April 19, 2005

Links of the Day

Filed under: Consumer Outrage, Corporate Outrage, Privacy/ID Theft — TBlumer @ 1:45 pm

This is an evening travel day, which means a go-crazy-getting-ready day, so this will probably be the only post today. I’ll also be lucky if I can do one post each day during the next couple of days while I’m out.

Anyway, a few pretty important developments must be noted:

  • DSW x 10–The DSW personal data heist that was first brought to public attention a few weeks ago was originally thought to involve records of over 100,000 people. Now we learn that:

    Thieves who accessed a DSW Shoe Warehouse database obtained 1.4 million credit card numbers and the names on those accounts — 10 times more than investigators estimated last month. DSW Shoe Warehouse said Monday that it has contact information for about half of those people and started sending letters notifying them of the thefts, which happened at 108 stores in 25 states between November and February. A list of the stores is available on the company’s Web site.

    The stolen information did not include home addresses or personal identification numbers, the Columbus, Ohio-based company said in a statement.

    …….Besides the credit card numbers, the thieves obtained driver’s license numbers and checking account numbers from 96,000 transactions involving checks, the company said. Customer names, addresses and Social Security numbers were not stolen, DSW said.

    I would suggest that this represents a tipping point in the regulation of datakeepers. For better or worse, I don’t see how datakeepers can expect to avoid significant legislation. There have been too many incidents, and the number of records involved is just too large. Sometimes the cure is worse than the disease (I would cite Sarbanes Oxley in the public-company regulation arena as an example), but it appears that doing nothing about data privacy has just been eliminated as an option.

  • This was noted in my veto suggestion to President Bush on Bankruptcy “Reform,” but for those without the patience or time to read to the end, be aware that required minimum payments on credit cards will probably double in the next 12-18 months, from the usual 2% to 4% of the outstanding balance. This is a good news/bad news story–more on the potential effects of this when time allows.
  • ITAC update: The Identity Theft Assistance Center, an effort by the country’s largest financial institutions to help ID theft victims minimize the enormous hassle factor, has gone from a pilot project to a permanent service. I covered ITAC about six weeks ago, and noted that while it is a good idea, victims need to know to ask about it if an account at a participating financial institution is involved. I’ll provide more on the details of the service now that it’s permanent when I get a response from ITAC, but these two paragraphs from InfoWeek (the last two at the link) are encouraging.

    On the business front, the Financial Services Roundtable, a group of financial institutions, has made permanent its Identity Theft Assistance Center, which helps ID-theft victims for free. The center has operated on a pilot basis since August and has helped 700 people restore their identities. The center is funded by banks and operated by Intersections Inc., a provider of bank-branded ID-theft-protection services.

    The center’s rapid-response system shortens the time thieves can take advantage of stolen data and collects evidence to use against them in court. It takes, on average, two to three weeks to restore a victim’s credit history once the center is notified. The center wants to reduce that to two to three days through process improvements.

Fixing things in 2-3 days would be pretty impressive.