Protecting our personal information

August 28, 2007 11:00 pm

Technology is great, until someone extracts your name and Social Security number from a hard drive that's smaller than a pack of bubble gum and then applies for a credit card in your name and then uses the card to book a two-week cruise in the tropics.

A cruise you know nothing about until the bill arrives, leaving you to ponder how it is that you misplaced two weeks — and two weeks in Tahiti, at that.

We're talking about identity theft, and it seems that the same technological advances that make it easy to haul around gigabytes of data also make it easier for people to steal the stuff.

Earlier this month, for instance, a male juvenile from Idaho allegedly stole a laptop computer and thumb drive from a car that belongs to a soldier from the U.S. Army National Guard. The thumb drive contained names, addresses, birth dates and Social Security numbers from every National Guard soldier in Idaho — about 3,400 people.

Although National Guard officials don't know whether the alleged thief, or anyone else, accessed any of the soldiers' personal data, there are plenty of similar situations in which identity thieves not only got the information, but used it.

The Idaho National Guard, according to a story from The Associated Press, is "reviewing all its processes for handling sensitive personal information."

That's wise. We hope other holders of such information take similar precautions, if they haven't already. We suspect many people haven't pondered just how many potential places identity thieves can plunder — your employer, your doctor(s), your bank.

Laptop computers and diminutive hard drives and the like are wondrous inventions that make it possible not only to store vast amounts of information in tiny machines, but to move that information. It's quite common, in some professions, for employees to take computers and other devices home so they can, say, work in their pajamas.

But the instant that information leaves a building, the data become much more vulnerable to thieves. It's far simpler, after all, to bust a car window and dash off with a thumb drive than it is to hack into a mainframe computer that's equipped with a variety of clever digital impediments.

The simplest and most effective solution, of course, is to not store sensitive data on portable devices. But businesses and government agencies that do so ought to make sure the data is encrypted or otherwise protected against identity thieves.