I know that a few people wish the credit agencies were abolished but I remember back when credit was difficult to get before the credit agencies. Imagine a world without interbank credit cards and getting a mortgage or car loan took days to get, assuming they would approve you anyway. Imagine if you could not purchase anything over the internet.

Just because credit agencies are now corrupt and greedy doesn't mean we should abolish them. We should regulate them better and hold them accountable for their actions, just like any other business that handles are information. Second, we should be considered "owners" our our own information, meaning we should have the right to see it and a right to fix mistakes without thousands of dollars in legal bills.

One of the biggest issues with identity thieft and the clean up is the fact that retailers or banks seem to have no obligation to confirm the person they are dealing with. It is as if they can manufacture an invoice out of thin air and suddenly say: "You owe me X." Regardless if you were the recipient of the services. ID Theft can be solved simply by placing the full burden of proof on the vendor to confirm who they are dealing with at all times. Information typed in a keyboard through a monitor or mailed in on a filed out form can no longer cut it. Saidly I don't think this will ever happen. Consumers are not protected only businesses. This flaw in our system needs to be corrected.

Much to the chagrin of US businesses and authorities, the UK has had a Data Protection Commissioner for over a decade. Businesses holding and processing data must be registered. Businesses that lose data get hefty fines. That doesn't mean losses don't happen, but they are highly publicised and don't seem as common as in the US. There are such acts and commissions throughout Europe with moves afoot to give them even bigger teeth.

We are not going to see any reform to the way our personal data is handled until the parties that are compromised are held fully responsible for all expenses related to our lost data. This includes lost wages while dealing with these issues, hiring outside services to monitor and run down attacks on our credit and punitive damages. Why aren't there federal standards for handling your information with severe penalties for not following the letter of the law? Why are you responsible for picking up the pieces of their data breach? These idiots act like a year of credit monitoring will protect you from any attempts to utilize your information and after a year your info can't be utilized anymore. Wake up... you could be spending the rest of your life chasing down one fraudulent attempt to tap your credit after another and at your own expense. MAKE THEM PAY !!!

We received a notice from Wells Fargo in California about one-and-a-half years after the theft was discovered. The data loss happened after a contractor for their company stole (and sold) the data from the laptop they gave him! I have since found out they have had similar major data losses twice before this! Their belated solution was a year of free credit monitoring by Wells Fargo! (Protection from the very same company that can't protect our data in the first place?! You've got to be kidding!) By the way, my neighbor just lost her job as a medical encoder to a company who encode our medical records in Pakestan! No worries about HIPPA violations here! Where are the lawyers and their class action lawsuits now that we actually need them?

i got one of those kind of letters from a motel i had stayed at. by the time i got the letter it had been months.
then one day apparently someone tried to use my card info and(tried to join match.com with it) the business shut em down and reported all the info to its fraud unit. thanks to trying to use it over the internet theyd handed the law there location.
then three days ago i bought something off the net and apparently put in the wrong expiration date. within 24 hrs the card company was calling,had cancelled the purchase the whole nine yards. i had to reorder what id ordered but no problem considering what it could have been. they didnt waste any time. from the time i got the letter i immediately called experian and put that alert thing on the card. then checked my card ever day for months over the internet
with no problems then bam just like i said the attempt to join match.com . i had to laugh because whoever was stupid enough to do it had given match.com there location by using a computer to try and use it.i never take my cards with me when i go out tho. if i need something i ll use my debit card instead. so im pretty happy havent lost a thing. i still check my card balances every couple of days
the credit services have some thing they put on there but wouldnt because id been verbally notified and/or would need a copy of a police report to do it so i did that 3 month thing and it worked out. apparently the card companies are keepin a close watch on it

These here data places should take best care of our personal stuff. We trust them to keep an eye on this stuff for us.

For years I have had an account with Regions bank. Last year I got a phone call from someone saying that they were calling me to see if I was satisfied with my account activity from the day before at the bank. I asked who I was talking to and was told the Gallup Poll was calling. I have in my accounts that no one, ever, under any circumstances, should be given any information about myself from that bank. Went to the bank and found out that they give your personal information out to different companies for customer satisfaction or whatever polling circumstances they are using them for. I looked right at my account information and showed them it says right in my account not to do that for anyone. Better check with your financing places to make sure they don't give your information to anyone for anything.

