Identity thieves target troops
By Byron Acohido and Jon Swartz
USA Today
SEATTLE — U.S. military personnel have emerged as prime identity theft targets.
The Department of Defense since the late 1960s has used Social Security numbers for everything from dog tags to chow-line rosters. Now, data thieves and con artists have begun to increasingly target military personnel, data security experts say.
"Thieves know this is the Achilles heel of the system," says Todd Davis, CEO of identity theft detection firm Lifelock.
Data thieves in the past year have grabbed computers containing sensitive data for nearly 30 million active and retired service members from four Veterans Affairs offices. That's a big portion of the more 100 million personal records reported lost or stolen in the United States since 2006, based on a USA Today analysis of data compiled by the Privacy Rights Clearinghouse.
Statistics on financial fraud as a result of these data breaches are hard to pin down, but defense officials acknowledge the rising risk. The Defense Department has made it a priority to tighten data-handling policies and has increased training on theft prevention, department spokesman Maj. Stewart Upton said by e-mail.
ID cards are being upgraded as they expire, using bar codes, magnetic stripes and other electronic authentication tools. No cost estimate is available; a complete overhaul will take years, he said.
But ID cards are just one potential leak point. Clerical workers and laborers, inside and outside the military, handle household moving invoices, medical files, financial forms and relocation orders. That gives them opportunities to turn sensitive data into cash, says Rick Lunstrum, vice president at ID Watchdog, an identity-theft protection firm.
Last summer, the FBI recovered a Veterans Affairs laptop that had gone missing for two months carrying data for 26.5 million active and retired service members. Agents said they found no evidence the data was misused.
But Earl Laurie Jr., 57, of Colorado Springs, Colo., isn't so sure. The retired Navy chief petty officer uses a post office box, shreds sensitive papers and does not bank online. Yet, a month after the laptop's recovery, Laurie got phone calls from Capitol One and U.S. Bank. Each asked him to confirm he had filled out an online credit card application, for $8,000 at one bank and $15,000 at the other. He had not.
"The FBI says nobody got it (his data), but it seems awful funny that a month after that, someone tried to get those credit cards," says Laurie.
Scam artists often target service members deployed overseas. When Marine Cpl. Jacob Dissmore, 22, of Janesville, Wis., returned from Iraq in February 2006, he learned that someone in San Diego had opened credit card accounts, started a T-shirt business and even bought a house using his data.
Lifelock helped him prove the accounts were frauds. It took a year.
Speaking for his son, who is again in Iraq, Michael Dissmore says the corporal doesn't blame the military: "But he wishes they had a better system for tracking, other than Social Security number."