Slashdot Mirror
All The World Over, Your Stolen I.D.
MSNBC is running a story about a massive identity theft which is apparently traceable to people who ordered wireless service from Verizon. If you've gotten service online from Verizon, you might want to check your credit card bill post-haste. And make sure to cancel your Social Security number and date of birth too.
Y'know, America could salvage its image -and- make a real impact on crime, if "System Admining Under The Influence" and "Data Warehousing, Without Due Care And Attention" were hanging offences.
(Brings a whole new meaning to "Blue Screen Of Death".)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
I mean, really, FDR promised us that Social Security #'s would never mutate into national ID cards...
That's what we get for giving Big Brother a new toy.
And to top it off, SocSec is a pyramid scheme.
Now when my RealDoll shows up at the house, I can just tell my wife "Damn identity thieves are playing with my Visa card!"
Trolling is a art,
Here's a good post on fool.com about how one woman went about recovering from the theft of her identity.
This goes to show you that there needs to be controls over what sort of information a company can ask from an individual. Sure the are probably exceptions to the rule, but date of birth and social security numbers should not be necessary to open an account with anyone, but a bank.
Maybe this is where we need to use the approach of trusted third party authorization. Basically the only person you share this trusted information with is your bank and it is the bank who gives to a unique, time based, validation id to share with the company you are buying the service from. If a bank is incapable of keeping your details secret, then you know that you don't want an account with them.
Jumpstart the tartan drive.
I'm glad you put out this warning. I've discovered that over 16,000,000 people around the world are claiming my birthday as their own!
--
Sheesh, evil *and* a jerk. -- Jade
It cost me over 5,000 in lost charges, but luckily Visa has a 0 tolerance on fraud charges. For those with "Stolen Identity" change your SSN and DL # NOW because they can effectiley call your bank and change your PIN number or obtain existing PIN #'s and Mac/ATM withdrawals are NOT guranteed nor protected.
Firecash.com is an offshore billing company that does transactions for 3rd party billing companies so this is ONE WEBSITE TO WATCH. I have already filed complaints for both the casino, the casino's processor and firecash.com because they allowed charges with incorrect name, address, phone number AND expiration date to post.
It took over a month to get my money back, every check i wrote bounced, i couldn't pay my mortgage and i didn't get to do shit for my birthday. DON'T LET THIS HAPPEN TO YOU.
Keep 2 seperate banks. Be it as simple as a 2nd savings account or something with your work or local credit union. Don't put all your eggs into one basket. Since i had reported fraud the bank was required to lock ALL MONIES Until the dispute was processed and that alown takes days since they have to file affidavites and work with security departments of visa and such.
This sucks for alot of reasons, and i feel sorry for those who will be screwed for years to come.
Basically cost me my job since my credit cards put me on old because the payments bounced and i traveled 100% of the time.. airlines don't accept cash or promises to pay for tickets. Even my corporate card was locked because i had made a payment with a check that bounced because the account was locked before they deposited it.
So now i have disputes with check authorization companies, letters to my creditors, affidavites to my mortgage company, copies of statements and official letters to my car loan companies and letters to the 3 major credit departments just to fix up MY credit.
Take care of yourself, and don't put all your eggs in one basket. I never used my visa check card online, and now i don't even let my bank link my check card to my savings for rollover protection because that is how i lost every dime i had since the charges kept coming and the bank kept on transfering from savings to pay for them.
scary world we live in when people can generate numbers, steal your identity and post the charges and make out.. if it takes a bank 1 month to investigate that is way to long in the history time since website logs are archived or gone, ip's have long changed (on dhcp or dynamic dialups) and well, you should understand how things work.
Who cares about SSL? SSL is important for maybe one billionth billionth of the time your data is in someone elses hands. Ok, so the data is encrypted in transfer. Who cares, when the recieving company is happily saving away your data on a NT machine running It Isnt Secure? Every script kiddie and their grandmothers little dog can wait until two seconds after you press submit and dig the data out of there after that soooo secure SSL transaction.
