News
Commentary
5/26/2006
05:15 PM
John Soat
John Soat
Commentary
50%
50%

IT Confidential: Who's Got My Data? 'Cause It's Not Me!

When data privacy issues hit home, the effect can be eye-opening.

I'm not feeling too good these days. I graduated from Ohio University in 1978. Normally, I don't anticipate an audible gasp when I tell people this. But if you've been following the news about data theft, the name Ohio University should have a familiar ring. Earlier this month, the university said several of its servers had been compromised in a series of break-ins involving personal data on more than 300,000 individuals. The most serious break-in involved records on 137,000 alumni and dated back more than a year. I read about it in the Cleveland Plain Dealer. It didn't make me feel very good.

Then I got a letter from Ohio University informing me that I--my data--was indeed involved in the data compromises. According to the letter, "The record associated with the database ID# in the return address above DOES CONTAIN [emphasis theirs] a Social Security Number." That didn't make me feel very good.

I'm pretty familiar by now with these types of incidents, which are getting numbingly common. The most recent involves the theft of a laptop from a Department of Veterans Affairs data analyst containing personal data on 26.5 million veterans and their spouses. I knew it was possible, even likely, that the hackers involved in the Ohio University incident weren't looking for personal data, that they probably were using the servers for something else, as zombies. But the fact that, according to the letter, "the security breach dates to March 1, 2005, OR PRIOR [emphasis mine] but wasn't discovered until April 24, 2006," and that my personal data had been in play for that long, didn't make me feel very good.

The letter also pointed out that "computer intruders have targeted servers at colleges and universities across the United States," including Boston College, California State University, Iowa State University, Stanford University, the University of Connecticut, and the University of Texas at Austin. If that was supposed to make me feel better, it didn't.

I called the toll-free number. A young woman named Elisa recommended that I call one of the three credit-reporting agencies and put a "fraud alert" on my credit report. She told me to stay away from Equifax, about which they'd been fielding numerous complaints. I called Experian. The automated-response system directed Veterans Affairs' victims to a special number, which I took to mean the Ohio University incident had been pushed down the priority list. To order my credit report, I had to enter my Social Security number, date of birth, the numerical portion of my address, and my ZIP code. This sure didn't make me feel good.

Then I realized I'd made a mistake: I didn't want a copy of my credit report, I wanted to place a fraud alert. So I called TransUnion. Its automated response also had a special Veterans Affairs number. To serve me better, I first needed to enter my ZIP code. Then, to place a fraud alert on my credit report, I had to enter ... see above.

Now I'm waiting to get a copy of my credit report. And I'm waiting to hear if anyone applies for credit in my name. And I'm waiting to see if any of my credit cards have been compromised. And there's more of my data floating around in the ether than ever before. Do you have any idea how that makes me feel?

You know what would make me feel better? An industry tip. Send it to jsoat@cmp.com or call 516-562-5326.

The News Show will make you feel good--or not, it really doesn't care. Watch it at noon EDT every weekday, at TheNewsShow.tv.


To discuss this column with other readers, please visit John Soat's forum.

To find out more about John Soat, please visit his page.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of April 19, 2015.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.