Identity Theft Skeptic Ends Up As Fraud Victim

An anonymous reader writes "British TV host Jeremy Clarkson recently wrote a newspaper editorial ridiculing the uproar that had occurred after the British government admitted to losing two compact discs containing the personal information on 25 million people. To support his claim about the overhyped risks of identity theft, he published his bank account information in the article. Proving that some identity thieves have a sense of humor, a week later, he found out that someone had set up an automatic bank transfer for $1000 to a diabetes charity from his account. This comes less than a year after the CEO of LifeLock, an identity theft protection company which publishes the CEO's social security number on its website, himself was a victim of financial fraud. Back in July of 2007, a man in Texas was able to secure a $500 loan from a payday loan company using the CEO's widely publicized SSN. Will this latest incident finally prove that identity theft is real, and that publishing your own financial info is an invitation for fraud?"

Poetic justice

[nullCRC]

Plain and simple.

Re:Poetic justice

[Naughty Bob]

I like the scam they pulled, but to be truly poetic, the bank transfer should have gone to Friends of the Earth. Anyone who knows of Clarkson will understand.

Re:

[modecx]

I like the scam they pulled, but to be truly poetic, the bank transfer should have gone to Friends of the Earth. Anyone who knows of Clarkson will understand.

Hahah, no kidding!

Re:Poetic justice

[blorg]

Any explanation for those of us across the Atlantic from all things Limey?

Clarkson [wikipedia.org] presents Top Gear, a very popular BBC motoring show, and is well known for his skepticism of all things hippie or environmental.

You may appreciate his views on America [wikipedia.org] (choice quote 'when being chased by a gang of rednecks': "I honestly believe that in certain parts of America now, people have started to mate with vegetables.")

Re:

[bchernicoff]

The key words there are "certain parts". Have you ever been to those parts of the country? He's probably right. I say this as someone born and raised in Oklahoma and who has spent some time in Biloxi, Miss.

Re:Poetic justice

[cHiphead]

That sumbitch bettar stay outta our Amer'ca or we'll kick his r'mainin good teeth owt!

I bet he's a terrist too!

Re:Poetic justice

[mcpkaaos]

his r'mainin good teeth

He's British.

Re:

[_xeno_]

Some version of Top Gear (with parts edited out, mostly to squeeze in the US standard amount of advertising) is broadcast about a year out of date in the US on BBC America. It's on several times during the week. (Currently Mondays at 8PM ET and again on Saturday at some time that TiVo knows and I don't.)

So if you're in the US and you get BBC America, watch it, it may be the funniest show on TV! The only issue might be minor differences between US and British English, but anyone who can't figure that out p

Re:

[teh kurisu]

I can refute both your points by referring to the episode where Clarkson declared the Peel P50 [wikipedia.org] to be the best car in the world. A bit of an extreme case, I'll admit, but they also have good things to say about a lot of regular cars (for example, the modern Fiat Panda), as long as they can turn it into an entertaining segment. They refer to the Ford Mondeo as a very good car, but it's rarely mentioned because it's just not entertaining.

Re:

[Billy69]

The pitted a standard Mustang against a standard Lotus Elise, both of which can easily be bought in the UK. Moreover, the Mustang costs more.

Re:

[Malevolyn]

He obviously doesn't use the internet for its intended purpose, otherwise he'd know people DO mate with vegetables.

Re:Poetic justice

[blorg]

Thanks, and what might explain why they picked a charity for diabetes?

I don't know why they picked diabetes; I was explaining the comment about why they should have chosen Friends of the Earth. Clarkson is a notorious anti-environmentalist. A lot of what he says and does is posturing - he's deliberately offensive to goad a reaction out of people, but there is a certain segment of the British public that laps up anything the man says as gospel (a segment not unlike the rednecks mentioned above ;-)

On the flip side, a recent episode of Top Gear featured the presenters in a race across London- by car, bicycle, public transport, and speedboat on the Thames. Of course the bike won...

Re:

[LordP]

Of course the bike won...

Not only that, but the car lost by a significant margin. Having Captain Slow driving it probably didn't help though.

Re:

[itsdapead]

I don't know why they picked diabetes; I was explaining the comment about why they should have chosen Friends of the Earth. Clarkson is a notorious anti-environmentalist.

Maybe they wanted to be sure of hitting Clarkson in the pocket?

