Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Network Security / GAO: Few Breaches Lead to ID Theft
GAO: Links Between Data Loss and ID Theft Unclear
GAO: Links Between Data Loss and ID Theft Unclear
By Frederick Lane / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
In a report issued on June 4, the Government Accountability Office found that while there have been frequent and widespread breaches of personal financial information, it is unclear that those breaches have resulted in actual cases of identity theft.

"The extent to which data breaches result in identity theft is not well known," the report stated, "in large part because it can be difficult to determine the source of the data used to commit identity theft."

Lauren Weinstein, a cofounder of People for Internet Responsibility and a moderator of the Privacy Forum, generally agreed with findings of the GAO report. "It is very difficult to track down the source of the data used in identity theft cases," Weinstein said. "In any large enough pool of people, a certain number are going to suffer identity theft whether or not their data is lost on a corporate backup tape or government laptop."

Enormous Amounts of Data Lost

Without question, however, the sheer number of information breaches is staggering. With the help of groups that monitor media reports of data breaches, the GAO determined that there were some 570 breaches between January 2005 and December 2006. A survey by a House Government Reform Committee listed nearly 800 breaches of federal agency data during a three-year period running from January 2003 to July 2006.

As the report noted, virtually every type of institution charged with protecting private information -- federal, state, and local government agencies; retailers; financial institutions; colleges and universities; and medical facilities -- has failed to do so.

And even if the risk of actual identity theft is small, the number of people affected by these lapses in security is enormous, ranging from hundreds of thousands to tens of millions. As the storage capacity of drives and laptops increases, the amount of material that can be lost will increase accordingly.

Costs Outweigh Benefits?

The GAO report did not contain any specific recommendations, but did suggest that the costs of consumer notification and other remedial measures need to be considered, particularly in light of the difficulty of showing specific harm resulting from data breaches.

Weinstein agreed that a cost-benefit analysis is useful. "I'm not suggesting that data theft is not a serious problem -- it obviously is -- but there may be better ways to deal with the issue. Among other things, companies should not be using hard drives and laptops to transport data, and they certainly should not be doing so without encrypting it."

The other piece of the puzzle, Weinstein said, is to educate consumers about where the real risk lies. "You're at a much greater risk of identity theft," Weinstein suggested, "from someone who knows you -- a neighbor, a family member, an ex-spouse -- than you are from someone who finds a backup tape or rips off a laptop to make a few quick bucks."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.