To protect yourself:
Never enter nondisposable data. Use a disposable email address. Use a disposable CC number (or at the very least a low-limit creditcard). Never enter Social Security numbers (fake one, or use another option). Avoid using your real name. Avoid entering your real phone nr. Dont enter your age. Dont enter your profession. Make the data worthless and corrupt.
In my opinion the only way to handle this problem is to make it illegal for any company to store any sensitive information at all. They need the information? Fine, they get to have it for the 5 minutes they need it, then it MUST be wiped.
Hackers stealing the data is just one simple way the data gets out. Social engineering to disloyal employees through mergers acquisitions etc etc are other ways.
If you ever give out the information it will be stolen and misused.
Read the article all the way before submitting, sheesh. While its in vogue to knock Verizon Wireless, notice that it is not by any means limited to them.
Numerous times they mention the AT&T connection, and the URDigital.com connection. In fact, URDigital is the name of a folder specifically listed in the IRC transcript.
This looks to be a multiple vendor issue, not limited to one company.
These views are mine, not my employers.
GPL'd web-based tradewars themed space game
Actually you aren't legally required to give that number to anyone except the social security agency. If any company attempts to deny you service based on refusal to give out your social security number they will have violated the social security act and will be liable for time in a federal prison.
Also, you don't have to pay into it. It's a voluntary program just like over 90% of federal income tax. For more information on the opt in programs the IRS wants you to believe you're required to pay read Title 26 of the United States code. Unless you are a non resident alien, working for a foreign corporation, received a petition from the secretary of the treasurey, or manufacture producst susseptible to excise tax, You aren't required to pay federal income tax.
Request your IMF file from the IRS. Most of the time you'll see yourself classified as 4035, working for a foreign corporation. You don't have to file, you don't have to pay. Any employer that witholds tax is guilty of fraud, and the IRS's notices violate section 9b of RCP US code title 18 so you can refuse them for fraud. The law scares them. Enjoy!
I am the penguin that codes in the night.
Giving Your Number To Others
If a business or other enterprise asks you for your Social Security number, you can refuse to give it to them. However, that may mean doing without the purchase or service for which your number was requested. For example, utility companies and other services ask for your Social Security number, but do not need it; they can do a credit check or identify their customers by alternative means.
Giving your number is voluntary even when you are asked for the number directly. If requested, you should ask:
why your number is needed;
how your number will be used;
what happens if you refuse; and
what law requires you to give your number.
The answers to these questions can help you decide if you want to give your Social Security number. The decision is yours.
Our primary message is this--be careful with your Social Security number and your card to prevent their misuse.
If you think someone is misusing your number, ask us for the leaflet, When Someone Misuses Your Number (Publication No. 05-10064).
Originally your SS # was never supposed to be given out to anyone! But big business beat up big brother and started using it to profile each and every American. In fact, the business community forced the Government to require *all* citizens to have a SS #. So now from the second you pop out of your mother's private parts, you have to be registered with the SSA.
I personally think the ending to "Fight Club" would solve this problem once and for all.
Strange women lying in ponds distributing swords is no basis for a system of government.
and date of birth too.
Quick! To the time machine!
("no, listen you have to hold on for at least *checks watch* two more hours. no, i can't tell you why. oh, damn. nurse!")
Or something....
-j
Karma: T-rexcellent.
There are some good suggestions under "GENERAL ADVICE ON OPERATING WITHOUT A SSN" towards the bottom of this page..
---
Learn the rules so you know how to break them properly.
www.teslabox.com
did anyone else get an ad of OfficeXP for this article? I took a screen shot of mine: "For Identities, One Password." Maybe it's just the lack of sleep but I find this very amusing :)
-----
09
I'll just encrypt my social security number using the strong ROT13 encryption that Adobe uses.
Er, I may have to put more thought into this. Let me get back to you on that.
At both institutions I went to, you can refuse to provide it (I did). Many applications say something like "If you don't want to give us your SSN, we'll give you an ID number to use instead." As a consequence, my student numbers started with 993 and 999, respectively.
There ARE other options.
-Corvidae
Agreed, but what good does that do when a company chooses to move ALL its customer data gathering applications to the web? Would anyone like to comment on this scenario?