For the individual reporting that his or her pharmacy reported theft and hacking, that doesn't happen that way all the time. Recently, my husband received a letter from Walgreens and in that envelope was a letter addressed to a whole different person at a whole different address, giving him a new pharmacy prescription card attached. I called Walgreens and informed them of what they were doing and told them I wanted feedback from them of what was being done about it. They did absolutely nothing, no feedback at all and I have no clue what else happened after that. I did notify that individual by letter what happened with his card attached and no word from him yet. So maybe talk to your pharmacy, and really anyone you have an account and make sure that your privacy is protected. also another point coming up next input.

Anyone can be a victim of identity theft.
It can happen in minutes, and take years for the fallout to stop.
More and more people from every walk of life are victimized each day. The results can be overwhelming; a loss of time and money spent by victims trying to put their lives and finances back in order. Pleople just have to be proactive not reactive, believe or not Identity Theft now is the bigger than the international drug trade.

I received a letter from a data transport and storage company telling me my data was compromised, but it didn't tell me what data was compromised. I called and inquired as to what was at risk: my credit cards? my on line banking? my investment accounts? my medical records? Long story short they couldn't tell me what may have been compromised. Apparrently they just haul boxes of records around and store them in warehouses in New Jersey, where they lose the stuff.

I can't imagine that this storage company does not have a way of drilling down to establish what was actually lost, but instead they prefered to do the minimal, providing a vague notification to those effected. What is one supposed to do in this situation, close up all accounts?
I think a requirement around specificity of information compromised is needed.

The Credit Bureaus can and will put anything on your credit report that a supposed creditor sends them. What ifyou do not want any information about you kept anywhere other than with the I.R.S.? How can you get completely deleted from Equifax, TransUnion, and the other one? Timothy McVeigh hit the wrong building.

"...consumers don't react strongly to the announcements. In fact, the vast majority don't even take up a company's offer of free services like credit monitoring as apology for the transgression..." Why would anyone want to engage in more services from a company who has shown negligence with personal data in the first place? My experience has been that if a company did not fulfill its promise to keep my data private, I sever ties with them.

The biggest reason few people take the notices seriously is because the credit card companies and the banks have slowly become just another bunch of crooks that scam the public everyday, and then ask for a handout when they're going under. With their rising interests rates, the penalties and fees they charge for a late payment, and all the junk mail they push on the public everyday, it's no wonder the average person just throws these notices in the garbage. They are just the latest members of the elite in this country that milk the hard working american of his sorry little paycheck.

With all the companies that gather information on us, and the sloppy way this information is stored and sold, it is no surprise that it is so often 'lost' or 'misplaced'. The real problem is that these same companies are not held accountable. Sure, they offer a few months of monitoring your credit files, but in truth they should be held financially and criminally liable for their failure to protect this information. Send the b*stards to jail. Make them post bonds to ensure that the theft of your identity and/or information doesn't happen.

I was a victim of idenity theft last year. My credit score actually went up. LOL

Your personal info is out there from birth, every school you attended, job applied for & not hired, every agency/govt dept:tax board, dmv, your HMO. They aren't guarding your info. Data is sold and intercepted from Point-Of-Sale transactions. Medical ID theft can kill you if they use ur HMO for tests or surgeries they can't afford, but now ur Medical Record is altered- its illegal to change ur medical records btw. SSN id theft where they work in ur name & don't pay income tax on so now the IRS wants you, character/criminal ID theft where ur ID or drivers'license is used when they're arrested or detained then don't show up for court.Now a warrant in ur name. LifeLard wont save you, citibank can't help you. How can u dispute an incident if thieves use a fake address? After 60 days the debt is yours and banks/cc have passed legislation to protect THEM, not consumer. Basically you need an attorney 80% of the time and restoration services like what Pre-Paid Legal™ provides (partnered with Kroll Background) both in business over 35yrs.

