Is Identity Theft Unstoppable?

June 30 , 2005 in Industry News

By Tom Costello
NBC News

Updated: 7:34 p.m. ET June 30, 2005 – WASHINGTON:

Some 50 million identities have been compromised or stolen in the last six months alone. It’s an infuriating, never-ending battle against determined hackers and identity thieves who are constantly probing for our names, dates of birth, credit cards, Social Security numbers, bank accounts, pin numbers and passwords.

It’s enough to provoke police in Springfield, Ore., to make a sobering admission.

“We can’t protect you,” says Detective Robert Conrad. “We can’t protect your identity. We’re left with picking up the pieces after it’s been stolen.”

Oregon’s answer: A multi-jurisdictional task force led by Assistant U.S. Attorney Sean Hoar that has recovered dozens of forged IDs, checks, bank statements and a treasure trove of high-tech tools used by identity thieves — some of whom used couriers to carry and encrypt personal data. But overall, they were small players.

“Those who do it enough, they ultimately get careless or enough of their product hits the public domain and we find out about it,” says Hoar. “The more sophisticated ID thieves often don’t get on our radar.”

Prosecutors and privacy experts say that what America needs is a coordinated national strategy. While 15 states require companies to tell consumers if their data has been compromised, there’s still no national law.

“If this were an illness, Congress and the United States would be calling for an all-out war on this illness, because it would be critical for the American people,” says Rob Douglas, who runs the Web site

The issue is gaining momentum, with several bipartisan proposals aimed at restricting the use of Social Security numbers and creating a new cyber-security center. The latest bill would require companies that collect data to tighten controls and tell customers how that information is used.

“I don’t want to know my info is being sold in some chat room in Eastern Europe because some company handled it improperly,” says Sen. Patrick Leahy, D-Vt.

But many financial institutions — some of the very institutions that prosecutors say have failed to do even basic double-checking — oppose new laws, promising instead better self-regulation.

“What we found is that a lot of entities don’t actually cross-check the names or dates of birth associated with Social Security numbers,” says Conrad.

Now, with the victims’ list growing every day, Congress may soon decide it will act.