Had the fraudster chosen (say) FoE then Clarkson could demand the money back with perfect integrity, since - love him or hate him - he has never made a secret of his position on environmental issues and could reasonably refuse to support FoE as a matter of principle.

If, howe

Re:

[rkww]

> Thanks, and what might explain why they picked a charity for diabetes?

According to Computing [vnunet.com] magazine, it's because "Diabetes UK ... did not require a signature to set up a standing order."

Re:

[Bloater]

And nor did his bank. That is the frightening bit. I give my bank details out to people such as letting agencies for credit checks, employers.

If my bank is just like his then they'll be happy to give my money out to all comers. If the account details are all that is supposed to be required to withdraw money, why do I need separate codes for internet and telephone banking?

Not quite

[Anonymous Brave Guy]

Just as a point of relevance here, Clarkson was victim to a fraudulent direct debit [bbc.co.uk], not a standing order. While both are useful for similar things, the mechanics in the two cases are quite different.

A standing order is normally some sort of regular payment you set up yourself for a constant amount, such as a monthly rent payment to a landlord. A direct debit is set up by the recipient and can vary in amount and date it is collected, and is typically used for paying things like utility bills, where the money owed varies a bit from month to month.

The key difference, for the purposes of debunking the hype here, is that because of the obvious danger in letting a third party instruct your bank on your behalf and then withdraw your money remotely, all direct debits are covered by the Direct Debit Guarantee [bba.org.uk]. Among other things, this says that if something goes wrong, your bank must refund your missing money first and ask questions later. A corollary of the latter is that Clarkson is unlikely to have any trouble getting his missing money back here, ironic and amusing as the incident is.

Re:

[Torvaun]

How astute of you, figuring out that he was a foreigner with nothing more than his statement that there is an ocean between him and Great Britain. Very clever indeed. Do you live on Baker Street, perchance?

Re:

[Bloater]

There's an ocean between /me/ and Great Britain too, but that's because I drank 5 litres of water today and I just wet myself.

They didn't have a lot of choices...

[Joce640k]

In the UK you can only set up a direct debit to certain registered things, one of them being charities.

The pranksters couldn't have set up direct debit to their own account, for example.

Re:They didn't have a lot of choices...

[ShieldW0lf]

This guy is a jackass.

"I opened my bank statement this morning to find out that someone has set up a direct debit which automatically takes £500 from my account," he said. "The bank cannot find out who did this because of the Data Protection Act and they cannot stop it from happening again.

Admitting the error of his previous article dismissing identity theft concerns, he wrote that, "I was wrong and I have been punished for my mistake." The incident seems to have changed his opinion about the risks to which the 25 million Brits have been exposed. "Contrary to what I said at the time, we must go after the idiots who lost the discs and stick cocktail sticks in their eyes until they beg for mercy."

So, does that mean that every charity and bank out there who has to deal with administrative headaches because he gave his information away should get to poke sticks in his eyes?

Re:

[fabs64]

He said "the idiots who lost the discs".

Also, you're aware that clarkson is a comedian yes?

Re:They didn't have a lot of choices...

[ultranova]

I believe the GP was pointing out that he was just as careless with his information as were "the idiots who lost the discs".

The key word being "his", as opposed to "25 million peoples".

There is a certain difference between being careless in a way which will cause you trouble, and being careless in a way which will cause other people trouble.

Re:

[iangoldby]

Ahem. You didn't read what Joce640k wrote:

you can only set up a direct debit to certain registered things, one of them being charities

(emphasis mine). Telecom companies fall under the category of 'certain registered things'.

Point is that you and the bank know exactly to whom the money has gone (they are registered) and you can always get the money back, no questions asked, through the Direct Debit Guarantee.

Schadenfreude

[Dr Caleb]

Clarkson, you ponce!

And learn what a pickup truck is designed for, would ya?

Re:

[Anonymous Coward]

They were DESIGNED to carry a small bag of £11 firelighters in little metal pots so you don't get the paraffin smell on your hands, ya maroon! (F-series)
Or to be put on top of a building being demolished (hilux)
Or to have an incredibly large outboard motor attached to the back and get capsize on a reservoir (another hilux, which he broke!)
Or to be driven to the north pole. (modified hilux)

What did you think they were designed for?

Re:

[Thansal]

What is that, some kind of Nazi word?

Re:

[Thansal]

bah, people need to watch Ave Q more. (ok, so I knew I was gona get modded troll, but it was still worth it :P)

Bwahahahahaha!

