Home > Identity Theft > When Your Identity is Tossed Out the Window… Literally

Comments 0 Comments

The scene of the crime is the Macy’s Day Thanksgiving Day Parade. This year was spectacular — great entertainment with many new balloons and floats. Fall was in the air and so, too, was the confetti. This year, however, some of it was comprised of shredded confidential documents, floating to the ground, courtesy of the Nassau County Police Department.

You see, the confetti strips dumped on the parade route at 65th Street and Central Park West included Social Security numbers, license plate numbers, phone numbers, police detail assignments, incident reports, and even details about Mitt Romney’s motorcade, likely from the second presidential debate at Hofstra University on Long Island. How do we know the Nassua County Police were involved? The documents included the acronym “NCPD”.

I wasn’t there, but an 18-year-old Tufts University student named Ethan Finkelstein was. He described one piece of confetti that settled on a friend’s coat. “It landed on her shoulder. It says ‘SSN’ and it’s written like a Social Security number, and we’re like, ‘That’s really bizarre.'”

Bizarre, indeed, but I think “insane” is a more appropriate word choice.

“That would have to come from our headquarters,” a Nassau County police source told the New York Post. “They have stuff that’s supposed to be shredded and go to burn piles. It sounds like some of it ended up where it wasn’t supposed to be.”

Yup, sure sounds like it. Gold star!

Let’s start with what we know for sure. Whoever committed this act of super nova-like stupidity (it’s too kind to call it negligence) either had one hell of a sense of humor (and disregard for the prospect of future employment) or s/he manifested more than a modicum of brain dysfunction. Actually, both qualities were in evidence. The deluge of personal identifying information on parade goers betrayed the sort of incompetence one might expect from a Tea Party sign painter. The actual event suggests a catastrophic failure of policy and procedure that confounds the imagination. How could such a thing be allowed to happen even one time?

Would you believe me if I told you it happened at another parade this year? Last February at New York City’s Super Bowl celebration parade for the New York Giants, some of the “confetti” dropped from office buildings was actually unshredded paper containing personal information and records — an identity thief’s El Dorado of Social Security numbers and medical records, including detailed information about a 54-year-old woman’s mammogram.

Some may be tempted to make light of such stories — until you consider that the mammogram results belonged to a woman who actually exists, who would be completely justified in thinking that her privacy had been systematically violated — and further, that a crime had been committed against her.

Still, some were unconcerned. “I don’t get the impression that people are actually going to pick up these pieces of paper and cause something like identity theft or something along those lines,”said one bystander. This point of view is dangerous and unsurprising — after all, identity theft, like the radiation at Chernobyl or the germs that cause cholera, is invisible, and thus easy for non-victims to ignore.

Like cholera, radiation poisoning, and a host of other ills, identity theft is all too real — even in a pastoral setting like Manhattan. We ignore it at our peril.

At the end of the day, these failures occur because policies and procedures are missing or ignored. They result from failures of leadership and management. A case in point: the Governor of South Carolina — who arguably should not be left within reach of anything more dangerous than a can opener, let alone a state government.

In October, it was revealed that more than 75% of South Carolina residents had their Social Security numbers, credit card numbers, and other personal information breached in August after someone stole credentials from one of 250 state employees with access to the South Carolina Department of Revenue (DOR) database.

Amazingly, that data was not even encrypted.

If you think that was stupid, wait till you hear the governor’s excuse. Encryption is “complicated and cumbersome technology.” Interesting point, but here’s the thing: encryption is not hard! It’s actually pretty simple. What’s hard is having your identity stolen, your accounts emptied, your credit ruined and your life turned upside down because bureaucratic brain surgeons in your state government thought encryption wasn’t worth the trouble.

Still, I’m sure South Carolinians will sleep much better having heard the governor’s subsequent suggestion — now that it’s too late — that encryption might be a good idea after all.

There’s no shortage of dumb decisions in the political sphere, but it’s worth asking just how badly our current cost cutting budgetary obsessions are warping our ability to make intelligent cost-benefit choices — especially in such high-stakes situations. From identity theft to cyber-warfare, our inability to weigh risks in a rational way is costing us big time — and may ultimately be our undoing. Example: In the past 24 hours, we’ve learned that the entire South Carolina disaster could have been avoided by spending as little as $25,000 for a dual password system to keep hackers out of that database. “I almost fell out of my chair,” said the co-chairman of the cyber-security subcommittee investigating the debacle. “For $25,000, we wouldn’t be here.” Would it have been worth it? 6.4 million consumers and businesses — given the chance — obviously would have said yes.

