The steady stream of data breaches that started with ChoicePoint Inc. in February 2005 has left more than 88 million Americans at risk for identity fraud, according to a list tallied by the Privacy Rights Clearinghouse (PRC).
The latest incidents, which have not yet made it onto the PRC's list, involve Foster City, Calif.-based Visa USA Inc. and Atlanta, Ga.-based Equifax Inc.
Tuesday both companies acknowledged security breaches. Visa said that an ATM security breakdown may have exposed data on an undisclosed number of customers. The breach dates back to February, when Visa began notifying banks of a security issue affecting a contractor that processes ATM transactions, according to published reports. Visa publicly acknowledged the breach after Charlotte, N.C.-based Wachovia Bank N.A. decided to replace an untold number of debit cards issued to its customers, prompting a wave of media inquiries.
Separately, Equifax -- one of the three major U.S. credit reporting bureaus -- acknowledged that a laptop computer containing employee names and Social Security numbers was stolen from a worker traveling on a train near London. Company spokesman David Rubinger told the Reuters news agency that the May 29 theft affects nearly all of the company's 2,500 U.S. employees, aside from those hired in roughly the last two months. Personal data belonging to millions of consumers who obtain credit scores from Equifax was not compromised, Rubinger said, adding that it would be difficult for would-be thieves to decipher the data or determine that it included Social Security numbers in the first place. The employee responsible for the laptop was disciplined, but Rubinger wouldn't describe the punishment or release the employee's name.
The rate of data breaches has intensified since mid-May, when the U.S. Department of Veterans Affairs (VA) confirmed that records for every veteran discharged from the military since 1975 were stolen from the home of an agency employee. The VA later revealed that the breach also put active duty personnel at risk for identity fraud.
According to the list on the PRC Web site, the most recent security breaches involve: