Shredding sensitive documents - another precaution to avoid identity theft

Posted by Caitlin on June 19th, 2008

Thanks for visiting the NextAdvisor Daily blog. You may want to subscribe to our RSS feed.

If you are concerned about the risk of identity theft, hopefully you have already invested in an identity theft protection service such as LifeLock or Identity Guard. But if you are really serious about protecting yourself from identity theft, there are more steps you can take. As we reminded you yesterday, you should avoid revealing personal information about yourself on MySpace, Facebook, or other social networking sites. (Or anywhere else on the Internet, for that matter.)

Another important precaution you should take is to shred a any sensitive documents before discarding them. This article at IdentityTheftFixes.com advises readers about how to select the right shredder for your needs. Main considerations in selecting a shredder should be:

• Safety: Some shredders have safety sensors, and some do not. If you and your family enjoy having fingers, buy one that does.
• Confetti cut: Shredders that cross cut or confetti cut are more expensive, but they are much more effective at preventing identity theft than cheaper shredders that cut paper into strips which could easily be taped back together.
• Ability to cut through plastic: Many shredders can now shred CDs and credit cards, which is very useful, since CDs can also contain sensitive information, and unwanted or expired credit cards should always be thoroughly destroyed they are thrown away.
• Price: Shredders can range from $20 to over $1000. IdentityTheftFixes.com recommends that you plan to spend at least $50, since anything cheaper is probably not going to have the quality or longevity that you need.

Once you have a shredder, it will be faster and easier to shred credit card offers and other junk mail. You should also be sure to shred any CDs or DVDs that may contain sensitive or personal information, expired forms of identification such as old drivers licenses or passports, any document with a social security number, credit card number, or other identifying information, old medical records and even documents that may contain sensitive personal information about your children. (It is easy to forget that children can also have their identities stolen - see our Child Identity Theft Protection Guide for more information.)

To learn more about identity theft protection services, visit our identity theft protection service guide.

• How to steal Colin Powell’s identity
• Facebook moves to protect users in partnership with 49 states
• WalletLock takes the worry out of losing your wallet
• How to report a fake profile page on Facebook
• Your new Facebook friend just stole your identity

MySpace Identity Theft Protection Guide

Posted by Caitlin on June 18th, 2008

Our Facebook Identity Theft Protection Guide provides six tips to prevent Facebook users from being victimized by identity theft. These six tips concentrate on two areas in which users can be proactive in protecting their identity and personal information: limiting the amount of personal information available and restricting your Facebook profile to people you know and trust. Many of these tips are also applicable when using MySpace, but there are some significant differences between various social networking sites. While Facebook is primarily geared toward one on one interaction with people you know in real life, MySpace is more frequently used to establish a larger and more public online presence and facilitate contact with large groups of people. While we still recommend that users only accept friend requests from people they know, we realize that this is not necessarily realistic. If you do choose to make your MySpace profile visible to strangers, we strongly encourage you to be extremely careful when publishing any information about yourself. Presumably, you would not walk around in public wearing a t-shirt printed with your birthday, phone number and address. So use the same discretion on MySpace.

Tip #1: Decide how public you want your MySpace profile to be, and select your privacy settings accordingly.

MySpace does offer some privacy settings, although they are not nearly as comprehensive as the privacy settings on Facebook. You can access these settings by clicking on the “My Account” link near the upper right hand corner of any page on the MySpace website. From the “My Account” page, click the “Privacy” link. This will take you to the “General Privacy” page, where there are six options for restricting your visibility.

Online Now: Whether you choose to show people when you are online is up to you, but bear in mind that the more “time and place” data that you expose, the easier it will be for people to determine what your daily routine is like. That knowledge could be used to victimize you. (See Tip #3.)

Birthday: This is an important piece of personal information that can potentially be used by identity thieves. It is safest not to make it visible, particularly if you accept friend requests from strangers.

Profile Viewable By: Who you allow to view your profile is a very important decision, as it should determine how much information you decide to publish. If you choose to make your profile visible to everyone, or everyone 18 and over, you should treat it like a personal website and keep personal information to an absolute minimum. If you choose to make your profile only viewable by your friends, and only accept friend requests from people you know, then you can basically follow the six Facebook security tips.

Photos: It is almost never a good idea to encourage the circulation of personal pictures on the Internet. We suggest that you uncheck this option.

Block Users By Age: This is at your discretion, although you should seriously consider preventing users under 18 from contacting you if you are a teacher or work in some other profession where you are a figure of authority for minors. Also, bear in mind that many users’ MySpace profiles do not reflect their actual age.

Block Users: While this may be a useful feature for you, it will not really help protect you from identity thieves, since you can’t possibly know who they are ahead of time.

Tip #2: Limit the amount of personal information available on your MySpace profile.

If you do choose to make your MySpace profile visible only to your friends, and only accept friend requests from people you know, then the six Facebook security tips apply here as well. Many MySpace users, however, either make their profile visible to everyone, or accept friend requests from strangers, or both. If your profile is visible to strangers, you should be especially careful when publishing any information about yourself.

Exposing your full name, date of birth, phone number, email address, or home address to the general public is extremely foolish. Revealing personal information about your spouse or significant other can put you both at risk of having your identities stolen.

Identity thieves can use your phone number and home address to submit a change of address form with the United States Postal Service and have your mail forwarded, allowing the thief to gain access to financial or other sensitive information that would allow them to open a credit card or other accounts in your name. They might also use contextual information in your profile to deduce what your user names and passwords could be for various accounts, and hack into these online accounts with this information.

Our recommendation is to limit the amount of information available on your MySpace profile. Specifically:

• Do not list your full date of birth, phone number, or home address on your MySpace profile.
• Limit the amount of contextual password clues on your profile pages. Identity thieves know that many people use personal information, such as birthdays, a spouse or significant other’s birthday or name, anniversary dates, mother’s maiden name or pet’s name as password on their personal account. It is also a good idea to refrain from using personal information in your online passwords, as this makes your personal accounts much more vulnerable to being hacked.

Tip #3: Limit the amount of “time and place” data that you expose through MySpace.

MySpace users often publish information about their schedule and whereabouts on their profile, or in MySpace’s forums. Information about the exact location of your home, school, or office, as well as information about your immediate or upcoming plans can help criminals victimize you in a number of ways. Personal photographs can be even more revealing, since any number of seemingly insignificant details could be used to uncover information about your whereabouts or daily routine.

By revealing when you will be away from your home, even indirectly or unintentionally, you put yourself at risk. Criminals can use this information to determine when your home may be most susceptible to a burglary, which could open you up to any number of forms of identity theft or worse.

Tip #4: Remember that even people you know can be identity thieves.

Even if you do make your MySpace profile visible to only your friends, and only accept friendship requests from people you know, you should still be very cautious when revealing personal information online. Several recent studies show that a significant number of identity theft victims know the person that victimized them.

According to Javelin Research, 17% of identity theft crimes are perpetrated by people that the victim knows, such as friends or family members. The credit bureau Experian found that 55% of identity thefts perpetrated against children were committed by someone the victim knew.

Even if you believe that all your MySpace friends are people you know and trust, we strongly recommend that you still follow all of these security tips to avoid falling victim to MySpace identity theft.

Tip #5: Read and follow the safety tips provided by MySpace.

MySpace recently added an extensive section to the website dealing with safety. You can access this section by clicking on the “Safety Tips” link at the bottom of any page on the MySpace website. These safety recommendations are mainly directed at teenagers and their parents, but there is other information that should be helpful and valuable to any user.

Tip #6: Consider an identity theft protection service.

Identity theft, whether online or in the real world, is a real and growing threat. We recommend that all consumers consider using a proactive identity theft protection service to protect their identities. Two such services that we have reviewed and recommend are Identity Guard and LifeLock.

Each identity theft protection service is different, but most will:

• Set fraud alerts with the 3 major credit bureaus so that new accounts cannot be opened in your name without your knowledge.
• Provide you with identity theft insurance that will reimburse you on costs and expenses you incur as a result of being victimized.
• Provide you with copies of your credit report.

You can learn more about the various benefits of identity theft protection services and learn more about the specific services we have reviewed by visiting our identity theft protection service guide and comparison.