[MightyMartian]

In the immortal words of Bugs Bunny: "What a maroon!"

Re:Bwahahahahaha!

[VGPowerlord]

From the other guy's perspective:
In the immortal words of Bugs Bunny: "Ain't I a stinker?"

Re:I thought security through obscurity was baaaaa

[multisync]

Most of you have scoffed for years at anyone using security-through-obscurity in any security model at any level, yet by making fun of people who have been exploited for revealing account information in public you are clearly upholding the principle

Not revealing your social security number isn't "security through obscurity" any more than not leaving the combination of the safe on a post-it note stuck to the safe door is.

An example of "security through obscurity" would be "nobody knows about this money I hav

If you give it away

[Bongo Bill]

If you give personal information away freely, is it really accurate to call taking it theft?

Of course, what defrauders do with it might constitute stealing. But that's less "identity theft" and more "money theft" if you ask me.

Re:If you give it away

[Billosaur]

Well, giving away the information for free doesn't make it a crime for you to possess the information. If you then use it, claiming you are a person you are not, that's fraud and illegal in most jurisdictions.

Re:

[smilindog2000]

I notice that few of us here offer any real personal information... my e-mail is bill@billrocks.org, and if you bother to reply to a challenge e-mail, I'll read whatever you have to say. Put financial information on-line? Hell no. That'd be plain stupid.

Re:If you give it away

[Hognoxious]

If you then use it, claiming you are a person you are not, that's fraud and illegal in most jurisdictions.

And any bank and its imbecile staff that allows you to pretend to be someone you aren't because they can't be arsed to properly check[1] should be liable for the loss themselves.

Before anyone claims that giving his bank account number out was irresponsible - it's printed on the bottom of your cheques.

[1] Even if more than one person can have the same name, it should be easier than normal in this case.

Re:If you give it away

[Jhon]

When I freely publish my business name and address in the phonebook, is it really accurate to call it theft when someone breaks in to my store and steals my stuff? Granted, it's not the same thing, but to publish your personal information does not give someone the right or permission to use that information for fraud any more than publishing my business address gives someone the right or permission to commit B&E.

With regards to "identity theft" vs "money theft", the end result is usually the theft of money. The label of "identity theft" basically describes HOW the theft took place...

Re:

[Jason Levine]

Identity Theft can lead to bad credit (and years wasted trying to restore your credit) which can mean loss of a house. It can even lead to criminal charges mistakenly being attributed to you [blogspot.com]. The thieves really are stealing your identity to commit their fraudulent and illegal activities. And even though you still have your identity for your own use, it becomes sullied by the actions of the thieves. (Just in case someone wants to claim that the "copying music online isn't stealing because they still have

Re:If you give it away

[ArsonSmith]

Copying music online isn't stealing because it's copyright violation.
Obtaining and using a persons identity isn't theft because it's impersonation fraud.

Please let's use the correct terms.

Re:If you give it away

[russ1337]

Yeah, I just can't believe someone could be that stupid.

Signed

Sam B. Carswell
4994 Pin Oak Drive
Whittier, CA 90603

Email Address: SamBCarswell@fontdrift.com [fakemailgenerator.com]


Phone: 562-943-0713
Mother's maiden name: Grondin
Birthday: January 27, 1955

Visa: 4532 7971 3753 8401
Expires: 12/2009

SSN: 550-80-1765

UPS Tracking Number for my Plasma TV: 1Z 195 055 46 3018 447 5

Re:If you give it away

[KublaiKhan]

Yes, but what's your /. password?

Re:If you give it away

[chooks]

It's a six digit ID. Who cares? :)

Re:If you give it away

[WK2]

It's a six digit ID. Who cares? :)

I do.

Re:

[Dephex Twin]

What, no security code on the credit card??

He had it coming...

[Red Samurai]

That was a pretty arrogant move, even for his standards, and I'm sure he's be humbled (somewhat) after being taken down a peg. I guess that's the price you pay for overconfidence.

Re:He had it coming...

[imipak]

Humbled?? Is this some sort of secret clone Clarkson that's roaming the earth? Doesn't sound much like the tosser we know and loathe so much. Viz ran a Roger Mellie (The Man on the Telly) strip taking the piss out of him, it has him doing a piece to camera - "this is the all-new Ferarri Testosterone, and it's 500 BHP of snorting, snarling bitch. If this car was a woman I'd drop my kecks right now and give it one right up the exhaust pipe. IN fact I think I will!" (next frame) "Ugh! Ugh! Ugh! Yeah, bitch, you like it like that don't you?!" "sproing, sproing sproing" (car springs) "Cut!"

Re:

[IamTheRealMike]

Zero points for you! TFA says that Clarkson admitted he was wrong and that his previous opinion was bullcrap.

Even so, this escapade won't change my opinion of the man as funny but still an arsehole.

Re:

[lbgator]

He admitted he was wrong. From BBC [bbc.co.uk]:

Clarkson now says of the case: "Contrary to what I said at the time, we must go after the idiots who lost the discs and stick cocktail sticks in their eyes until they beg for mercy."

Privacy Amendment

[Doc Ruby]

The US Constitution needs a Privacy Amendment specifying that people's right to privacy in our personal data shall be protected, that no one has the right to copy any such data except as necessary to complete the immediate transaction for which it was transmitted by that person, except under explicit permission from that person.

The 4th Amendment already makes explicit the right to such privacy, but it clearly isn't enough anymore - not for a long time. But since the 4th Amendment itself was merely an emphasis of a right already implicit in the Constitution, but worth repeating explicitly to ensure government protection of it (like the rest of the Bill of Rights), it's perfectly appropriate to reiterate it in terms easily enforceable in the current era, like copyright terms.

Re:Privacy Amendment

[Doc Ruby]

I hear this all the time, usually from Anonymous Cowards too scared to say something so anti-American in public. So I always rebut it, because I understand America, rights and government.

America is built on the simple, but radical (for the 1780s, anyway) realization that people have rights, create governments to protect those rights, so when we create them, we must create them with powers to protect them, but not to abuse them. We have a right to privacy, as the 4th Amendment says. The government exists to protect it,

Or are you going to tell me that, say, the 13th Amendment banning slavery limits only the government from owning slaves? No, freedom is a right. Rights are inalienable, not just "inalienable by the government".

Re:Privacy Amendment

[wombert]

We have a right to privacy, as the 4th Amendment says. The government exists to protect it

Wrong. That's not what the 4th amendment says. The 4th amendment puts a limit on the government's ability to invade your privacy:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

It does not establish a right to privacy; that right, since it is not expressly surrendered to the government in the Constitution, is reserved to the states and the people via the 10th amendment.

It is up to your state and local government to define the limits of other individuals' ability to encroach on your privacy and property. (Similarly, it is up to those governments to specify how they protect individual's lives from the threat of other individuals.) If they fail to sufficiently protect those rights, well, there's always the 2nd amendment...

Re:

[Doc Ruby]

No, it explicitly mentions the right to be secure in their persons, papers and effects. Those rights aren't "established" except insofar as they're identified, which they are here. Then the government that we created to protect our rights is instructed to protect that right. That's how rights, and the government, actually works.

Re:

[gstoddart]

Or are you going to tell me that, say, the 13th Amendment banning slavery limits only the government from owning slaves? No, freedom is a right. Rights are inalienable, not just "inalienable by the government".

As much as I largely agree with your sentiment, it's contingent on everyone else playing by the same rules.

In this case, the underlying assumption of the legal system is that these rights are, in fact, inalienable. So it binds the government to adhere to that.

However, that doesn't mean that everyone

ok, a bit of the florida coast...

[Scrameustache]

America is

The name of the continent on which many countries, including the one you're talking about, are located.
It is named after an Italian mapmaker, from drawings [britannica.com] that did not feature the country you're discussing.

You may resume defending your rights.

Re:

[radarjd]

We have a right to privacy, as the 4th Amendment says.

The 4th Amendment says: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The 4th Amendment absolutely does not create a generalized right to privacy. The Supreme Court examined this issue in detail in Griswold v Connecticu

Re:

[Doc Ruby]

No, you fail the most basic test of all. You don't understand what rights are. No court or Constitution gives you rights. All the Griswold case did was give the government a procedure for analyzing how our Constitution is constructed to see whether and how it protects that right or not. So here you are staring at the Supreme Court, which did indeed find that

The right of the people to be secure in their persons, houses, papers, and effects

meant that there is a right that people have, which the US government

How??

[jackjeff]

How in hell is this possible?

Isn't your bank the only institution able to transfer money out of your account? Don't you have to show your ID? Don't you have to sign some documents???

