Whenever anyone goes to the DMV, they see signs reminding everyone to sign the back of their license so that they can be an organ donor. The system as it stands in the United States is in desperate straits and there are now more and more commercials on television showing the stories of people whose lives have been saved by organ donation. So for those great individuals who make this commitment in the state of Florida, you should get a pat on the back. You should also get Lifelock to make sure that no one is committing identity theft with your personal information.

It was reported today that there was a data breach at the Organ and Tissue Donor Registry, which is housed by The Agency for Health Care Administrations. It appears that up to 55,000 people might have had their private information, such as names, addresses, social security numbers, and drivers license numbers, stolen. There are still only limited details at this point, although it is clear that the state is taking the breach seriously.

Those who were affected by the breach should receive a letter in the mail in the next few days. The Agency for Health Care Administrations wants to make clear that it is only contacting people by mail and not phone or email. If anyone gets asked for their social security number of other private information over the phone or in an email, they should be weary of responding since this might be a phishing attempt to further extend identity theft. In the letter that was sent out to people, it explains that the breach took place on June 20 and was discovered the next day and corrected. There is no explanation given for how the issue was so quickly resolved or solutions to prevent this type of breach from taking place in the future.

At this point, according to a statement by AHCA Secretary Holly Benson, there is no indication that any of the information was illegally obtained. At the same time though, since the investigation is still ongoing and the story developing, people are advised to keep an eye on their credit reports and look out for any suspicious activity. One way to ensure that you are protected is to invest in an ID theft subscription service, such as Lifelock. The company, famous for its founder who lists his social security number of a drunk and drives it around downtown New York because he is confident in the protection his company gives, monitors all three credit bureaus. It keeps tabs and is notified whenever a new credit card or loan application is filed. It then contacts its customer to make sure this is a valid application. It then can stop or allow the file to continue. Since many victims of identity theft are subjected to long periods of trying to cleanup their credit records after the fact, taking a proactive step before any illegal activities occur is advised.

Despite its beautiful campus and ivy covered buildings, Stanford is not immune to the problems of educational institutions in the 21st century. It was reported yesterday that the university recently was the victim of a series of thefts, one of which involved a laptop computer. Although the break-in occurred a few weeks ago, it was only noted today that the laptop contained personal data which could allow someone to perpetrate identity theft among any of the individuals listed in the database. Unfortunately, this breach not only hits a well respected institution in the United States, but it also has the potential to affect upwards of 60,000 people.

While this 60,000 people does not actually included any students, the university has not addressed whether or not research assistance or any student who has served as an aid to a professor happens to fall under this category. As it stands at the moment, the 60,000 is all former or current employees, across all departments and divisions, and without any end date for the window of information contained on the laptop. The laptop contained “confidential personal material” although there is no indication if this includes social security numbers, addresses, bank routing numbers, or anything along those lines.

While more details are continuing in the investigation, Stanford has assured its faculty and staff that it takes serious all of its required security measures. Although there is no word yet on how the data on the laptop is protected, a press released by the university to the media said that it is secure and that it will be difficult for anyone to access. Also in the release is the recognition that the individual or individuals who are responsible for the crime might not even know the material is on the laptop and that everyone should keep an eye on their credit report all the same.

Vice President for Business Affairs and Chief Financial Officer Randy Livingston wrote a letter that was sent out to all the affected parties. In the letter he laid out that Stanford has many rules in place that are supposed to prevent private data from being stored on computer systems that are mobile. He said that in light of this most recent incident, these efforts will be strengthened to prevent any future problems from taking place.

Unlike Harvard, which experienced its own data breach earlier in the year (link), Stanford has not spelled out whether or not it will set up any sort of subscription services for the potentially 60,000 affected people. These subscription services involved ID theft companies, such as Lifelock, that monitor the three major credit bureaus. Equifax, Trans Union, and Experian are all notified and Lifelock contacts its customers whenever a new credit card or loan application is filed. By contacting the consumer at this early phase, it significantly limits the likelihood that any identity theft will take place under the affected person’s account. While the letter to the affected employees does not contain any reference to these services, experts in the field of identity theft solutions recognize their benefit, whereas stopping the problem before it starts is much easier than the hassle of having to go through and deal with a large number of fraudulent charges.

If you were robbed, you would probably tell your friends about it. You would also alert the authorities. This all seems like common sense. That is unless you are the online company Montgomery Wards. After the company went bankrupt in 2001, it found a new lifeline by selling its products online. It also falls under the jurisdiction of its parent company, Direct Marketing Services. So they are at fault in all of this, although it is only coming to light the size of the data breach they kept mum about.

Direct Marketing Services learned in December 2007 that it has been hacked. One of its off-site locations where it stored credit card names and numbers was illegally accessed and over 51,000 people were affected by this. However, these people had no idea that their personal data was now floating around the internet, ready to be used by anyone willing to pay a small fee. While experts are only getting bits of information regarding the breach, they have attributed the theft to The Force, an internet mafia that deals with the theft and laundering of private data. There is no real information on the group, other than that it has increased its attacks recently and has become increasing more efficient at its data extraction.

In December, DMS alerted the major credit card companies that there had been a breach and that they should take note of the potential abuse of the sensitive material. However, DMS did not alert its customers. As Dan Clements of CardCops said, “It would seem that notifying the customer would be the prudent thing to do.” Unfortunately, Wards did not live up to this expectation and now it is the consumers who might pay the price. There is no telling the number of people who have been affected by this breach over the last seven months and it will be some time before people are able to get all of their personal affairs back in order.

In 44 states, laws exist that allow groups of people to sue companies that do not quickly alert people to breaches that involve personal data. No word yet on whether or not affected individuals in any of the 44 states will be taking class-action suits against Wards and its parent company. In the mean time, the customer is left holding the bag. Avivah Litan, Gartner vice president, recently stated that there is still a severe problem in the whole system, because victims have to go through the tedious and time consuming process of filing a claim and hoping that they get their money and identity back.

While Wards has not stepped out to help out its customers, and the claim process being as long as Litan noted, more and more people are looking for alternatives to protect themselves. No one wants to wait until they’ve become a victim to find a way to ensure their personal identity. Enter Lifelock, an ID theft service that people can subscribe to for a minimal monthly fee. The company contacts all three credit bureaus and alerts its customers whenever a new credit card or loan application is filed in their name. By stopping these applications at an early phase, less people become victims of identity theft.