Slashdot Mirror
Consumers Data Stolen from LexisNexis
LE UI Guy writes "Reuters is currently running a story regarding LexisNexis being tapped into by identity thieves who accessed up to 32,000 customer profiles. Information hit included names, addresses, Social Security and driver's license numbers. This comes on the heels of rival ChoicePoint being breached for 145,000 profiles last month in a similar case. Better check yourself." Update: 03/10 02:40 GMT by J : ChoicePoint's name corrected (and, it may be more than 145,000, they don't know).
Anyone got a torrent of it?
I am sure glad I don't drive a lexus.
Woe to the sysadmins at these places!
READY.
PRINT ""+-0
Jesus! I've seen this mistake on the national news and now on slashdot. I thought the geeks would realize there is a difference.
Let me make it clear, CheckPoint makes security software, rfid badges and firewalls. They are not the ones who sell all of your information to credit card companies. CheckPoint has no info that you didn't give them. ChoicePoint is the one that fucked up!!!
Can I get an eye poke?
Dog House Forum
boy.
This is a huge deal, but it's bound to happen. I should be bitter because I've had my identity stolen (somehow, may not be similar). What is this going to do to LexisNexis? They keep track of they keep track of government, law, and company data? I see some stock going down...
Want to learn about anything sexual? Check out the sex wiki:
Make the CEO, CTO and Customer Support manager provide their own personal information in their own databases.
This comes on the heals of rival Check Point being breached for 145,000 profiles last month in a similar case. Better check yourself.
Can someone post the list?
Checkpoint ( www.checkpoint.com ) makes firewall software. THEY HAD NO CUSTOMER INFROMATION STOLEN. please update the story and make sure the facts are correct - its pretty freaking rude to say a company lost data, especially an innocent company.
Choicepoint lost the data. not Checkpoint.
You mean ChoicePoint.
Beep. Boop. Beep. You have questions. I have answers and your home address.
Here come the lawyers!!!
Visualize Whirled P.'s
Check yourself? What does that mean? Check that you haven't been stolen? What if you haven't - what can you do to stop it from happening after you check?
These corporations are destroying the value of our essential property: our identities. They demand we give our personal info, without enforcing our copyrights to prevent its being disseminated, then let it get stolen by people who will use it to damage us. When someone rips me off with some personal info they stole from some negligent data warehouse, the warehouse should be liable for my damages, including the work to recover my losses, and the defamation that will inevitably ripple through the endlessly interlinked online infosystems forever. And when compromised, they should pay my identity theft insurance premiums. This free value we deliver to them has a cost when it's abused, and such insecurity abuse is now obviously standard practice.
--
make install -not war
With phishing, spyware, database theft... people picking thru your trash...
How long before ANYONE'S identity has not been stolen?
Seriously.
Why not just put a fraud alert on everyone's credit reports and let's get it over with. You want to apply for credit? You'll have to jump through a few more hoops...
The system as it is now is painfully broken.
who sell ID Data to Law Enforcement, including one certain Federal Domestic Intelligence service, codenamed "Matrix"
whats really funny is, i aint makin this up.
are the worse at security on everything? Not just the OS, but everything about it. They spend 5x as much money and STILL they do not get it right.
Check bank statements, obviously, but what else?
"Your admirers in the street
Got to hoot and stamp their feet
in the heat from your physique" -King Crimson
How long it will take someone to build a complete (may be 90%)databese of all americans thet will include SSN, DL#, Home address & Phone # etc. If this is the rate of privacy the thefts.
How much it will be worth it and to whome it will worth it.
Looks like Windows 2000/NT servers.
Unpatched ?
It can't be theft if the data is still there, right?
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
I am a man, not a number!
Signed, #6
http://www.washingtonpost.com/wp-dyn/articles/A19
Most organizations have some sort of regulatory body. Does the data harvesting industry have this?
Perhaps this should turn some heads in Congress now that we've got multiple cases of this insecurity. The question is, is Congress going to be able to do anything about it or will it be the same situation as with government computer security: Right now they just say "your security is bad" but that doesn't always fix the problem.
I know only the name of my phone company, for example, but I have no clue who they contract with for data processing or billing or marketing. How can we ever really find out if a security problem at one company affects us? These back-end companies are generally companies that serve niche markets and practically no one has heard of them.
-- Microsoft is the most expensive commodity operating system and office suite vendor in the marketplace.
so let me see, a great way to make money and scare the bejebiz out of peopel: 1.)pay a bunch of hackers to grab personal info form so called secure places 2.)??? 3.)run a website to let peopel check their credit scores so they can make sure they are not victims of credit fraud. and then use that money to setup a new business selling and even more secure way of holding data, rinse, repeat.
How long before ANYONE'S identity has not been stolen?
Not too long, but keep in mind that having everyones' identity stolen would help with the census.
Check Point being breached for 145,000 profiles last month in a similar case. Better check yourself."
The link:
ATLANTA - Data warehouser ChoicePoint Inc.'s....
This comes on the heals of rival Check Point being breached for 145,000 profiles last month in a similar case. Better check yourself.
I somehow doubt there's been a lot of healing from the ChoicePoint affair.
Checkpoint has been hacked several times, they products are absolutely weak in the matter of security.
Did anybody else think -- what the hell is LexisNexis doing with peoples' Social Security numbers? But it turns out that this is a subsidiary that gathers up consumer data. So it's not that you have to key in your SSN before doing a Lexis search these days.
Though I'm sure Ashcroft^H^H^H^H^H Gonzales would like that idea...
four nine eighteen twenty-7 thirty-nine forty-7 fiftyeight sixty-nine seventy-9 eighty-8 one-hundred-and-nine one-twenty
OK, I don't get it. Why are these companies not practicing basic database security? I'm just a lowly programmer but even I realize that sensitive information should be encrypted in the database. Most databases support one way hashes so things like social security numbers can be used to verify identities but stored in non-reversable encryption in the database.
I realize this isn't a complete if your webserver is hacked but at least only thos users who validate their identity then are affected.
For example: Using One-Way Functions to Protect Sensitive Information in SQL Server Databases
I don't want a bunch of strangers reading my dossiers (and I have had exactly this - I was affected by the ChoicePoint scam). If I had to approve every offering or sale of my data, I would have easily been able to block said scam.
sulli
RTFJ.
'Thats they exact same thing a banana wrench monkey.'
Our data should only live for the time it takes to make an online transaction; and not a femto-second longer.
I want a "Mission Impossible" ID that self-destructs!
How hard would this be to imple%$^? pfffttt __end_smoke_fx;
What kind of comeback do people have if their data is misused as a result of this? I know in the UK the Data Protection Act would cover this kind of thing, but are there powers in the US to prosecute LexusNexus should their failure to protect your data cause you loss?
This comes on the heals of rival Check Point being breached...
The company that was breached was Choice Point, not Check Point. Big difference as Check Point is a computer security company best known for their firewalls.
Good security is based upon reality and common sense. Common sense is a function of having common knowledge.
Seeing as the government has abused census data before (probably the biggest example being its exploitation to help round up citizens of Japanese ancestry to put them in concentration camps during WW2...) I would say that the census constitutes a government sponsored attempt to steal everyone's identities.
Choice Point SOLD information to people that turned out to be ID thieves, Is this the same story with L/N ?
The story only says ID thieves got a hold of data, it doesn't say how. (The use of ID Thieves naturaly leads you to asume they stole the data, BUT!)
I have always felt that Westlaw was a far superior service. This just pushes them that much further ahead in my opinion.
SQL injection to dump the entire DB and see it all in plaintext.
Is having plaintext data stolen worth not paying for an extra quad Xeon DB server to handle the additional encryption load?
It was information on 32,000 (anybody want to bet it was 32,768?) members of the public, not customers. To bad, in a way -- Lexis is used most by lawyers, judges, congresspeople and so on -- had the Lexis customer data been hacked and say all the judges on the 5th Circuit or the Ohio congressional delegation had their identities stolen as a result, you'd probably see reform a whole lot faster.
I'm not sure how the two are really comparable as rivals. LexisNexis (along with their rival in the legal profession, http://www.westlaw.com/ ) Provide excellent (as well as very expensive with searches running at over $70 per minute) coverage of court cases, codes, laws, public records, etc, which are all immensely helpful to legal types. Sure they have public records containing some personal information, but very little that isn't already available as public information (so things such as deeds, criminal records, voter registrations, etc), and it's definately not their primary focus in life.
It's good to see they were not to be outdone by their rivals.
Ever the entrepreneur I figure I can start my own identity company by making a certain purchase with cash.
