A giant data brokerage firm exposes the records of more than 145,000 individuals, and 750 of those are confirmed victims of identity theft. A cell phone conglomerate admits that its system, used by Secret Service agents among millions of other people, was recently broken into. A respected senator discovers that anyone with Senate clearance can learn the Social Security numbers of Brad Pitt, his celebrity friends, and also the Vice-President, with a few clicks. One of the largest banks in the United States reports that it has lost a tape backup containing 1.2 million credit card records, a significant portion of which are directly related to Pentagon and other federal government accounts. A well-known legal information services firm admits that 32,000 of its records have been stolen. Exactly what is going on here?
To hear the politicians tell it, identify theft is the inevitable result of our fast-paced information society. It is unstoppable given that our law enforcement agencies are generally too slow to keep up with technology, and too bureaucratic to delegate to multi-jurisdictional, inter-agency teams, let alone teams that span international boundaries. Congress wants to pass new laws that will centralize the investigation and enforcement of identity theft cases -- and it certainly should. Anything would be an improvement over the current mess. Yet re-mapping the murky domains of federal agencies alone will not be enough to actually stop identity theft, or even slow it down. Really curbing the problem will require attacking the problem at its root: the keyboard.
On March 10, 2005, Larry Johnson, the Special Agent in Charge of the Criminal Investigative Division of the United States Secret Service made a good point before the Senate Committee on Banking, Housing and Urban Affairs: identity theft is increasingly a technical problem. Once upon a time, thieves dug company directories out of trash cans, but now it's much easier to send out mass e-mails to millions of people that happen to look like they originated from local banks, asking for confirmation of credit card numbers. In fact, were it not for the ability of computer databases to store millions of records at a time in a centralized and efficient manner, "identity theft" would be practically unheard of. So, what are we doing to make sure that our nation's databases are protected?
Nothing.
http://www.huffingtonpost.com/aaron-greenspan/catch-222-22-2222_b_117173.htmlBetween this and all the stolen computers, every SSN known to man is now probably posted somewhere on the internet.:shrug: