Are Identity Thieves Targeting Idiot Employees?

Consumer Affairs raises an interesting question in its summary of the theft of 26 million social security numbers on a burgled laptop: are these targeted thefts?

Companies fail time and time again to protect our most sensitive data and we’re learning our lesson: we know that our identity being stolen, our bank accounts being drained is as close to happening as firewall left unsecured, one CD forgotten in an airplane pocket, one disgruntled waiter walking away with our credit card number. The average American is a lot more savvy now: everyone knows now that there’s no reason at all for Radio Shack to need your telephone number when you buy a transistor radio; Best Buy doesn’t need your address when you pick up a Sopranos DVD. We shred our credit card statements; we deny companies our social security numbers when they don’t actually need them. We’re closing the security hole of our unwarranted trust in companies.

As an individual entity, then, the average consumer is much less of a target for fraud or identity theft than they ever were before. Yet companies like Verizon, Hewlett- Packard, Ford and now a government agency keep on “losing” laptops that make that extra vigilance worthless. These companies would like us to believe that the laptops are being stolen for their resale value, but is it so hard to believe that criminals are specifically targeting the thoughtless jackasses at these companies who keep putting millions of us at risk by bringing home their work?

What do you guys think?

Comments

Edit Your Comment

  1. GenXCub says:

    If criminals wanted to steal something of comparable value, they’d just steal a car, or your stereo system. I think the majority of laptop thefts are for the hope of committing identity theft with the information inside, however, I’d guess that a low percentage of these laptop criminals have the wherewithall to get around any real security on the system, at which point it becomes a laptop sold for its own hardware value.

    that being said, with so many laptops that are stolen in this country, it only takes a few of them to be exploited to be disastrous for peoples’ security.

    Are they targeting dumb people? Yes. Can they really do anything with the data? Only some of the time. That’s my hypothesis.

  2. Bubba Barney says:

    Where I work, people rarely take laptops home because most of our applications are web based, and can be accessed from just about anywhere with a login and user ID.

    I think that is a safer policy then letting your employees take sensitive data home.Luckily I haven’t heard of an incident in the entire company of that happening [lost personal info].

  3. matto says:

    Laptops get stolen a lot. You really cant beat them for value to stealability ratio, and the resale value is pretty good, too.

    I think most of these thefts are commited by your garden variety lout, not some Bond-movie villain. (hello, Ernst!)

    That doesn’t mean the simps losing them shouldn’t be strung up and beaten, though.

  4. AcidReign says:

    …..Yeah. Pick a laptop lying on the table at Starbucks, and you can get at least $100 for it. Most thieves are going to not risk phone-home software. They’re going to do a bios reset, boot off CD, format, and load it up with bootleg software. Then you’ll see it in a flea-market somewhere for $500 or more.

    …..Beating the XP password system to actually get Windows to load up is probably going to take a working knowledge of how to use a Linux boot-CD. On the other hand, I have seen corporate PCs where the administrator password is something like “admin,” “9999,” and “1234.”

  5. Ben Popken says:

    B writes:

    “Per your story on the theft of laptops, I don’t think that the thefts are targeted. If they were, then the person with the laptop was doubly stupid. First, for removing the laptop from a secure area and keeping it where it is less secure and secondly, if they had let anyone know the contents of that laptop so that someone might want to steal it. I think that there should be some very serious investigations on these thefts and the people who are responsible for it.

    Like others, I am very careful with my personal security and work to stop things like identity theft from happening. So when the FedEx letter arrived a few weeks ago from Fidelity Investments telling me that someone there had a notebook stolen and that my personal information might be in jeopardy, I was rather upset, so I took the steps to remove myself from Fidelity Investments system.

    After this happened, I began the process of moving my investment funds to another company, one which I hope has more responsibility and intelligence when it comes to data security. With the ability to view databases over the Internet or by secure wire, there is no reason, EVER, that a database of information should be moved to a single, movable, unsecured device.

    Can you imagine the financial effect it would have if every who was put at risk removed their funds from Fidelity Investments? Imagine that 50,000 Hewlett-Packard employees who have an average of $100,000 in their portfolios, which would amount to $5,000,000,000 in assets, moved their funds. That would be a very severe blow to Fidelity’s financial position, one that could drive the company out of business and wake other companies up to the reality of these situations.

  6. LLH says:

    seriously, if you’re buying the “story” of the guy with 26 million peoples information on his laptop getting stolen…let’s disect this a second. why would he, one person, have such sensitive info on something that is mobile? my guess is either it’s a cover story for a MAJOR breach of security OR a cover up for the release of said information on purpose. that kind of database is not something you just have in your address book in your email software. i smell a great big datamining/trolling rat (as if GWB knows what those words even mean).