i went to prison for credit card fraud and i will tell you that half the people in the world have no idea what a person can do to ones life, not just credit. what i did was totally wrong and i deserved to go to prison. i not only ruined someones credit i almost ruined there life, there marriage and many other things that go with it. if i was to write a book and all the things i know i probably could make a fortune. i could be the very best security consultant around if anyone would give me a chance. but you know how that goes. i would first start to tell everyone to get a locking mail box, that would cut down all the mail fraud thats happening here in the u.s. and i could list many ways not to get ripped off, but the man who writes this collumn would get mad. lol. i am a mother of 4 who for years tried to get on my feet and just went about it all the wrong way. thanks for letting me share that with you all. identity theft is no joke and i wish they could put a end to it all. sitting in a prison cell for 2 years makes you look at life a lot differently. believe me

Perhapsw,if you have bad credit to start with,no chance of ne credit,and owe bills not being paid, id thieves don't want your info...the above scenario describes me,and i have no headache from id theft. and if i did,my credit report is already loaded....so what the hay.

As someone in the banking industry, I have seen several of these data losses happen. While I agree better notification to customers is needed, the real problem is with the technology/3rd party processors used by thousands of businesses. As retailers seek to increase profits, they look for the lowest cost processors of credit card/financial information. This result is that these 3rd party processors do not use high end encryption or firewalls to stop these hackers from entering their financial databases.

I received a check with the Dear John Data letter encouraging me to buy credit monitoring service, which I did for one year. Every time there is an inquiry into my credit I'm sent an email alert and am able to log in and check if it's legitimate. Works for me.

Businesses that allow confidential information to be released should be held criminally liable and fined $5000 for each record that is "lost or stolen". They should also have to pay each consumer a flat $5000 for any information that is "lost or stolen" and cover any additional expenses that we incur because of their negligence. Faced with tangible penalties, they will surley figure out a way to secure the data.

There is no such thing as identity theft! The identity is being stolen from the credit reporting agencies, and not from you. It is time to completely abolish the credit reporting agencies. They have done a terrible job serving us and did not protect us from the financial meltdown. They are unreliable, inaccurate and at worst costly. When an identity is stolen and a new account is opened, it is because it was stolen from the credit reporting agency. The credit agencies have a poor track record in developing a system designed to protect you first. Realistically, your financial information belongs to you first, and the process should automatically require your approval. Furthermore, we should design both an offline and an online process to accomplish this. Michele's comment on this messageboard hits the nail on the head- the information should be yours by default. The credit freeze options available are not very reliable and difficult to use. The process is simply broken. There is a difference between the information being stolen, and from the damage that results from it. For example, the theft of your personal information is illegal, but the ability to open new accounts from it is completely absurd. It is absurd that we allow this to go on. If any changes to your credit can happen only through you, then identity theft as we know it would cease to exist. We would still need safeguards, but there would be a huge difference for most ordinary Americans who should have to worry about this on a daily basis, or pay for this service. Via thousands of social networking websites, we track millions of personal data items, but the credit reporting agencies are frequently full of inaccurate information. Why do we need them when Google tracks so much more for so much less? It is time to write your Congressman and let them know that we need one single system and get rid of these amateurish services.

I put a freeze on my identity with all three credit reporting agencies. It cost me $30 for each one. When I need to have it unfrozen I call the credit reporting agency they use and for $5 I can have the freeze lifted for whatever period of time is required. I mostly use my debit card and only use credit cards as a cash management tool. This technique covers me completely and is no inconvenience to me. As a result my credit scores are very high and I know a) my identity is safe and b) I have the ability to get or use credit in an emergency or when I want to let my money earn money for a month. It works. The freeze capability was mandated by the federal government, who also set the fees that can be charged. It's only one of two laws passed by congress that actually works. The other one is the Do Not Call list. Every consumer should do this.

Excellent article. In addition, some comments by others I found useful:

_Kenda, Mobile AL (Sent Nov 20, 2009 11:49:04 AM) | Freeze your credit

_Freddie boy (Sent Nov 20, 2009 12:21:14 PM) | Live bank-free & pay bills via money orders

_Thomas Huffmire, Marlton NJ (Sent Nov 20, 2009 9:50:10 AM) | Freeze your accounts with credit agencies

--

Try doing this: Google: credit reporting agencies | Excellent sources of credit protection information

Please be informed that credit fraudis less than 28% of identity theft. Medical record theft is the major and most serious area of identity theft. You cannot control your information. If you atteneded school, gotten a job, gone to a doctor, bought a home, turned on utilities, been in the military, then your information is out there. Don't let your financial institution fool you into thinking you are protected. If someone steals your driver's license, commits a crime and uses your driver's license as ID, you, not them will be served a warrant, and your financial institution will not help you. Get the facts. Darrold G Parker (Cerified Identity Theft Risk Managemaent Specialist)

we didn't ask these companies to colect our data store our data,or transfer our data. If they were held responceable for their actions they would be far more careful. and the data would be in armored cars not in the back of a box truck.secondly if every other piece of junk mail didn't clame it was an emergency perhaps those that are would get proper attention.

The US Government has done little to protect citizens from data loss and this is one area the Feds should have full control over not the state.

As soon as a business entity looses data is should by law notify the Feds & citizen immediately as well as freezing the credit accounts. The companies or persons that allowed the loss no matter what the excuse should be fined heavily no ifs, ands, or buts.

Only when a government official has their data compromised do they do anything about it and these out of touch with the times Congressmen and women need to get with the program. We put them there and we can take that gravy job away.

The US is failing fast and it only has itself to blame and data theft is just part of the problem.

One of the systems at my local Hospital was hacked in to. They notified me immediately and offerred me free coverage for one year by a credit protection agency. I called the hospital after I got the letter and asked them about it. I also asked them how come my husband had not received such a letter since he had also been at that hospital for vairious tests. They explained to me just what part of their system had been hacked in to and what part had not been hacked in to consequently I was the only one to receive the letter. I decided to accept their free offer for one year. I was not hassled by any one to join anything after that year was up nor was I asked for information that the hospital did not already have.

I also have had my bank debit card number used by someone other then me although I still had the card in my purse. I don't know how they got my number but I suspect that someone at the gas station I went to the day before wrote my number down and then tried to use it. My bank called me immediately shortly after the incident happened and told me that someone had tried to do an internet transaction with my number and since it was an unusual one for me they wanted to know if I had done it. I asked them the company name, how much it was for, when the incident happened etc.. Needless to say it was NOT a transaction I had done with a company that I had never heard of and for an awful amount (over $500)that I would never have put on my debit card in the first place. The transaction was also supposed to have happened just a few minutes before I got the call when I was at work and had been for awhile at a clients home who does not even have a computer. My bank recommended that I immediately have them "hot card" that card and they would issue me another one with another number. I did exactly that immediately. It was inconvenient being without my debit card for a couple of weeks but I managed to do ok. My bank also said they would keep an eye on my account for the next couple of months just in case of anything which I very much appreciated. When I got home that evening I went to check out the site that they said the transaction had occurred on and there was not even one word of English on the site; I don't read or speak any other language so it was even at a site that I would never have visited had I not been checking out just who was messing with me.

I recently had a lens implant for a cataract. As I was walking out of the surgery room, where there were many other patients and staff, someone asked me for my social security number to register the lens!! Can you believe that, they asked me to basically tell everyone there my SS no. I was so suprised that I they would do this in this day and age. I told them that I would get back to them and later used my birthday. I am not sure if they used it or not.
It is unbelievable how some businesses have no concern over your personal data and that there is no much ID theft.

There is one site that is combating the identity theft war. Restoring Internet privacy - One Thread at a Time. https://www.threadthat.com. Launched November 1st.