"If you are a dreamer, a wisher, a liar, A hope-er, a pray-er, a magic bean buyer
checkpoint makes firewalls (that suck), and choice point gathers information that governemnts can't becuase it would be illegal. (that sucks even more)
... why doesn't someone DO something about it?! Sue the shit out of these companies and when they start losing millions of dollars in an endless list of suits, maybe other companies will think harder about the security of their data.
The problem with the USA is that the punishments handed out by the court systems is far too lenient. If you screw up, you should pay for it.
No such thing as "heals" buddy. It's a verb, not a noun. You meant "heels".
Chalk up another one for the "Slashdot editors don't edit Jack" conspiracy theory.
Big deal, this stuff happens everyday in the IT world and the truth is there is pretty much nothing we can do about it because there will always be a new avulnerabilities in every OS that leaves us all with our pants down and eyes closed.
Get your FREE MAC MINI! CLICK HERE! I will send $20 via paypal to anyone that signs up and completes an offer.
They're worse than M$ by far. Trust me.
Hey dumbass, it is ChoicePoint not Check Point that released 145,000 profiles. Let's not confuse the two..Check Point makes (in)secure VPN/FireWall software where as ChoicePoint, well, you know, *cough*.
DSW's parent company, Retail Ventures, just issued the warning that thieves may have stolen credit card information for thousands of customers by hacking into the company's corporate database.
It only affects credit card customers who used their cards the past three months at more than 100 stores nationwide. There are at least eight locations in North Texas.
http://www.msnbc.msn.com/id/7137966/
This site: http://www.turbulence.org/Works/swipe/request.html
was the first to bring Choice Point and data mining to my attention.
Acxiom has an opt out clause though Choice Point and LocatePlus.com do not.
Most still charge for personal reports which is interesting since the major credit bureaus now have to provide a free copy once a year.
They're flippin' evil. I'm sure I'm not the only one out there who's revolted by the fact that private corporations are the only effective sources of legal (read: public domain) data and other such public information. Shouldn't the government offer a LexisNexis-type service for free?
From the Wikipedia entry on Lexis-Nexis; all emphasis mine:
"LexisNexis is a popular searchable archive of content from newspapers, magazines, legal documents and other printed sources. Primary customers are lawyers and journalists.
Besides all current statutes, Lexis contains nearly all published case opinions in the United States back to the 1770s, and all unpublished (but publicly available) case opinions from 1980 onward. It also has full libraries of statutes and case opinions for many other common law jurisdictions like Australia and the United Kingdom.
News stories from the majority of English-language periodicals worldwide are available back to 1986, and there are a few articles available as far back as 1980.
Lexis has a library of public records, which includes current mailing addresses for nearly every living person in the United States. It has real property deeds and mortgages for most states.
A fee is charged for using the service. The fee was formerly hourly (at $300/hour or higher) but LexisNexis now prefers to negotiate monthly flat fees based on the user's ability to pay."
("Based on the user's ability to pay"? I wonder how they'd respond if I said "I barely can afford to pay my bills, much less offer you money for access to public domain data...")
With spending like this, exactly what are "conservatives" conserving?
I'm changing my name to Holden McGroin. Let's see you try using that name in your ripoffs!
Strange women lying in ponds distributing swords is no basis for a system of government.
things like this are just going to continue to happen. The Bush Crime Family cares nothing about the average person. They want us unemployeed, starving, homeless, and more importantly in their minds, powerless. When they allow companies to do these things, it takes time, money, and power from us. Never forget how much they hate the US, and what they're willing to do to destroy it. They've already shown in the past that they're willing to do anything.
Skinner
32,000 customers had their data stolen from Lexis-Nexis.
R 31,989 of them were lawyers.
See, doesn't sound that bad now, does it?
Tip Of The Iceberg
The higher the technology, the sharper that two-edged sword.
For all the people complaining about Windows-this, Linux-that, this wasn't a server security breach. This was the hijacking of a valid user ID, and I'm sure it was disabled as soon as it was evident something was happening.
Recent events have forced me to examine and then re-examine my security arrangements. I'm the new admin for a small publishing concern and I'm playing catch up right now. Before I got hired, a lot of admin work was left undone. So I want to do a good job, and all this talk of data theft has me spooked...
I've inherited a mess. A total mess. Employees with default passwords (that never expire,) vendors from years long gone by with active accounts, some used recently... (Yeah, I've already disabled them.) The list just goes on.
My point is, when you read a story like this you feel bad for how screwed the admin(s) will be (especially if they have family) for a moment.
