Identity Theft
Recently, reports of security breaches in which customer data and personally identifiable information (PII) were somehow compromised seem to appear almost daily. Choicepoint, Lexis Nexis, DSW Shoe Warehouse, Ralph Lauren / HSBC, Bank of America and more have all reported massive amounts of compromised or ill-gotten customer information just in the past couple of months.
However, most identity theft or compromises of PII, including a couple of the major breaches mentioned above, have nothing to do with the Internet or lax computer or network security. Unpatched operating system vulnerabilities or hacking wizardy are involved in a relatively small number of the total cases. The Choicepoint breach resulted from poor processes to identify that the business asking for consumer information had a legitimate reason. The Bank of America breach resulted from a data backup tape being lost in transit.
Information can be pulled from your trash can. Waiters can swipe or simply write down your credit card number when you make a purchase at a restaurant. There are a variety of laws related to securing customer information including Sarbanes-Oxley, HIPAA, GLBA and others. Congress is currently investigating the breaches at Choicepoint and Lexis Nexis and considering further legislation aimed at allegedly protecting customer data. But, social engineering and good, old-fashioned theft still pose a larger threat than network security and it is up to you to monitor and protect your personal information and your credit.
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
No comments yet.
Leave a comment