It’s absolutely incredible. These companies really don’t care at all. They store every bit of information about you they can collect in case they might want to use/sell it later. Insurance companies and schools force you to use your social as an account number, Companies store your CC# your exp date, your home address... Anything they can. You have no idea. You swipe your CC at the movie theater; they store every bit of the magnetic info. for no reason other than they can. The worst part is they don’t even treat it as secure. The computers are not even encrypted most of the time. Access is rarely limited properly. It’s all because of one reason. They are not responsible for the damages caused. So why protect the information. They need to be held accountable for 100% of consumer loss. Expenses, time, lost wages, ect. Not just paying $15 / year per user. It’s cheaper to do that then to properly safeguard the information. Just another slap in the face of the average American. Our government ONLY cares about protecting our corporations’ bottom lines. I guarantee if an employee leaked the personal information of the CIO, he would do jail time and be subject to all their expenses. But a company does that to 100,000 people, and a letter saying “opps and good luck” is all they need to do. You have no idea the damage it causes and the amount of time is required to fix the problems. IT can take literally hundreds of hours PER issue. If you even can. And once the thieves have your info, they can hit you anytime until you die. Until a congressman or a senator has his house sold, or is unable to get a loan for a new house because of something like this, they will NEVER protect us. And let face it, one call from a senator to one of the credit companies, and instant fix. Have you ever tried to contact a credit company to get something fixed? It takes an act of god. We are advised to set up credit freezes and monitor our credit, but the reality of it is a bank will make the loan because the office is on commission regardless of what protection you have set up in your credit report. Then you get 15 days to prove it wasn’t you before your house is repossessed. If you’re lucky you might get an I'm sorry. Its ridiculous to use social security numbers for credit. It should be illegal. And to the people who advise to ditch the banks and credit cards.... That just isn’t realistic. You have to have a bank account to get a credit card to make ANY transaction online eBay or anything. To rent an apartment, they want to see bank statements. And you have to have 2 years of bank statements to buy a house. Forget about what happens if you’re robed or your mattress catches on fire.... Unless you’re willing to be homeless, it’s just not an option.

A couple of things here. When I am notified, the breach is a done deal. It's too late. And as to monitoring, I have to monitor every request for information given away by the credit bureaus? OR I have to pay to freeze and then unfreeze?

Bull cookies. They effed it up, let them pay.

And ALL of the things suggested at things AFTER the bird has flown.

A suggested change in the law, a small change. A mandatory firing of the security staff of ANY and ALL organizations that allowed my info to be breached.

Mandatory. Jail time if the loss is concealed,,,even for a day.

That is MY information. Not anyone else's.

Dean

The phrase "you cannot legislate stupidity" comes to mind here when I consider what can be done about these companies. Perhaps one or more of them will establish a really secure database, with structured access protocols, and a validated recovery plan to protect consumers. This might be the "better moustrap" that would lure consumer accounts to their doorsteps. Until then we are all at their mercy. People who choose to use cash are still somewhat vulnerable, unless they live in a cave in the wilderness. (Think IRS)

I received it from an employer where I worked 7 years ago.

All of the "Dear John" emails that I have ever received have very similar wording. Most have IDENTICAL wording. Some have the wording changed a bit to make it look different, but the form of the English is messed up, indicating a poorly educated (in the English language) thief wrote it. Almost all of them refer to an account I never had with a company that I have never done business with. They always look like a mass mailing.

If it is legitimate, I expect it to be more personal, with some indication that they really are referring to my account. Otherwise it goes directly into the trash can. A printed letter in my brick mailbox in front of my house with appropriate account identification information on it, or a notice in my mailed account statement, would get my attention. Of course, the email would also get my attention if it included appropriate account identification information. Then, I would know it to be genuine rather than a hoax because the sender of this letter would not need to ask for my account ID information.

Pardon me, but why not just have the companies directly contact the credit agencies instead of this three-ring circus. As soon as a credit breach has occurred the companies should report the information straight to the credit agencies, then notify the consumer.

Tried to use letter information to gewt free credit report for year. No go. The credit company claimed the sign up code was not good. So froze all credit bureaus on line and it is superb protection. Agree Companies should not keep credit info. We need new work done on this.

Tuesday our company was a victim of payroll fraud. Someone hacked into our account and ran a bogus payroll. They changed the direct deposit accounts and did a $23K payroll. I got the money back from our bank as it was definitely fraud. This was the most stressful thing that has happened regarding fraud and I've had my purse stolen before.

While putting a freeze on an account or even doing an monthly credit monitoring seems great to some people.I am happy to report that it does not take too much time and effort to be free from scams. All I do is take care of my information like if it was my life. Making wise choices and not paying attention to easy fixes or too good to be true offers.

I would have loved to notify the credit agencies immediately, but we were notified by my pharmacy benefit manager for my health insurance plan that their system had been hacked nearly a YEAR after it occurred! At that point any damage had been long done. The PBM involved, Express Scripts Inc., was blackmailed by the hackers and (conveniently) did not notice the extent of the damage for some months. They initially notified their members that only a few people had been affected. By the time I finally got the letter it was all but useless to me.

There ought to be severe penalties for companies who sit on this type of information. I think it is disingenuous for a company to claim that they didn't know the extent of the theft for a full year when they were the subject of attempted blackmail. EVERYONE in their system should have been notified at the time they discovered this, just to be safe. They are more concerned with their public image than with the security of their members' data.

I would have loved to notify the credit agencies immediately, but we were notified by my pharmacy benefit manager for my health insurance plan that their system had been hacked nearly a YEAR after it occurred! At that point any damage had been long done. The PBM involved, Express Scripts Inc., was blackmailed by the hackers and (conveniently) did not notice the extent of the damage for some months. They initially notified their members that only a few people had been affected. By the time I finally got the letter it was all but useless to me.

There ought to be severe penalties for companies who sit on this type of information. I think it is disingenuous for a company to claim that they didn't know the extent of the theft for a full year when they were the subject of attempted blackmail. EVERYONE in their system should have been notified at the time they discovered this, just to be safe. They are more concerned with their public image than with the security of their members' data.

Living bank-free. I cash my paycheck, pay cash for everything except for bills (50 cents ea for money order). Nothing on line, and best of all -the bank doesn't get to cash in when I swipe a debit card. They hate that. Without my money, they can't gamble. Without fees, I save MY money I earned. After major bank merged my account with somebody else's I learned the hard way. Hey,banks, I wasn't earning interest on my accounts anyway. I earned it, you don't get any of it!

Maybe it should be the other way around. Credit is automatically frozen without charge, and we have to pay if we want it unfrozen to apply for financing. Would cut down on identity theft and personal bankruptcy too. Bet the banks and credit companies would love that (NOT), but it's to the benefit of the consumer.

Mike (brother signed up & cannot cancel), When you cannot seem to contact a company by phone, find the mailing address of the company, send a certified letter with a proof of deliver signature card to the company. Make sure that the certified-letter number is typed at the top of the letter. That often gets their attention, as it may be preliminary to legal action. (No joke--a renter did that some years ago and ended up owning the apartment complex after the rental agency ignored him, the court summons & the judgement that followed; so the court sold the apartment to him for the cost of the settlement and maybe court fees, which was a tiny fraction of the value of the complex.) Give them notice that you want the charges to stop by the end of the current billing period (or 30 days). After that, start contesting the charges through your bank, and close the account that they're autobilling. Talk to your bank or cc-company and make sure that they don't keep paying autopayments on a canceled credit card. (I've heard of it happening.) Then there is small claims court. Keep copies of all correspondence and receipts or proof of delivery. Courts prefer a paper trail, and proof that you've tried to solve the problem.

I got one of these letters, and took the free credit monitoring service that the company who lost my data offered me. The problem was the "alerts" were so old by the time I got an email from the service that it was ridiculous. Usually the alerts came out about a month after the incidents they referred to. It was useless - a lot of damage can happen in a month! So I froze my credit. That works every time and it prevents the problem rather than just telling you about it later.