While social networks like MySpace can be fun and productive services, it is important for users to be aware of the risks that they pose. We believe that taking proactive steps to protect your identity on MySpace will only improve the amount of enjoyment you can get out of the service.

• How to report a fake profile page on Facebook
• Facebook moves to protect users in partnership with 49 states
• Your new Facebook friend just stole your identity
• Facebook Identity Theft Protection Guide: 6 tips to protect your identity on Facebook
• Facebook phishing scams increase risk of identity theft on the popular social network

Identity Theft Shield from Kroll and Pre-Paid Legal Review

Posted by Joe on June 18th, 2008

We receive dozens of emails each month asking for our opinion on Identity Theft Shield, an identity theft protection service created by Kroll, Inc and distributed by thousands of independent representatives of the network marketing firm Pre-Paid Legal Services, Inc. We have reviewed Identity Theft Shield and found that it offers solid identity theft recovery support for victims but takes no steps to protect their subscribers from having their identities stolen in the first place.

Identity Theft Shield offers single bureau credit report monitoring of your Experian credit file for $9.95 per month which also includes a free Experian credit report and score at sign up. Experian is the largest of the three credit bureaus and will likely reflect most major changes to your credit report, but we believe that three bureau credit monitoring is a better option since it eliminates the risk that a potentially fraudulent account or entry may not show up on your Experian credit report but end up on one of the other two bureau files in your name. Identity Theft Shield also offers a Gold package which includes credit report monitoring of all three bureaus, including Experian, Equifax and TransUnion, for $12.95. The Gold package also includes a credit report from each of the three credit bureaus at sign up.

Credit report monitoring is a good tool to help identify inconsistencies in your credit report which could be caused by identity thieves, but it doesn’t prevent identity theft in any way. Other services we have reviewed, such as LifeLock, Identity Guard, Identity Truth and Trusted ID, take proactive measures to prevent identity theft crimes from being perpetrated against their subscribers. Identity Theft Shield, on the other hand, offers no tools that actually prevent identity theft.

Identity Theft Shield does offer extensive recovery services to their subscribers if they are the unfortunate victims of identity theft. Identity Theft Shield sets fraud alerts and sends notifications to all applicable government agencies and financial institutions on behalf of the victimized subscriber. They also monitor an extensive list of public and private databases in an effort to identify any misuse of a subscriber’s personal information. Identity Theft Shield’s recovery services also help reduce some out-of-pocket expenses and their fraud resolution specialists are able to handle much of the heavy lifting when it comes to recovering a stolen identity.

Setting fraud alerts and proactively searching national databases for suspicious activity are both great services for victims, but they are also extremely effective in preventing and identifying potential identity theft crimes. In fact, many of the other services we have reviewed offer these tools to all subscribers as preventative measures rather than after a crime has already been committed as identity Theft Shield does.

The lack of proactive identity theft prevention measures is the biggest downside to the Identity Theft Shield service. We do believe that it is a good service for victims, but many of the solutions they offer to help recover a stolen identity are used by other identity theft protection services to actually prevent identity theft in the first place.

We would suggest LifeLock or Identity Guard over Identity Theft Shield for most consumers. Both services received five stars on our comparison of identity theft protection services and, in our opinion, both deliver more extensive levels of service than Identity Theft Shield.

LifeLock offers proactive identity theft protection by setting fraud alerts on your credit file, monitoring the Internet for unauthorized use of your personal information and alerting you if anyone attempts to reroute your postal mail in an attempt to gain access to sensitive correspondence such as financial records. They also provide a fairly extensive service guarantee which will cover most costs and all the heavy lifting related to recovering your identity if it is stolen while you are a LifeLock member. This guarantee does have its limitations, which we have previously analyzed, but overall we feel that LifeLock is a more complete identity theft protection solution than Identity Theft Shield.

Identity Guard is another option, particularly if credit report monitoring is important to you. They provide 24/7 credit report monitoring of all three credit bureaus and quarterly access to your credit report from Experian, Equifax and TransUnion. Identity Guard also offers a series of advanced tools which help prevent and/or identify any unauthorized uses of your personal information. Plus, Identity Guard offers a $20,000 insurance policy which covers many costs in the case you that a subscriber fails victim to identity theft.

