Experian, Ford, and Identity Theft 193
corebreech writes "The mighty New York Times (I think they might want you to register) is reporting that hackers posing as Ford employees have managed to pilfer some 13,000 credit reports (Quality is Job 1.) Supposedly the info isn't restricted to merely credit card numbers, but rather includes such delectable delights as address, SSN, bank account info and creditworthiness. Glad I take the subway." The original story was from the Boston Globe.
Just In Case... (Score:5, Informative)
Experian [experian.com] , Transunion [transunion.com] and Equifax [equifax.com] are the big 3 for reports.
Now that's customer service N O T (Score:4, Informative)
Van Leeuwen of Ford said he thought the company had done everything it could to help the individuals affected by the security breach, and didn't plan to offer them any financial assistance.
Surely Ford have broken some law here ? In the U.K. there is something called the Data Protection Act, c'mon the U.S. has got to have some equivalent legislation.. They're not blaming it on hackers, they admit they don't know how the access code or whatever was taken !
Ford (The Associates) Security (Score:4, Informative)
Guarding / checking against Identity Theft (Score:5, Informative)
Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]
Re:Come on, Where's my no-login link, Karma Whores (Score:1, Informative)
Text of Article (-5, Redundant) (Score:3, Informative)
Hackers posing as employees of the Ford Motor Credit Company have in recent months harvested a trove of 13,000 credit reports -- a virtual one-stop shop for fraud and identity theft -- with data on consumers in affluent neighborhoods across the country.
The company said in a letter to the victims that computer intruders used an authorization code from Ford Credit to get the credit reports from Experian, one of three major reporting agencies.
Advertisement
"I've never seen anything of this size," a spokesman for Experian, Donald Girard, said. "Privacy is the hallmark of our business. We're extraordinarily concerned about the privacy issue here, and the trust factor."
The inquiries gave the intruders access to each victim's personal and financial information, including address, Social Security number, bank and credit card accounts and ratings of creditworthiness, which can be used to identify the best targets.
"This is not just a credit card number; this is the whole kazoo," said Richard Power, the editorial director for the Computer Security Institute, an industry trade group. A criminal could use the data to make credit card charges or even open bank and credit card accounts in the victim's name.
Thefts of credit records, Mr. Power said, are far more common than is reported. "The unique thing about this one," he said, "is that it has surfaced." The theft was first reported yesterday by The Boston Globe and The Detroit News.
Statistics on identity theft are hard to come by, with estimates ranging as high as 700,000 cases a year. Betsy Broder, the assistant director for planning and information of the Federal Trade Commission, said the commission received 86,000 complaints of identity theft last year.
Representatives of Ford Credit said they did not know how the hackers acquired the code, which was used by the company's office in Grand Rapids, Mich. The intruders focused on addresses in affluent neighborhoods, often in numeric sequence, said Rich Van Leeuwen, executive vice president at Ford Credit.
The company said it had sent letters via certified mail to all 13,000 people, urging them to contact Experian and the two other credit reporting giants, Equifax and TransUnion, and to report any evidence of abuse to the F.B.I.
The company has also worked with Experian to set up a phone line to let victims get their credit reports and help them resolve discrepancies.
Neither Ford Credit nor Experian has determined how many people have reported fraudulent charges or other problems. Mr. Girard said that Experian had received 2,700 calls since the letters started going out this month. Although the unauthorized inquiries began in April 2001, Ford first heard about the problem in February, Mr. Van Leeuwen said. Only 400 of the 13,000 victims were customers of Ford Credit, he said.
Dawn M. Clenney, a special agent at the F.B.I. office in Detroit, said that she could not comment, except to say, "We're on the case."
Mr. Girard, the Experian spokesman, said the company would work with the F.B.I. to catch and prosecute the intruders. "It just shows that today, even big companies can be victimized," he said. "it's a never-ending struggle against the bad guys."
Re:The bad news though, (Score:4, Informative)
As to your second point, I agree completely. At one point, Equifax was trying to gain control of medical records for people to link with the existing stuff. I'm not a fan of big government but Equifax,Transunion and Experian need to have STRICT government regulation because of the impact the information they carry can have on an individuals life. Forget that stupid cracker shit in "The Net". All it takes is a fucked up keystroke and you can't even rent an apartment.
The biggest piece of legislation I would love to see is this: Private companies are forbidden to use SSN's as customer identifiers. How fucking hard is it for a company to generate a random account number?
corporate identity theft (Score:4, Informative)
As a result. these script kiddies^w^w^w Ford was able to get identity theft kits on a truckload of (mostly) rich people just based on their home addresses.
If anything is going to put a big "oomph" behind online privacy initiatives in the states, I think that this may be it.
these are NOT hackers! (Score:3, Informative)
Repeat after me: this is not hacking.
Repeat after me: this is not hacking.
Repeat after me: this is not hacking.
This kind of activity is cracking, theft, robbery, a crime; but it is most definitely not hacking.
It happened to me (Score:4, Informative)
I was the victim of ID theft. You do not want this to happen to you. Ever. It involves filing police reports, calling every company that showed up on your credit reports and providing all kinds of info to their fraud departments. It took me over a year and a half of phone calls, faxes and emails to straighten everything out. I'm still getting calls from creditors about unpaid credit cards and such that clearly aren't mine.
I think it's obvious that if the only thing between theives and your identity is your mom's maiden name, your address, and your SS number, that it's been made pretty freakin' easy for them.(Granted it's not quite that simple, but it's damn close)
One thing that struck me throughout the entire process of cleaning up my credit reports was that I was doing the cleaning up. Here are 3 companies that basically control whether you can ever buy a house, and when they screw up and allow someone to assume your identity using their services, it's the victim that's left picking up the pieces.
IMPORTANT - Opt out (Score:5, Informative)
Call this telephone number. This number is maintained by the three credit reporting agencies and it allows you to "opt-out" of certain marketing games; basically, this means the three credit reporting agencies will no longer be allowed to give your credit report to marketers, but only to people with whom you actually have business.
Ford is a legitimate business; if you don't "opt-out," they can get a credit report on you. I opted out and I've never done business with Ford, so this story doesn't affect me.
Another nice thing about using this number to "opt-out": I no longer receive any junk mail. No more pre-approved credit cards, no more free offers, no more anything. I now look forward to checking my mail every day, as it only contains only bills and personal correspondence. I also say "put me on your do-not-call list" to telemarketers and I don't watch TV, so live in an almost completely ad-free world. It's a very nice world and I invite you in.