May Newsletter

Non-Public Information and Data Breaches:
The two shouldn't mix!

You don’t have to worry about someone stealing your identity! Your information is already out there on the Internet. They already HAVE your information. The fact is that you simply cannot prevent someone from stealing your personal information because they've already stolen it! The REAL PROBLEM with identity theft is when someone USES your information. This month we are uncovering the damage being done by data breaches.

First, let’s understand exactly where your personal information might be. If you are an adult citizen, then your NPI (Non-Public Information) is more than likely recorded in thousands of databases. This includes your name, Social Security number, driver’s license number, address, phone number, account numbers, etc. Your information is kept in Federal, State, and Local governments, numerous businesses, medical facilities, and institutional databases. Every time you enrolled in a school, filled out an application, got a driver’s license, or went to the dentist; your non-public information was recorded in a database. But again, that isn’t the problem. The problem begins when your information falls into the wrong hands. Unfortunately, that is what happens when data is breached – it eventually falls into the wrong hands.

A Data Breach occurs when data security is compromised or lost. Let’s take a look at the data breaches listed on the Privacy Rights Clearinghouse website. Go to www.privacyrights.org/ar/ChronDataBreaches.htm and scroll down about two pages. I want you to see the hundreds of data base aggregators that have lost information already. To see the most recent data breaches, press “End” and scroll up from the bottom. Warning: Don’t print this document unless you intend to print over a hundred pages. It is a long list.

As you scroll, you will see every type of business entity (government, private, and non-profit) that has lost sensitive information to hackers, stolen laptops, disgruntled employees, and more. Notice that the Privacy Rights Clearinghouse only began in January 2005 and already over 260 million PEOPLE have been affected. We don’t know how many data losses occurred before 2005. But now that we are tracking data breaches, we are starting to see the amount of damage being done.

The amount of the damage is difficult to track with total accuracy. We can only assume that it is actually much worse. Many breaches go undetected or unreported and when “Unknown” numbers can’t be factored in, there is even more uncertainty as to the massive extent of the problem.

Let's look at what happens when businesses improperly handle data. This will help us to understand why data breaches are so frequent and how data may end up in the wrong hands.

In an attempt to protect databases from theft or fire, many small businesses periodically copy and transport their databases to off-site storage facilities. This safegaurding practice may sound good in theory but it can lead to a dangerous lack of security. Off-site storage facilities are often considered an employee’s home and in reality that may not be a secure location. The following example shows exactly what can happen during this dangerous process.

A Gynecology Clinic in Greensboro, North Carolina lost personal information on 47,000 female patients when data storage tapes were allegedly stolen. The Privacy Rights Clearinghouse reported on July 16, 2008, “A backup tape of patient information was stolen from an employee who was taking the tape to an off-site storage facility for safekeeping. The stolen information included patients’ names, addresses, Social Security numbers, employers, insurance companies, policy numbers, and family members.”

WOW! What else does a good identity thief need? What would a data base of that size and accuracy actually be worth to identity thieves? If you were one of those 47,000 women, how comfortable would you be in knowing that your clinic was mishandling your entire family’s private information along with your medical insurance? The next time you go to your doctor, you might want to ask about their procedures to protect your personal non-public information.

The bottom line is that IDENTITY THEFT IS HUGE. Nobody knows exactly where information is going. Certainly some information is getting lost. But how far does Private Information go in the mail or on the Internet? You can bet that the answer is in the Dollar Signs! The truth is that massive chunks of Non-Public Information are worth Instant Cash to the right Identity Theft Ring!

IS YOUR DATA BEING USED TO COMMIT A CRIME? Watch for an answer on the next blog entry when we will address the “Seven Different Types of Identity Theft” at http://www.identitytheftwatch.blogspot.com/.

There is good news for consumers and businesses. Solutions tend to emerge from within the American System to resolve serious societal problems. You can beat the Identity Thieves at their own game if you take action before they do. Ask me about our solutions. If you have any questions or would like more information, please email me at delwithppl@yahoo.com.

I hope this has been helpful. Have a super month of May.