Data from federal records used to commit identity theft

Data from federal records used to commit identity theft

By Dennis Blank

Special to GCN

ARLINGTON HEIGHTS, Ill.'The government has become an unwitting accomplice in identity theft, said speakers at the High-Tech Computer Investigators Association meeting last month.

Crooks are having a field day with Web site listings of Social Security numbers gleaned from government records, the speakers said.

Armed with the numbers, thieves have obtained fraudulent credit cards and swindled victims out of $1 billion worth of products and loans this year. It can take victims years to clear up the resulting bad credit and debts, speakers said.



The chief sources of the numbers are Social Security Administration lists of dead persons, the Securities and Exchange Commission's mandatory filings, the Congressional Record and criminal wanted posters, said Brig. Gen. Joseph Composto, a Marine Corps lawyer.

'The information age presents opportunities for savvy, computer-literate enemies to use Social Security numbers as a method of attack,' Composto said.

Even though the Government Printing Office has stopped placing the numbers on military officer promotion lists, many Web sites continue to post them, Composto said. One Pennsylvania site lists 4,800 officers' Social Security numbers and has refused a request from the Secret Service to remove them, he said.

Composto recommended that the numbers no longer be used as military identification numbers. He said the identities of more than 40 Marine Corps generals and Navy admirals were taken from promotion lists in the Congressional Record and used by thieves to obtain credit cards.

High-ranking theft

Security consultant Andrea Morin of Roxbury, Mass., said two New Jersey men were found guilty this year of federal identity theft charges after they created 331 fake credit cards in the names of high-ranking military officers to obtain $161,000 worth of merchandise.

'They found the officers' Social Security numbers and military IDs on a Web site that copied the information from the Congressional Record,' she said.

Because of complaints, the Securities and Exchange Commission in the last three years has stopped requiring the numbers on some corporate filings. Even so, many forms still carry Social Security numbers of executives and officers who have made stock transactions.

Financial information providers, such as Bloomberg L.P. of New York, have access to the commission's Electronic Data Gathering, Analysis and Retrieval system.

The commission 'cannot compel a contractor to take [data] off,' said an SEC speaker who asked not to be named. 'Once it leaves our hands, it is theirs. There are some old paper filings where Social Security numbers still appear, and there is not too much we can do about that.'

SSA spokesman Mark Hinkle said his agency releases names and Social Security numbers of deceased persons because they 'are no longer covered under privacy laws.'

But 'a thief could easily target a dead person with the same name and possibly even the same city,' Morin said. She estimated the number of fake IDs on the Internet has increased by 65 percent in the last year.

'Most people are shocked when they find out that it is not illegal to sell a person's Social Security number without consent,' said Sen. Judd Gregg (R-N.H.), the author of a fiscal 2001 appropriations amendment that would prohibit such sales. 'They assume it is illegal to sell something so sensitive.'

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above