Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Privacy Security United States

600,000 More Social Security Numbers Compromised 34

Posted by timothy from the social-security-simply-isn't dept.
DoubleWhopper writes "This time it's Time Warner Inc. According to this CNN article, an 'outside storage company' is to blame for the latest significant loss of personal information. From the article: '...the tapes contained names and Social Security information on current and former Time Warner employees and some of their dependents and beneficiaries dating back to 1986.' Fortunately, the tapes are said to have no customer information, at least."
This discussion has been archived. No new comments can be posted.

600,000 More Social Security Numbers Compromised More

600,000 More Social Security Numbers Compromised

Comments Filter:

  • Tired old excuse.... (Score:5, Insightful)

    by Psmylie ( 169236 ) * on Monday May 02, 2005 @06:29PM (#12413658) Homepage
    I think its funny that they always make sure to note that it's an outside company... in my opinion, it doesn't really matter if it's an outside vendor or not, the company who owns the data is still responsible for the security of that information. Are the vendor's procedures inadequate? Well, it was your company's job to find that out before contracting with them. Were they not following procedures? Well, it's your company's job to check up on them and make sure they're following them.

    Honestly, I'd like to see all of the victims of ID theft get together and start filing class-actions against the companies that allow this sort of thing to happen. Maybe if we start hitting them in the pocketbook, these companies will start taking data security seriously.

    • I think its funny that they always make sure to note that it's an outside company.

      You do know that time warner owns CNN, right?
      • I think its funny that they always make sure to note that it's an outside company.

        You do know that time warner owns CNN, right?

        I fear that I fail to see your point. You do understand that Iron Mountain, the data storage company which lost the tapes, is not owned by Time-Warner, don't you?

    • Honestly, I'd like to see all of the victims of ID theft get together and start filing class-actions against the companies that allow this sort of thing to happen.

      Please no. If you're dumb enough to lend someone money because they know a number, you deserve to be robbed.

      • Unfortunately, the person robbed is the individual whos ID was stolen and then a loan was given fraudulently in their name. The lender or creditor isn't robbed, because they're going to get their blood out of you, whether you're the actual initiator or not.

        • Unfortunately, the person robbed is the individual whos ID was stolen and then a loan was given fraudulently in their name. The lender or creditor isn't robbed, because they're going to get their blood out of you, whether you're the actual initiator or not.

          Apparently you know nothing about the law. No judge in the world would make you pay back a loan that was taken out by someone else just because that person knew a number which was related to you.

          Regardless, you seem to have your sense of responsibili

          • Re:Tired old excuse.... (Score:2, Interesting)

            by Seumas ( 6865 )
            Apparently you know nothing about having your identity stolen. Very often, when someone has their identity stolen, they are treated like the criminal and not the victim. At the worst, the corporate entity that extended credit to "them" can write it off, get a tax break and just up their fees annually to cover for it. The victim, however, will have their credit ruined at the least.

            When your identity is stolen, there is very little you can do about it. A lot of people have been left in total financial ruin b

            • Very often, when someone has their identity stolen, they are treated like the criminal and not the victim.

              Like I said, they may be harrassed, but that doesn't mean the law isn't on their side.

              At the worst, the corporate entity that extended credit to "them" can write it off, get a tax break and just up their fees annually to cover for it.

              Huh? At the worst? What are you talking about?

              The victim, however, will have their credit ruined at the least.

              It may be temporarily ruined with false informati

            • And when all of my identity was stolen five years ago

              Well, first of all: Sorry for that. From all I know it sucks and I hope you could rectify the situation.

              Even though I believe your co-debator has a slightly simplified view of life, the universe and all, nevertheless I agree with what he says in spirit.

              If a financial institution is so friggin' greedy to provide everybody presenting a valid SSN with actual money they deserve to be hit and hit hard!

              There's such a thing called due diligence.

              This a

              • You are right about everything you said ... but the credit companies make the rules, and they've structured them in such a way that their mistakes are YOUR problem.
                • but the credit companies make the rules

                  This is true, of course. But then again contractual rules are only valid to the participants of a contract.

                  Say American Express - with whom I never had a business relationship else then purchasing travellers cheques - suddenly demands $ 20'000.00 from me, since they claim I ordered and used one of their credit cards, they still can't apply their rules, because I never ordered a credit card. If somebody has fraudulently ordered one in my name, then it's their fuckin

  • Alway's Compromised (Score:4, Insightful)

    by Seumas ( 6865 ) on Monday May 02, 2005 @06:31PM (#12413678)
    Hell, I consider my social security number compromised every time I'm forced to give it to a $8/hr customer service person over the phone to get my Cable, Internet, Telephone, Gas, Electricity services, rent a car, get a loan, get a bank account, apply for a job.

    Even when it's acceptable to request a social security number (an employer), you aren't promised that someone in the chain won't take your information for their own use. *shrug*

    • I'm forced to give it to a $8/hr customer service person over the phone to get my Cable, Internet, Telephone, Gas, Electricity services, rent a car, get a loan, get a bank account, apply for a job.

      For most of those cases you can get away without doing this. When people ask for my SSN I just tell 'em "I'm a foreigner" and they just assume that that means "....and so I don't have one." And since they generally do want to do business with me, they find a way around the problem.

      The really really nice thing

  • don't use Iron Mountain [ironmountain.com]

    besides, would you really trust critical stuff to someone who uses .asp?

  • What sucks is... (Score:3, Interesting)

    by digerata ( 516939 ) on Monday May 02, 2005 @07:00PM (#12414009) Homepage
    There is enough compromised data out there to keep theives busy for years and years.

    While companies say they will cover the costs of what happens to your identity, what if it doesn't happen right away? What if its 5 or 6 years from now? What is your recorse? How do you prove after that much time has passed that your identity was compromised by a particular company? Hell, in that much time, I would probably forget any of this happened.

    • Sue all of them.

      Choicepoint requested my credit report. I have a copy of my credit report that has this listed. If I ever run into a problem, I think I can make a case that it's because of them.

      The beauty of our horribly flawed legal system is that justice is available for the right price.
  • Wanna know why there's so few comments on this so far? All the /.ers are busy either closing their accounts or working to open new ones with "their" SSNs.
  • Are very flawed forms of identification. With them you can find the associated name, birth date, bank accounts, loans, credit cards, properties, etc. They are extremely exploitable and yet the security that surrounds them is minimal. What a lot of people may not know is you ARE NOT required to give your social security number to utilities, banks, creditors, etc. Sure, it helps your standing with them and they can probably find them on their own, but I personally think with the amount of abuse of this central identification number there needs to be a new, more secure system with safe guards to prevent this sort of rampent abuse. The first step is for financial institutions to limit the customer's liability for identity theft related fraud, because they're insured by the FDIC. After that, perhaps a biometric or RFID identification system could eventually be implemented. I know it sounds very big brotherish, but the current system is horrible.

    • What a lot of people may not know is you ARE NOT required to give your social security number to utilities, banks, creditors, etc.

      Required by what? By law? Yes, there isn't a law saying you have to give your social security number to any of those people. But you are required to give your social security number to most of those people, by those people (in other words, if you want to do business with them).

      Sure, it helps your standing with them and they can probably find them on their own, but I perso

      • No, the current system is (pretty much) already fine. A business who wishes to extend credit to someone can use whatever means they wish to identify that person. If they screw up and misidentify the person, and that person never pays back, that's their problem.

        Except when it becomes the impersonated individual's problem as well. If someone is granted a line of credit in my name and don't make payments, the bank comes knocking at my proverbial door, right?

        • Except when it becomes the impersonated individual's problem as well.

          Well, I don't think it's really the job of the government to assign liability for such incidental damages as the time spent contacting your credit reporting agency to get everything straightened out. But if you want to assign liability, I think there are at least two people to look at before you look at the person who leaked the number. 1) the thief herself, and (in the likely case that the thief cannot afford to pay for the liability

    • I'm hoping that it won't be long before the days of biometric security measures are more commonplace in everyday life. You're right, social security numbers aren't exactly protected information. I'd be willing to jump through a few more hoops next time I open a checking account or apply for a line of credit, if it means that I can worry less about identity theft.

  • A solution to the ID crisis... (Score:4, Interesting)

    by Dark Coder ( 66759 ) on Monday May 02, 2005 @10:00PM (#12415597)
    To reduce the identity theft immensely, one or more of the following MUST be legislated:

    1. Replace the SSN with SecureID card with challenge keypad (none of those biometric foo-foo crap, bio is non-revokable)

    2. Make data aggregation illegal (ooooh, sorry credit bureaus)

    3. Make IRS the focal point of multi-keyed 2nd-generation SSN registration centre (sorry SSA, you screwed up, big-time!)

    4. Customer "optionally" generate a NEW SSN for each business or financial institutions. (remember, data aggregation should be illegal)

    5. Credit Bureau would function just fine (just a bit laggard with aggregation effort).

    Once imposed, identity theft would (I guarantee this) be reduced to insignificant amount.

    UNTIL THEN, nothing is currently being done to reduce the water flow from the Dutch Boy's leaking dikes.

    It doesn't take much brain to resolve this crisis, just time and money. The Congress has absolutely no clue on how to fix this mess... Write your congressman today with these suggestions.
    • 1. Replace the SSN with SecureID card with challenge keypad (none of those biometric foo-foo crap, bio is non-revokable)

      There is a significant portion of the population that would be completely baffled by a SecureID card/fob and would never be able to comprehend how to use them. But I agree that there should be a non-biometrical solution.

      What sucks is that you can't be required to provide a social security number to a company. Only your employer, financial institution, a hospital and the social security
      • How hard do you suppose it would be to embed something like a SecurID into credit cards, having another display that would act as the "Confirmation" code.

        Of course, this is all contingent upon the CC companies actually caring enough. As it stands now (IIRC, I may be wrong, correct me if I am) a significant amount of the fraud liability is borne by the defrauded vendors, and a lot of the enforcement is done by public police, making it a lot less critical for CC companies to get their security act together.
      • If I'm not mistaken, there are a couple of European countries that makes uses of SecureID card with challenege 0-9 keypad.

        How hard is that?

Slashdot Top Deals

PURGE COMPLETE.

Close