back to article Kaiser Permanente breach leads to ID theft

Kaiser Permanente has admitted a breach of its employee records systems has resulted in incidents of identity theft. The breach came to light after police arrested an unnamed suspect, found in possession of a computer file containing personal details of the US health care provider. The file contained information such as employee …


This topic is closed for new posts.

Credit monitoring is a waste

We need to come up with laws to properly punish companies for "losing" employee or customer data. Credit monitoring will do literally nothing to restore the credit of those who become victims of identity theft. Nor will it give them back the time and money they have to give to clean up the situation. And since you're given a social security number at birth and keep it for life (much like biometrics), there's really nothing you can do to prevent the same ID thief from assuming your identity again once you restore your credit (assuming the credit bureaus will even talk to you and help/allow you to restore your credit in the first place). Since you can't change your social security number or your date of birth, the only thing you might be able to do is legally change your name, and then deal with all the hassles that causes. All because a large for-profit company didn't care enough about protecting the information it stored about you.

Credit monitoring is just as useful as on-demand antivirus with no realtime component. Sure, it'll tell you once you become a victim, but it won't prevent it from happening. What we need is something to prevent ID theft in the first place. And using information that cannot be changed when (not if, but when) it is compromised, such as biometrics, is not the answer.

Silver badge
Black Helicopters

A year isn't long enough...

Crooks can wait a year or more to use stolen ID information.

If you think about the data that they are stealing, that data doesn't go stale within a year, or for the most part even 5 years.

So its a cheap way of creating a false sense of security.

IMHO, credit bureaus should maintain a database of compromised ids so that if someone attempts to use data from a heist 1+ years ago, it would be easier to track down the place of theft.

I know that if I were a thief, I'd steal the ids, wait 2+ years and then start using the pilfered data, mixing it in with data that I got from other sites. This would make it harder to track down the breach.

Black chopper cause I've said too much.

Bronze badge

@chris C

Yes you can change your SS# . They make it hard as hell though..

This topic is closed for new posts.