Connecticut Government Decides To Make Things Easy For Identity Thieves
from the saving-you-the-trouble dept
While some companies and groups are still forcing would-be identity thieves to go to the trouble of stealing laptops to grab personal information from people, a department of the Connecticut state government saw an opportunity to save them some effort, and posted the names and Social Security numbers of 1,700 employees online. The state claims that because the list was available only by searching for a name and wasn't linked anywhere (to its knowledge, anyway), the risk of identity theft is low. That may be true, but it hardly excuses the data leak. This sort of "there's nothing to worry about" attitude about identity theft and data leaks really does nothing to help solve the problem, nor does downplaying threats and losses. The problem is that stupidity is beating malice as the reason for these leaks: whether it's by leaving data, encrypted or not, on laptops, or posting it online inadvertently, incompetence is proving a significant threat to otherwise innocent consumers.
Reader Comments (rss)
(Flattened / Threaded)
Small Companies
I just recently got a job with a large electronics company, and I'm working through a smaller contracting agency (more pay, less benefits).
I received an email that was forwarded by my rep from another of the agency's reps containing documents that I needed to sign and fax back.
In this forwarded email, there was the Full Name, Address, Social Security Number, and DOB for another potential employee.
Needless to say, I alerted the agency to this HUGE "accident", and how easily I could have assumed this person's identity as my own. Hopefully my info doesn't end up out there like this.
You'd think agency's where all they do is get people jobs would know how to handle sensitive information!
(reply to this comment) (link to this comment)
Lack of Concern
I applied for a job with a large company for a fairly senior position, one in which there was long interview process. I submitted the standard paperwork and was told I could expect to be contacted for an interview in a few months. True to their word I was contacted, however, a few days prior to the interview I was told that my paperwork had been lost and could I please resubmit it.
At first I didn't want to make waves at that crucial point in my job search so I told the HR person that I would. After I hung up, I began to consider the implications of their error. I called back and stated as professionally as I could, that I would be happy to re-provide the information, however, I did consider the loss of my information to be an unacceptable risk to my personal privacy. I asked them to please look for the information and get back to me in 24 hrs.
It turns out that they found the information a few hours later. What really blew me away was how unconcerned/annoyed the person I talked with seemed to be.
I did get offered the position, btw.
(reply to this comment) (link to this comment)
Pharmacists have the same problem
Pharmacy boards, for whatever genious of a reason also have quite the signifigant data leak. Make sure you get a P.O. Box and never give any personal information out via any digital format, if you have to drive 1hr to give them it in person, or wait a week for mail I'd suggest taking that route. It's much better than the alternative finding out you owe nordstrom $3,000 for a shoe.
(reply to this comment) (link to this comment)
Did someone swap Texas and Connecticut while I was
First, the Julie Amero debacle.
Then they bust a peace activist/journalist for taking pictures of the governor on inauguration day. (Ooooh, good use of Fatherland Security funds!)
Now this.
Maybe someone should check the Housatonic for hallucinogenic
contaminants.
(reply to this comment) (link to this comment)
Our collective stupidity...
... is easily outstripping our technology.
(reply to this comment) (link to this comment)
They're left in the cold...
I live in CT, and am now glad I've never worked for the state. The thing that gets me the most was this line at the end of the article:
"Those affected workers have been advised to monitor their personal finance records the next few months."
Not only did they dump the info on the web, they aren't even going to help the affected workers with the current standard "year of monitoring", but expect the workers to do it themselves.
(reply to this comment) (link to this comment)
Good for the Goose
Did the idiots in senior management include their own information and social security numbers?
When do the people in charge of making such ridiculous decision get held to account? Ever? Anywhere?
(reply to this comment) (link to this comment)
CT. MY SWEET HOME
Concerning the attitude of downplaying the lack of concern or worry about a very dangerous mistake made in a state department in CT. I'm not surprized at all.a matter of fact I would have thought they would have included,home address,phone number,banking information,and if you sleep in a single or kingsize bed.
I'm a 58yr. old disabled person and have delt with the state of CT. for 30 years.That lack of concern attitude as been around along time.
CT. My Sweet Home,doesn't smell so sweet anymore.
(reply to this comment) (link to this comment)
Why have we created a system where a number is so
Does anyone else silently cheer when things like this happen?
I don't cheer because I want to see people's lives ruined, but I cheer because the more incidents like this occur, the more the inherent flaws of the system are exposed.
We need to develop an economic model based on love and need rather than digits and greed.
(reply to this comment) (link to this comment)
student ID = social security number
i remember not long ago that colleges used social security numbers as student ID numbers. all an identity thief needed to do was go to the administration building and look up people's name on the class list and next to it is their social security number. if i knew then what i know now...
(reply to this comment) (link to this comment)
7K,TJTJRNTJ,KJGMHNM JH,HBMH DX
(reply to this comment) (link to this comment)
Add Your Comment