http
://www.presstelegram.com/business/ci_3969575
By Hope Yen
Associated Press
06/22/2006
WASHINGTON -- The government agency charged with fighting
identity
theft said Thursday it had lost two government laptops
containing
sensitive personal data, the latest in a series of breaches
encompassing millions of people.
The Federal Trade Commission said it would provide free
credit
monitoring for 110 people targeted for investigation whose
names,
addresses, Social Security numbers and in some instances,
financial
account numbers were taken from an FTC attorney's locked
car.
The car theft occurred about 10 days ago. Many of the people
whose
data were compromised were being investigated for possible
fraud and
identity theft, said Joel Winston, associate director of the
FTC's
Division of Privacy and Identity Theft Protection.
The disclosure comes amid a widening data breach that is
expected to
cost the government hundreds of millions of dollars. In all,
five
government agencies have reported data theft, including the
Veterans
Affairs Department, which on May 22 acknowledged losing data
on up to
26.5 million veterans.
Among them:
At the Agriculture Department, a hacker who broke into the
computer
system, obtaining names, Social Security numbers and photos
of 26,000
Washington-area employees and contractors.
At Health and Human Services, personal information for
nearly 17,000
Medicare beneficiaries may have been compromised in April
when an
insurance company employee called up the data through a
hotel computer
and failed to delete the file.
At Energy, Social Security numbers and other data for nearly
1,500
people working for the National Nuclear Security
Administration may
have been compromised when a hacker gained entry to its
computer
system last fall.
On Thursday, a House panel was cautioned that credit
monitoring alone
may not be enough to protect Americans whose names, birth
dates and
Social Security numbers were compromised at the hands of the
government.
During the House hearing Thursday, Mike Cook, a co-founder
of a
company specializing in data breaches, said identity-theft
victims
typically don't become aware they've been hurt until six
months after
their data was stolen, when creditors come calling for money
owed.
At that point, it's likely the thieves will have moved on
having made
just a few purchases so they don't attract notice and
started using
another victim's information.
As a result, a credit monitoring service would raise a red
flag after
it was too late, Cook said. He said data analysis technology
was
available to help identity theft as it occurs, particularly
in the
typical cases in which thieves use stolen identities to
fraudulently
obtain credit cards and then make purchases.
Associated Press writer Libby Quaid contributed to this
report.
_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
|