My opinion is ID theft is only possible because the clerks in the banks are too lazy to check for an ID or a signature. Whenever you go to a bar in the US, they will look at your ID before they serve booze, but if you set up a $xxxx account/load no one will ever check it. This is just how ridiculous the system is. Account number without proof of identity should be as useless as a car without gas.

Re:

[PJ1216]

Whenever you go to a bar in the US, they will look at your ID before they serve booze.

This is true. But what about fake IDs? If a kid in high school can get a fake id, i'm sure its not THAT difficult to get a fake ID if you got the right info to put on it.

Re:How??

[stranger_to_himself]

Isn't your bank the only institution able to transfer money out of your account? Don't you have to show your ID? Don't you have to sign some documents???

Not at all. I've just set up direct debits to pay my bills just by sending my bank account number to the electricity company. They do the rest. Presumably they just take my word for it that it's my money, and then the bank sets up the debit without asking any questions.

Oh actually I think there was a 'this is not a fraud' tickybox.

Re:

[gstoddart]

Isn't your bank the only institution able to transfer money out of your account? Don't you have to show your ID? Don't you have to sign some documents???

No, you can sign a form with a company allowing them access to your account.

I've done this with my insurance company for years. However, I won't let anyone else do it because I've heard too many stories of the company messing up and taking too much money too often or what have you. I don't remember the particulars, but I don't think I had to involve my ba

Naiveate`

[Burning1]

A lot of people are very naive about the security provided by credit cards and checking accounts.

I used to run credit cards and EFT as part of a previous job, and I was responsible for setting up the system. The only thing I need for an electronic funds transfer is your bank routing and account numbers. All that information is available on a voided check.

The only security you have, is that it's difficult to complete these kinds of transactions anonymously. Bank fraud is a big deal if you are caught.

The same is true of credit cards. Your signature is a contract promising to pay. It protects the business against customers reversing charges on purchased goods. It is not used for authentication of any form.

Re:

[jrumney]

The only security you have, is that it's difficult to complete these kinds of transactions anonymously.

It's difficult to complete these kinds of transactions anonymously, and still get your hands on the money. Which is why the exploit in this case was to set up a regular payment to a charity.

Re:

[east coast]

Whenever you go to a bar in the US, they will look at your ID before they serve booze, but if you set up a $xxxx account/load no one will ever check it.

What's worse is that if a bar serves an underager they get slapped with a fine and worse. When cashiers don't bother to check for ID and they let a fraudulent purchase get by there is no penalty for not following protocol. I know this is hard to enforce since it probably has no real legal leggings but it would seem that being able to sue companies that are

No, there are systems to do it

[Sycraft-fu]

In America the big one is the Automated Clearing House. That's how you do thing like automatic bill pay or such if you want. The company you are paying tells the bank "The customer for this account said I could have this much money," and the bank transfers it. Now the balance on this is that you don't just hop on the network. I can't just go and do an ACH debit from your account. Those that are part of the network are subject to strict regulations, once of which being you have to say it is ok for them to ta

It only works for certain registered entities...

[Joce640k]

UK law allows you to set up direct debits to certain registered entities without too much verification. The pranksters simply chose one of them.

There's no way a thief could transfer money to their own account (in theory).

Re:

[Albanach]

Isn't your bank the only institution able to transfer money out of your account?

Generally yes. The banks also approve companies and non profits who can then take part in the Direct Debit scheme. They can then set up a mandate and start collecting money from your account say as bill payment or a membership subscription. These transactions are covered by the Direct Debit Guarantee.

Don't you have to show your ID? Don't you have to sign some documents???

No, these can be set up electronically online or over

Re:

[dlim]

Just a comment on the laziness of the banks: My wife and I each have a separate checking account and we have a joint account that we use for bills. Last year, I accidentally wrote our rent check from her personal account instead of the joint account. At the time we had completely different names, and the name I signed on the check didn't even resemble the name printed on the check. The bank cashed the check. Probably didn't even look at it.

I don't know why people go through all the trouble of ident

Re:How??

[jackjeff]

I don't know the UK system very well, but I have lived in Germany and France for some time.

Direct debit can only be set up for large institutions like major phone company, electricity company etc... These are either tight to a particular location or your ID is checked (for instance for mobile phones). It's pretty hard to do anything nasty with that.

