Guard against identity theft

By MIKE HIMOWITZ
2/19/2007 – By MIKE HIMOWITZ
THE BALTIMORE SUN

One morning 15 years ago, a friend at work left his wallet in the car when he pulled into his parking spot. When he returned, the wallet was gone, and with it his driver’s license, credit cards, Social Security number — and peace of mind.

The thieves were smart — they never used Charlie’s credit cards directly. But they were the only proof many merchants needed to open charge accounts in Charlie’s name. The crooks bought thousands of dollars’ worth of merchandise that Charlie learned about only when bills came due.

This was long before “identity theft” became a buzzword. But I can still remember Charlie’s tales of woe, in particular the frustration he felt when he couldn’t get credit bureaus to listen to his problem.

Fifteen years later, things aren’t much better. Banks, credit card companies, merchants, hospitals, charities and government agencies collect data about all of us. And unlike Charlie, we don’t have to be personally careless to suffer the consequences. The people who keep our data are careless enough.

Over the last week, for example, we learned that two respected Baltimore institutions, Johns Hopkins University and St. Mary’s Hospital, lost track of sensitive computerized data involving more than 250,000 people.

No one knows if the data actually wound up in the hands of criminals — it may well have been dumped into the trash. But there is a lesson here: the warnings we hear about electronic identity theft are often misdirected.

We worry about thieves who lurk in the Web’s electronic passageways, intercepting our credit card numbers when we shop on line. We worry about spyware that invades our computers and steals our personal information.

How often does that high-tech stuff really happen? Not all that often — compared to leaks and lapses in the institutions we trust.

Worried about a computer virus stealing your identity? That visit to the emergency room may be far more dangerous.

So is the restaurant you visited Saturday night — the one where the waiter swiped your credit card into his own little reader and sold the number to the guy down the street, who wholesaled it to a guy in an Internet cafe, who sold it to a gang of cyberthieves in Romania, who are happily charging stuff to your card and 10,000 other accounts filched in restaurants around the world.

There are two things you can do, short of turning into a hermit.

First, check your credit card and bank statements carefully and report irregularities. Be meticulous. Look for small purchases, $20 or less, from stores you don’t recognize. A scammer can make big bucks money charging odd sums like $17.68 to a couple of thousand cards — especially when many victims don’t notice it — and the cops won’t bother to investigate thefts that small from customers who do complain.

Second, insist on better consumer protection, such as laws requiring companies or institutions to inform you when personal information about you has been lost or stolen and requiring credit agencies to honor your request for a freeze on your credit reports — one of the best ways to fight identity thieves.

Don’t buy the arguments of the banking and credit card interests who have torpedoed such bills in the past. They want to do business as usual and don’t care if you suffer the consequences. That puts them in league with the scoundrels who want to steal your identity. Call your legislator today.

florida shredding