A watchdog group is stepping up its efforts to protect Social Security numbers.
The numbers are easily available, largely because they are used for so many reasons and last forever, The New York Times reported Saturday.
Betty Ostergren, a former insurance claims supervisor, says she lobbies to have the numbers removed from government Web sites. The Richmond resident's Web site, TheVirginiaWatchdog.com, tracks the online availability and removal of Social Security numbers on various state-run sites.
According to her site, the Florida Secretary of State's office expects to have Social Security numbers redacted from documents on its site by today, but Ohio still had many documents with the numbers visible online as of Monday, even though a federal judge issued an order in March to remove them.
The Times article said that credit card fraud is more pervasive than identity theft using Social Security numbers, but is easier to fix, since card numbers can be canceled and reissued easily.
Banks are among the better guardians of Social Security numbers, according to Panos Anastassiadis, the chief executive of the Arlington, Va., fraud monitoring company Cyveillance Inc.
The banks are very secure, he said. But dentist and doctor offices that keep the numbers do not have the same safeguards, he told the Times.
Ms. Ostergren said that finding celebrity numbers helps her draw attention to the issue, and that she has found numbers belonging to Donald Trump, Kelly Ripa, Gov. Jeb Bush of Florida, and former Central Intelligence Agency Director Porter Goss.
It's not very hard to find the numbers, she said. They are exposed everywhere.
A Texas county clerk may be in trouble, because of an opinion last week from Texas Attorney General Greg Abbott that would require clerks to remove Social Security numbers from public records.
The opinion said posting Social Security numbers online is illegal. Social Security numbers are at the heart of identity theft and fraud, and putting them online is dangerous, Mr. Abbott wrote.
Dianne Wilson, the clerk for Fort Bend County, began posting court files online in 2003, and many of them, such as probate documents, include Social Security numbers.
Mr. Abbott wrote that even though the numbers need to be included in some public documents, they must be redacted before those documents are made available to the public.
Fort Bend County Attorney Roy Cordes would not say whether Ms. Wilson would face prosecution. She could not be reached for comment because she was attending a conference in Austin, the Fort Bend Herald said in an article published last week.
Some phishers have taken to calling consumers, pretending to be court officials, and threatening fines if people do not divulge their personal information, according to an article MarketWatch.com published Monday.
In extreme cases, the scammer says the victim never showed up for jury duty and could be fined or arrested, the site said. The scammer then asks for personal information to rectify the situation.
Other scammers simply tell the victim they have been called for jury duty and must give their personal information, the site said. If the victim refuses, the pressure rises, and the scammer threatens fines.
The Federal Bureau of Investigation says that court officials never ask for Social Security numbers by phone.
A Memphis fitness center managed to lose the Social Security numbers of several job applicants.
An employee of the L.A. Weight Loss franchise left employment applications of several dozen people in a box next to a Dumpster, according to a report that aired last week on WPTY-TV in Memphis.
The employee has not been fired, according to the gym, which said it was an honest mistake. The gym is offering the affected people a year of identity theft protection.
Hackers at a Hong Kong accounting company managed to make $2.7 million on insider stock trades by getting advance looks at press releases of U.S. public companies, the Securities and Exchange Commission said Monday.
The agency filed a lawsuit against Blue Bottle Ltd., which is chartered in Hong Kong and operates from London, and against the firm's chief executive, Matthew Charles Stokes.
The SEC listed several examples of trades in which Blue Bottle profited from advance notice of company announcements. For example, it bought options to sell shares in BJ's Wholesale Club Inc. of Natick, Mass., on Jan. 3, a day before BJ's announced its earnings would come in below expectations, according to the SEC. BJ's stock dropped 4% that day, earning Blue Bottle $12,000.
Blue Bottle made more than $1 million buying shares of Symantec Corp. of Cupertino, Calif., on Jan. 12, which made a similar announcement the following day, leading to a 13% drop in its share price, according to the suit.
Altogether, Blue Bottle has made 12 illegal trades since January, Bloomberg News reported Tuesday.
Caught on Video
Austin police officials have released what they call a surveillance video of a data breach in action.
The video is from a Feb. 13 laptop theft at the Seton Healthcare Network, a nonprofit that operates hospitals in the Austin area, officials said.
The computer was password-protected but had the names, birth dates, and Social Security numbers of 7,800 uninsured hospital patients who used Seton emergency rooms, outpatient services, and health clinics since July 2005, according to the police.
The video show a white male with a dark jacket and light pants leaving a room with what appears to be the stolen hardware. KEYE-TV of Austin broadcast the video, which was available as of Tuesday on the popular Web site YouTube.
By Daniel Wolfe
Security Watch is a weekly roundup of news and developments in data security and their impact on financial services companies.
E-mail comments, ideas, and suggestions to Daniel.Wolfe@SourceMedia.com.