Isn't it ironic when the tax auditor who's charged
with safeguarding the financial integrity of a
client's accounting results, itself can not
protect the sensitive information entrusted
with them.
In a story which unfortunately reveals an all
too similar pattern to previous identity theft
breaches involving large American firms, a
laptop was stolen from Ernst & Young containing
the social security numbers (ssn) and other
confidential information effecting thousands of
IBM staff.The laptop stolen in January by identity thieves
contained the following personal information of
IBM employees who had been stationed outside of
the United States:
- Names
- Date of Birth
- Gender
- Family Size
- Social Security Number (SSN)
- Tax Identifiers
- Email Address
- Country Stationed
Basically, everything an identity thief needs to
commit credit fraud against these unsuspecting
victims and their families.
Tying back to today's article title, what makes
this
story even more tragic, is
Ernst & Younghad last month been revealed to also have
lost social security number (ssn) & personal
information of the CEO of Sun Computers,
one of the largest worldwide computer server
vendors to the internet community.
But wait, it gets even worse, as there's even an
indication that Cisco (the internet router industry
leader) employee personal data may have also been
on the same laptop containing other clients as
well.
Then, as if these two incidents weren't severe
enough for a bad run of identity theft, Ernst &
Young filed a police report in Miami, noting
that
it had
lost four more laptops.
"Its employees left the systems in a conference
room when they went out for lunch. A security
camera at the conference center showed that it
took all of about five minutes for two people
to steal the laptops."
Apparently with the swiftness of the laptop theft,
the E&Y auditors were not merely the object of a
random act, but rather targeted by identity theft
"collectors".
At the time of this article no public
statement from Ernst & Young is available.
However, to E&Y's credit they have attempted to
ease the potential damage of the identity theft
by advising their effected clients to seek out
monthly credit monitoring.
This story continues to illustrate there is
evidently not enough of a punitive incentive
for U.S. firms to institute stringent practices
to safeguard their clients consumer data.
Recent identity theft legislative efforts in
Congress are indicating a more lax, business
friendly direction for a binding national
laws over the current state level support
of consumer data protection.
"The House Energy and Commerce Committee
approved a stripped-down data-security bill
this month on a party-line vote. The measure
would require companies to establish security
safeguards and notify consumers of breaches
only when they pose a significant risk of
identity theft -- a standard Democrats say
is too lax. The bill would also pre-empt
tougher state laws."
So,
our tip for today is to seize control over
your own data to protect it as best as you
possible can - with the many options available.
Freeze your credit report if you live within
one of the (12) states which allow it.
Opt-out of your data being shared amongst
affiliated companies - especially those you
can not confirm in writing how they protect
your data from identity theft.
Finally, install your very own financial
"burglar alarm" to alert you when there's
been data of yours exposed to the abuses
of identity theft.