Email This to a Friend
The Identity (Theft) Crisis
How personal credit information ends up in the hands of Pakistani criminals.
It turns out that not only are messages being filtered, and not only are they being logged, but it was being kept on a totally insecure server that was easily accessed through the cyber version of guessing that I keep my house key in the flowerpot.
Skype says they are very concerned about the fact that these messages were insecurely stored — which is sort of like an adulterer saying he’s sorry he got caught. As for the whole message-interception thing, they say that’s just the requirement of the Chinese government and they don’t have any say. And their past public statements about the issue have been contradictory.
This is not at all the first time there have been well-founded worries about what happens when U.S. companies bump up against China. Google has had to promise they won’t house personal info on Chinese soil. Yahoo’s CEO had to publicly apologize to the family of someone who was jailed as a result of their disclosures to the government.
The untold story of the last couple of years has been the rise in inadvertent data breaches. Many millions of records have been divulged, and it’s not just because government workers accidentally take home laptops: according to the Privacy Rights Clearinghouse, since January 2005 there have been more than 245,000,000 individual records divulged accidentally or as a result of malicious hacking.
Yes, 245 million.
All of this — the grocery pipeline to Pakistan, the Chinese eavesdropping – brings up the issue of what large (and trusted) organizations do about their partners.
I am not saying there ought to be a law — but I am saying that large companies need to get ahead of this issue. Yes it will cost money. It is money well spent.
What can companies do? That’s a tough question and it may be one of those things where the bad guys are always one step ahead of the good guys. But the good guys can get a little more serious about this. Yes, they will say they have security experts and yes, they will say that such piracy hurts them as much as it hurts, say, Joe The Plumber. “Security is our top priority,” they’ll tell you. But do you believe it?
Nevada has instituted new rules that companies must encrypt the information they keep. But this may not be enough. The whole data chain needs to be protected, just like the food chain.
Makes you want to go off the grid.
<- Prev Page 2 of 2
Brad Rourke writes a column on public life called Public Comments, produces an occasional videolog called Taxonomies, is a founder of the Maryland neighborhood blog, Rockville Central, and is in a band called The West End.
 |
 |
 |
Podcasts |  PJM Home |
Pajamas Media appreciates your comments that abide by the following guidelines:
1. Avoid profanities or foul language unless it is contained in a necessary quote or is relevant to the comment.
2. Stay on topic.
3. Disagree, but avoid ad hominem attacks.
4. Threats are treated seriously and reported to law enforcement.
5. Spam and advertising are not permitted in the comments area.
The clause regarding "hate speech" has been deleted because readers criticized it as being too loosely defined. We agreed.
These guidelines are very general and cannot cover every possible situation. Please don't assume that Pajamas Media management agrees with or otherwise endorses any particular comment. We reserve the right to filter or delete comments or to deny posting privileges entirely at our discretion. If you feel your comment was filtered inappropriately, please email us at story@pajamasmedia.com.
4 Comments
1. Billy Bob:This happened a couple of years ago, in Rhode Island, if memory serves. A team of Armenian bad guys visited an all-night supermarket. They split up. One engaged the skeleton staff’s attention, while the others swapped out several of the debit card PIN-pad devices.
Not long after, the local banks were hit with a wave of disputed withdrawals. The supermaket was the common factor. Investigators reviewed the video surveillance and observed the PIN-pads being switched. So, they set a trap and busted the bad guys when they returned to harvest the captured PINs.
Nov 16, 2008 - 9:38 am 2. Judy, NYC:there are no secrets, so i am not sure what we are attempting to protect, or why we are driving ourselves crazy over not protecting it. if company secrets are so valuable, why are they all going bankrupt and need bailouts. soon, governments won’t bother with hacking to throw citizens in prison, they can do that from the internet. information and secrecy is a paradigm in flux, there is no new paradigm and the old one doesn’t seem very useful. individuals and governments have little credit or money, this may cease to be meaningful as well. pakistani gangs stealing confederate dollars and maxed ccards would be more dangerous pulling an all available weimer-republic wheelbarrows heist.
Nov 16, 2008 - 10:36 am 3. arthur:this is crazy. i hope the next administration does a forward looking job of addressing these things.
Nov 16, 2008 - 6:11 pm 4. Anonymous:Not a day goes by when you don’t hear about identity theft. It has really gotten bad with all of the technology we use today. Identity theft protection is a must. I use Solus Identity Theft Protection to protect my family.
Nov 17, 2008 - 1:20 pm