And then you get to work and double-check that you're not next in line for a public de-pantsing.
Tough day? How about a free Mac mini?
For those that don't know, Lexis is the number two research engine used by lawyers. Personally, I want to know what this person was thinking. He/she just picked a fight with 145,000 lawyers. Someone is getting their ass sued.
The joke may (maaay) have been something having to do with the fact that LexisNexis is heavily used as a "pay-large-sums-of-money-for-access" legal-research database (opposed: "Westlaw"), so lawyers will be extra-interested in this event...still not funny, but other than that, I got nothing either.
Hate to be even more picky here, but the name of the company that makes firewalls is "Check Point". It's always two separate words.
Barry Stiefel
Founder and President
CPUG: The Check Point User Group
http://www.cpug.org/
Go here http://www.lexisnexis.com/terms/privacy/data/remov al.asp to get the form you can print out and FAX to LexisNexis to opt out of their database.
For one thing, they probably keep track of their credit reports and financial records pretty carefully anyway. For another, even the CTO is probably not a security expert. They may have been convinced that their systems were secure.(Its possible!) I'm not sure if the business of collecting and selling personal data can ever be reconciled with true security. If you maximize profit by providing huge quantities of information, there's going to be comprimises made.
It contains sound financial advice.
In this Homeland paranoia age where everything that is in the database must be right, you certainly don't want to see government ID numbers getting used in fraud. How do you go about getting a new Social Security number when the existing one is being used in fraud?
Why not write yourself (or have "your lawyer" write) a boilerplate NDA to use when rendering information to any service provider. Introducing small errors into the information can help trace its provenance. Imagine a shrink wrap license for the common man.
And if I recall, Adrian Lamo was thrown in prison because of discovering vulnerabilities such as this... he even used LexisNexis accounts.
"Instant gratification takes too long." - Carrie Fisher
Consumers Data Stolen
The data belonged to "consumers" so it should be Consumers' Data Stolen. If you don't understand this, my seven-year-old daughter can explain it to you.
Windows based admins are, on average, less intelligent than their *nix counterparts.
I'm not saying they all are, just on average.
Someone with minimal Windows experience and good contacts can get a job administering a Win* network. On the other hand, someone employed as a *nix admin would be pretty obvious if they didn't know what they were doing.
Bear with me here... let's say that one of these dimwit companies gets sued and taken to the cleaners by some poor victim of ID theft... at that point they realize that there is a huge potential liability associated with retaining this kind of data... and decide against collecting it on an ad-hoc basis. I pity the poor bastards who have to be the test cases, but after a few iterations through the law-courts, it could turn out OK.
I'm not wrong. You haven't thought about it hard enough.
Information wants to be stolen.
...people willingly give away their personal property, their data, their "IP", then these other companies own it. If people just insisted that THEIR data was THEIR property and took care of it with that sort of mindset backed op with some rational laws, then this wouldn't happen, and these companies with the data warehouses wouldn't even exist like they do now.
.0001% people ever even tried one time to keep their data to themselves and to insist to government that this should be so. They never gave a care, to busy with entertainments or whatever to even lift a phone to make a call to a congress critter, or to say NO to some company "asking" for data they don't need really for a business transaction. Mass conditioning that it's socially cool to get ripped off. Shazzam, the world is full of thieves, maybe more people will stop and think about who they give their property to and why they give it away for what purposes now. Maybe it's a better idea to just retain ownership? One law would do it, too, your data is yours, it shouldn't be necessary to transfer ownership of your data just to do business someplace.
Most people don't think that way, but people who start corporations DO think that way, they recognize valuable property when they see it, and make billions off of millions of people voluntarily giving away their property to them.
If it wasn't stolen from you directly, it's sure not your property anymore. If you donate your old TV to the thriftstore and they get broken into and that TV is stolen, well, "your" TV didn't get stolen, their TV got stolen. If you want to own and keep possession of your TV, well, don't give it away in the first place then. Simple concept, just apply it to your data. It's similar enough for conversational purposes anyway. "IP" ownership is bigtime in business, there's zero reason everyone's personal data "IP" shouldn't be theirs in total.
