When video rental giant Blockbuster closed one of its stores on Lexington Avenue in New York City, it left a parting gift for enterprising identity thieves and scam artists -- boxes and boxes of customer membership applications, containing valuable personal information, all sitting on the sidewalk in plain sight.
Several boxes of membership applications were found sitting outside the store, all intact, and containing personal data ranging from customer names and dates of birth to credit card numbers and Social Security numbers, the Daily News reported.
Anyone who found thiedata could use it to wreak havoc in the customers' lives, from applying for credit in their name, to draining their bank accounts, to selling their addresses to collection agencies or data brokers. The Daily News called it a "fraud gold mine."
Reporter Tracy Connor collected as many files as she could and alerted the store manager that there were still documents outside.
"He didn't seem too interested," she recalled. "He got really belligerent and slammed the door in my face."
The Daily News staff is in the process of destroying all the documents they collected from the store site, Connor said.
The manager formerly in charge of the store blamed New York City's Sanitation Department for not picking up the boxes, but failed to account for why the data wasn't shredded or destroyed prior to disposal.
The closed store's phone line was disconnected as of Tuesday, Oct. 11th, and no forwarding message or contact information was provided. Blockbuster media relations spokesperson Randy Hargrove stated that the assistant store manager in charge of the data was "terminated."
In an interview with ConsumerAffairs.com, Hargrove called the data's sloppy disposal an "unfortunate and isolated incident."
Blockbuster has taken several steps to ensure its customers records are kept private, including physically securing records under "lock and key" and discontinuing the practice of asking for applicants' Social Security numbers in late 2003, said Hargrove. The spokesman also claimed that new member applications were only retained for 90 days.
When asked how it was that many of the applications from the Lexington store -- presumably received in the last 90 days or so -- contained customers' Social Security numbers, Hargrove said that "the store may have been using old or incorrect applications."
"We're looking into that," he said.
Proper disposal of customer data is essential to ensure the records are not stolen or sold by identity thieves and scammers. The abandonment of customer data by the Credit Bureau of Topeka and the Experian Credit Bureau provided a frightening look at how easily individual data records can exposed to misuse if they are not properly disposed of.