Wednesday, March 30, 2005

Countermeasures to combat identity theft must also address the illusion of privacy, according to Robert Siciliano, founder of IDTheftSecurity.com

Countermeasures to combat identity theft must also address the illusion of privacy, according to Robert Siciliano, founder of IDTheftSecurity.com

(BOSTON, Massachusetts – March 29, 2005 – IDTheftSecurity.com) Financial institutions and others continue to be the targets of identity thieves and computer hackers. Companies across the globe are considering countermeasures of various, inventive varieties. According to a nationally recognized security expert, the illusion of privacy will hamper the implementation of these safeguards that actually protect consumers’ finances.

“Identity theft is the ultimate threat to privacy,” said Robert Siciliano, a nationally televised and quoted authority on personal security and identity theft. “A deep violation takes place when a criminal gains access to a hard-working, law-abiding citizen’s finances. Privacy advocates are right to decry this crime. Yet the very actions that curb identity theft can look like infringements of what these advocates like to call ‘privacy rights.’”

On Feb. 24, shortly after the ChoicePoint Inc. scandal broke, Siciliano appeared on CNBC's "The Closing Bell" to discuss the dangers of identity theft. He is author of "The Safety Minute: 01" and an upcoming book, "Identity Theft Pandemic: Curing the Identity Theft Virus." He has also been featured on CNN, FOX News, and MSNBC, and quoted in The New York Times and other newspapers of record.

“True privacy is, in fact, an illusion,” Siciliano added. “It no longer exists. Concentrated media attention has suddenly alerted the public to an erosion of privacy that, courtesy of our high-tech world, has been complete and irreversible for quite a while.”

“To industry denizens,” Siciliano continued, “commonsense, high-tech actions to combat the scourge of identity theft seem reasonable. These same countermeasures may seem invasive to consumers. The whole situation seems sudden and new to customers even though it is not.”

“Anyone who champions privacy rights is fighting the wrong war,” Siciliano concluded. “People think they want their finances to be private, but what they really want is to know their finances are safe. If we enact protections against identity theft, we will have safeguarded American consumers’ finances from crooks. Then we must address the fear of the protection.”

On March 18, TechWeb News reported on a poll conducted in January by the Framingham, Mass.–research firm Financial Insights. The results found “nearly 60 percent of U.S. consumers…said they were worried about identity theft.” Yet EcommerceTimes’ writer Jack Germaine reported days later on a Better Business Bureau report indicating that the perceived threat of online identity theft may be eclipsing the actual threat.

“The point is, banks will hemorrhage customers and money,” said Siciliano. “This is because identity theft—and the fear of it—costs a bank customers and drains money. Consumer trust is slipping. Soon, it may be lost altogether unless banking institutions implement sweeping measures not only to combat actual identity theft but to fight the perception that a person’s personal finances are fundamentally unsafe.”

Institutions continue to reel from identity thieves’ and other computer hackers’ attacks. Bill Goodwin, writer at ComputerWeekly, reported on March 22 that, since December, banks in London, England have been on alert because of an investigation into a computer hacking attempt at the Japanese bank Sumitomo’s branch in that city.

Authorities at a number of institutions across the globe are responding by implementing various inventive countermeasures:

n On March 24, Samantha Ross of Geneva, New York’s Finger Lake Times reported that Excellus Blue Cross Blue Shield subscribers’ membership cards will no longer display Social Security numbers. Random alphanumeric numbers will be the replacement. According to a Blue Cross Blue Shield of North Carolina press release dated March 8, the company will commence transitioning all members’ cards to the new system in April and conclude the operation on Jan. 1, 2006.
n As reported on March 9 by Kristy Needham of The Sydney Morning Herald, a number of online banks across Australia will, later this year, implement new security measures and practices for customers who want to access account information. Text messages sent via mobile phones will contain extra pass codes for transactions. Security tokens, carried on key rings, that produce random, transaction-specific numbers have been in use since last year.
n Bank Systems & Technology writer Ivan Schneider reported on March 8 that Bank of America—itself a victim of security problems in February surrounding the care of customers’ sensitive personal data in transit—also plans to adopt these token devices, which churn out one-time passwords for banking transactions.

“Consumer rights, laudable as they are, represent only one of many concerns stemming from identity theft,” said Siciliano. “At all times, we must remember that terrorists love identity theft and would jump at the opportunity to commit it, enter the country illegally, and hurt us.”

