---------------------------------------------------------------------- Date: Sun, 7 Apr 1996 22:12:30 -0500 (CDT) From: Sean Reifschneider <jafo@tummy.com> Subject: The weakest link: Social (In)security Administration The URL "http://www.nando.net/newsroom/ntn/info/040696/info5_14984.html" reports "one of the biggest breaches of security of personal data held by the federal government". Apparently several employees of the Social Security Administration sold information including SSNs and mother's maiden names of more than 11,000 people to a credit-card fraud ring. The fraud ring was able to use this information to activate cards which were stolen from the mail. Citibank had implemented a scheme which required customers to "activate" their credit cards when they receive them by calling a phone number and providing personal information like their mothers maiden name. It seems that while systems are being designed to protect our property, it's just causing the crime to move closer to the person. If someone steals your credit card from the mail or your car from the parking lot, you're probably at a safe distance. Instead, they are forced to carjack your car at a stoplight because of your alarm system, or find out personal information about you. Similarly, I heard about home breakins on alarmed houses in which the burglar would regularly trigger the alarm and be careful to leave no traces. Once the police stopped coming (because the alarm was faulty), they were free to break in and swipe whatever they like. No matter how secure the system, the weakest link can be the clerk who's paid $12K/year to work on the system. It doesn't take much money to convince this person to hand out our personal information. This sort of thing kind of makes the hassle I went through in keeping my SSN from my insurance company. If you've never tried it, for me it was a huge hassle... Apparently, all of my claims needed to be handled by hand by one of the supervisors. Of course, if everyone did it, their $4/hour clerks could take care of it. Sean Reifschneider, Inimitably Superfluous <jafo@tummy.com> URL: <http://www.tummy.com/xvscan> HP-UX/Linux/FreeBSD X11 scanning software. [Also noted by Monty Solomon <monty@roscom.COM> quoting from Edupage, and WOODWARD@BINAH.CC.BRANDEIS.EDU (Beverly Woodward), who cited the article in "U.S. Workers Stole Data on 11,000, Agency Says" in *The New York Times*, 06 Apr 1996, p. 6, from which most other reports seem to have been drawn. PGN] ------------------------------------------------------------------------- Steven Weller | Weller's three steps to Greatness: | 1. See what others cannot | 2. Think what others cannot stevenw@best.com | 3. Express what others cannot