So people can't really say "their" stuff got stolen, some big companies stuff got stolen, they gave up their rights to full and complete ownership a long time ago. they already got "social engineered" out of ownership, just they don't realise it, or just don't care enough to think it through. Now that same data property down the pike got social engineered again, oh well, guess the original owner didn't care enough to hang on to it.
but, but..we can't live in society without giving our property away! Yep, that's the point, much less than
There's also a "Checkpoint Systems" that makes some sort of point of sale kind of stuff. The way things are going, they'll probably wind up in some hack or another eventually. :)
Solution: install complex home alarm system, man traps, cctv, and acquire armed guards, string up razor wire and dig tunnel system deep in the face.
That's kind of cloistered evangelism taking place on slashdot. It doesn't even exist in their own personal information in their own databases.
Sad thing is that the marketers and creditors have a lot more pull with Congresscritters than "We the People" do these days. :-(
Check out the recent bankruptcy law changes that are basically a thinly veiled gift to banks and credit card companies.
It sucks. All of our data should be opt-in only, but who knows how bad it'll have to get before that happens.
...google "amdocs", the company. Pretty interesting stuff really.
Thou shall not use my personal data without my expressed permission.
Penalty is defined by the Copyright laws.
Use it wisely, that is, if you can get my permission.
The story says "...ChoicePoint being breached for 145,000 profiles..." and the use of the word "breached" in particular makes it sound like hackers broke into their system when in fact ChoicePoint is in the business of selling personal information and just happened in this instance to have such inadequate vetting mechanisms that they sold the information on 145k people to clever identity theives. Read more about this story at the Berkeley IP blog (bIPlog).
Like Digital Freedoms? Then donate to EFF before they're gone.
That last episode made no sense to me.
its some sort of allegory about revolution. But with bad acid.
Complaints aside about a disssatisfying wrap-up, much of that confusion was intentional. For example in the last episode if you look carefully there are two places where they tell you who number one was. (I'd tell you who number one turns out to be but that would be telling.) But the nice thing is they dont just repeate it over and over to make sure you got it like most tv shows. they let it go by fast so you are left wondering if you got it.
That was why i liked X-files. Same approach to letting you sift through the clues yourself and leaving it ambiguous and fleeting. Of course the x-files is dumbed down in comarison to the existential prisoner.
can you imagine anyone filming an existential tv show these days, even with 500 cable channels, and have it wildly popular? hell no one reading slashdot even knows what the word means.
Some drink at the fountain of knowledge. Others just gargle.
What if the US is under some sort of attack?
Step 1:
Wait until an absolutely moronic President gets elected.
Step 2:
Wait until he fscks his country up internally.
Step 3:
Force a US economic crisis by causing widespread panic over credit/identity theft crisis [bonus points awarded if bonehead President is simultaneously promoting Social Security "crisis"].
Step 4:
Invade and Profit!
That might actually be a good thing.
As it stands now, you have to file a police report and affidavit to claim that you did not request or use credit that was fraudulently granted in your name. If everyone's identity is outed, the burden of proof may shift to the credit card companies where it belongs. Under the Patriot Act, they're supposed to verify the identity of anyone receiving credit. What a farce.
jon_k@112[~]$ HEAD lexusnexus.com
200 OK
Cache-Control: private
Connection: close
Date: Thu, 10 Mar 2005 05:53:38 GMT
Server: Microsoft-IIS/5.0
Need I say more?
That's one billion possible social security numbers.
How long do you think it would take someone with a desktop computer to run the one-way hash on every single possible nine-digit number and compare against the database? If you said "less time than it takes to pronounce 'useless'," you'd be right.
Take encryption with a grain of salt.
... one thing you never want to do is piss off a customer base of hundreds of thousands of lawyers, worldwide.
"No...remember, copyright is only for the benefit of corporations too."
Slashdot is to the internet what Tabloids is to journalism.
" You don't have the right to prevent the distribution of data that pertains to you,"
HIPAA disagrees with you.
I'm glad it's my school who has an acount with them and not me =/
I'm so pissed off with these compaines maintaining data on me, without my consent, on some fucked up windows rusty bucket of shit.
I wish someone with deep pockets would sue the shit out of them and force them to ask my permission to maintain information on me !
Choicepoint, now NexisLexis, these people are sleazy useless fukkas with dumbasses for Admins, who absolutely require a point and drool windows interface.
I think the HitchHikers was wrong when then said it be would the marketing folks to be first against the wall, it's the windows dickless wonders.
