Tuesday, August 22, 2006

Chevron Leak Results in Identity Theft With Explosive Implications

Chevron-Leak-Results-in-Identity-Theft-With-Explosive-Implications audio post - click to play

Chevron, the oil refining and gas distribution giant,
was itself the victim of a "leak" when a laptop was
stolen this month from an employee of an accounting
firm who held unencrypted, confidential consumer
data
offsite from the company premises.


The accounting firm was auditing the employee savings,
health and disability plans of Chevron. As a result
Chevron issue an email to all of it's employees
advising them of the laptop theft August 7th.

Why would a giant oil company, coming on the heels
of a record $4.4 billion dollar in profit quarter
even be concerned about a single laptop which most
likely only costs a miniscule fraction of the profit
Chevron is raking in?

Because, that laptop contained the following
information negatively impacting
thousands
of employees:

  • Social Security Numbers (ssn)
  • "Other private data"

Identity thieves certainly can do substantial damage
with this type of confidential consumer information.

But, there is another more omnious incentive
for Chevron
to quickly put out the damage control.

It's a fact the oil companies are raking in record profits
year over year, based on ever increasing prices consumers
pay at the gas pump. As a result, they're now being questioned
whether or not they're deliberately gouging consumers
with higher than required gas prices.

Then, here comes Chevron and their $4.4 billion quarterly
profit announcement, subsequently followed by an identity
theft incident caused by an auditor's slopping securing of
their employee's sensitive data - all within the same month!

Add these two single events together and you have the potential
for an explosive and messy potential class action lawsuit.

No wonder Chevron is more than happy to extend the offer of
paying for their employee's services related to the security
breach.

This incident is the latest a string of continued "lost" or
stolen laptops containing unencrypted personal information
highly sought after by identity theft and crime syndicates.

Ever wonder why identity thieves have enjoyed
so much
success this year in pilfering laptops
from careless employers?


The Ponemon Institute, a privacy expert,issued a study
revealing just how big a problem laptop security
(or lack thereof) really is for American companies:

"81 percent of companies surveyed have
experienced
the loss of one or more
laptops containing sensitive
data
over the past 12 months."


"64 percent of almost 500 data-security
pros
surveyed admit that their companies
have
never performed an inventory to
determine
the location of customer or
employee info."


With survey numbers like those backed up by the record
number of identity theft incidents solely due to the
repeated twin mistakes one would wonder why these
obvious preventitive steps continues to happen:

  1. Unencrypted consumer data
  2. Consumer data away from a secure data center

Let's face it folks, Congress while very vocal recently over
the Veteran's Administration data breach, hasn't been
anywhere near as action oriented over the continued
data breaches caused by sloppy employers.

Until a few high profile and successful class action lawsuits
against the type of firms most consumers hold distrust for,
say a big oil company or financial services company, your
elected representatives in Congress and their primary
benefactors (the rich industrialists) are quite happy to
continue protecting their record profits while playing it
fast and loose with your most sensitive personal
data
.

So, our tip for today is for those Chevron employees, of
which roughly 1/2 of the 59,000 reside within the U.S.,
is to contact your company's benefit's department for your
"free" package of services to comfort you with this
identity
theft.

For all of the rest of us who have yet to be stung by identity
theft, count your blessings and get protected as soon as possible.
With over 90 million Americans already negatively
impacted
by these type of data security breaches, it's only
a matter of time before your turn is due to become the next
identity theft victim.

1 Comments:

At 11:09 PM, Anonymous Anonymous said...

"64 percent of almost 500 data-security
pros surveyed admit that their companies
have never performed an inventory to
determine the location of customer or
employee info."

Those survey results make me really angry.

I had my identity stolen over 3 years ago, causing me countless hours in phone calls and time away from work to clean up the mess of just a single scammer.

What I ultimately found out was that my case of identity theft was the result of "insiders" working at the USPS who were stealing so called convenience checks that were mailed out.

In my case, I never asked for the convenience checks to be mailed out by my credit card company. They just decided on their own to incentivize me to make more money for their own greedy purposes.

Now in the present day, to read this same type of problems still occurs because Congress either will not or can not do anyting about it is really frustrating.

You would think Americans would finally signal they've had enough of this treatment.

But, I agree with many of the things you say on your website, it's really up to us and your tips have proven to be very helpful.

Thank you so much Agent 99 and keep digging to expose the culprits so others may not ever have to experience this disruptive crime.

 

Post a Comment

<< Home