Wire transfer over the internet requires a one time pad in Germany. You receive a list of codes via secure mail (the same as the one used to send you credit card PIN). In France it sucks, but basically it is not so different from the US, you have to sign up for the service and various password / identification schemes are put in place (although they suck compared to the German OTP).

In France one of my banks even required me to go to a branch to register the bank number before I could make a transfer.

Re:

[SomeoneGotMyNick]

hey, I've heard that car without gas can actually be useful for some thing called 'sex'?

In that case, it's just like your credit. One mistake, and you lose financial freedom and are paying for it for the next 18 years or so.

Re:

[Entropius]

That's absurd, then.

You can get a digital camera that fits in your pocket that has an angular resolution of 0.002 degree. (Panasonic FZ18, $299). If you want a little more resolution, put a teleconverter on it for a resolution of ~0.0013 degree. I doubt it would be very hard to disguise one of those and photograph people's checks (or, for that matter, credit cards at gas stations) from a significant distance away.

Will it lead to stricter regulation of credit?

[Reality Master 201]

It seems like making people paranoid about protecting their personal data is the wrong way to attack the problem, especially given the significant chance that whatever they do, some 3rd party will release that data and put them at risk.

Instead, we should remove the incentive for identity theft and make it MUCH more onerous and difficult to get anything worthwhile out of stolen financial data.

Plus, it'd be nice to not get those 10-15 credit card offers a week in the mail.

Re:Will it lead to stricter regulation of credit?

[Anonymous Coward]

"Plus, it'd be nice to not get those 10-15 credit card offers a week in the mail."

No, no, no! You're looking at this all wrong!

I LOVE getting those free offers in the mail - but only the ones with the return-postage-paid envelopes.

Did you know that you can tape that envelope to ANYTHING (almost...) that weighs less than 70 lbs.? And it will be delivered?

That's how I get rid of my old 486, 386, etc computers. And I don't fill up MY landfill! (And they have to dispose of them correctly!)

Sweeeet!!

Re:

[CodeBuster]

They changed the postal regs on that one a long time ago, at least here in the United States (I think it goes back to the Nixon presidential campaign during the 1970s when people were using his postage paid campaign fund raising envelopes to mail bricks and other heavy objects by taping the envelope to the object in question). Anyway, if it doesn't fit inside the standard envelope or weighs more than a certain low amount, less that 3.5 ounces and 0.25 inches thick are the maximum limits for standard envelop

Re:

[account_deleted]

Comment removed based on user account deletion

Re:To answer the question

[gnick]

Actually, it doesn't say that he was a victim of "identity theft". It says that he is an "Identity Theft Skeptic" and that he is a "Fraud Victim". The article called the crime "identity fraud" which seems accurate. Somebody said "These is my account information, please accept my money." - Perfectly describable as "identity fraud" and nearly enough for the article submitter to assume that the fraudsters were "identity thieves" as he described them.

Re:To answer the question

[raftpeople]

When it becomes "theft" is when someone steals an identifying document, such as a passport, social/national security card, or a driv[er's|ing] licen[c|s]e.

So, if they steal a document then it's identity theft, but if they create a false document using accurate information, then it's not identity theft?

Clarkson announced it on Top Gear

[Manny_Bones]

During the news segment this season. He somehow blamed it on using his credit card at the gas pump, whether or not it was while filling up his Lamborghini he didn't say. James May did not say "oh cock" to this.

Hoist on his own petard

[whitehatlurker]

Clarkson now says of the case: "Contrary to what I said at the time, we must go after the idiots who lost the discs and stick cocktail sticks in their eyes until they beg for mercy."

I wonder if he poked sticks into his own eyes ... after all, he did exactly the same thing, the only exception being that he did it to himself, rather than to others.

I can only hope he continues to contribute to the charity so he can stay humble.

Direct Debit Guarantee

[Albanach]

To be fair what happened was someone set up a Direct Debit in his name, where a company or organisation can deduct money directly from your bank account. These are _very_ common in the UK, much more so than direct bill payment in the US.

One of the reasons they are so common is that every transaction under them is covered by the Direct Debit Guarantee [bacs.co.uk]. Under this, he can get an immediate refund from his bank just by asking.

The process of being approved to collect direct debits is pretty arduous, as the banks bear a lot of the costs if something goes wrong. At the same time, the consumer has a level of protection light years beyond that offered in the US for similar transactions.

It's not that uncommon for friends exchanging money in the UK (say someone borrowed some cash for a night out) to simply hand over their bank details and get the money from their friend as an electronic transfer using online banking. In general it'd be pretty difficult for someone to take money from an individual's bank account, even knowing their details for their own benefit. I'm not even sure most online banking in the US lets you deposit money directly into another person's account?

Strangely

[Billosaur]

I still hear the LifeLock commercials on the radio as I drive to work all the time. I don't see how they can prevent someone from stealing your identity, especially if you're dumb enough to give out the information to people who will use it for nefarious purposes. If all there offering is a service to undo the damage, that might be useful given how time-consuming it is, but then can they necessarily represent you to organizations where you need the information changed or charges nullified?

available information vs. foot in mouth

[MyNymWasTaken]

The information he gave out was the same information a person gives out when they hand over a check. It's analogous to a pundit loudly proclaiming that it is perfectly safe to walk around outside. This is then demonstrated by walking through a large crowd of people. Somebody decides to prove otherwise & stabs them in a non-lethal manner solely to illustrate the point.

Re:

[smaddox]

Except you don't usually send checks to people you don't know, unless you are buying something.

So really, it's more analogous to a pundit loudly proclaiming that it is perfectly safe to walk around inside a prison. This is then demonstrated by walking through a prison with $100 bills stuck out of his pocket. Somebody decides to prove otherwise and steals the money solely to illustrate the point.

Open Mouth.

[AndGodSed]

Insert Foot.

Clarkson has a no-nonsense approach

[daveewart]

Regarding the recent loss of CDs containing data on 25 million UK people, Clarkson says: "We must go after the idiots who lost the discs and stick cocktail sticks in their eyes until they beg for mercy."

Can't argue with that.

Re:

[LWATCDR]

Yea except he himself thought that it was no big deal to start with and harmless... So when does he start sticking those cocktail stick in his own eyes?

where are the class action lawyers?

[peter303]

With all the money being lost in this kind of crime you'd think the vulture lawyers would be swarming all over the poor practices by financial companies. These companies have lots of money to "liberate". The crimes are utter negligence.

It has to be said...

[_xeno_]

Identity theft - how hard can it be?

(And if you don't get it, watch Top Gear [wikipedia.org].)

Data protection act ?

[Alain Williams]

Why the F should the data protection act stop the bank investigating fraud ? What questions are the bank prohibited from asking ? In the UK the data protection act is often used by organisations as an excuse to not do something - quite often because the are too lazy to do a proper job.

If a crime bas been committed the police have good reason to seek to have privacy doors opened - perhaps with the oversight/approval of a judge. Recent UK legislation is giving civil servants wide investigation powers - without judicial oversight.

This smacks of an excuse.

How Many Different Ways....

[mpapet]

Can this topic come up and not a single person asks ANY of the following questions:

1. I get someone elses ssn, and I'm off to the bank. (or whatever) Why is the process that associates a unique identifier (U.S. = SSN) with financial activity so simple?

2. Why does "sucks to be you" suffice every single time this issue comes up?

3. While individual financial data is available to the financial institutions, it's totally opaque to the consumer. Ex. how is my credit score calculated? How come consumers have practically no control over it?

4. The risks of an easy credit system far outweigh the benefits and yet no one seems to acknowledge this. An indirect example of this is the bad packaged loans that are driving the current "credit crunch."

Transparency is the keystone to a healthy economy and yet there's less and less with each passing year.

Wrong Focus

[Anonymous Coward]

The report here should not be that some person had their identity stolen.
The report should be that some dumb bank transferred funds without checking identity.

The sooner we put the right focus on this problem, the better. It shouldn't be called identity theft. It should be called bank malfeasance.

When somebody walks into Citi bank and tells the teller my name, the teller shouldn't hand all my cash over to that person. That isn't identity theft; it is complete incompitence, or worse, collusion.

Don't report th

Banks and businesses should take the heat

[amadeus733]

If someone steals money from my account it is totally up to bank to deal with it, I usually don't care and in only one occasion when something happened I got my money back in hours. Law should put all responsibility in these cases on thieves and companies who failed to verify identity. If companies and financial institutions would be held responsible for not validating customer's identities properly I guess identity fraud cases will drop dramatically. If they afraid to make few extra checks in fear of losin

Re:

[Shados]

Its not quite that easy... There's a question of convenience here, and do too much, and your customers get fed up.