###

Siciliano is available to discuss identity theft as it pertains to consumer privacy, personal finances, the terrorism threat, and national security. A speaker as featured on CNN, MSNBC, Fox News, "ABC News with Sam Donaldson," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael" and "The Howard Stern Show." Siciliano leads seminars nationwide. He has been quoted in Reuters, RealtyTimes.com, Woman's Day, Good Housekeeping, Mademoiselle, The New York Post, The New York Times, The Washington Times, The Chicago Tribune, The Christian Science Monitor and other publications.

Siciliano's blog is available at www.IDTheftSecurity.blogspot.com. Siciliano can be reached at 1 (888) SICILIANO (742-4542). The following URLs will take readers to his Web site and information about his work:

Main Web site: http://www.IDTheftSecurity.com
Siciliano's biography: http://www.idtheftsecurity.com/PDF/11x17_1wc.pdf
Testimonials: http://www.idtheftsecurity.com/PDF/11x17_3wc.pdf

Siciliano's contact information follows:

Robert Siciliano
Personal Security Expert
PHONE: 888-SICILIANO (742-4542)
FAX: 877-2-FAX-NOW (232-9669)
E-MAIL: Robert@IDTheftSecurity.com

The media are encouraged to get in touch with Siciliano directly. They may also contact:

STETrevisions, strategic communications
Brent W. Skinner, President
PHONE: 617-875-4859
FAX: 866-663-6557
BrentSkinner@STETrevisions.com

Wednesday, March 23, 2005

Founder of IDTheftSecurity.com warns that recent identity thefts at educational institutions pose a special threat to national security

(BOSTON, Massachusetts – March 23, 2005 – IDTheftSecurity.com) Identity thieves have compromised yet two more college computer systems over the past week. Educational institutions’ databases—which hold personal information on alumni, faculty, and others—are particularly vulnerable to theft. Once stolen, according to a nationally recognized security expert, the at-large data can pose an exceptional threat to national security.

On March 17, The Boston Globe’s Hiawatha Bray and others reported that computer hackers had infiltrated a database housing about 120,000 alumni’s addresses and social security numbers.

“The breach at Boston College is only the latest, actually, in a malicious string of security compromises at college databases across the nation,” said Robert Siciliano, a nationally televised and quoted authority on personal security and identity theft.

On Feb. 24, shortly after the ChoicePoint Inc. identity theft scandal broke, Siciliano appeared on CNBC's "The Closing Bell" to discuss the dangers of identity theft. He is author of "The Safety Minute: 01" and an upcoming book, "Identity Theft Pandemic: Curing the Identity Theft Virus."

“No group is immune,” said Siciliano. “Identity thieves don’t care whether you are a senior citizen, a student, rich, or poor. All they care about is obtaining identities.”

“We’ve heard that they use these identities to run up debt in another person’s name,” Siciliano added. “And they do. But ‘they’ are not only everyday criminals. Identity thieves can also be terrorists, eager to use these identities to appear legit, enter the country, and hurt us. In fact, the everyday criminal may sell the information to the terrorist. The possibilities are endless and all egregious.”

On March 22 CIO Today ran an Associated Press report that hackers were able to break into California State University, Chico’s database to view the names and social security numbers of about 59,000 people associated with the institution.

“Think about the convenience factor for a terrorist,” said Siciliano. “Universities, with their typically elevated numbers of international students on the rosters, are the perfect places for dangerous international terrorists to steal seemingly legitimate international identities to help slip past profilers at our airports.”

Last week, results from a poll conducted by ABC News and The Washington Post suggested an increase in Americans’ concern over identity theft. Among the poll’s findings was that about 70 percent of those queried saw themselves as potential victims of online identity theft.

“Finally, people are beginning to understand,” said Siciliano. “Identity theft is a serious matter deserving of the public’s full attention. A thief can easily ruin a consumer’s credit record. A terrorist can easily threaten the security of our nation.”

###

Siciliano is available to discuss identity theft as it pertains to personal finances, the terrorism threat, and national security. A speaker as featured on CNN, MSNBC, Fox News, "ABC News with Sam Donaldson," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael" and "The Howard Stern Show." Siciliano leads seminars nationwide. He has been quoted in Reuters, RealtyTimes.com, Woman's Day, Good Housekeeping, Mademoiselle, The New York Post, The New York Times, The Washington Times, The Chicago Tribune, The Christian Science Monitor and other publications.

