- Microsoft lays out SQL Server road map
- Credit card skimming
- Nortel's stock market capitalization plummets
- Will Apple be forced to make more money?
- CAN SPAM: What went wrong?
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Last week I discussed how debt collectors operate, how much data they have access to and just how exposed our personal information is.
Unfortunately this is very much an IT issue because it is the quest to store and manage corporate data that has made it possible to aggregate and mine huge amounts of personal data. As much as this aggregation makes it easier to buy cars and houses and get credit, the downside is data becomes exposed and vulnerable because there’s not much in the way of control in how it is used.
Reader Don Dickerson (Houston, Texas) had some interesting background on the scale of the problem: “As IT director for a medium-sized collection agency, I can tell you that there are indeed many large databases out there that we use for ‘skip tracing’. . . [and] anybody posing as a business can get access to them.”
Don writes that getting access to this data simply requires that you fill out an application and pay the fees – there’s no background check and few other controls. “Some will do limited screening, but you can’t screen a business like you can a person.”
As if that weren’t enough, Don says various data vendors often offer additional information covering things such as “prison records and such. If it’s considered ‘public’ info, you can get it. Even if you are a 10 times convicted felon [or even if you have been] convicted of stealing personal info!”
So what information can be acquired? Don says Social Security numbers, known accounts (but not account numbers), known aliases, all of present and past addresses, the names of people living near the debtor (known as "nearbys"), people in the same town with the same last name (known as "possibles" as they might be related to the debtor), companies having made recent queries against the debtor’s credit and recent employers. “I’m willing to bet your caller was working a list of nearbys or possibles when they called for your wife.”
Don says that when he joined the debt-collection business he was “floored when I realized how much damage someone in my position could do if they were dishonest. But the numbers of collectors, across the country, sitting in front of all that data, [makes this] a very large time bomb. As IT people, we control an awful lot of data, that data really is not being guarded, and people really need to know just how much privacy they don’t have.”

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
Security Considerations When Deploying Remote Access SolutionsEffective network security is most successful when you use a layered approach, with multiple...

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Turning information into a Competitive AdvantageCompanies today are realizing that competitive advantage is harder to sustain when based solely on...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...

Discover why Unified Threat Management Firewalls are ready for the enterprise today. High...
The Evolution of Network SecurityWe have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (2)
bull hockey, who are you working for???By Anonymous on July 9, 2008, 6:09 pmYou sound just like a person working for a collector of some kind. As an IT profesional for over 20 years, his fears are more than well founded. If you had a clue...
Reply | Read entire comment
bull hockeyBy Anonymous on July 7, 2008, 1:38 pmstop fear mongering. don should be filing complaints with the ftc instead of telling you these fairy tales. is there a lack of personal privacy in the u.s.; yes,...
Reply | Read entire comment
View all comments