Frankly, this level of incompetence and disregard for the public good should be criminal. People in positions of public trust who allow such acts should be held accountable. Lose their jobs. Go to jail. Or both.

And we must mandate encryption of databases containing personal identifying information, from SSNs on down — and set criminal penalties for failing to do so.

When I said “we ignore identity theft at our peril,” I simplified too much. Too often, those who ignore these risks ignore them at other people’s peril — despite a clear fiduciary responsibility to defend the public. The Chief Executive of South Carolina is sadly yet another in a long line of shirkers and buck-passers, who don’t seem to understand what’s really at stake here. Whether the topic is identity theft or the fiscal cliff, it’s our job — as voters and as consumers — to hold these folks accountable.

Image: Caitee Smith, via Flickr

Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them.

Hello, Reader!

Thanks for checking out Credit.com. We hope you find the site and the journalism we produce useful. We wanted to take some time to tell you a bit about ourselves.

Our People

The Credit.com editorial team is staffed by a team of editors and reporters, each with many years of financial reporting experience. We’ve worked for places like the New York Times, American Banker, Frontline, TheStreet.com, Business Insider, ABC News, NBC News, CNBC and many others. We also employ a few freelancers and more than 50 contributors (these are typically subject matter experts from the worlds of finance, academia, politics, business and elsewhere).

Our Reporting

We take great pains to ensure that the articles, video and graphics you see on Credit.com are thoroughly reported and fact-checked. Each story is read by two separate editors, and we adhere to the highest editorial standards. We’re not perfect, however, and if you see something that you think is wrong, please email us at editorial team [at] credit [dot] com,

The Credit.com editorial team is committed to providing our readers and viewers with sound, well-reported and understandable information designed to inform and empower. We won’t tell you what to do. We will, however, do our best to explain the consequences of various actions, thereby arming you with the information you need to make decisions that are in your best interests. We also write about things relating to money and finance we think are interesting and want to share.

In addition to appearing on Credit.com, our articles are syndicated to dozens of other news sites. We have more than 100 partners, including MSN, ABC News, CBS News, Yahoo, Marketwatch, Scripps, Money Magazine and many others. This network operates similarly to the Associated Press or Reuters, except we focus almost exclusively on issues relating to personal finance. These are not advertorial or paid placements, rather we provide these articles to our partners in most cases for free. These relationships create more awareness of Credit.com in general and they result in more traffic to us as well.

Our Business Model

Credit.com’s journalism is largely supported by an e-commerce business model. Rather than rely on revenue from display ad impressions, Credit.com maintains a financial marketplace separate from its editorial pages. When someone navigates to those pages, and applies for a credit card, for example, Credit.com will get paid what is essentially a finder’s fee if that person ends up getting the card. That doesn’t mean, however, that our editorial decisions are informed by the products available in our marketplace. The editorial team chooses what to write about and how to write about it independently of the decisions and priorities of the business side of the company. In fact, we maintain a strict and important firewall between the editorial and business departments. Our mission as journalists is to serve the reader, not the advertiser. In that sense, we are no different from any other news organization that is supported by ad revenue.

Visitors to Credit.com are also able to register for a free Credit.com account, which gives them access to a tool called The Credit Report Card. This tool provides users with two free credit scores and a breakdown of the information in their Experian credit report, updated twice monthly. Again, this tool is entirely free, and we mention that frequently in our articles, because we think that it’s a good thing for users to have access to data like this. Separate from its educational value, there is also a business angle to the Credit Report Card. Registered users can be matched with products and services for which they are most likely to qualify. In other words, if you register and you find that your credit is less than stellar, Credit.com won’t recommend a high-end platinum credit card that requires an excellent credit score You’d likely get rejected, and that’s no good for you or Credit.com. You’d be no closer to getting a product you need, there’d be a wasted inquiry on your credit report, and Credit.com wouldn’t get paid. These are essentially what are commonly referred to as "targeted ads" in the world of the Internet. Despite all of this, however, even if you never apply for any product, the Credit Report Card will remain free, and none of this will impact how the editorial team reports on credit and credit scores.

Your Stories

Lastly, much of what we do is informed by our own experiences as well as the experiences of our readers. We want to tell your stories if you’re interested in sharing them. Please email us at story ideas [at] credit [dot] com with ideas or visit us on Facebook or Twitter.

Thanks for stopping by.

- The Credit.com Editorial Team