You can sign up for LifeLock and Identity Guard online or over the phone and both services offer a 30 day free trial of their product. Identity Theft Shield does not offer a free trial and can only be purchased by contacting a Pre-Paid Legal independent sales representative.

Please visit our identity theft protection service comparison to learn more about these identity theft protection services.

• Kroll Identity Theft Shield identity theft protection service review
• Data Breach Alert: Blue-Cross notifies thousands of of identity theft concerns
• Identity Guard provides extensive identity theft protection and detection
• NextAdvisor reviews Identity Truth
• Reader Question: Are credit bureau fraud alerts still available?

NextAdvisor.com Fraud Alert and Credit Freeze Guide

Posted by Joe on May 6th, 2008

Fraud alerts and credit freezes are effective tools in preventing some forms of identity theft. However, many consumers don’t understand the differences between the two or how to go about setting up a fraud alert or credit freeze on their credit file.

We have compiled detailed information about both fraud alerts and credit freezes below as part of our ongoing attempt to educate consumers on the best ways to help protect themselves from the ongoing risk of identity theft.

Fraud Alerts

Fraud alerts are annotations in a credit report that let potential lenders know they should take additional action to confirm your identity before issuing credit in your name. There are two types of fraud alerts:

1) Initial Fraud Alert. An initial fraud alert is meant to be a temporary marker on your credit file and lasts for 90 days from the time you set the alert. When a lender runs your credit report and sees that there is a fraud alert in place they are legally obligated to use “reasonable policies and procedures” to verify that the person applying for credit in your name is actually you.

Initial fraud alerts are a good option for consumers that believe they are at risk for what is called new account fraud. This is where a criminal uses your personal information to sign up for new financial accounts such as credit cards, bank accounts, cell phone providers or any other service that may pull a credit report and extend you some for of credit.

Keep in mind, however, initial fraud alerts provide little or no protection for other forms of identity theft. For example, an initial fraud alert will not prevent an identity thief from accessing your existing financial accounts and making unauthorized charges or liquidating your financial accounts. We point this out because some experts point to initial fraud alerts as a magic bullet for preventing identity theft which may give some consumers a false sense of security. If you believe that your existing accounts may be at risk for identity theft then it is a good idea to contact the institutions with which you maintain accounts directly and let them know of the risk. Some of the identity theft protection services we have reviewed will also assist in notifying your bank, credit card company or other institutions on your behalf.

Setting an initial fraud alert requires contacting one of the three credit bureaus and requesting the fraud alert be set. Technically you only need to set the fraud alert with only one of the three major credit bureaus, including Equifax, Experian or TransUnion. However, if you believe you may be at risk for identity theft or simply want an extra level of identity theft protection from new account fraud, we suggest setting fraud alerts with all three bureaus by using the contact information below.

Equifax
1-800-525-6285
www.equifax.com
P.O. Box 740241
Atlanta, GA 30374-0241

Experian
1-888-EXPERIAN (397-3742)
www.experian.com
P.O. Box 9532
Allen, TX 75013

TransUnion
1-800-680-7289
www.transunion.com
Fraud Victim Assistance Division
P.O. Box 6790
Fullerton, CA 92834-6790

Initial fraud alerts are free to set and can be renewed every 90 days. LifeLock, one of the identity theft protection services we have reviewed in our identity theft protection service comparison, protects and renews initial fraud alerts for their subscribers. The do-it-yourselfer may be fine with setting and keeping up with initial fraud alert renewals, but if you believe that the process may be cumbersome or you may not have the time to do so then LifeLock may be a good option for you.

2) Extended Fraud Alert. While an initial fraud alert stays active for a relatively short 90 days, an extended fraud alert stays on your credit report for seven years. Additionally, if you have an extended fraud alert on your credit file a potential lender is required to actually contact you or meet with you face to face to verify your identity before providing credit in your name.

