names,
addresses and Social Security numbers on current and former employees.
Ironically, the company, Securitas Security Services USA Inc., is one of
the world’s biggest security firms. Once known as Pinkerton’s — the
detective agency that dogged Jesse James — the $6 billion company
operates in 30 countries and has 200,000 employees.
But on the night of April 26, apparently without detection, thieves
slipped out of the company’s West Coast operations center with “a
number” of laptop computers.
Linda J., who asked that her name not be used since her identity has
already been compromised, worked for the company for three months as a
grade-school crossing guard. She said those three months are hardly
worth the current hassle of calling credit bureaus, creditors and banks
to ensure someone doesn’t go on a spending bender using her good name.
“I’m the one that has to take all the responsibility,” she said. “I have
to put fraud alerts on all my credit reports. Basically, they are saying
their responsibility ended when they sent me a letter.”
Securitas set up a hotline for employees. A spokesman said that more
than 100,000 current and former employees got letters and that the
company was also contacting credit bureaus.
“The investigation is still ongoing,” the spokesman said.
The theft of laptops loaded with personal information seems to be a
thriving business.
I counted more than 11 laptop thefts listed since late April by the
Privacy Rights Clearinghouse. The thefts affect hundreds of thousands of
people. That doesn’t even count thefts of discs, tapes and software
files.
“My guess is there are far more incidents that exist than we have in our
listing,” said Beth Givens, director of the California-based identity
theft watchdog.
The list counts only breaches reported in the media. And a lot of
embarrassed companies don’t go out of their way to make their goofs
public.
Here’s a sample of more information compromised by laptop thefts:
* Information on Caterpillar employees was stolen from a benefits
consultant April 27.
* Patient information was stolen from Highland Hospital in Rochester,
N.Y., on May 11 and was sold on eBay.
* Student financial aid information was stolen from Northwestern
University on May 20.
* Student Social Security numbers were stolen from a Texas A&M professor
on vacation June 18.
* Data on Texas First Bank customers disappeared when a car was stolen
in Dallas on June 22.
What this suggests is that some businesses may be too cavalier with
consumer data.
Most attention focuses on what consumers can do after they’ve been
victimized. Not enough is focused on businesses protecting consumers.
Federal identity theft laws vary depending on the industry..
“We don’t have an overarching identity theft protection law,” Givens
said.
Linda J. called Securitas for more information. She said she was told
not to fret too much because there was no evidence her personal data had
been misused by thieves.
“They (businesses) always say that,” Givens said, with a mock laugh. “It
aggravates me. They have no way of knowing what kind of voyage that
information embarked on.”
In its letter to Linda J., Securitas said: “We regret that this
unfortunate event occurred and we are in the process of enhancing our
procedures and controls so that criminal events like this do not happen
in the future.”
This is the same company that says on its Web site: “At Securitas, our
mission comes down to pretty much one thing: to protect you, our
client.”
Taking action
If you have reason to suspect identity theft, you can put a fraud alert
on your credit file.
It tells creditors to check with you before opening any new accounts.
Filing an alert also entitles you to a free credit report from each
bureau, and it can be renewed every 90 days.
For more information, go to www.ftc.gov/idtheft.
© 2007 Kansas City Star and wire service sources. All Rights Reserved.
Received on Mon Jul 9 03:32:06 2007