Wednesday, May 24, 2006
This week we have heard officials of all stripes assure us that "we have no reason to believe anyone’s identity is at risk" even though a laptop with the personal identifying information of 26.5 million U.S. veterans on it has been stolen. Their words represent the party line we typically hear when a security breakdown of this magnitude occurs. Their words aren't worth the cue cards their lackeys wrote them on.
The latest big-ticket data breach has endangered not only individuals’ bank accounts, but also national security. For expediency's sake, we'll leave national security to Homeland Security; it's pretty much out of our hands now no matter how apprehensive we may be about their ability to secure the homeland. So let's focus on what we can do.
Here's my advice for companies and other large organizations that store sensitive information on laptops, machines prone to theft: Don't. Laptops are the last place any organization should be storing the personal identifying information on 26.5 million people.
If for some untenable, inexcusable reason you must use laptops for this purpose, please, at the very least, keep those laptops in a safe place and locked down when authorized personnel aren’t using them. Make sure the machines are fully secure with functionalities designed to ward off thieves. I suggest the use of products such as the Staples® WordLock™ for laptop computers, a simple and inexpensive device that allows users to employ a letter password, which they can reset at any time, to lock their laptop computers.
But now that we're already in this mess courtesy of an improperly secured laptop, I urge consumers to treat this very real threat to their identities like the emergency it is—luckily, one they can manage. Luckily, a service available to everyday consumers can mitigate the ruined credit ratings and other aftermath nightmares individual veterans might otherwise have to endure.
All of you on the list of 26.5 million affected by this week’s laptop theft should immediately enroll in a service like IdentitySweep, which manages subscribers’ public records while monitoring their credit card information and Social Security numbers. Veterans can go to www.identitysweep.com/vet and receive a full year’s worth of IdentitySweep for only $18, a discounted rate, from MyPublicInfo, the Arlington, VA–based consumer identity protection company that created the service.
The Social Security number is the key to the kingdom, and it's a number these thieves now have—along with the dates of birth for the veterans affected and for some of these veterans' spouses. Without a monitoring service of their own to fall back on, these veterans and their families will be at the mercy not only of the thieves, but of credit companies’ good will, which is likely to wane after the usual offer we’ve seen following massive data breaches: pro bono credit monitoring for one year.
Thieves are smart. They'll wait at least a year before they use the information. Identity theft has become a part of life for these veterans. It didn't have to be this way, but it is. Enrolling in a service like IdentitySweep is the best way a veteran can save his reputation now that the institutions he's relied on to protect his personal data have failed at that very task.