However, I don't think the comparison with giving away a TV is accurate. One's name, address, phone number, social security number, drivers license number, etc., are attributes that are retained by the one who owns them. This information is simply provided under various circumstances. The fallacy here is that businesses and other entities have taken it upon themselves to decide that the mere act of provision extols upon them a right of ownership. While there are not yet any laws that clarify this, I maintain that it does not, Be that as it may, people must be proactive about how this information is used. Insist that it not be used for anything but the transaction at hand.
I have a sneaking suspicion that all of these large breaches are intentional, with the eye toward establishing property rights over information. This, as some other posters have parodied, could have far reaching effects in the world of, say, mp3s.
How about these companies that are giving out credit, loans, new ID cards, whatever, be a little more diligent in trying to see who is who. Some alternate ideas: (Not advocating one or the other, just mentioning some)
I'm not saying we should need a signed notarized affidavit with DNA sample to get a credit card, but its just too easy to take over another person's life with just a few pieces of information.
Another little experiment I've done: On the back of my debit card, I have written (very bold) ASK FOR ID. I use it probably half a dozen times a week on average. Less than 10% of the cashiers/etc that I use it with actually ask me for ID. Probably half of the ones who do never take more than 1 second to look at my ID.
And they said zombies weren't real!
(or at least, I think so) because I had my name removed from list months ago. I did it to cut back on junk mail, but I guess avoiding identity theft is an even better reason. I recommend that everyone opt out of every list they can!
ChoicePoint did not "lose" the data. These corporate
whore-mongers sold the information to whoever
had the money to buy it, without checking whether
they were bona fide businesses.
These are the same corporate whore-mongers that
have been selling Florida bogus "felon lists" to
ban from voting in 2000 and 2004. And the very
same corporate whore-mongers that are at the
forefront of the DHS's MATRIX database of "persons
of interest". Doesn't this info give you a nice
warm fuzzy feeling of security (national security)?
1. Seisint/Lexis Nexis does not have "private" data available to the public. All the data that was accessed is public records, many of them records that are public because the law requires it. They don't have information on the balance of a person's checking account, but they do have information on where that person lived last year (and they only have SSN/DL numbers if one wrote them on forms that explicitly state they will be made public - such as rental agreements or home purchases - which any concerned person shouldn't be using their SSN/DL numbers on). Access to this data is relatively open, though a valid reason is needed to access it. Just being a landlord and doing background checks on prospective tenants will qualify someone for access - again, it's all public data, just organized in a quickly searchable database.
Quoting from the linked article:
"The information accessed included names, addresses, Social Security and driver's license numbers, but not credit histories, medical records or financial information... Seisint, based in Boca Raton, Florida, uses property records and other public data to build profiles on millions of U.S. consumers..."
2. Seisint itself was not victim of an "attack" which led to compromised userids/passwords. The Yahoo article is less clear about this than other articles:
"...said a billing complaint by a customer of its Seisint unit in the past week led to the discovery that an identity and password had been misappropriated."
Other articles are more clear, however there's enough dancing around in this one that if one reads between the lines, even without the perspective of other articles, one understands that this circumstance occurred because a customer's userid and password was stolen from them.
No e-commerce company can prevent theft of usernames and passwords from their customers, they expect their customers to be responsible - many companies completely deny any responsibility, such as eBay.
So please, read and think before you complain about webservers running NT (Seisint's aren't), companies holding information about your checking accout, etc. If you truly are concerned about privacy of this type of information, you will better serve yourself and like minded individuals by knowing all the facts of these companies instead of jumping to conclusions.
I was wondering if it would be helpful to report ChoicePoint to the FTC, maybe using forms linked to here. The charge could be made that ChoicePoint has my personal information and has possibly shared it with criminals by intentionally having a lax policy of checking the validity of their own customers (criminals) in order to maximize thier profits. In other words, ChoicePoint is an accomplice to identity theft.
I was also wondering if I also have the right as a consumer to demand that ChoicePoint do not ever share my information with anyone. Don't I have that right with the credit agencies (Equifax/TransUnion/Experian) ??
Even though my company hasnt used SSN on health and dental insurance this century, many of the invoices I get from health and dental providers still have SSNs on them. I am not sure how how they get these numbers. I guess some doctors check your insurance records to see if pay on time or sue and collect the numbers from there.
California made it illegal for insurance providers to use SSN as policy numbers, but that doesnt stop the databases.
ChoicePoint did not "lose" the data. These corporate
whore-mongers sold the information to whoever
had the money to buy it, without checking whether
they were bona fide businesses.
