It’s been about four months since 2.2 million University of Utah Hospitals and Clinics patients’ billing records were stolen from a courier vehicle transporting the files to a storage center. The records, containing social security numbers and other personal information, were recovered a few weeks later and didn’t appear accessed. And those affected were informed and offered free credit monitoring. But, really, no one knows if any information was repurposed. In today’s technology age, the risk and fear of identity theft is all too real and close to home. Here’s what you need to know to stay safe:
What Is Identity Theft?
The Federal Trade Commission says identity theft is “when someone uses your personally identifying information, like your name, Social Security number or credit card number, without your permission, to commit fraud or other crimes.” The FTC estimates that as many as 9 million Americans have their identities stolen each year.
Identity theft comes in a variety of different forms ranging from something purchased on a stolen credit card, apartments rented under someone else’s name and even bank accounts opened and checks written under another name. While some cases of identity theft are resolved quickly, others take years and thousands of dollars to correct. The FTC reports that victims can be denied loans and lose job opportunities as a result of having bad credit caused by identity theft.
Although there isn’t a 100 percent secure method for protecting data, Scott Mitic, chief executive officer of TrustedId, says there are many ways companies should be keeping information safe. He says most major corporations use data encryption, secure storage, firewalls, data access authorization and network and PC monitoring to protect sensitive information. How-ever, mistakes can be made or precautions overlooked because of high costs.
Companies also need to be constantly looking for unauthorized traffic in and out of their network, as well as monitoring individual computers for suspicious activity, Mitic says. Sensitive information should always be encrypted when stored or transported and companies should carefully consider who they share information with to ensure similar safeguards would be used. Last but not least, employees must be monitored and trained.
“Employees should only have access to sensitive personal information on a need-to-know basis and those individuals must have annual background checks,” Mitic says. “Employees also need training in social engineering ¬— tactics used by identity thieves, such as posing as law enforcement agents to trick individuals into voluntarily surrendering personal information.
The most important pieces of in-formation to protect are your name, address and social security number, Mitic says. This combination of data allows thieves to open new credit cards, apply for loans, start utility or cell phone service and, thus, derive the greatest financial benefit. Medical insurance information is increasingly being sought after since it allows thieves to receive medical benefits under someone else’s name. Children and senior citizens are also popular identity theft targets.
The FTC encourages consumers to watch bills and bank statements closely to look for fraudulent activity, and file a police report, check credit reports, notify creditors and begin to dispute unauthorized transactions immediately if they find a problem.
Where To Turn
Many companies specialize in protecting consumers from identity theft while others deal with the aftermath of fraudulent activity.
“Companies like RSA, Symantec and McAfee all have advanced solutions that assist companies in protecting data,” Mitic says. “Companies like TrustedID have solutions that mitigate the aftermath of a data breach, where fast and comprehensive protection of affected individuals is paramount.”
TrustedId has products that allow consumers to freeze their credit, monitor credit card use, receive credit reports and remove their names from large databases that feed into pre-approved credit cards. TrustedID also provides services to companies or organizations who have been victims of a data breach providing them with a crisis response plan that will protect the individuals affected.
Local companies are also aware of identity theft risks and are actively pursuing solutions.
White Canyon Software, based in Orem, is well known for its file deletion software WipeDrive and is approved by
the Department of Defense. The technology allows users to erase all files on their hard drives before get-ting rid of old computers. According to White Canyon’s Website (www.whitecanyon.com
), simply deleting files and reformatting a com-puter’s hard drive is not enough — many files, though erased, can still be accessed by identity thieves. SecurityMetrics, Inc., (www.securitymetrics.com
) also based in Orem, is another local company fighting the war against identity theft with Appliance, which is similar to an anti-virus program, but more advanced. According to SecurityMetrics’ site, Appliance promises advanced intrusion prevention and detection.
The state of Utah also wants to help its residents. The Utah Attorney General’s Office has implemented IRIS (Identity Theft Reporting Information System). According to Utah Attorney General Mark Shurtleff, only 33 percent of identity theft crimes are reported to law enforcement officials and identity theft is the fastest growing crime in the country. IRIS is set up to allow Utah residents to learn more about identity theft, report it and recover from it.
5 Ways to Protect Your Identity
Scott Mitic, CEO of TrustedID, offers a few simple tips to keep your identity safe from thieves.
1. Shred personal information, like pre-approved credit cards, before throwing in the garbage.
2. Change online passwords monthly and avoid easy-to-hack passwords such as birthdays and anniversaries.
3. Freeze your credit as soon as you learn your information has been breached.
4. Beware of phishing scams and don’t give out your personal information via email, phone or regular mail unless you initiated the contact.
5. Always use firewall, spyware and virus software, updated regularly, to protect your computer.