It turns out our Social Security numbering system, which launched in 1936, isn’t very foolproof against some types of hacking. The New York Times reports that researchers at Carnegie Mellon University “used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth.”
Last week, we pointed out that even with a receipt and the product in hand, and even though you purchased it with cash the day before at the same store, Radio Shack won’t give a refund unless you give them your home address first. We got a lot of insider tips from former employees in the comments section, and the next day we received the following perspective from a Radio Shack store manager. We think his explanation still doesn’t explain why you need personal ID to refund a cash transaction when you’ve got the item and the receipt in front of you, but read on if you want an unverified store manager’s point of view.
The San Francisco Chronicle has reported that “a flash memory drive containing names, birth dates and driver’s license numbers of more than 3,500 people who either volunteered or visited San Quentin State Prison in a group tour has been lost.” Our reader Paul, who sent us the tip, adds, “When I read it my first thought was, “Gee, I wonder what the chances are of this personal data ending up in criminal hands? Mmm, maybe 100%.” Our favorite part of the story: the data wasn’t encrypted, but prison officials have said that now they’re going to start encrypting it.
A PR hack sent us a stupidly long press release a few hours ago about Clear, the company that—for an annual $100 fee—will pre-authorize you with TSA to speed up your passage through security. Clear started operating in select airports over a year ago, and this month will add Reagan National and Dulles International airports to its list. So, is the service worth it? We guess that depends on how much you’re willing to spend to be able to jump ahead of all the poor people waiting in line like the common criminals they surely are. We wanted a slightly more objective way to evaluate it, though, so we started looking around online for first-hand experiences of what exactly happens when you flash your Clear card.
Last December, Theodore Karantsalis received a letter from Sprint, where he was a customer, telling him that someone who banks with Wells-Fargo—where he’s not a customer—was presented with his invoice and personal data when they logged into their Wells-Fargo Checkfree account. The customer contacted Sprint, and Sprint contacted Karantsalis. Karantsalis decided that he’d deal with the issue on his own instead of bringing a lawyer into it or throwing his hands up in frustration, so he took both companies to small claims court.
There’s all sorts of advice online about how to disable RFID chips and tags, and now that they’re starting to show up uninvited on credit cards, you might be tempted to try some of those tactics. But as a reader found out, many credit card issuers will simply swap out your newfangled RFID-enabled card for a traditional one if you just ask.
Today GE Money reported that a data tape containing personal information on 650,000 customers from “about 230 retailers including J.C. Penney Co” is missing. Social Security numbers for about 150,000 customers were also on the tape. It was “being stored at a facility operated by Iron Mountain Inc, an information protection and storage company,” but there’s no evidence currently that it was stolen—it may just be sitting somewhere in a vast matte-painted warehouse like the Ark of the Covenant. However, it may also be the source of the recent wave of ID theft issues we’ve noticed.