Tag: data theft

Where is the law on identity theft?

If Choicepoint’s most recent investigation is on target, they are stealing it, that’s where.

Choicepoint recently discovered that some private investigators, an insurance company lackey, and…get this…a Miami-Dade police officer, were using Choicepoint data for their own devices.

Where should we go from here? I say the hell with the data broker’s profit margins. Lock the data down tighter than a snare drum, and make anyone who wants to access it go though a “top secret” level government security clearance screening.

Getting TAN while fighting phish

A German bank is attempting to thwart the phish in online banking through the use of pre-assigned transaction number identification. Online banking customers will soon be asked to provide a TAN when conducting a transaction, which is supposed to cut the emptying of accounts by thieves down to roughly 1%.

This is kind of like entering two passwords or PINs when conducting a transaction. One is permanent, getting you access to your account. The other is a temporary, one-time-use item assigned to the customer. The likelyhood of a scammer getting both from an account holder through a phishing exploit still seems pretty high (because, after all, many folks are still plain dumb). But given that TANs are assigned in just the hundreds, the ability of a thief to randomly generate the right TAN (if they don’t already have one) drop significantly.

I’m interested in hearing how this all works out. Whether US banks adopt a similar method is yet to be seen, but given that their back offices are already a data sieve, why would scammers really care about picking off a single customer anyway.

Doing what you’re not supposed to

It is all over the news this morning – a bunch of credit card data was held without consent, and now some of the data has been stolen. This problem is neither anything new, or isolated to the private sector – even the US Government can’t seem to keep their hands clean.