Tuesday, October 4, 2011

Busted in a Medical Gown

Talk about getting caught with your pants down! A recent article in the Sacremento Bee highlights the humbling arrest of a Bay Area woman who stole the identities of several employees from one company that she obtained while working as a benefits clerk for Service Employees International Union-United Healthcare Workers office. She went on several spending sprees and was even arrested once, but managed to get out on bail, only to rack up thousands more in stolen property. She even racked up $300,000 in one person's name.

What eventually led to the arrest of this individual was the $12,000 payment for a liposuction appointment using a credit card she opened in the name of one of these employees. Authorities were able to catch up with the identity thief while she was in a surgical gown waiting to have the liposuction. That walk to the police car must have been a bit drafty! Probably not the best outfit for a mugshot either. Nevertheless, she was sentenced to 12 years and 4 months in prison. Meanwhile, other victims are just now beginning to feel the results of this individual's actions and coming forth.

I hope that restitution is forthcoming for the remainder of her victims. It seems to me that some justice must be served for those victims who have yet to be identified or notified that something is wrong with their credit or unexplained bills, etc.

Identity Theft - An Inside Job

Identity theft is quite often an inside job. That is to say, that when a data breach or identity theft event occurs, it is often not the result of a hacker breaking into a secure data system and stealing sensitive information. Rather, the threat comes from employees (disgruntled or otherwise) within the company who have access to sensitive information and have a motive to steal that information to use for their own nefarious purposes. This type of threat is not merely limited to large corporations and does not always involve data. Inside jobs can happen at the smallest of companies and often involve the theft of money, products or company belongings. Even our public schools are not immune to inside jobs.

An article in The Daily Stamford I read today illustrates just this point. A teacher's aide apparently took the same "we need to learn to share" idea our parents try and impress upon us while we are young, just a little too far. She helped herself to the purse of the teacher to whom she was providing aide and managed to take the cash and a credit card when the teacher was not looking. Share and share alike! She then decided to pay a cellphone bill and then do some online shopping.

Luckily, the observant teacher noted the disappearance of her items and alerted the authorities, also noting that only herself and the aide would have had access to her purse at the school where the items seemed to have disappeared. It didn't take authorities long to trace the online purchases to the aide, the prime suspect, who was then promptly arrested, though not before she racked up $700 in online purchases at Victoria's Secret.

So does this story illustrate that we should not trust our co-workers? Hardly. It merely points out that there will always be some bad apples out there, so keep your eyes open. Although you'd like to trust those you work closely with, you should still exercise caution and develop some habits of your own to secure your belongings and Personally Identifiable Information (PII) while at work. Here are just a few simple and helpful suggestions. Had this teacher applied just some of these, this inside job could have been avoided.

  • When it comes to your purse or wallet, leave these items either locked up or in your pocket when possible and out of the site or reach of those with prying eyes, and hands.
  • If you have a lockable drawer in your desk, use that to secure your belongings and keep it locked at all times.
  • If you have an office and need to leave for whatever reason, lock the door when you leave for any length of time.
  • Lock your computer with a secure password when you step away from it for any period of time. Your email and other digital files may provide that sensitive information someone can use to open up new credit accounts and steal your identity, leaving you with damaged credit and hefty bills to pay.

An ounce of prevention is worth a pound of cure.