Siciliano's blog is available at www.IDTheftSecurity.blogspot.com. Siciliano can be reached at 1 (888) SICILIANO (742-4542). The following URLs will take readers to his Web site and information about his work:

Main Web site: http://www.IDTheftSecurity.com
Siciliano's biography: http://www.idtheftsecurity.com/PDF/11x17_1wc.pdf
Testimonials: http://www.idtheftsecurity.com/PDF/11x17_3wc.pdf

Siciliano's contact information follows:

Robert Siciliano
Personal Security Expert
PHONE: 888-SICILIANO (742-4542)
FAX: 877-2-FAX-NOW (232-9669)
E-MAIL: Robert@IDTheftSecurity.com

The media are encouraged to get in touch with Siciliano directly. They may also contact:

STETrevisions, strategic communications
Brent W. Skinner, President
PHONE: 617-875-4859
FAX: 866-663-6557
BrentSkinner@STETrevisions.com

Thursday, March 17, 2005

IDTheftSecurity.com's Founder, Robert Siciliano, Commenting On Congressional Hearings, Warns That Terrorism Could Stem From The Identity Theft Crisis

BOSTON/March 17, 2005 --- Identity theft has attracted the attention of legislators in Washington, D.C. CEOs of major companies that have fallen prey to recent high-profile thefts have already testified. Meanwhile, thieves continue to pilfer credit card numbers, database information, and other consumer data stored at venues of all kinds across the nation.

Last month a major, yearlong database breach at ChoicePoint became news. Since then, legislators have decried what many industry watchers have described as data mining firms' lax security. Reps. Edward J. Markey, D-Mass., Bennie Thompson, D-Miss., and others have led various efforts on Capitol Hill to investigate the problem of identity theft, and hearings began late last week.

"To avoid liability, information brokers capitalize on a litigious society's need to know," said Robert Siciliano, a nationally televised and quoted personal security and identity theft expert. "In this respect, data aggregators are necessary, yet the manner in which they operate is no different than a boiler room operation without oversight."

On Feb. 24, shortly after the ChoicePoint Inc. identity theft scandal broke, Siciliano appeared on CNBC's "The Closing Bell" to discuss the dangers of identity theft. He is author of "The Safety Minute: 01" and an upcoming book, "Identity Theft Pandemic: Curing the Identity Theft Virus."

ChoicePoint CEO Derek Smith sat before congressional interrogators March 15 to answer questions about his company's practices. Kurt Sanford, CEO of Lexis Nexis, another data mining firm, also testified. Both CEOs were at odds with legislators who have called for the sale of social security numbers to be illegal.

"Smith's apology to Congress is insufficient," Siciliano said. "I challenge both Smith and Sanford to make their social security numbers available for sale. I'll pay each of them $5,000 and post their numbers on a highway billboard, which is no different than what they are doing with mine and yours."

MSNBC's Bob Sullivan reported on the exchange between these CEOs and members of Congress. Smith faced questions about the many circumstances surrounding his company's leak and the measures ChoicePoint has taken in response. One legislator, for instance, probed whether more than 145,000 individuals' identities might be at risk, supposing that ChoicePoint is only reporting thefts as required by the law.

"I have mentioned it many times," said Siciliano. "The situation at ChoicePoint, with the delays in reporting thefts to the public and the large sums of money that executives there made on stock sales during the silence, are causes for alarm. These are wolves in sheeps' clothing that pose a threat to national security. Their actions are possibly aiding and abetting terrorists, and these CEOs offer an 'I'm sorry.' This industry needs serious attention."

Sanford answered questions about a theft of 32,000 identities at Lexis Nexis. Thieves stole information by using customers' passwords. In fact, identity theft continues nationwide at a frenetic pace:

--The Associated Press reported March 9 that thieves had lifted customers' credit card information from more than 100 DSW Shoe Warehouse stores over the last three months.

--The Associated Press reported March 8 on the theft of about 1,700 blank driver's licenses and license-making equipment such as cameras from a Nevada DMV office in North Las Vegas.

--Reuters reported March 9 that hackers have obtained from publisher Reed Elsevier's databases the personal information of about 32,000 people.

"This really is just the beginning. It's only going to get worse. With identity theft resulting in $48 billion in losses last year, information brokers are the greatest threat to our economy and national security," Siciliano said. "We are not just concerned about loss of money and ruined credit histories. The identities of everyday Americans have also suddenly become valuable to terrorists, both rogue and organized, who want to enter the country and hurt us. The bleeding has to stop."

Siciliano is available to discuss identity theft as it pertains to personal finances, the terrorism threat, and national security. A speaker as featured on CNN, MSNBC, Fox News, "ABC News with Sam Donaldson," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael" and "The Howard Stern Show." Siciliano leads seminars nationwide. He has been quoted in Reuters, RealtyTimes.com, Woman's Day, Good Housekeeping, Mademoiselle, The New York Post, The New York Times, The Washington Times, The Chicago Tribune, The Christian Science Monitor and other publications.

Siciliano's blog is available at www.IDTheftSecurity.blogspot.com. Siciliano can be reached at 1(888)SICILIANO (742-4542). The following URLs will take readers to his Web site and information about his work: Main Web site: http://www.IDTheftSecurity.com Siciliano's biography: http://www.idtheftsecurity.com/PDF/11x17_1wc.pdf Testimonials: http://www.idtheftsecurity.com/PDF/11x17_3wc.pdf

Siciliano's contact information follows: Robert Siciliano Personal Security Expert PHONE: 888-SICILIANO (742-4542) FAX: 877-2-FAX-NOW (232-9669) E-MAIL: Robert@IDTheftSecurity.com The media are encouraged to get in touch with Siciliano directly.

They may also contact: STETrevisions, strategic communications Brent W. Skinner, President PHONE: 617-875-4859 FAX: 866-663-6557 BrentSkinner@STETrevisions.com

CONTACT:Robert SicilianoBoston, MA 02215PHONE. (888)742-4542E-MAIL: Robert@IDTheftSecurity.com
KEYWORDS: Identity, theft, fraud, Internet, security, Computer, Personal, Privacy, rights, advocates, Terrorists, Terrorism, National
SOURCE: IDTheftSecurity.com

Tuesday, March 08, 2005

ChoicePoint Inc. security breach, the apocalypse of identity theft, threatens the economy and national security

ChoicePoint Inc. security breach, the apocalypse of identity theft, threatens the economy and national security

Identity theft has become a pandemic. Its perpetrators are more organized than ever and could be affiliating with terrorist groups. Thieves could be terrorists themselves and have gained access to huge databases. Names, addresses, phone numbers, social security numbers, and dates of birth are up for grabs, and the information is useful to those with mal intent. Government and the business world are struggling to respond, and controversy defines the efforts to develop regulations that would properly protect consumers.

The system of identification is fundamentally flawed. The confluence of everyday cyber crime and terrorism demonstrates a need for across-the-board countermeasures and changes in the way in which we identify people. Organized international crime rings could easily collude with terrorist networks. A clever and properly equipped computer hacker could bring nations and monetary systems to their knees. A dirty bomb could detonate in a crowded city street and kill thousands—all courtesy of terrorists-turned-identity-thieves. Through identity theft, a terrorist operation could easily forge identities, enter the country illegally and, in others’ names, fund the entire operation.

Large databases are vulnerable

In October 2004, hackers infiltrated a University of California, Berkley database to render the identities of 1.4 million low-income healthcare recipients and the people who provide the care vulnerable. A recently passed California law, SB1386, requires companies and state agencies to inform Californians of any security breach potentially jeopardizing the identities of 500,000 or more people. The university complied.

Laws that require officials who suspect wide-scale identity theft to alert those who may be victims are good. They’re bad when insufficient, enforced improperly, or willfully ignored. Their provisions must scale to the speed of identity theft, whose perpetrators can ruin people’s lives and, possibly, the safety of millions, in short order.

Data warehousers are slow to respond

In what officials are pegging as an orchestrated effort, over the course of this past year multiple charlatans conducted a massive ruse against ChoicePoint, a large Georgia-based data mining company. Criminals posing as legitimate small businesses (e.g., debt collectors, credit checkers, etc.) easily gained access through the front door of ChoicePoint’s database to lift countless U.S. citizens’ identities.

This happened more than four months ago. It wasn’t until February that ChoicePoint began to inform the public. California’s law may have prompted ChoicePoint to alert Californians to their possibly compromised identity information, but the communiqué was still tardy. Worse, only after facing pressure from 38 state attorneys general, did ChoicePoint admit that the crime’s scope was far greater, The Globe and Mail and others report. According to AZCentral.com, ChoicePoint claims California law enforcement officials encouraged the company not to disclose the breach sooner.

Thefts trace to organized crime

Reuters and others report that a Nigerian man has been sentenced to 16 months in jail for his involvement in the crime against ChoicePoint. Authorities say he was part of a larger criminal network.

Organized crime’s link to identity theft has precedent. This past October, law enforcement officials suspected Russian mobsters to be behind a major identity theft racket in Brighton, Massachusetts. This past year high-profile phishing attacks and e-mail scams have originated from Nigeria.

The Seattle Post-Intelligencer and Cox News Service provide an informative report on organized crime’s link to the Internet. Well-known organized rings such as the Gambino crime family have tried their hands at consumer fraud. Newer players from Russia, Africa, Argentina and elsewhere have thrown their hats into the ring as well.

The trend threatens our economy. Would-be entrepreneurs, established companies, and online consumers, all cowed by the specter of crime, may shy away from the Internet, delivering a blow to U.S. economic growth.

Litigation looms

According to ABC News and others, ChoicePoint said the company would inform approximately 145,000 people spread across all 50 U.S. states, the District of Columbia, and three territories that thieves who fraudulently signed up with ChoicePoint may have stolen personal information.

ChoicePoint’s slow response and the massive scale of the crime have encouraged a California woman, as reported in the Los Angeles Business Journal and elsewhere, to sue ChoicePoint over the theft of her identity. Her suit could reach class-action status to cover the losses of the thousands others whose sensitive personal information may have been compromised.

Nobody should be surprised. While a low profile can help a criminal investigation, it is disconcerting for victims to learn how long ChoicePoint took to admit the crime’s full scale.

Questionable stock sales by executives at the company further fuel suspicions that ChoicePoint could have done more, and sooner, to protect the integrity of identities at risk. Again reported in AZCentral.com, ChoicePoint’s chief executive officer and the company’s president “made a combined $16.6 million in profit from selling company shares in the months after the data warehouser learned that people’s personal information may have been compromised and before the breach was made public.”

Tougher regulation is necessary

Clearly, the public cannot count on these companies, which have access to so much of our personal information, or law enforcement officials to alert consumers in a timely manner when security is breached. Business proprietors with so much at stake may put their own well being before others’.

As reported by CNET, Reuters, The Associated Press, and others, members of U.S. Congress have noticed. Reacting to the ChoicePoint debacle, Senator Charles Schumer (D-NY) has promised to introduce legislation to “curb” identity theft. FOX News reports that Democrats and Republicans alike have united to plan hearings into the latest industry shortcomings and what can be done to improve the system.

Centralization begets breaches

Centralization carries with it a false sense of security. Common sense says the fewer people who control a given repository, the less susceptible it will be to danger. The laws of averages say breaches will still happen, and when they do, watch out. Once the criminal compromises a highly secure centralized database’s security protocol, the information at his disposal is just as available to him as cash is to the Saturday evening thief who robs a convenience store at midnight—maybe even more so.

Centralized industries can also be at the mercy of their leaders’ whims, bureaucracies’ weaknesses, and systems’ shortcomings. Look at the food industry. As it has consolidated and centralized, people have warned of its susceptibility to terrorist attack—or plain old susceptibility, as evidenced by confirmed cases of mad cow disease.

Databases consolidate into fewer hands

This is not simply a question of consumers’ rights. It’s a matter of national security. Although these databases can help crime fighting, when they are compromised, national security is at risk.

The data mining industry is consolidating and centralizing like the food industry. ChoicePoint is one example of how large organizations are expanding control over people’s identities. Credit records, legal records, information on consumer habits and even the minutest details about people’s lives are all filing into a dwindling number of databases of increasing sizes that are becoming more susceptible to theft.

Identity theft threatens Homeland Security

As reported in The Washington Post and other publications, ChoicePoint and companies like it are beginning to operate as private intelligence services for national security and law enforcement tasks. In this capacity, these companies can circumvent privacy and information laws that constrain government bodies. By getting around these, they support Homeland Security activities.

FOX News reports that ChoicePoint is, in fact, a major government contractor providing important background check support to Homeland Security activities. In light of the company’s inability to secure its own database, observers have to wonder how safe any of us are. Security failures such as ChoicePoint’s will happen again. In fact, they already have; breaches such as the latest at Westlaw and BankAmerica will receive my attention in later columns. It is up to business leaders and government officials to clamp down on identity thieves and develop a strategy to let consumers know when their identities have been stolen.

Robert Siciliano Personal Security, Identity Theft Expert featured on CNN, FOX, MSNBC and CNBC. IDTheftSecurity.com

Friday, March 04, 2005

The Call For Hearings Following Identity Thefts At ChoicePoint Inc. Is A Welcome Development According To Robert Siciliano Of IDTheftSecurity.com

The Call For Hearings Following Identity Thefts At ChoicePoint Inc. Is A Welcome Development According To Robert Siciliano Of IDTheftSecurity.com

(BOSTON -- March 4, 2005 -- IDTheftSecurity.com) A compromised database at ChoicePoint Inc. has left thousands of Americans' identities vulnerable to foul play. In the wake of this theft and security failures at Bank of America and elsewhere, many are expressing concern that missing or stolen information could fall into the hands of Al Qaeda and others. Democrats in the U.S. Senate and House of Representatives are asking the Department of Homeland Security and Government Accountability Office to look into how these developments might enable terrorists. "Organized criminals have latched onto identity theft, previously the domain of savvy hackers," said Robert Siciliano, a nationally televised and quoted personal security and identity theft expert. "Terrorists realize this is the most effective way to cross borders undetected, fund their cause and bankrupt commercial interests to cripple the American economy," he said. On Feb. 24, shortly after the ChoicePoint scandal broke, Siciliano, author of "The Safety Minute: 01," appeared on CNBC's "The Closing Bell" to discuss the dangers of identity theft. In their letter dated March 3 to Gen. Patrick Hughes - an acting undersecretary at the Department of Homeland Security - a number of Democrats wrote, "This security gap places America at risk. There is nothing to stop an organized terrorist organization like Al Qaeda from using this vulnerability to access the personal information of private citizens and use it against our nation." The undersigned of that letter included ranking Democrats from a number of Senate and House of Representative committees and subcommittees including Rep. Bennie Thompson, Rep. John Conyers, Sen. Bill Nelson, Rep. Loretta Sanchez and Rep. Zoe Lofgren. Similar letters were sent to David Walker, comptroller general at the Government Accountability Office, and Nuala O'Connor Kelly, chief privacy officer at the U.S. Department of Homeland Security. "Government officials see the writing on the wall and are scared," said Siciliano. "The identity theft virus, a pandemic, is spreading fast. Officials need to focus on a cure. Regulation is only a small part of the answer," he added. Rep. Thompson is the ranking Democrat of the House Committee on Homeland Security. A press release from his Washington, D.C. office indicates that he sent a letter to that committee's chairman, Rep. Christopher Cox, a Republican, calling for hearings. In the letter, Rep. Thompson wrote, "The thefts at ChoicePoint and Bank of America demonstrate the vulnerability of our citizens' personal information to potential terrorist attack and use." Later in the letter, he continued, "A committee hearing on identity theft ... would provide considerable information to determine exactly how large a security gap exists." "Half of the hijackers on 9/11 used stolen or fake IDs," said Siciliano. "Previously, in the year 2000, more than 100,000 Social Security numbers were wrongly issued by the Social Security Administration because officials there accepted fake birth certificates and fake immigration papers. Nothing has been done. If a virus goes untreated, it spreads," Siciliano added. News has surfaced that thieves gained access to ChoicePoint's database not only in late 2004, but also in 2002. A number of people have been able to view individuals' identities at ChoicePoint by masquerading as legitimate small business owners - such as debt collectors, loan companies and others - who would typically need such information. Some say ChoicePoint has been lax in its security screening process. "ChoicePoint's reckless behavior and lack of security are just small parts of the problem," said Siciliano. "Fraudulent financial accounts can be opened simply through the creation of documents or the use of readily available Social Security numbers. Fundamental changes in the system of identification should be a focal point for the committee and investigations," he added. Siciliano is available to discuss identity theft, the terrorism threat and national security. A speaker who leads seminars nationwide, he has appeared on CNN, MSNBC, Fox News, "ABC News with Sam Donaldson," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael" and "The Howard Stern Show." He has been featured in Reuters, RealtyTimes.com, Woman's Day, Good Housekeeping, Mademoiselle, The New York Post, The New York Times and The Washington Times. Siciliano can be reached at 1-888-SICILIANO (742-4542). The following URLs will take readers to his Web site and information about his work:
http://www.IDTheftSecurity.com, http://www.idtheftsecurity.com/PDF/11x17_1wc.pdfhttp://www.idtheftsecurity.com/PDF/11x17_3wc.pdf The media are encouraged to get in touch with Siciliano directly or through STETrevisions, strategic communications Brent W. Skinner, president. By calling (617)875-4859, faxing (866)663-6557 or e-mailing BrentSkinner@STETrevisions.com.

CONTACT:Robert SicilianoBoston, MA 02215PHONE.(617)875-4859 PHONE.(888)742-4542E-MAIL: Robert@IDTheftSecurity.com

Thursday, March 03, 2005

Identity thefts at ChoicePoint Inc. and security failure at Bank of America Corp. reflect a fundamentally flawed system for handling sensitive data, s

Identity thefts at ChoicePoint Inc. and security failure at Bank of America Corp. reflect a fundamentally flawed system for handling sensitive data, says Robert Siciliano of IDTheftSecurity.com

(BOSTON -- March 3, 2005 -- IDTheftSecurity.com) Tapes of Bank of America Corporation's financial information for 1.2 million people, including a number of U.S. senators, have been missing since December 2004. A deep, yearlong breach of security led to identity theft at Georgia-based ChoicePoint Inc. more than four months ago. In both cases, law enforcement officials told the companies to delay informing affected customers. Members of U.S. Congress have responded to the gravity of these crimes by calling for hearings.

"Identity theft has become a pandemic," says Robert Siciliano, as quoted last week on CNBC's "Closing Bell." A Boston-based personal security and identity theft expert, Siciliano added, "The U.S. needs to improve the rules that govern when and how companies and law enforcement inform those whose identities may have been stolen." Nationally televised and quoted, he is the author of "The Safety Minute: 01."

Loss of customers' financial information leads to government reaction

"Legislators have been slow to respond to the dangers of identity theft," says Siciliano. "When information so critical to individuals, our economy, and the security of our nation is bereft of order, bad things happen. Companies resort to the least cost-intensive ways of doing business."

He added, "This can frustrate consumers. Someone wishing to precipitate government action could achieve the objective by heisting 1.2 million identities from a major bank."

The Boston Globe's Sasha Talcott paraphrased Senator Charles Schumer (D-NY), who posited that commercial airline flight baggage handlers swiped Bank of America's tapes. CNET, Reuters, The Associated Press, and others report that other members of U.S. Congress have joined Schumer in his concern over security breaches at Bank of America and ChoicePoint. FOX News' Kelley Beaucar Vlahos reports that Democrats and Republicans alike plan to look into industry shortcomings and explore possible improvements.

"Schumer and 38 attorneys general have reacted to ChoicePoint's security problems as if this is something new," says Siciliano. "These are their knee-jerk responses. For four years, I've been screaming about the danger of precisely what has now happened with Bank of America and ChoicePoint. Schumer and friends are just now coming out of the woodwork."

He added, "Security is about being proactive and protecting your constituents before something happens. It is not about showing up when the cameras are on to clean up a mess that should have never happened."

Bank of America responds, but the theft of information in transit has precedent

"Security measures in place, as the past month's events demonstrate, are insufficient at best and, at worst, nonexistent," says Siciliano.

The implication of Schumer's statement is that banks routinely transport their customers' sensitive data via insecure means. As reported by Paul Nowell of The Associated Press, Bank of America believes the tapes were simply lost and has unearthed no foul play related to the information on these missing tapes. A spokesperson for Bank of America, quoted in major publications across the country, says, "The investigation to date has found no evidence to suggest the tapes or their content have been accessed or misused."

Theft or loss of sensitive information in transit has precedent. Just last week, for instance, the San Diego Union Tribune reported that a U.S. mail carrier stationed in California was arrested on suspected identity theft that he allegedly committed in exchange for drugs.

"The motives to lift people's identifying information are legion," says Siciliano. "The identity thief may be a junkie. She may need the money. He could just be a kleptomaniac. It doesn't matter. Information is susceptible."

Law enforcement's needs and the interests of company executives may conflict with timely communiqués to the public

The Bank of America investigation began in December when bank officials alerted the Secret Service that tapes were missing. It was only this week, as reported by The Dallas Morning News' Pamela Yip and others, that the Secret Service allowed Bank of America to inform customers.

"We cannot rely solely on law enforcement as the solution to the problem of identity theft," says Siciliano. "As we see, companies can follow procedures by the book and still wait too long to inform victims. While law enforcement officials are doing everything they can, the real answer is to change the system of reporting."

ChoicePoint spokespeople say law enforcement asked the Georgia-based company to delay efforts to inform the public. During the meantime, executives at the company made questionable stock sales equaling a total of $16.6 million, reports Associated Press writer Harry Webber and others. The revelation, made after ChoicePoint's problems became public a couple weeks ago, has fueled suspicions that ChoicePoint could have done more, and sooner, to protect the integrity of identities at risk.

"It's understandable for law enforcement officials to seek the benefit of a low profile as they investigate and perform due diligence," says Siciliano. "They want to make sure their ducks are in a row. They certainly don't want to cry wolf."

"Bank of America discovered in December that its tapes were missing and, working with the security-obsessed Secret Service, notified affected bank clients within two months," Siciliano added. "ChoicePoint waited four months. For ChoicePoint to attribute this to reasons similar to Bank of America's is specious at best. What's bothersome is that ChoicePoint executives managed to make a killing in stock deals during the meantime. Something smells funny. Investors should be screaming bloody murder."

Litigation looms

ChoicePoint's slow response and the massive scale of the crime against the company have encouraged a California woman, as reported by Reuters and in the Los Angeles Business Journal and elsewhere, to sue ChoicePoint over the theft of her identity. Her suit could reach class-action status to cover the losses of the thousands others whose sensitive personal information may have been compromised.

"How would you like to be sued by about 150,000 people?" Siciliano asks. "We need to develop a strategy to let consumers know when their identities have been stolen. A class-action suit on this scale would destroy any company. It is time for industry to stop playing chicken with identity theft. Profitable only until disaster strikes, the game then invites the lawyers to swoop in and ends."

ChoicePoint's is no stranger to litigation. Justin Rubner of the Atlanta Business Chronicle reports the company "has been involved in at least 11 lawsuits since 2000 involving possible misappropriation of information."

Identity theft traces to organized crime and poses a threat to national security

On February 22, The Seattle Post-Intelligencer published a report, written by Bob Keefe of Cox News Service, on organized crime's link to the Internet. Well-known organized rings such as the Gambino crime family have tried their hands at consumer fraud. Newer players from Russia, Africa, Argentina and elsewhere have thrown their hats into the ring as well.

"Security failures such as ChoicePoint's and Bank of America's will continue to happen," says Siciliano. "It is up to business leaders and government officials to clamp down on identity thieves."

Last month, Robert O'Harrow, staff writer at The Washington Post, reported that ChoicePoint and companies like it are beginning to operate as private intelligence services for national security and law enforcement tasks. FOX News' Kelley Beaucar Vlahos now reports that ChoicePoint is, in fact, a major government contractor providing important background check support to Homeland Security activities.

"The potential for identity theft is the Achilles' heel of our national security," says Siciliano. "In light of these companies' inability to secure citizens' financial and identifying information, observers have to wonder how safe any of us are."

Siciliano is available to discuss identity theft. A speaker who leads seminars nationwide, he has appeared on CNN, MSNBC, FOX News, CNBC, "ABC News with Sam Donaldson," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael" and "The Howard Stern Show." He has been quoted in Reuters, RealtyTimes.com, Woman's Day, Good Housekeeping, Mademoiselle, The New York Post, The New York Times, The Washington Times, and elsewhere.

###

Siciliano can be reached at 1-888-SICILIANO (742-4542). The following URLs will take readers to his Web site and information about his work:

Main Web site: http://www.IDTheftSecurity.com
Siciliano's biography: http://www.idtheftsecurity.com/PDF/11x17_1wc.pdf
Testimonials: http://www.idtheftsecurity.com/PDF/11x17_3wc.pdf

Siciliano's contact information follows:

Robert L. Siciliano
Personal Security Expert
phone: 888-SICILIANO (742-4542)
fax: 877-2-FAX-NOW (232-9669)
Robert@SafetyMinute.com

The media are encouraged to get in touch with Siciliano directly. They may also contact:

STETrevisions, strategic communications
Brent W. Skinner, President
cell: 617-875-4859
fax: 866-663-6557
BrentSkinner@STETrevisions.com

This page is powered by Blogger. Isn't yours?