New technology's impact on identity theft

Qing Hu, a professor and chair of logistics, operations and management information systems at Iowa State, says those new technologies won't even make a dent on the identity theft problem.

"Identities are sold around the world quickly after they are stolen through online auction sites operated by organized crime or hackers, and they are used for a number of purposes -- most of which do not need a personal presence where a retina scan might be used," said Hu, who has been conducting research on corporate information security management and user behavior toward information security technologies since 2005.

"They [stolen identities] can be used to apply for new credit cards, making duplicate cards for online purchases of digital services and products where physical delivery is not needed -- online games, pornographic material, music download, fake account for money laundering, etc.," he said. "It is rare that a criminal would take a fake ATM card to go to a physical machine to take cash out, knowing that almost all ATMs today have cameras to record every transaction."

Steffen Schmidt, a University Professor of political science who is also a researcher in ISU's Center for Information Protection, shares Hu's information security outlook amid new technology. The co-author of two books on preventing identity theft -- "Who Is You: The Coming Epidemic of Identity Theft" (The Consortium, 2005) and "The Silent Crime: What You Need to Know About Identity Theft" (Twin Lakes Press, 2008) -- Schmidt predicts identity theft will only escalate with technological advancements. 

Study: Identity theft hits record high

Criminals use social networks, online transactions to gather victims' information.

More people in the United States are falling victim to identity fraud. A study by Javelin Strategy & Research showed that the number of victims jumped by 12% to 11.1 million adults in 2009, the biggest increase since the survey began in 2003. Identity fraud continues on the upswing and we believe it will continue to rise if consumers fail to take proactive steps to prevent fraudsters from taking advantage of their offline and online transactions and their increasingly exposed personal information on social networks. The study said that total overall fraud rose by 12.5% to $54 billion. The perpetrator is often someone the victim knows, such as a family member or presumed friend, according to Javelin founder James Van Dyke. The number of new credit card accounts opened fraudulently rose 39% in 2009, with new online accounts more than doubling, and the number of new e-mail payment accounts rising 12%. The study also found that 29% of identity-fraud victims said that mobile phone accounts were fraudulently opened in their names.

We must be vigilant with whom you are sharing your personal information and where you are sharing it.  

The Consequence of Even a Small Data Breach

We often discuss with our clients the substantial increase recently in the cost of experiencing a breach of data. One aspect that isn't often considered in that increase is the new power of social media in our world. I experienced this recently when I was scheduled meet with a medical practice administrator and was unsure of this clinics location. Not to worry with the power of maps and Google on my I-Phone I'm a direction genius. (Never again can my wife make me ask for directions!) A couple key clicks later the top link in Google provided the information I needed on Citysearch.

Of course I noticed (as everyone else that Googled this clinic would have) that they were only given 2 out of 5 stars based upon their reviews. Curious as to why one click later I learned they have a very upset patient who shared the gory details of her medical chart that was lost by this clinic and her confidence in the fact that if you work with them they will also lose your information!!

Ouch! One person now has that much power. The story wasn't broadcast on the nightly news, not in the local paper, just where vast majority of new patients would go to find your location.

It's been reported that it costs $200+ per record lost when a breach is experienced. Somehow for this clinic I think that it is substantially higher.