"Break a leg" is a well-worn good-luck term extended to actors on the eve of a play's opening. But if a new survey on ID theft is any indication, "break a life" might be more apt tidings for those sitting in the audience.
This year Infosecurity Europe took to London's theater district to ask people about their theater-going habits and attitudes. In exchange for answering some questions, they'd be entered into a drawing for tickets to an upcoming show. At the end of all the three-minute surveys, the trade show employees had enough personal information from 92% of the 200 interviewed to steal their identities. Some even divulged their private data after becoming aware the information could be used to drain online bank accounts.
"The results of the survey are disturbing, to say the least," noted Detective Inspector Chris Simpson, who heads Scotland Yard's Computer Crime Unit, in a statement issued
Would people in the United States fall for such a trick? No doubt awareness that thieves can steal online identities has grown in recent months with the widely publicized security breaches at ChoicePoint and Lexis-Nexis, which together have left some 175,000 consumers at risk. Various college campuses across the country also have been compromised. Bank of America's in trouble, too, for losing unencrypted computer disks containing credit card information for 1.2 million federal employees.
Those incidents have put a lot of political pressure on the custodians of that information, prompting last week's new rulings that will require thousands of financial institutions to tell customers of any serious breach that puts their identities at risk. Those companies also now must turn over details to law enforcement and one of four regulatory agencies included in the laws, including the Federal Deposit Insurance Corp. under which most banks fall. The Federal Reserve, Office of the Comptroller of the Currency and Office of Thrift Supervision round out the list.
But that addresses only half the problem with the ID theft epidemic. Both consumers and enterprises should view this latest survey as a wake-up call that attacks need
As the London theater experiment clearly shows, thieves need not use malware to snatch secret information within computing systems. All they need is a mouth.