I received a letter from the good ole state of Ohio for their complete disregard for securing our data. I was given the option to sign up for a free one-year credit alert. In that same paper, all, I had to do was fill out all of my private information and send it in to them...COME ON PEOPLE!!!!!! You failed to protect my information initially. Now I have to provide all of the information that any identity theft would want and blindly send it in to some organization (address) that I know nothing about. How do I know whether or not the letter sent to me as well isn't an additional scam...the lost data was broadcast all over the news. You must think we are all a bunch of idiots. If you really wanted to protect our information and provide this free service, then take the information that you know was stolen and provide it directly to the credit security organization on your behalf and notify the individuals that their information was stolen and that you automatically provided a credit check service on the individuals behalf. Thus, 100% everyone is protected...and you are still held liable and responsible for the information that you lost and provided to the credit check security organization. AND, I'm not left throwing it away with the belief that it is just another I.D. scam. WHAT MORON WOULD PROVIDE THEIR SECURITY INFORMATION TO A BLIND, UNSOLICITED MAILING??????

The reason no one responds is because there is no motivation to. I mean really, what happens if someone steals all your credit card info and maxes all your cards out. You make a call and you dont have to pay for any of the charges. The credit card companies are the ones on the hook for the fraudulent charges not the consumer. The only thing the consumer is out is time and hassle to get new cards. So if the company loses your data to theft, who cares they have to pick up the tab anyway for the fraudulent charges.

A couple of years ago, I received notices from two different collection agencies (for a cell phone account and a land line account which I never opened) and then my purse was stolen. I paid the three credit reporting agencies a nominal fee to put a permanent freeze on my reports. I will have to pay again to "unlock" my credit reports if I need to apply for credit, but I have greater peace of mind and fewer credit card offers.

The answer; Pay off your account then close it and ask for written verification that it has indeed been closed out. And then write the and demand that any previously saved data on you be deleted from their data base and any other place your personal data was forwarded to. If they refuse to respond to your demand, call me I'll torch them out. Yes it's a violent solution to the problem but if you leave to your elected reps you'll be dead before any action is ever taken. The power of the people is the power of the people.

Those who lost the information, should be required to pay for Credit Monitoring as part of the stipulation. Maybe then they will treat our information as something important. Not just for a 3 month period but for one year, and mandated by Federal Govt. Maybe Congress will finally do something besides screw with our Health care.

Lets see....there are no regulations regarding the maintenance of confidential personal data that sets a penalty for the loss of this data? The industry response is to blame the consumer? Another example of the financial industry's arrogant attitude toward consumers. Congress has got to enact a broad range of consumer protection laws that will keep the banking and corporate leaders from their unrestrained fleecing of US citizens!!

The companies have outsourced billing and fulfillment to Asia or who knows where. The local nationals can get more money than they ever saw in their lives for handing over data. Ever watch "Catch Me If You Can?" That was an amateur effort compared to what some dude in Mumbai can pull.

Credit card companies also send out "checks" in the mail with all of your card info. to use as cash from your card account. Some people throw these away rather than shred them not thinking about those criminals willing to go through your garbage to retrieve this CASH! Shred shred shred and if in doubt, shred shred shred.

The bigger issue is once you find out that you are a victom, what do you do about it? How many hours are you willing to spend disputing the charges? As far as freezing your accounts, understand that it also freezes you from opening new accounts as well. Everyone is in someone's data base, from the schools that you attened to the jobs that you have, doctors that you have seen.
Medical ID theft is getting to be a serious issue, that is and can be life threatining. This will not just "go away" over time, it will flair up, again and again, when you least expect it.

I have a CREDIT FREEZE and it is a one time $10 fee for each of the three credit bureaus. Never been a victim of ID theft and recommend everyone put a FREEZE on their credit. Just contact the credit bureau and its a simple process. You may lift the freeze at your convenience for $10 and for however long you choose (i.e. 1 or 30 days)

Seems to me that rather than just allowing organizations to simply send a condolence letter to their exposed customers the law should hold them responsibe for any damages that their customers suffer as a result.

A few class action suits along this vein would then most likely revolutionize the data security of this sensitive information.

I've received a number of these letters with no fraud to follow. And yet, just recently, my wife had her cc info stolen, and we haven't figured out the source, but she hasn't received such a letter.

The entire system is a mess with no easy fix. Suffice it to say, there are any number of ways to have your ID stolen, and I'm not sure those letters (when you do receive them) are doing a damn bit of good.

I am convinced that these sensitive information are not "lost," but rather are sold. What we need are more protection to prevent companies from sharing or selling our information. We are no up for sale?