The result, it seems to me, is that the user is less and less able to protect themselves from personal data being stolen. Maybe I'm being paranoid, but I'd expect that SSL and the like was being used for the Verizon (and AT&T) web applications, too, yet this theft has occurred nonetheless. Could it be that we are once again running into the dangers of monocultures (put it all on the web) and the prolifieration of diseases (hacking web sites with larger and larger stores of data)? What can the average user do to protect themselves in such situations?
http://www.cpsr.org/cpsr/privacy/ssn/ssn.structure .html
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
*checking statement* "What the hell is this monthly charge from Verizon? They've been doing this monthly, like clockwork! Someone has to put a stop to this.
I love the smell of Karma in the morning
THink about the hell you'd go through changing SS#'s the next time someone asks for it! :) I used to be more laid back aout it - but am quickly starting to challenge companies that want my SS# - too bad - get another ID to use.
I'd have to rate changing SS3's above the nightmare of getting a new checkin gaccount or switching to a new health plan!
But beyond that - I'm a Cingular customer - so I'll have ot wait my turn to have my info sold er stolen.
Top Most Bizarre/Disturbing Error Messages
A buddy of mine recently got new wireless service through Verizon, but in the last week he's looked different... about half a foot shorter, maybe 50 lbs heavier, too.
Whatever... he's spending money like water and treating everybody at happy hour, so it's all good...
God bless those Albino Ninjas...
First they assimilate Bell and GTE, now all the users shall also be assimilated.
Behold! Witness the founding of the Borg collective!
"I drank what?" - Socrates
...you *can* legally change your SS# *if* you can prove that your current one has been used in ID theft and exposes you to similar crimes in the future.
.sig really belongs to my purusa
Link here.
this
You can avoid this problem by doing what I do...vigilantly maintain maxed-out, shitty credit. That way no one can make charges to existing accounts or open new ones. Thank god I got a head start on this in college. Little did I know when I was buying rounds for my friends that i was actually safeguarding my identity.
--
Do not taunt Happy Fun Ball(TM)
Most people will quickly notice additional charges on the credit cards... the more important thing is getting a Credit Report. Having gone though this several years ago... You need to get a credit report from each of the 3 Credit Agencies, look for both new accounts and new Inquiries into your credit report. It takes a while before a new account shows up, but as soon as credit is applied for, an inquiry is added.
Contact each company that has requested a report. Try to determine if an account was created(can be tough for some of the major companies that have alot of different types of credit accounts, to determine with line of business an account was applied for.
Get them to fix any other problems on the credit report and send you a new copy... this should all be free.
They will refuse to remove the inquiries even though they are frauduelent, but if anything is else is wrong (address, employer, etc) that was place on the report from the credit applications the thief use can be removed. Sometimes it will take several cycles to get everything fixed up, but this can work to your benefit. One of the inquiries, claimed no account was open... after getting the third report an account for that company showed up. Now with an account number it was easy to track down and contact the proper people to get it removed.
If accounts where opened and used, you will likely be required to sign Noterized letters saying you did not open or authorize these accounts.
Also be sure to add a statement to all three of the credit agencies reports. It should contain that you have been a victim of identity theft, and if they've acquired the report to grant credit, contact me a home xxx-xxx-xxxx, or work xxx-xxx-xxxx, to verify that I have request it before opening any credit. This will prevent the instant credit at some of the stores, but it is much safer.
Looking for any old 8-bit Heathkit/Zenith software/hardware - http://heathkit.garlanger.com
Now, from Verizon Wireless: We know you're busy. Sometimes you don't have time to enjoy the money you're making. That's why we at Verizon have come up with PERSON-FORWARDING. We forward your identity to a less busy person who can spend your money on your behalf. Just another service to make your life easier from Verizon Wireless.
</James Earl Jones voice>
Hey wait a minute. Bell Atlantic became Verizon. I used to have them. Crap.
m00.
What's even worse is when companies go under. Consider this: You give your confidential info to a company to sign up for their service. They go bankrupt and try to salvage what they can by liquidating everything they still have ... including lists of personal info. So some vulture comes along and buys their lists with your name and personal info and in turn sells it to several other companies just drooling over the new people to spam.
That's Mr. Eradicator to you.
That's Mr. Eradicator to you.
trance-port