In order to qualify for an extended fraud alert you typically need to demonstrate that there is a high likelihood that you have or will be victimized by identity theft. This typically means showing inconsistencies in your credit report or other evidence that you are at risk of being victimized. As such, setting an extended fraud alert is slightly more complex than setting an initial fraud alert.

The first step in setting an extended fraud alert is filing an Identity Theft Complaint with both the Federal Trade Commission (FTC) and your local law enforcement agency. The FTC has an online Identity Theft Complaint Form which can be submitted securely over the Internet and then printed out so that it can be provided to your local law enforcement agency.

Take the Identity Theft Complaint to your local police or other law enforcement agency to file a report. In addition to your completed complaint you will also need to provide your local authorities with a government issued photo id (such as driver’s license or id card), something with your name and mailing address on it that will establish your residency (such as a utility bill, pay stub or rental agreement), a copy of your credit report(s) that shows the inaccuracies you believe may have been caused by identity thieves and any other supporting documentation including information on the identity thief if available.

Your local law enforcement agency will review your information and, if warranted, provide you with a copy of the official police report. make sure this report includes or is attached to your Identity Theft Complaint.

Once you have received the official police report of your identity theft incident your are ready to move on to the next step of setting an extended fraud alert which is notifying the three major credit bureaus. Send a copy of your police report, Identity Theft Complaint, any supporting documentation and a brief cover letter requesting that an extended fraud alert be set on your credit report. You can mail the information to each of the credit bureaus using the addresses below. You can also call them or visit their website if you have any questions on how to proceed.

Equifax
1-800-525-6285
www.equifax.com
P.O. Box 740241
Atlanta, GA 30374-0241

Experian
1-888-EXPERIAN (397-3742)
www.experian.com
P.O. Box 9532
Allen, TX 75013

TransUnion
1-800-680-7289
www.transunion.com
Fraud Victim Assistance Division
P.O. Box 6790
Fullerton, CA 92834-6790

Once you have sent your extended fraud alert request and documentation to the three major credit bureaus they will review the information and notify you to either let you know that an extend fraud alert has been set or to request any additional information. The FTC also strongly suggests that you send your identity theft related documentation to the fraud departments of any of the companies where you hold accounts, or where accounts have been opened in your name, that you believe have been impacted or may be impacted as a result of your suspected identity theft crime.

The process for contacting each of these companies will vary. It is best to contact their customer support department to get more information on how to contact their fraud prevention team.

Once an extended fraud alert is set it will be active on your credit report for seven years. It is possible to remove an extended fraud alert before it expires by making a written request to each of the three credit bureaus.

Given the time and effort required to set an extended fraud alert, we only suggest that consumers who have seen specific inconsistencies in their credit report or other proof that they are at imminent risk for identity theft opt to set them up. Consumers that feel their is a potential risk because they have been part of a data breach, for example, or are just looking for an additional layer of preventative protection would be better off using an initial fraud alert. Initial fraud alerts can be set by the individual or by using an identity theft protection service such as LifeLock.

Credit Freezes

Credit freezes lock down your credit report so that only you or any companies where you have a pre-existing relationship may have access it. No new lenders will be able to access your credit file at while a credit freeze is in place. This means that even if you attempt to legitimately apply for credit in your name with a new lender they will not be able to access your credit information. It is possible, for an additional fee, to temporarily remove a credit freeze if you need to allow a new lender to access your credit report for any reason.

Credit freezes are extremely effective tools in preventing the new account fraud type of identity theft since they essentially take your credit report “off the market”. They are also a good tool for the elderly or other people that don’t anticipate any need for new credit in the foreseeable future since credit freezes eliminate the risk of new accounts being opened fraudulently. Like fraud alerts, however, credit freezes are only effective at preventing account fraud and do little or nothing to prevent identity theft perpetrated against existing accounts or accounts where a credit file is not used to issue credit (this is the case with some utility or cell phone accounts).

The process of setting a credit freeze varies greatly from state to state. For example, most states allow anyone to set a credit freeze while others require that a consumer be able to prove they are at risk for identity theft before they can be set. Consumer Reports offers and excellent guide to the credit freeze laws by state which includes information on how to set freezes. You can view that guide here.

