Protect your personal info. Tips for data safety.

This is a rant. My first blog rant. But I’m pretty passionate about this one.

It is incredible how almost every week I find another article about a company (i.e. bank, lender, insurance company, health provider, security firm, investment company, employer, retailer) that has lost consumer personally identifiable information.

The problem is staggering. This is outrageous and people/companies should be held accountable, even punished.

I get even more angry when I read that a spokesperson blows it off as a brief “computer glitch.” That’s a big lie! Ultimately, human beings are behind it all…

• The person traveling with personally identifiable info of thousands on his/her laptop or thumb drive.
• The IT department that allowed someone inappropriate access.
• The disgruntled worker who stole info.
• The courier who lost tapes via transfer to another location.
• The employee that published info to an insecure server just to make it easier to access the info for administrative work.

And it goes on and on and on. In some instances the data ends up in the hands of an evil doer. In many, it’s just lost and those who have it might not be able to access it. But in an age where so much information is being shared for marketing purposes and published as part of the public record, it is critical for individuals to be wary.

No one will watch out for you. You have to take control. Don’t be afraid to be vocal and adamant about not giving out your SS# and other Personally Identifiable Information.

• DO NOT give your social security number to anyone that asks. I’ve even been asked at the supermarket when signing up for the savings cards. No way.
• Don’t give out your spouse and kid’s info. And teach them not to give it out either!
• Do not give your SS# to health care providers (i.e. insurance company, doctors office, pharmacy). No way. Don’t do it. They have no business or right to ask for it.
• Do not give your SS# to insurance companies (i.e. home, auto, life). Decline and ask them to create a unique personally identifiable number if necessary.

The only fairly legitimate reasons to provide SS# are for tax reporting by your current employer or your bank and investment companies.

Please take it seriously. Guard your information fiercely. It’s up to you.

ARTICLES:
Yahoo! News (June 2006): Sailors’ Social Security nos. on Web site
“The Navy has begun a criminal investigation after
Social Security numbers and other personal data for 28,000 sailors and family members were found on a civilian Web site.”

Security Focus (June 2006): VA data theft affects most soldiers
“…the leak potentially affected nearly 80 percent of all active-duty personnel.”

InternetNews.com (June 2006): Hotels.com Warns Customers on Data Theft
“Hotel booking site Hotels.com has begun sending out letters to some 243,000 customers whose names and credit card numbers were on a laptop stolen from an employee of Ernst & Young, the accounting firm.”

MSNBC (June 2006): Employers rushing to stem data theft tide
“Companies, agencies scrambling to secure laptops, information.”

ComputerWorld (May 2006): Deja vu for Wells Fargo: bank loses computer with confidential data
“For the fourth time in the past 30 months, Wells Fargo & Co. has begun notifying customers about the potential compromise of confidential information following the theft of a company computer containing data on mortgage customers and prospective clients.”

MSNBC (June 2006): Feds hit by rash of data breaches
“FTC said Thursday that it had lost laptops containing sensitive data”

MSNBC (June 2006): Hacker breaks into USDA computer system.
Personal data on 26,000 workers may be at risk
“A hacker broke into the Agriculture Department’s computer system and may have obtained names, Social Security numbers and photos of 26,000 Washington-area employees and contractors, the department said Wednesday.”

MSNBC (April 2006): Military thumb drive exposes larger problem
“…drives sold at street markets in Bagram, Afghanistan, contain intimate details on everything from U.S. soldiers to secret informants. Data that, in the wrong hands, could easily lead to murder.”

MSNBC (Nov 2005): Help! I left my identity in the back seat of a taxi
“Wilcox Memorial Hospital in Kauai had to inform 120,000 past and present patients that their private information had been misplaced. Their names, addresses, Social Security numbers, even medical record numbers had been placed on one of those tiny USB flash drives — and now, according to a letter sent home, the drive was missing.”

C|Net (June 2005): Credit card breach exposes 40 million accounts
“Of those exposed accounts, about 13.9 million are for MasterCard-branded cards, the company said in a statement. Some 20 million Visa-branded cards may have been affected and the remaining accounts were other brands, including American Express and Discover.”

MSNBC (June 2005): Citi notifies 3.9 million customers of lost data
“Computer tapes with personal information lost in transit.”

Computer World (May 2005): Scope of bank data theft grows to 676,000 customers
“Bank employees used computer screen captures to snag customer data”

Business Week (April 2005): Personal Data Theft: It’s Outrageous
“Americans seem to be concerned, but not outraged, by news in recent weeks that two big data collectors sold detailed personal information on nearly 500,000 people to buyers who had absolutely no business getting it.”
“Being required to notify California residents, it was hard for data collectors ChoicePoint (CPS ) and LexisNexis, a unit of Reed Elsevier (ENL ), to hide the fact that they had improperly given out data on 145,000 and 310,000 individuals, respectively.”

MSNBC (Feb 2005): Data theft affects 145,000 nationwide
“145,000 consumers nationwide were placed at risk by a recent data theft at the company.”

News.com (Feb 2005): Bank of America loses a million customer records

Look who uses such data…

San Francisco Chronicle (Nov 2003): Arrest in Wells Fargo data theft
Net surfing tips cops to stolen computer, customer records

What do you think? Please post your comments. Thanks.
-Roland

Roland Reinhart is an interactive marketing professional who is concerned about how companies handle consumer data. His observations can be found at Chaos365.com and AdMadMan.com.

©2006 Roland Reinhart. All Rights Reserved.