Take Visa's "Verified By Visa" program. For a long time I'd systematically avoid online stores requiring it. Its just one more password I have to remember or store in a password manager, I always forget the darn thing, and if it takes me more than 3 tries to remember it, I have to call my back to get the freagin card unblocked. Its total hell.

Now, not long ago, I got my debit card cloned (ironic

Clarcson manages to be both an idiot and a genius.

[lattyware]

God, Clarkson is a Genius, yes, he may act like an idiot sometimes (case in point) but for humerous value, it's incredible, and he is a guy you can relate to - everything he says, if you agree with it or not, you can see where he is coming from, and laugh at the way he presents it. Much like Zero Punctuation or for the more adventurous, Encyclopedia Dramatica. Recently there was a petition signed by many on the UK Government's website for Clarkson to become prime minister - everyone likes the guy. He always

Re:

[dave420]

Not everyone likes the guy. Some folks realise he's intentionally an ass to get great reactions from folks. He does make great TV, but it's contrived. It's presented as non-scripted, but that couldn't be further from the truth. I like a lot of what he does, but I wouldn't trust him with anything important.

Information != ID

[davburns]

I think this is possible only because people confuse information about an identity with that identity, and therefore believe that knowledge of that information proves that the person is who they say they are.

I think there's way too many people and organizations with legitimate access to all kinds of information about me for me to consider that my SSN (or an account number that's printed on every statement that goes through the mail, or 16+4+3 digits on a credit card) is a good shared secret between me and my bank (or employer, or anyone.) Then, there's all the people who have illegitimate access.

We still use this because... it works "well enough." Banks make enough that they can cover the loss from a few fraudulent loans. And a person having to clean up a credit record is a PITA, but it's doable. And it's an externality from the bank's perspective.

Thinking about this, I don't have a real solution. It's advisable to guard your psudo-secrets, when you can. A law or two to help this might help, but not get rid of the problem. Until someone comes up with a good identifier[1], we're stuck with it.

[1] For values of "good identifier" that include a way that one person can prove they are the same person who established the good credit / made the bank deposit / whatever, including letting someone act as a limited agent of another (so the power company can take my electricity bill out of my account, but not let a rogue employee take all my money and buy Enron stock) and also doesn't let someone establish multiple identities with which to keep ripping off banks and others.

It kind of proved his point

[geekoid]

He published is information, and the only thing that happened was an automatic withdraw?

If it was as rampant as people are bing led to believe, his account wold have been empty.

Yes, it exists, but I don't think it's worth the panic people tend to go into.

Of the millions and millions of people whose information has been stolen or lost or were copied froma computer system, only a very tiny fraction have been the victims of identity theft.

skeptic is right

[petes_PoV]

The article called him a skeptic because he was skeptical that there was any danger in giving out his name, bank account details and hints of his address. This was a result of the furore about the 25 million NHS details that were lost last year - he didn't think there was anything to worry about.

He was wrong and went on to say so

Exactly

[EmbeddedJanitor]

Clarkson is primarily an entertainer. 500 quid for a gag like this is pretty cheap. Like all entertainers, Clarkson takes liberties with the truth. I would not be suprised if the whole thing is a scam done for a bit of a laugh.

Re:

[ericferris]

As far as I understand, it started with people wondering why Clarkson wasn't going ballistic after the poor IT management practices of UK government agencies were recently revealed (again). For some reason, he decided to cut them some slack on this one and to de-dramatize the situation. Maybe he didn't want to look like he was a kneejerk critic of the Labor gummint. After all, these days, everybody is slamming them, and contrarians like him will always try to go against the flow. Turns out it IS really a b

Is he running Vista?

[PRMan]

I mean, 60%-90% CPU cycles while doing nothing would be normal then, right?

Re:News?

[syousef]

Okay this article mentions:
1) Identity theft
2) A celebrity who holds extreme views on a wide range of topics of interest to nerds, from the environment to computers and identiity theft.
3) The celebrity has changed his mind on the topic after being proven wrong by a very cheeky identity thief.
4) That celebrity presents a show that does interest nerds. (Not just the cars either. One episode showed a car being blown off the tarmac by a 747's engine thrust).

How is this not news? How is this not interesting?

Yet a comment like yours gets modded as insightful instead of -1:troll. More proof that /. comment moderation is badly broken. Burn Karma! Burn!