So what if they were legitimate businesses or not? Why should I trust any given business over any idiot on the street? I'd actually trust the businesses less.
They don't collect SS or income tax, do they? If not, they have no reason to possess that information. It doesn't identify people; it identifies tax accounts.
Why not just put a fraud alert on everyone's credit reports and let's get it over with. You want to apply for credit? You'll have to jump through a few more hoops...
The system as it is now is painfully broken.
You have no idea. I had a near miss with identity theft. We caught it by accident. And we're still not safe. We put fraud alerts on all three credit reports. It's been four years now. And to date, the only time I've ever noticed a difference is when I was applying for a home depot card. The person at the service desk put me on the phone with someone who simply said, "Do you know why I'm taking to you?" I mentioned the fraud alert an d no additional information! and was given the card on the spot. There were countless other times when the credit went through like the fraud alerts weren't there at all. We got a target card with a $10,000 limit for example. No questions asked. We bought cars also... nothing. Last time we checked, the fraud alerts were still there. Yeah, I'd say the system is broken.
Disconnect your television. Do your own research. Draw your own conclusions. They're probably lying. Don't be a sheep.
Wow. I really shouldn't respond to your spewing "wisdom", but here goes...I have 35k miles on my car and have had litterally 0 problems thus far (unless you count the small missing drivers side door rubber stop that came off). I liked the car, it had a balanced ride, was not too slow, not too fast, don't need to "pick up chicks" (married). The headlights are hardly "n34t". Nobody I know has one (though I did drive an 83' Corolla). Not many cars "gain" in value. Oh, and yes I can read. The only thing I can't respond to is the ol' '76 Vega comment.
So how is your ol' Vega anyways? You just kinds feel bad that you got suckered in 30 years or so ago and need to vent? A professional counselor or junkyard might be able to help you more than I can.
P.S. Please do seek counseling before someone gets hurt.
ya, I know the analogy wasn't perfect, just shooting for close enough is all. It's hard to keep your data private and not get abused. You have to stand in front of some poor clerk just following orders and say NO I'm not giving you my SS, etc. I've done it a bunch, sometimes it works and sometimes they just say tough noogies, no SS, no service.And it's because I had some bozo long time ago use my name and SS (I think they snagged it some place I worked at, never did find out) to turn some utilities on then skip out. Months later MY gas utility got threatened with turn off, and try as I might I couldn't convince them that it wasn't me lived at such and such an address, that I never contracted for their service, etc. Had proof up the ying yang too, didn't matter to them. They just kept rote repeating "it's on de computar, you musta done did it". It was winter and I got down to one day (or so) away from having my natgas shutoff, and not wanting to freeze out I just paid that bill that wasn't mine. Still fries my grits. (Atlanta Gaslight, looking at YOU, thanks for nuthin)
This data crap snagging peoples info or peoples info being mal-used is going to result in some pretty weird governmental laws. Not sure if they will be good or bad, just see it coming now, Senator Leahy in particular got a serious woody over it now. And because it hit those lawyers at lexis nexus, after already hitting all those dot gov types at choicepoint,well, I bet they lobby heavy for it.
tinfoil hat---maybe it was the plan all along, a heglian dialectic deal to get some draconian laws passed---/tinfoil hat
Therein lies the irony...when it comes to issues involving your identity, you are guilty until proven innocent. And that guilt often sticks even if it can be proven that you weren't the responsible party. It's a horrible climate- we're at the mercy of anyone who has this information, and the government has done nothing to address it.
Honestly, what needs to happen is for a couple dozen senators to get their idenities stolen. Have a whole shit load of credit cards opened in their names, utilites turned on, etc and having their credit ruined.
Suddenly, this problem will be dealt with.
On the other side of that, what needs to happen is their needs to be a paradigm shift in the way companies (specifically) credit card companies think about our idenities.
Things such as the ability to get instant credit should be done away with.
Yes Francis, the world has gone crazy.
What, are you kidding me? We *built* that database back in the late 90s -- SSN, DL, criminal records, property holdings, phone numbers, locations, businesses, birth/death records, credit report headers, etc. -- and I'm sure we weren't the only ones or the first ones to do it. Oh, and it was closer to 99.5% if I recall. The client? You've probably heard of them, they're in the title of TFA. And it ain't Yahoo.
Then what of all the individuals who copyright books and their own web sites?
Don't blame Durga. I voted for Centauri.