I have been thinking a lot about identity theft as I’ve covered the massive TJX security breach this year. I have recently reported that the size of the breach has increased from its original 47 million cards to 94 million cards, which is nearly one card per U.S. household.
The TJX breach certainly is a high-watermark breach, but it’s nowhere near the only one, nor the only big security breach. To get an idea of just how many security breaches there have been and where they have occurred, the Privacy Rights Clearinghouse has chronicled a history of security breaches here.
The credit issuing and reporting system in the U.S. is out of control. Rather, it might be more accurate to say that the credit system has not institutionalized changes to reflect changing risks in the Internet era. The factors that have led to the epidemic of data security breaches include:
- The proliferation of financial and private information in banking, merchant, service provider, and consumer information systems
- The exuberance with which creditors grant credit to consumers
- The lack of controls to ensure that the person requesting credit is actually who they claim to be
If we just sit around and wait for the government to fix this, we’ll all be robbed blind first. We must take some action on our own, now, until the credit system introduces effective controls on its own. I recommend you take these measures to protect yourself.
- Set up a fraud alert with one or more of the three credit bureaus (Experian, TransUnion, Equifax). This will alert you to any changes in your credit file.
- Examine your credit report carefully at least once per year.
- Close credit accounts that you no longer use.
- Consider getting your mail at a PO Box or a Private Mail Box (PMB), to reduce the possibility of mail theft.
- Reduce or discontinue your use of credit.
- Pay cash. Whenever you are paying with a credit or debit card, you are leaving information behind that can be used to commit fraudulent transactions.
- Double-lock your banking and credit information in your home and place of business. In other words, put all documents containing private and financial information in a safe or locked room within your home or business.
While it is true that all of these measure take time and money, they take far less of each than the effort required to clear your credit if you fall victim to identity theft.
We have been victims ourselves. My wife’s driver’s license was stolen, and it was subsequently used to write bad checks in her name. My credit card number (and name+billing address) was stolen from employees at a shipping company, and over $2,500 in fraudulent transactions charged against my debit card. Neither resulted in a wide scale identity theft against us, but they could have had we not taken action quickly.
Don’t wait for someone else to fix this for you.