TMCnet News
Financial institutions set dubious record for ID theft(Orlando Sentinel, The (FL) (KRT) Via Thomson Dialog NewsEdge) Jan. 2--A final flurry of computer security breaches marked the end of 2005 -- an unfortunate but not surprising end to a record year for potential identity-theft activity. From banks and hospitals to government agencies, almost 100 breaches were reported in 2005, including a half-dozen in December alone, according to the Privacy Rights Clearinghouse, a nonprofit watchdog group in California. Major institutions such as Bank of America and the Federal Deposit Insurance Corp. were victimized, as were little-known data-technology outfits such as Georgia-based ChoicePoint and CardSystems Solutions Inc. Computer hackers hit many colleges across the country, from Duke to Stanford, stealing thousands of files with account numbers and other personal data belonging to students and school employees. Other perpetrators gained access to personal data by hijacking laptops, setting up bogus corporate accounts, or stealing passwords. Some of the cases were inside jobs. The biggest heist of the year came to light in June, when MasterCard reported that a hacker breach at a transaction-processing company had exposed 40 million credit-card accounts to potential identity theft. The Atlanta-based company processes transactions for cards issued by major banks including SunTrust and Wachovia. Most of the biggest data thefts of 2005 involved computer-data tapes stolen as they were being shipped. CitiFinancial lost tapes containing data for 3.9 million customers; Bank of America, 1.2 million customers; Time Warner, 600,000 customers; and Ameritrade, 200,000 customers, the Privacy Rights group reported last week. Overall, almost 52 million people had their personal information put at risk as a result of data heists in 2005, the watchdog group said. Orlando-based Marriott Vacation Club International reported just last week that personal data on 206,000 time-share owners, customers and employees might have been compromised. The Marriott International unit said data tapes containing Social Security numbers and other sensitive information have gone missing from its Orlando headquarters. An investigation is under way. Marriott is notifying affected individuals by mail and offering them free access to a credit-monitoring service. Those affected may call Marriott toll-free at 1-800-952-8145 for more information. The Marriott time-share case came shortly after another mysterious data-tape disappearance reported by a Michigan-based lender. In a Dec. 18 letter to customers, ABN AMRO Mortgage Group said the tape went missing during shipment by DHL, the express-delivery service. Although there was no evidence of wrongdoing, ABN alerted authorities and made a free credit-monitoring service available to customers for 90 days. About 2 million customers were at risk from the apparent security breach, according to an estimate from the Privacy Rights Clearinghouse. A week later, however, ABN reported the tape had been found in the same DHL shipping facility to which it had been previously traced. Employee error at DHL was blamed for the miscue. ABN reassured customers there was little chance the data had been misused, but it continued to offer the temporary credit-monitoring service. Companies and institutions haven't always been so forthcoming when it comes to security breaches, the Privacy Rights Clearinghouse said. That's changing, however, as companies realize that people need such knowledge so they can take steps to protect themselves, the group said. Still, not all companies are letting their customers know when data may be compromised. Twenty-two states, including Florida, now require companies to notify customers of security breaches. A dozen states (not including Florida) also have "security freeze" laws allowing potential victims of identity theft to prevent others from establishing credit in their names. |