News for Public Officials and the People They Serve
Newsletter Archives The Campaign Tool Chest   Bookmark and Share
Home Auctions By State Campaigner's Bookstore

Bookmark and Share

Get the newsletter


  LifeLock ultimate

Assemblyman Dave Jones couldn't believe the treasure trove of Social Security numbers he found on the California Secretary of State website. He bought 20 Public Records called Uniform Commercial Code filings. Fourteen showed enough information to open a credit card account under another person's name.

"The state has literally been selling on the internet, an identity theft starter kit. It has sold social security numbers for a mere $6 dollars each to any member of the public with an internet connection and a credit card," Jones said.

Criminals can use the information to loot bank accounts, run up credit card and tax bills or create criminal records in your name.

The information has been available on the California website for approximately three years before anyone in the legislature noticed or spoke up. The Secretary of State shut down that part of its website until further notice.

Victor Torres, owner of Capital Force Protection Services is appalled with the state's carelessness. He told reporters with KGO-TV, “You could go bankrupt. You could lose your life. You could lose everything you've worked everyday for and be just washed away, completely gone."

Social Security numbers are routinely traded and sold by thieves over the Internet like credit card numbers, says Panos Anastassiadis, chief executive of Cyveillance, an Arlington, Va., company that monitors online fraud attempts for major financial institutions. His company has found caches of them in Web chat rooms where they are offered as samples by criminals selling even larger lists.

It should come as little surprise that Social Security numbers are posted on the Internet. But, says Betty Ostergren, a former insurance claims supervisor in suburban Richmond, Va., who has spent years trolling for them, “people are always astounded” to learn that their own government, is posting the sensitive numbers online.

California isn't the first state to compromise the confidential information of their constituents. Ostergren who calls herself  The Virginia Watchdog, has warned state and county agencies across the country of the danger their websites pose to citizens. Some agencies have taken Mrs. Ostergren’s warnings to heart. Officials in Oregon, Vermont, New Mexico, New York, Ohio, Florida, and North Carolina have all taken steps to protect their citizens from careless compromises on SOS websites.  

Ohio Secretary of State J. Kenneth Blackwell refused to remove the images from his website until he was faced with a class action lawsuit. Blackwell was a republican hopeful in the Ohio gubernatorial race. Last year, voters punished Blackwell for his online security breach. He received only 36.65% of the vote against democratic candidate Ted Strickland’s 60.54%. Strickland is the first Democrat in 16 years to win the Ohio governor's seat.

Voters filled Blackwell’s vacated SOS position with Democratic candidate Jennifer L. Brunner after she made a campaign issue of her opponent’s record of publishing citizen’s sensitive information online. Greg Hartmann is the Clerk of Courts in Hamilton County, Ohio, and was the Republican nominee for Ohio Secretary of State in 2006. Hartman’s county website had been used by a ring of identity thieves to gain information they needed to steal the identities of over 100 county residents. Hartman had inherited the website from his predecessor but Brunner pointed out that Hartman waited three years before adequately removing the information.

California Secretary of State Debra Bowen inherited the problem when she took over in January. While in Washington DC last week, the Marina Del Rey Democrat said: "Until we find a way to remove all but the last four digits of people's social security numbers from the records in the electronic database, I've decided to pull the plug on the system."

But experts point out what many consumers already know. The last four digits of the Social Security number are all a criminal needs to assume your identity over the phone. Bank and credit card companies no longer ask for the first five numbers which only identify an approximate place and time the card was issued. Only the last four numbers are needed by banks or identity thieves.

 “Clerks, Registers of Deeds, Recorders, and Secretaries of State are supposed to be the custodians of our records, not the mass marketers of our private information,” Ostergren said.

LifeLock protects your identity even when your Social Security number is compromised.


Get the newsletter

Related Articles

Million Record Breach
Man Wins $5M in Database Error Lawsuit Against County
City Puts City Workers Medical Information Online
Governor Furious After Doctors Social Security Numbers Posted Online
Ombudsman calls for privacy commission to study identity theft
State will pay more than $500 Thousand to Atone for Security Breach
Califonia Caught Selling Social Security numbers
Arizona - Latest to Pull Plug on Digital Documents
Cost of a Data Breach
The Governor's Database
IRS Proposal Could Impact Millions of Internet Users



Privacy Policy