Slashdot Mirror

← Back to Stories (view on slashdot.org)

Personal Info of 3.5 Million Texans Was Publicly Accessible

Posted by Soulskill on from the even-data-breaches-are-bigger-in-texas dept.

SpaceGhost writes "The Houston Chronicle reports, 'Personal information of about 3.5 million Texans — including names, mailing addresses and Social Security numbers — was posted on a publicly accessible server at the state comptroller's office, much of it for more than a year.' Many of the records were for retired teachers and the unemployed, and they sometimes included DOB and drivers license numbers."

22 of 146 comments (clear)

  1. unemployed by Aighearach · · Score: 2, Funny

    Fortunately the unemployed are less desirable than average for identity theft, so that will limit the losses a little bit.

    1. Re:unemployed by SydShamino · · Score: 2

      My wife was unemployed during that time, in Texas, and has a maximum credit rating. She didn't apply for unemployment though so she shouldn't be on any lists.

      --
      It doesn't hurt to be nice.
  2. So? by pclminion · · Score: 3, Funny

    Names and addresses I can get from a phone book. SSNs are "not to be used for identification purposes." Thus, BFD.

    Place blame squarely where it belongs: lending providers and others who use the SSN as some sort of magic key to an individual's identity. All it takes is a simple law and this shit could stop next week.

    1. Re:So? by NevarMore · · Score: 4, Insightful

      All it takes is a simple law and this shit could stop next week.

      Yep, because laws stop people from doing stupid and illegal things.

    2. Re:So? by pclminion · · Score: 4, Interesting

      If you make the collection of social security numbers a felony I guarantee you the banks would stop doing it. To make doubly sure, make it a civil tort so that the individual who was asked for their SSN can sue the bank. Let everyone know they can do this. It would stop instantly.

    3. Re:So? by Dachannien · · Score: 5, Insightful

      Forbidding the collection of SSNs isn't really the answer. The banking industry will just devise some other unique key that people will need to provide so that credit checks and such can be run, and then that key will become the center of risk.

      The real answer is to make this information worthless by requiring banks to actually follow up and ensure that a new credit line requestor is the person they claim to be before opening the new credit line. Currently, the banks do everything they can to prevent themselves from eating the loss, but they don't do much to prevent the loss in the first place. They push as much as possible onto merchants and individual consumers. It's worth more to them to open instant credit lines virtually anonymously than to eat the occasional loss, and until that changes, the rest of us will continue to suffer from financial predation by third-world organized criminals.

    4. Re:So? by Samantha+Wright · · Score: 2

      Stop the presses! I have a brilliant proposal!

      They can use MD5 hashes of SSNs instead! Yeah!

      For the security-conscious, all bank forms will now include a ten-page instructional booklet on how to perform an MD5 hash by hand. This will be superseded by a number of handy and free online tools provided by the Russian Business Network.

      --
      Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
    5. Re:So? by countertrolling · · Score: 4, Insightful

      The banking industry will just devise some other unique key...

      Yeah... That's the idea. The bank, insurance, and other industries and departments are supposed to use their own unique to them ID system. Now a thief would need to break into all those different databases. IT is up to all of us to resist allowing them to use the SSN. Just say no.. The law doesn't prohibit that.

      --
      For justice, we must go to Don Corleone
    6. Re:So? by fuzzyfuzzyfungus · · Score: 5, Insightful

      Arguably, we should be much more worried about the financial predation of first-world organized criminals: The banks and the credit rating agencies and similar such institutions are the ones who make it trivially easy to act in other people's names, in order to move their product more easily and cheaply, and then attempt to sidestep the losses from fraud by hounding the people whose names were used.

      The only predation by third-world organized criminals that occurs directly against the end user consists of 419 scams. The rest of it consists of various sorts of bank fraud that the banks aren't sufficiently motivated to take measures against; but are willing to put those whose names are used through the wringer.

      It's very clever, really: "Identity theft" makes it your problem. Admitting that it is "bank fraud" would make it their problem.

    7. Re:So? by pclminion · · Score: 2

      You can't borrow, but that also means the banks can't lend. A bank that can't lend is a dead bank.

    8. Re:So? by 14erCleaner · · Score: 2

      Banks need SSNs so that they can report interest paid to the IRS. In fact, this is one of the few legitimate uses of the SSN.

      --
      Have you read my blog lately?
  3. Everything is bigger in texas.... by CTU · · Score: 2

    ....even their screw ups.

    How could that mistake have gone on for a year without somebody seeing it?

    1. Re:Everything is bigger in texas.... by Thing+I+am · · Score: 2

      We are too busy doing our "Hold my beer and watch this" antics to be bothered with paying attention to stuff like this. /burp I live in Dallas. Hold my beer. Watch this ...

      --
      That sucking sound you hear is my bandwidth.
  4. Re:Phew! by UncleTogie · · Score: 2

    Then I saw who was affected and said "Phew! This is only the unproductive people!"

    I love it when jackasses speak from their rear.

    You oughta meet my wife. She took unemployment for two months while she was looking for a job. Other than that, she's had a steady job since before I knew her, 7 years ago... and outperforms kids half her age.

    Unproductive, my foot.

    Let me guess: you're a conservative.

    --
    Don't tell me to get a life. I'm a gamer; I have LOTS of lives!
  5. I call your bluff... by Kamiza+Ikioi · · Score: 2

    BFD? Then by all means, let's see your name, address, and SSN. ;)

    --
    I8-D
  6. Re:duck and cover by snspdaarf · · Score: 2

    Wait... Texans ask questions?

    Sure. Questions like, "What the fuck are you lookin' at"

    --
    Why, without your clothes, you're naked, Miss Dudley!
  7. Re:duck and cover by houstonbofh · · Score: 2

    We hit what we shoot. There are no questions later.

  8. Re:Phew! by DigiShaman · · Score: 2

    As a resident of this state, I had my last paycheck from my previous employer go to the state. I never knew about it until many years later. Apparently my pervious employer tried locating me, and gave up. So now that the state was given it, they contacted a collectors agency whom hunted me down. The basic idea is that they collect a small percentage of the finders-fee. It sucks, but I never would have known about it otherwise. Anyways, I had to contact the Comptroller office in Austin, TX to make my claim. Makes me wonder if I was on that list...

    --
    Life is not for the lazy.
  9. Re:Phew! by pclminion · · Score: 3, Insightful

    Why should we pay for the unemployment program from our own taxes and then altruistically choose not to benefit from it? I guess you enjoy paying into the system and having leeches collect on it. Sorry dude, I've been paying taxes into this program since I got out of high school and you're fucking crazy if you think I won't take the benefit if and when I'm eligible for it.

  10. This's what happens when politicians keep promises by hey! · · Score: 2

    Dang. They *are* running the government like a business down there.

    --
    Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  11. Yep, _everything_ is bigger in Texas! by Locke2005 · · Score: 2

    Especially the fuckups!

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
  12. "Not for ID" meant the card, not the number by billstewart · · Score: 2

    The "not for identification" on the Social Security Card didn't mean "You may not use the Social Security Number for Identification" - it wasn't a pro-privacy imperative.

    It was simply a disclaimer that the Social Security Administration was making no promises that the card they'd handed out was of any use for identifying the person now holding it. It was a card providing information, not identification.

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks