by Larry Magid
April 8, 2014 was a scary day. Microsoft ended support and security updates for Windows XP, leaving millions of users vulnerable to hack attack from what will soon be an out-of-date operating system riddled with vulnerabilities. But by the end of the day, we had something else to worry about. Security researchers revealed that a flaw in Open SSL — the most popular Web encryption system — may have left private information exposed to anyone who knew how to exploit the flaw.
Data breaches and securities flaws aren’t the only ways people’s identity can be stolen but they are certain a major risk factor. As Bryan Hjelm, vice president of product and marketing for CSID, pointed out in his presentation, data breaches in 2013 exposed 822 million records worldwide. This year the data breach at Target exposed at least 40 million credit cards, some of which have already been illegally used for purchases.
Identity theft is a problem from cradle to grave, said Suzanne Barber, director of the Center for Identity Theft (scroll down to listen to the entire interview).
“More and information is being asked for by different organizations,” she noted. “The book club asks for information along with the grocery store, and you’re left with a dilemma — ‘I want the services and access that these different originations provide but they want a lot of information about me.”‘
Protect your social security number
One thing you should avoid sharing, she said, is your Social Security number, which is very valuable to identity thieves. A lot of businesses ask for your Social Security number to verify your identity but there are often other ways to do this.
I give my Social Security number to banks when I open a new account because it’s a government requirement that they have it for tax purposes. But when a doctor’s office asked for it recently, I declined because they don’t need it to bill me or my insurance company and they certainly don’t need it to treat me. If anyone asks for your Social Security number, ask why they need it.
Children most vulnerable
Barber said parents should be especially careful when it comes to their children’s Social Security numbers. She said children are 35 times more likely than adults to be identity theft victims. One reason is because children almost always have clean credit ratings, which makes them very valuable to identity thieves. Also, said Barber, parents tend not to monitor their children’s Social Security numbers and credit ratings, so they’re less likely to uncover a child’s identity theft until they’ve been victimized.
According to the Federal Trade Commission, warning signs that your child may have been victimized include their being turned down for government benefits because the benefits are being paid to another account using your child’s Social Security number. Other warnings include a notice from the Internal Revenue Service that the child’s Social Security number was used on another tax return or bills or collection calls for products or services not received.
Whether a child or an adult, you should check your credit reports at least once a year. You can get a free credit report from AnnualCreditReport.com or by calling 1-877-322-8228. This program is sponsored by the Federal Trade Commission. Do not confuse it with other credit reporting services that have “free” in their name.
I recommend that you check your bank and credit and debit card activity regularly. If you don’t already have an online account with your bank, set one up and go in frequently to look for recent activity, which is sometimes posted immediately after a transaction occurs. If you find anything suspicious, report it right away so you’re not charged and so the bank can investigate. This is especially important for debit cards because the bank will deduct any charges from your account immediately and you need to get them to reimburse you for any fraudulent charges.
Other types of identity theft risks include fraudulent tax returns, which could result in someone else getting your refund. There is also medical fraud — people getting medical services billed to your insurance account or prescriptions in your name. ID 360 conference speaker Ann Patterson said another risk is “misdiagnosis, mistreatment or delay in treatment,” due to someone getting medical care in your name.
The Identity Theft Resource Center advises people to use a cross-cut shredder to dispose of documents with personal information. They also advise that you “know your billing cycles and contact creditors when bills fail to show up.” That’s one piece of advice I would have never thought of. Few of us particularly enjoy getting bills, but better us than an identity thief.
This post first appeared in the San Jose Mercury News