Sunday, June 19, 2005

Identity Theft at Large Corporations

It is now being reported that CardSystems, the affiliate of Mastercard International, where 40,000,000 people's information was compromised, knew of the breach as early as May 22nd. They are saying that they were told by the FBI not to release the information, which presumably would give them (FBI) an edge in identifyng the criminal(s).

Interestingly enough, today there are official statements being made by Mastercard that a much smaller amount of accounts (68,000) are considered to be high risk. They are saying that the information exposed didn't include social security numbers and birthdates, which would be needed to assume someone's identity. Only 13.9 million of the credit card accounts were Mastercard. Estimates on the other's (American Express, Discover and Visa) are not yet clear.

At this point, there seems to be a lot of differing estimates and the information was kept quiet for a period of time. Unless, someone could see some facts backing up these estimates and what information was taken, it would be hard for anyone to have a level of comfort as to what has actually occurred.

There seems to be an alarming pattern of these large scale losses of personal information. Earlier this month, Citigroup reported that UPS lost loan information from 3.9 million customers of Citifinancial, who does personal and home loans. In February, Choicepoint Inc. disclosed that fraudsters using stolen identities created fifty fake businesses that pulled personal information on approximately 145,000 people. In March, LexisNexis Inc. disclosed that fraudsters had broken into a database giving them access to 32,000 people. In May, Merlin Information Services, which provides information to law enforcement, investigators and collections personnel had 9,000 people's information stolen when someone posing as a professional investment advisor was given access to their database. There were also large numbers of people's information stolen from Bank of America and DSW Shoe Warehouse.

Nexis Lexis has since increased their estimate to 310,000 from their initial estimate of 32,000. It's hard to say what estimates are 100 percent credible. Did these organizations discover the full scope of the breach and is it in their best interests to disclose the information?

There is legislation being considered to better protect our personal information. It is imperative that we fully examine these recent events and consider the costs to the individual and to the credibility of our financial systems.


Marla said...

I uncovered a huge fraud, burgary, ID theft, missing persons, verified forgeries, illegal conversion of assets operation in Fresno, CA. So big, reporting it is the crime. Despite witnesses and photographs, PG&E denies relocation of utility poles. I personally saw the cables on the ground with ringleader insisting that PG&E not be called. With 2-3 more cables/wires on these poles, and an increase in satellites, dishes and antennas, with people among this group referring to themselves as "people watchers" I guarantee some high-tech digital technology here. Phones tapped; computers hacked; hidden cameras; control of alarm systems. Outside help is needed.

Ed Dickson said...

Drop me a line at and I might be able to get someone to help you.