[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RISKS: Social Security (sic) Administration fraud



----------------------------------------------------------------------

Date: Sun, 7 Apr 1996 22:12:30 -0500 (CDT)
From: Sean Reifschneider <[email protected]>
Subject: The weakest link: Social (In)security Administration

The URL "http://www.nando.net/newsroom/ntn/info/040696/info5_14984.html"
reports "one of the biggest breaches of security of personal data held
by the federal government".  Apparently several employees of the Social
Security Administration sold information including  SSNs and mother's
maiden names of more than 11,000 people to a credit-card fraud ring.

The fraud ring was able to use this information to activate cards which
were stolen from the mail.  Citibank had implemented a scheme which
required customers to "activate" their credit cards when they receive
them by calling a phone number and providing personal information like
their mothers maiden name.

It seems that while systems are being designed to protect our property, it's
just causing the crime to move closer to the person.  If someone steals your
credit card from the mail or your car from the parking lot, you're probably
at a safe distance.  Instead, they are forced to carjack your car at a
stoplight because of your alarm system, or find out personal information
about you.

Similarly, I heard about home breakins on alarmed houses in which the
burglar would regularly trigger the alarm and be careful to leave no
traces.  Once the police stopped coming (because the alarm was faulty),
they were free to break in and swipe whatever they like.

No matter how secure the system, the weakest link can be the clerk who's
paid $12K/year to work on the system.  It doesn't take much money to
convince this person to hand out our personal information.

This sort of thing kind of makes the hassle I went through in keeping my
SSN from my insurance company.  If you've never tried it, for me it was
a huge hassle...  Apparently, all of my claims needed to be handled by
hand by one of the supervisors.  Of course, if everyone did it, their
$4/hour clerks could take care of it.

Sean Reifschneider, Inimitably Superfluous <[email protected]>
URL: <http://www.tummy.com/xvscan>  HP-UX/Linux/FreeBSD X11 scanning software.

    [Also noted by Monty Solomon <[email protected]> quoting from Edupage,
    and [email protected] (Beverly Woodward), who cited the
    article in "U.S. Workers Stole Data on 11,000, Agency Says" in
    *The New York Times*, 06 Apr 1996, p. 6, from which most other
    reports seem to have been drawn.  PGN]


-------------------------------------------------------------------------
Steven Weller                      |  Weller's three steps to Greatness:
                                   |     1. See what others cannot
                                   |     2. Think what others cannot
[email protected]                   |     3. Express what others cannot