Business & Finance
News
6/29/2005
02:17 PM
Connect Directly
RSS
E-Mail
50%
50%

Survey Finds Up To 44 Million In U.S. May Be Victims Of ID Crime

A class-action lawsuit has been filed against CardSystems Solutions, where a security breach disclosed earlier this month compromised 40 million card accounts.

The number of Americans who've been victims of identity-related crimes could be as high as 44 million, according to a survey released Wednesday by Deloitte & Touche LLP and the Center for Social and Legal Research. A similar survey conducted two years ago found that 35 million Americans may have been victims.

The survey of 2,322 adults was taken in early May. Twenty percent of those surveyed said they've been victims of ID theft. When extrapolated across the entire U.S. population, the results suggest that 44 million may have been victims.

The survey found a growing awareness of ID-related crimes among the public; 87% of respondents said they've read or heard about consumer data being stolen or disclosed in error. Such stories have dominated the headlines in recent weeks; the latest and potentially the largest was a security breach at CardSystems Solutions Inc. that exposed more than 40 million payment card accounts to theft.

A class-action suit has been filed in California against CardSystems, Visa, and MasterCard seeking a declaration that CardSystems violated due standards of care in its data-security methods and that the card companies failed to provide timely notice of the nature and extent to which credit-card data was compromised.

According to the lawsuit, CardSystems had been alerted "by other entities" late last year that consumer data had been exposed and failed to take prompt remedial action or notify consumers. The suit alleges that CardSystems violated Visa and MasterCard rules against storing consumer information and also violated the Payment Card Industry Data Security standard by improperly storing credit-card and transaction data, failing to maintain a firewall, failing to restrict access to its computers, and failing to encrypt cardholder data.

The suit charges that MasterCard was remiss in not publicly disclosing the breach until June 17, even though it had been informed by CardSystems of the breach in May and had traced fraudulent incidents back to CardSystems in April.

The ID-theft survey found that the revelations of losses of personal data are affecting purchasing decisions: 64% of respondents have decided against making a purchase because they weren't sure how their personal information would be used, and 67% decided not to register at a Web site or shop online because the privacy policy was unclear. Equally telling, 70% of respondents agree that consumers have lost all control over how personal information is collected and used, and 59% said existing laws and company practices fail to provide a reasonable level of protection.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.