Generally, setting a credit freeze requires contacting the three major credit bureaus, Experian, Equifax and TransUnion, and paying a fee to each of about $10. The credit freeze will remain in effect until it is either temporarily lifted or removed. If you set a credit freeze and want to temporarily remove it you will have to make a request to each of the three credit bureaus and pay an additional fee to each to have the freeze lifted. You must then contact each of the credit bureaus in order to have it reset. A credit freeze may be permanently removed by making a request with each of the three credit bureaus.

TrustedID, one of the identity theft protection services we have reviewed, is the only service we have found which allows consumers to set credit freezes with all three credit bureaus over the Internet. As a subscriber to the TrustedID service, you may set and manage your credit freezes through your TrustedID account. We see this as a major benefit and convenience for any consumer that feels a credit freeze is right for them.

Credit freezes are really only realistic for consumers that know they are actively being victimized by or in imminent danger of identity theft or for people that have no need for additional credit in the foreseeable future.

Conclusion

If you are at risk for identity theft or a current victim, the choice whether to set an initial fraud alert, extended fraud alert or credit freeze will greatly depend on your personal circumstance.

Initial fraud alerts are a fairly easy to set up and maintain way to get a good layer of protection for new account fraud. They are relatively easy to set up yourself or can be managed by third party identity theft protection services such as LifeLock. While initial fraud alerts will add a layer of additional complexity when you try to legitimately obtain new credit in your name they are unobtrusive enough to be kept in place over long periods of time. Although, admittedly, this is not their intended use.

The credit bureaus would likely prefer that only identity theft victims set initial fraud alerts as there is the potential risk that lenders could stop taking initial fraud alerts as seriously if too many consumers have them set on their credit reports. That being said, it is up to each person to determine whether they feel that they need this type of protection. Some people may believe, given the explosive growth of identity theft in this country, that any consumer could reasonably be at risk for identity theft at any time. LifeLock is an identity theft protection service that sets and manages initial fraud alerts on behalf of their subscribers.

Extended fraud alerts are a more thorough level of protection above initial fraud alerts. They are best suited for those that are either being victimized or have seen inconstancies in their credit report that lead them to believe they may be victimized by new account identity theft. Extended fraud alerts are also a better option than credit freezes for consumers that believe they will have an imminent need to legitimately secure credit from lenders in the future since they don’t completely lock off access to your credit report by enders.

Credit freezes are most effective for those consumers that believe they are currently being victimized or are at risk of new account fraud and don’t believe they will have any need to secure credit from lenders in the foreseeable future. The elderly, many of whom may not need additional credit in the future, are an good example of a population that could benefit from the use of credit freezes. TrustedID is an identity theft protection service that allows consumers to set up and manage credit freezes online.

It is important to reiterate that any of these solutions are only effective in preventing certain types of identity theft including new account fraud. We recommend that consumers educate themselves on the risks of identity theft and identity theft prevention techniques by reading the FTC identity theft prevention website. Additionally, those interested in learning more about identity theft prevention services should read our guide to identity theft protection services.

Finally, don’t forget that identity thieves are increasingly targeting children. Read our guide to Child Identity Theft Protection to learn more about safeguarding your kids from identity thieves.

• Data Breach Alert: Thousands of Dominican University students impacted in secure file breach
• Reader Question: How do I set a fraud alert on my credit report?
• Reader Question: Are credit bureau fraud alerts still available?
• Reader Question: What should I do if I think I have been a victim of identity theft?
• LifeLock receives 5 star rating from NextAdvisor.com

TJ Maxx may have know about identity theft threat two months earlier than reported

Posted by Joe on December 20th, 2007

You may remember the massive data breach by TJX, the parent company of popular retail store TJ Maxx, Bob’s Stores, HomeGoods, Marshalls, and A.J. Wright, last year which exposed thousands of consumers to potential identity theft. The full extent of the breach is still unknow, but new information is coming to light that suggests that TJX may have known about the risk of identity theft several months before they notified the government and consumers.

The company officially released information regarding the data breach at their stores in mid November of 2006. But, an attorney involved with the matter recently mad statements in a court proceeding that TJX may have known about the breach as early as October 3, 2006- two months earlier.

