CONSUMER NEWS    RECALLS    COMPLAINT FORM    SCAM ALERTS  


Complain about a product or service
Small Claims Guide | Class Actions | Lemon Law | FAQ | Resources | Newsletters | Spanish
Automotive    Education    Electronics    Family    Finance    Health    Homeowners    Shopping    Travel   
NEWS   Latest |  Archives |  Auto |  Cells, etc. |  Computers |  Financial |  Health |  Homeowners |  Parents |  Privacy |  Scams |  Seniors |  Travel

650,000 Shoppers in Data Breach

Lost data storage tape contains info from JC Penney, others


By Martin H. Bosworth
ConsumerAffairs.com

January 20, 2008

Identity Theft
Identity Theft: One Woman's Story
Xbox or PC Stolen? Don't Forget to Cancel Your Credit Cards
Identity Theft a Growth Industry in Texas Border Towns
FTC Warns Consumers About Tax Rebate Scams
Big Banks, Telcos Top Identity Theft List
Identity Theft Tops FTC Complaint List Again
Study Claims Identity Theft 'Continues To Decline'
650,000 Retail Customers Exposed In Data Breach
Children Becoming Prime Identity Theft Targets
FTC Finds 8 Million Identity Theft Cases
New Jersey Wants Banks to Help Fight Phishing Scams
---
More ...

A data tape containing information on 650,000 retail customers went missing from the Iron Mountain data storage company's vaults in October, the company reports. The missing tape contains personal information from customers of J.C. Penney and 100 other retailers, including 150,000 Social Security numbers.

The loss was discovered when GE Money, the financial services branch of General Electric and payment processor for many retail operations, requested the tape from Iron Mountain.

According to Iron Mountain, the tape was never checked out but could not be found. Representatives of the company claim that there was no evidence the information had been used for identity theft, and that accessing the information on the tape would be difficult without "specialized knowledge."

An accidental loss of a back-up tape is not an identity theft issue or a crime; it is distinctly different from previous cases of malicious hacking or PC theft," the company said. "Since we notified GE Money of the missing back-up tape in October, there has been no evidence to suggest that any person's identity has been compromised as a result. And we don't know of any incident, ever, when a lost back-up tape has resulted in identity theft."

Iron Mountain boasts on its Web site that it is "the leader in records and document management, so we know how to protect personal information. We use the strictest safeguards, including encryption, access controls, firewalls, intrusion detection, virus protection, and secure data destruction. We also have redundant systems, to ensure fast recovery in the event of a disaster."

"You can absolutely depend on Iron Mountain to secure your backup data and ensure quick recovery of your vital information in the event of a loss," the company advertises.

GE Money has offered to pay for a year's worth of credit monitoring for affected customers.

Since the discovery of the tape and investigation of the incident, the company has sent letters to customers informing them "We have no reason to believe that anyone has accessed or misused your information. The pieces of information on the tape would not be enough to open new accounts in your name, and we have implemented internal monitoring to protect your account number from misuse due to this incident."

Covering the tracks

Exact links between data breaches and identity theft can be difficult to trace, due to many factors, such as the amount of lost or stolen records, what kind of information was lost, and "synthetic identity theft."

Synthetic identity theft involves taking pieces of different people's personal information and combining them into a new identity, making its misuse harder to distinguish as fraudulent.

A 2007 report by the Government Accountability Office (GAO) found that law enforcement agencies often could not track cases of identity theft back to data breaches, as some instances of fraud did not occur until a year or more after the breach.

And the amount of exposed personal information continues to grow apace. According to the watchdog Identity Theft Resource Center's 2007 data breach report, there were 448 data breaches last year, exposing over 127 million personal information records to potential identity theft or fraud.



Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.


Consumer News

May 17 2008

Recent Recalls & Safety Alerts

READER SERVICES

Print, Email & More

Subscribe

Free consumer newsletters
Sign up now!



Back to the top |

Advertisement


Home | Rogues Gallery | Good Guys | Complaint Form | News | Recalls | Search | Video | FAQ |
Consumer Resources | Small Claims Guide | Lemon Law | Newsletter | Contact Us
Advertise With Us | Testimonials | Newsroom | RSS Feeds | Radio | Job Postings



Terms of Use Your use of this site constitutes acceptance of the Terms of Use

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Company Response Welcome If complaints about your company appear on our site, we welcome your response. Please see the Response Form for more information.

For more information, see the FAQ and privacy policy. The information on this Web site is general in nature and is not intended as a substitute for competent legal advice.  ConsumerAffairs.com Inc. makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof. 

Copyright © 2003-2008 ConsumerAffairs.com Inc.  All Rights Reserved.