AFTER DATA LOSS, ID THEFT RISK SOARS

Brilliant deduction!

my brother signed up for one of these credit monitoring services, with the automatic enrollment. Now the problem is he cant cancel it no one picks up the phone at the service

Thanks for the alert. I think part of the real heart of this problem is that the public is often cynical of the various ominous sounding letters we get - and true, some of them are clearly out there drumming up business for some outfit which we often can't be assured isn't some other hacker seeking to get our information.
Haven't we all gotten the scary emails from our internet provider/bank/you-name-it telling us that they are updating/tightening the "security" of their operation and that we MUST provide our ID, Login (Password), SSN, other or our account will be closed to us? Yeah, right! I've sent several of these phishes to the source company (internet provider & bank) to alert them to the scam. Many are getting cynical - the others may be just tuning out/being lazy. So, what's the solution?

The last time I took up a "free" offer from the credit card comapany on a theft control product, I was automatically enrolled and charged at the end of the offer. I will not accept free offers anymore. It's a hassle and it's up to you to remember to cancel. So it doesn't surprise me one bit that people turn down these offers of free credit monitoring services. Information Technology has made life easier in many ways but it has also put users and businesses at tremendous risk. There's a fortune to be made in securing network transactions. The effort, time and money we spend to protect ourselves from the scammers is mind-boggling.

I got a Dear John letter that my Chase credit card was compromised. Within a couple of months I received items and was billed for them from Video Professor and something call Friend Finder.

I recommend that if you get one of these letters from your credit card company, then immediately cancel the card and/or ask them to issue a new card with a different card number. The company can also take the charges off your bill.

I guess I am one of small percentage of the people who take advantage of the free credit monitoring. I received a letter from one of the companines I have done business with, telling me of a breach of their credit files. I IMMEDIATELY TOOK ADVANTAGE OF THE OFFER of FREE CREDIT MONITORING.

It has been several months now, and I get a notification every time anyone does an inquiry on my credit history. Each time I get a report, I immediately go online and find out the details of who inquired and why.

The company who wrote me the letter did a pretty good job of telling me what happened and provided all the necessary information to enroll in the FREE (one year) credit monitoring program.

They don't need to monitor the consumer as much as they need to monitor the credit card companies. They send new cards out like it is a recycle bin. They send so much that it appears to be junk. They do anythng to slick you into an additional card they can.
just become more selective on their end. quit sending so much junk.
Allen JOhnson

If the company (that lost the information) is able to offer a marketing ploy (by the credit reporting industry) as recompense, it makes me wonder if losing information is profitable.

Fraud Alerts only provide a form of assurance that official users of the credit agancies will perform due dilligance, but does not assure the consumer that it will be done. What is need to be requested of the credit agancy(s) is to put a FREEZE on your account, this requires any one that wants access to your account to gain your (the consumer) authorization to access YOUR information. And it is FREE as you are already a vitim of ID Theft.

Most people are resigned to the fact that nothing is private anymore. We live in a time when every click on a web page is monitored and collated as marketing data. Every item we purchase in a store is sent to some retail database that peeks over our shoulders to see what we buy, when we buy, and how often we buy. Even the drive to Grandma's for Thanksgiving is monitored by traffic-cams. Identity theft? Just another bump on the highway we call life.

I'm sorry, but how hard is it to connect the dots when less than 12 months before you received this 'junk mail' known as a Dear John letter? People need the answer shoved in their face these days or they're just too lazy to play detective.

I want a law passed that prevents stores from saving my credit card number. What do the need it for? Process my order and then throw it away. I was very surprised when I purchased something a year later at Amazon.com to find that they still had my credit card number. There's no reason for this.

Legitimate question, if nearly half of all consumers have recieved one. Is it possible that there are other confounding factors that have protected the half that didn't, rather than caused the half that did to be at greater risk? (i.e. is it possible the baseline risk is higher than we assumed and those that haven't recieved letters just have less information to be lost, which would also correlate to less available exploitation points for would be ID thieves.) Perhaps it's a high proportion of people who spend less time on the net (and therefore put less information out there in the first place.)