It is hard to know whether or not the claim that TJX knew of the breach nearly two months before information was released to the public are accurate or not, but it definitely underscores the importance of consumers being proactive with identity theft protection.

As always, we strongly suggest that consumers arm themselves with an identity theft protection service such as LifeLock, Identity Guard or TrustedID. Read our in-depth identity theft prevention service reviews and comparisons to learn more.

• TJ Maxx parent company offers 15% off to victims of massive data breach
• TJ Maxx to send follow up fraud alert letters to victims
• Data Breach Alert: Millions at risk for identity theft due to supermarket chain data breach
• Data Breach Alert: Auto parts retailer exposes tens of thousands
• Data Breach Alert: Theft puts 13,000 Pfizer employees at risk

Identity theft finds a new target - your kids!

Posted by Joe on December 19th, 2007

We already know that identity theft is the fastest growing crime in the United States, but what is the fastest growing segment of identity theft vicitims? Kids!

According to the FTC, 5% of the 255,000 victims of identity theft in 2005 where under the age of 18 which is up 40% from 3% in 2003. Most of these cases take place very early on with over half occurring prior to the age of 6 according to the Identity Theft resource Center.

Unfortunately, these cases can be hard to track because children don’t apply for credit or review a credit report to identify suspicious activity. That being said, there are steps that parents can take to lower the risk of their kids becoming victims of identity theft.

First, keep social security cards out of kids hands. In fact, no one in your family at any age should be carrying a social security card. We recommend that you keep all of your families sensitive documents in a home safe, safety deposit box or at least a locked filing cabinent.

Next, keep a look out for any suspicious mail that arrives at your house in your child’s name. If credit card offers, late payment notices or other suspicious items show up, don’t assume they are mistakes. Follow up with the company that sent them to determine the reason they were sent in the first place.

Finally, keep in mind that if your child can be a victim you certainly can as well! Take proactive measures to protect your own identity. We always recommend using a identity theft prevention service like LifeLock or TrustedID to keeps tabs on any suspicious activity. Read our in-depth comparison and reviews of identity theft prevention services to learn more.

• ID theft hits a little too close to home
• 8 tips to protect your children from identity theft
• Data Breach Alert: Eye center patients may see identity theft in their future
• Shop safely this holiday season
• Reader Question: Will my LifeLock or Equifax account also cover my spouse?

25 million identities left unprotected in the UK

Posted by Joe on December 18th, 2007

Over 25 million British citizens have been exposed to potential identity theft in what very likely may be one of the largest single data breaches ever.

Two CDs including names, addresses, bank account information and National Insurance numbers (similar to our Social Security numbers here in the United States) were misplaced by a government employee. While no immediate cases of identity theft have been reported, this information is obviously very sensitive and could cause major problems if it falls into the wrong hands.

The Gartner Group estimates that it could cost over $500 million for banks in the UK to take the precautions needed (such as closing impacted accounts) to prevent further identity theft threats. According to Gartner analyst Avivah Litan, these precautions are important given the sensitivity of the information that was lost:

“The type of data lost could be enormously valuable to identity thieves and other criminals, who could, for example, use stolen account numbers to take over bank accounts. This is why bank account numbers typically sell on the U.S. black market for as much as $400, compared with $5 or less for credit card numbers.”

Could a data breach of this magnitude happen here in the United States? In a word- Yes! Hundreds of thousands of US citizens are left vulnerable to identity theft each year due to these types of data breaches which are typically the result of not following mandated protocols for handling sensitive data.

TrustedID, one of the providers listed in our in-depth identity theft prevention service comparison, tracks these types of breaches closely through their Security Breach Alerts. We encourage you to check it out on their blog.

We strongly believe that the best preventative measure that any consumer can take is to sign up for an identity theft prevention service. We have reviewed all the major providers and compared them head to head as a resource for our readers.

• Data Breach Alert: HSBC loses hundreds of thousands of customer records
• 150,000 social security numbers exposed due to misplaced backup tape
• Identity Truth Launches toll free number for NextAdvisor.com readers
• Is your state putting your identity at risk?
• Is online data storage the secret to eliminating many data breaches?