BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Re: long term effects of data loss

From: "Beth Givens" <bgivens () privacyrights org>
Date: Mon, 31 Jul 2006 15:05:52 -0700
You are absolutely right.

There's a terrible loophole in the current law, Fair Credit Reporting Act as it was amended by FACTA. And that is that 
ONLY bona fide id theft victims can place an "extended fraud alert" on their 3 credit reports. The extended alert is 
for 7 years. One has to have a police report and provide a copy to the 3 bureaus before they will establish the 7 year 
alert.

So people who are affected by security breaches can only place an "initial" alert of 90 days. The careful and savvy 
ones will keep renewing it each 90 days which is a pain.  The law needs to be changed to enable ANYONE to have an 
extended alert, and in fact, to heck with the 7 year alert, it should be without end.

The best thing for people to do is to take advantage of the credit freeze if they are in a state that has such a law.

Beth Givens

-----Original message-----
From: George Toft george () myitaz com
Date: Sun, 30 Jul 2006 10:51:33 -0700
To: dataloss () attrition org
Subject: [Dataloss] long term effects of data loss


I am wondering about the long-term effects of record loss.  It seems to 
me that all a thief needs to do is wait a year or two to use the 
information - after all, you can't change your SSN, Birth Date, and are 
probably not changing your name, so the info is good for years to come.

My thinking is that people tend to forget about the fraud alerts, which 
only last 90 days.  Maybe they renew them a couple times.  After a year 
or so, the thief should be able to act on the data and perhaps 1/2 will 
be effective.

Thoughts?  Enlightenment?
-- 
George Toft, CISSP, MSIS
My IT Department
www.myITaz.com
480-544-1067

Confidential data protection experts for the financial industry.
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/errata/dataloss/




Beth Givens
Director
Privacy Rights Clearinghouse
(619) 298-3396
www.privacyrights.org
bgivens () privacyrights org

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/errata/dataloss/
Previous By Date Next
Previous By Thread Next

Current thread: