Tuesday, February 21, 2006

Another 27,000 People's Identities are Compromised

Last year, the Privacy Rights Clearinghouse compiled a list of data breaches. The list estimates that over 53 million identities have been compromised in the recent past. Of course, this doesn't include the more recent compromises, such as the Boston Journal (202,000 compromised) and the Northern California debit card fiasco (200,000 compromised).

Here is the list of data breaches:

A Chronology of Data Breaches Since the ChoicePoint Incident

It also doesn't include another probability, which is that there are data breaches that were never detected, or not reported.

With the overall number of people compromised, 27,000 people seems small in comparison, but for every person compromised, there is a potential victim.

The Jacksonville Business Journal is reporting:

The names and social security numbers of 27,000 former and current Blue Cross and Blue Shield of Florida Inc. employees were illegally downloaded by a contract employee to his home computer, a company spokesperson said.

The FBI and U.S. Attorney's Office are conducting a joint investigation, said Lisa Acheson Luther, a spokeswoman with Blue Cross. No customer information was involved and there is no evidence the information went any further than the home computer.

Here is the full story:

Vendor downloads Blue Cross employee info

The Federal Trade Commission testified last June on Data Breaches and Identity Theft. This testimony highlighted the concerns with the number of data breaches being revealed in the past couple of years and suggested action.

In February, Senator Dianne Feinstein issued a document calling for Federal legislation:

Statement of Senator Dianne Feinstein On the Need for Federal Identity Theft Legislation

Senator Feinstein joined Senator Arlen Specter (PA), Senator Russell Feingold (WI) and Senator Patrick Leahy (VT) in sponsoring S789, which is a federal bill addressing the issue of data breaches and it's ultimate consequences, such as "identity theft." Here is a bill summary.

This bill is currently on the Senate Legislative Calendar awaiting action.

If you are interested in writing your representatives to inquire when this legislation will be taken for action, here is a link where you can find their information to do so:


It's a sad commentary that in the global sense, 27,000 people compromised is a mere drop in the bucket. HOWEVER, I have to be certain that anyone who has suffered their identity being stolen, sees it on a much more personal level AND with the number of people compromised, the question is who will be next.


John Clark said...

It's a shame that the Federal legislation is taking so long to pass.

I know they are busy, but this seems to be a nasty problem.

prying1 said...

Problem with legislation is it is so verbose. In spite of the long words and sentences there are no guarantees that the crooks will follow the letter or the spirit of the law.