BreachExchange mailing list archives
Re: Police tips for Breach prevention
From: George Toft <george () myitaz com>
Date: Tue, 05 Sep 2006 07:38:28 -0700
New York Times coverage about what's happening in the ID Theft Capitol - Phoenix: http://www.nytimes.com/national/nationalspecial2/index.html This is their main page with many articles. Some interesting numbers they toss out: - 1 in 20 working adults are using fake SSN's - 1 in 6 adults in Phoenix have had their ID stolen. (I'm still not sure they really mean had their personal information stolen - there is a bit of a difference.) - Much of the information is stolen by meth addicts. [George's comment: I tried to reproduce the Scottsdale meth addict's ID information farming technique by looking up my own information on the County Recorder's web site. All the images with my signature and account information were unavailable, so it looks like Maricopa County made it more difficult as a result of this story. I wonder if I can still purchase official copies of the documents for a nominal charge? Of course it might be a little suspicious if I purchased 1000 copies - maybe this is the deterrent?] They draw some interesting conclusions: - The IRS has the capability to identify the stolen SSN's but chooses not to pursue it. - The SSA also has this capability, but chooses not to as collecting SS tax revenue from illegals is money that never has to be repaid. It's a free subsidy. [George's comment: A simple database query on the order of "select all SSN's with birth dates less than 16 years ago and having more than $1 of reported income" would be really easy to do. However, with 5% of the workforce working under fake ID's, paying taxes, and spending their money in *this* country, what incentive is there for the government to do anything about it? Why would they spend money (tracking down and deporting illegals) to reduce tax revenue? I went to a workforce development presentation in Tempe last week, and they claim that by 2010, there will be a shortage of 10 million *skilled* workers in the US. Again, what is the incentive to stop this problem?] Living in Phoenix, I can vouch for most of what these articles are pointing out, including personally knowing victims of drug-addict ID thieves and children deprived of benefits because their ID was stolen. A high percentage of businesses I've spoken with have employed illegal immigrants with stolen ID's. Contrary to the articles, these businesses usually did not know the ID's were stolen, rather, they found out via IRS/INS inquiries or via background checks. This problem is huge in Arizona - the more people I talk to, the more rampant I see it is. George Toft, CISSP, MSIS My IT Department www.myITaz.com 480-544-1067 Confidential data protection experts for the financial industry. Al Mac wrote:
Here is a good article by a Police Detective on the many things that work places ought to be doing to prevent data breaches, but most are not. *Businesses And Governmental Agencies Contribute to The Identity Theft Problem* *By: Salem Police Detective Paul Henninger* I recently talked with a person in prison who had been the mastermind of a major identity theft ring operating throughout Oregon. I asked him about of the relationship between “meth” and the people who commit identity theft. He told me, “They are as husband and wife.” The myth that most personal information is stolen directly from the victim is not true. A national study showed that 70% of all stolen personal information is taken from a business. [...] Did you know that if you call the Oregon DMV information call center using the published number, there is a good chance you will be talking with an Inmate (convicted felon) at the Coffee Creek Correctional Facility (prison) in Wilsonville? This is part of the State of Oregon prisoner work plan. You won’t be told you’re talking to a prisoner unless you ask. They have computer access to some of your personal information. DMV officials have told me they have set up strictly enforced protocols to prevent prisoners from using the system to commit identity theft. http://www.salem-news.com/articles/august032006/id_theft_tip_8306.php ------------------------------------------------------------------------ _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 143 million compromised records in 326 incidents over 6 years.
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 143 million compromised records in 337 incidents over 6 years.
Current thread:
- Police tips for Breach prevention Al Mac (Sep 03)
- Re: Police tips for Breach prevention George Toft (Sep 05)