Allegations of Official Mistakes, Misconduct and
County Web Site Helped Thieves
Steal Identities of Victims in Five States
Police in Worthington Ohio say hundreds of people
in five states are the latest victims of identity theft that has
resulted from county officials publishing sensitive information about
citizens over the Internet. They've asked the U.S. Secret Service to
investigate the link between the county Web site and online identity
ID Theft Statistics
- Over 10 million identity theft victims in the US.
- An identity is stolen every 3 seconds in the US.
- The average cost to restore a stolen identity is $8,000.
- Victims spend an average of 600 hours recovering from this
The victim’s private information found its way on to the Franklin
County Municipal Court Web site when they were charged with minor
violations such as speeding tickets. Worthington detectives turned
the evidence over to federal authorities after a state crime lab determined
that more than 270 people nationwide may have been recently victimized
by a security lapse that has existed since 2001 on Clerk Lori Tyack's
Web site .
Six people are currently under investigation by the
U.S. Secret Service suspected of using the Tayack's site to learn
Social Security numbers and other private information needed to create
false credit accounts.
The known victims of this latest breach are from Ohio, South
Carolina, Kentucky, Texas and Wyoming. Although no one has been arrested
yet, Worthington police seized the records and computers of two people,
who implicated four others and the county Web site in the scheme.
One suspect told detectives how the scam worked and a forensic
examination of computer files by Ohio Bureau of Criminal Identification
and Investigation confirmed that the thieves went from (Tyack's) Web
site to Equifax (a credit bureau) and then on to credit-card companies
and banks. Worthington detective Ted Paxton told reporters he has
identified more than $40,000 in illegal purchases of clothing, shoes,
phones and electronics.
The thieves "were using a laptop stolen from Wyoming, but they only
had it for a couple weeks," Paxton said. The city turned the case over
to the Secret Service because it investigates misuse of the Internet for
identity theft and because the case had broadened to include so many
Ohio law requires that some court records are made public but does no
require officials to publish any of the records online where the
information can be used by criminals worldwide.
Now that the county has published your sensitive
information online, local officials say they will try to locate anyone
affected by the breach, but place the burden on individuals to take
steps to protect themselves. They suggest verifying information in
credit scores and keeping constant vigilance over your account.
Tyack said she was aware of the federal investigation but not
involved in it. She acknowledged that her site has permitted public
searches of court records since 2001 and the site receives more than
16,000 inquiries per day. It wasn’t until July, that she limited some
information available on the Web site.
It didn’t have to happen
This isn’t the first time that local government Web sites have
failed to recognize the difference between
“public” records viewable inside the courthouse and publishing the same
records online where criminals, stalkers and terrorists anywhere in the
world access and use the information to commit identity theft and even
murder. Clearly, American citizens are being stalked through records
published by local government Web sites. The link, if left unbroken,
could cost you time, money, freedom -- even your life.
Here are just a few examples.
Hamilton County Ohio - The Blue Ash Police
Department's Criminal Investigative Section, confirmed the department
has made numerous arrests of identity thieves who confessed to getting
personal information to help their crimes from the clerk's Web site.
California - As early as 1987 criminals were
using remote access to Public Records to facilitate their crimes. Remote
access to electronic California's motor vehicle database facilitated the
murder of actress Rebecca Schaeffer.
New Hampshire – In 1999 Liam Youens used Public
Records available online to stalk and kill twenty-year-old
Amy Boyer as she left her part-time job at a dentist’s office.
U.S. Senate Hearings April 13,
Arizona - Just before Christmas 2005, while
officials in Maricopa County were denying that criminals were using the
County Website, a 23-year-old methamphetamine user was showing
Scottsdale officers how he used the County Recorder’s Website to steal
identities. Technology and easy credit
give identity thieves an edge – New York Times
Indiana – In December 2006 the recorder's office in
Grant County, Indiana, pulled all of its document images from the
Internet after a lawsuit related to identity theft was filed against the
county. Source: -
Counties work to hide personal data -
Jaikumar Vijayan, Computer World
Utah - Attorney General Mark Shurtleff announced on
July 15, 2005 that five people had been charged---and hundreds more may
be charged----with stealing and forging Social Security numbers
belonging to children. Investigators found that approximately 1,800
social security numbers, belonging to children under of 13, may have
been compromised by the state’s own web sites.
ID Theft Isn't Just for
Our forefathers saw the records as so important to a free society
that they promised ‘The right of the people to be secure in
their persons, houses, papers, and effects, against unreasonable
searches and seizures, shall not be violated’. Indeed,
most counties keep the records behind steel vaults where they are
readily available to local citizens and professionals with a legitimate
need to access them but inaccessible to anyone outside the jurisdiction.
Only a few counties have taken the records from the vaults and made them
available online where anyone, anywhere in the world with an Internet
search and seize them.
Government Agencies, Foreign Companies Collide Over Online Records Issue