Inadvertant Disclosure of Information

sgeeeee

Thinks s/he gets paid by the post
Joined
Feb 17, 2003
Messages
3,588
Location
Mesa
I got a letter today from a former employer that started like this:

"Please read this letter carefully.

We have learned that computers containing information concerning current and former [Company Name] employees were stolen from the offices of one of our third party providers. We believe that the stolen computers may contain certain personal information about you, particularly your name and social security number.

. . ."

Not the kind of letter you want to recieve. So, I've registered a fraud alert with the three credit agencies and am getting credit reports. Anyone got any other advice? :confused:
 
- SG said:
Anyone got any other advice?

Ya. Don't worry. I think this has happened to everyone in the USA by now. I got 2 letters like that in the past year. One from my college and one from a bank. Just check your credit reports once a year. Chances are nothing bad will happen to you, so don't lose any sleep over it.
 
Yeah, don't worry about it until your bank account is drained and you start getting strange calls from creditors you didn't know you had.    Then worry about it a lot.

I'm sure you heard that Citibank recently "lost" tapes with credit records of 3.9 million customers.    The press release they issued strongly hints that the tapes were unencrypted.

There is a *lot* of very personal data about you on a *lot* of computers, and believe me, very few of them take security seriously.    There's not much you can do about it.    I've considered creating a false identity and using it for all of my public transactions.   It can't be that hard.
 
If that happened to me, I would check my credit reports quarterly using the free annual credit reports from the 3 companies.  Hopefully the fraud alert will stop anything before it starts.

About 2 years ago I got the lettter that my credit card was 'compromised' and the credit union cancelled it and issued another one.  Since then, I check my my bank balance and online credit card daily.  Haven't found a thing, but it got to be a habit to check.

Good luck, I know I'd be very worried.  
 
File police report-get a case # and copy of report, check with SS to make sure no one has applied for passport iwth your number, put code words on accounts. Apparently someone arrested with no i.d. could supply your SSN to the arresting officer. To find out if there is a warrant under your name/SSN, I think you have to check like a bazillion county police web sites, and that's not to mention the podunk places that aren't online. Ditto, declaring bankruptcy.
 
Bummer. Probably never come to anything, but you can't help but worry.

OTOH, you can be glad it didn't say:

"Please read this letter carefully.

We have learned that computers containing information concerning current and former [Company Name] employees were stolen from the offices of one of our third party providers. We believe that the stolen computers contain certain personal information about you, including several photographs and videos that you would probably wish to keep private. We think you know the ones me mean (hint: baa baa). . ."

-- Hope I get this post in before TH posts a similar one.
 
P.S. said:
File police report-get a case # and copy of report, check with SS to make sure no one has applied for passport iwth your number, put code words on accounts. Apparently someone arrested with no i.d. could supply your SSN to the arresting officer. To find out if there is a warrant under your name/SSN, I think you have to check like a bazillion county police web sites, and that's not to mention the podunk places that aren't online. Ditto, declaring bankruptcy.

Dude, now that's a scary thought! Imagine taking a road trip, getting pulled over for a broken tail light, and getting arrested for jumping bail on drug charges! Low probability, but man!
 
Laurence said:
Dude, now that's a scary thought!  Imagine taking a road trip, getting pulled over for a broken tail light, and getting arrested for jumping bail on drug charges!  Low probability, but man!
Friends of ours moved from Norfolk and sold their pickup truck on the way to the airport. The buyer asked them to leave the license plates on so that he could transfer them to his name (which is legal in Hawaii).

A couple months later the bench warrants started rolling in for the moving violations... and of course having this news come through military channels made a big impression on the new boss.
 
P.S. said:
File police report-get a case # and copy of report, check with SS to make sure no one has applied for passport iwth your number, put code words on accounts. Apparently someone arrested with no i.d. could supply your SSN to the arresting officer.  To find out if there is a warrant under your name/SSN, I think you have to check like a bazillion county police web sites, and that's not to mention the podunk places that aren't online.  Ditto, declaring bankruptcy.

Thanks for the ideas. I have a case# for the police report but I think I'll follow up with a ss inquiry at least. The police warrant protection seems almost hoepless though. :(
 
TromboneAl said:
Bummer.  Probably never come to anything, but you can't help but worry.

OTOH, you can be glad it didn't say:

"Please read this letter carefully.

We have learned that computers containing information concerning current and former [Company Name] employees were stolen from the offices of one of our third party providers.  We believe that the stolen computers contain certain personal information about you, including several photographs and videos that you would probably wish to keep private.   We think you know the ones me mean (hint: baa baa). . ."

TA,

Believe me, no one wants to see those photos. Although I think TH is still considering the snake photo offer. :D :D :D
 
TromboneAl said:
-- Hope I get this post in before TH posts a similar one.

Dang it Al! Look what happens when I sleep in.

SG...the worm?

I see these almost every day with companies I've done business with. Its bad enough that they dont keep better control over this stuff, but whats worse is I've fought several companies HARD to delete my account information and remove all of my personal information and they simply wont. If you read many of the 'agreements' you sign online or as part of many financial arrangements, there is often a paragraph in there addressing this. It usually says that they can and will gather and retain information about you indefinitely.

I had this with both ameritrade and paypal. Neither would agree to delete existing personal and account information regarding me even though I firmly assured them that there was absolutely zero chance I would ever do business with them again. Both firmly assured me that the information was fully protected and I had nothing to worry about. Both got hacked and had account and customer information stolen.

Not to mention most outfits share financial information with 'business partners' and you have to explicitly opt-out of that sharing. I have recently discovered that all my old telemarketing calls have come back, except now they're from business partners of existing companies I work with, which skirts the "do not call list" provisions.

In other words, be careful what you give out...once the genie is out of the bottle, its really out. :p
 
Related to this...

Most of you probably know this already, but in California you can put a credit freeze on your accounts ($10 for each credit bureau). Other states are considering laws on this, too.

With the freeze, no one can get a credit report on you unless you authorize it with a PIN -- the way it should be anyway. For ER types, who don't need to apply for credit, this is a no-brainer. It will cost $60 ($10 * 3 credit bureaus * 2 people (you and spouse)).

So now, when Brian Williams does his weekly report meant to scare people about identity theft, we don't feel too scared.
 
The SSA has a nice fact sheet on identity theft, including some internal audits they performed to look at the scope of the problem:

http://www.ssa.gov/oig/executive_operations/factsheet1.htm

Top five types of indentity theft crimes:

Credit card fraud.
Unauthorized attainment of utility services
Bank account and loan fraud.
Use of counterfeit Government documents.
Fraudulent attainment of Government benefits, including Social Security and Supplemental Security Income.

(Hey, TH, it turns out if you know a nurse or have a newborn, it's trivial to get a couple of extra SSN's for that rainy day when you want to assume a new identity.)
 
Hmmm...extra SS #'s...nah, I like my identity well enough.

But you still Dont Know Me.

My favorite was paypal. I stopped doing business with them in 2000. Found out when I made a donation through dory's firecalc link that they still had my bank and credit card #'s on file. Asked them to delete them as if I didnt work with them for 5 years, chances are I aint coming back.

Nope. They said they intended to retain my information on file indefinitely, but that is was 100% safe. I told them I would change all of the numbers at obviously great effort as I had the existing ones memorized, which would render their saved information worthless. Thats ok they said, go ahead and change them...we arent deleting the information.

So now I have all new numbers, paypal had a large chunk of their customer information stolen recently, at least my info was no longer valid, and i'm really, really unlikely to ever do business with them again.
 
th said:
be careful what you give out...once the genie is out of the bottle, its really out
Often you don't have a whole lot of choice, even the local video store wants an SSN!

A one time use Credit-Card system used by AIB/Ireland, was invented by a school girl on a science project!! The system even lets you set fixed payment limits.

What ever happed to e-money or virtual credit cards? No third parties, both were to be tied to existing bank accounts online or ATM cards, or anonymously via western union or phone top up stations? Is this the age of high tech hype?

Paying online is where the greatest weakness is, where’s the protective consumer legislation? I've shone away from shopping online, has helped with LBYM :)
 
Discovercard offers a one-time use number generator. I use it all the time for my online purchases.

e-cash never took off because people grew comfortable using credit cards online and all of the online shops are tooled up to process credit cards (a fair amount of infrastructure would have to change to accept a new payment type, but paypal actually has a bit of traction there).

Of course, identity theft and credit card fraud isn't limited to online shops. We have rural mail boxes along the road where I live, and there have been several cases of mail theft with the ultimate goal of identity theft.
 
I'm not too worried about the credit card number. I am not liable for fraudulent CC charges, the CC company is. As long as I notice them, and I will.
 
I liked the CEO of card systems being mad that mastercard made a public announcement about it. They thought they could tell the fbi and keep it hush hush.

Although the press has mostly made noise about mastercards, card systems also processes a very small amount of american express and a moderate amount of discover card, among others.

Note no info other than credit card #'s was disclosed.
 
Back
Top Bottom