If you were robbed, you would probably tell your friends about it. You would also alert the authorities. This all seems like common sense. That is unless you are the online company Montgomery Wards. After the company went bankrupt in 2001, it found a new lifeline by selling its products online. It also falls under the jurisdiction of its parent company, Direct Marketing Services. So they are at fault in all of this, although it is only coming to light the size of the data breach they kept mum about.

Direct Marketing Services learned in December 2007 that it has been hacked. One of its off-site locations where it stored credit card names and numbers was illegally accessed and over 51,000 people were affected by this. However, these people had no idea that their personal data was now floating around the internet, ready to be used by anyone willing to pay a small fee. While experts are only getting bits of information regarding the breach, they have attributed the theft to The Force, an internet mafia that deals with the theft and laundering of private data. There is no real information on the group, other than that it has increased its attacks recently and has become increasing more efficient at its data extraction.

In December, DMS alerted the major credit card companies that there had been a breach and that they should take note of the potential abuse of the sensitive material. However, DMS did not alert its customers. As Dan Clements of CardCops said, “It would seem that notifying the customer would be the prudent thing to do.” Unfortunately, Wards did not live up to this expectation and now it is the consumers who might pay the price. There is no telling the number of people who have been affected by this breach over the last seven months and it will be some time before people are able to get all of their personal affairs back in order.

In 44 states, laws exist that allow groups of people to sue companies that do not quickly alert people to breaches that involve personal data. No word yet on whether or not affected individuals in any of the 44 states will be taking class-action suits against Wards and its parent company. In the mean time, the customer is left holding the bag. Avivah Litan, Gartner vice president, recently stated that there is still a severe problem in the whole system, because victims have to go through the tedious and time consuming process of filing a claim and hoping that they get their money and identity back.

While Wards has not stepped out to help out its customers, and the claim process being as long as Litan noted, more and more people are looking for alternatives to protect themselves. No one wants to wait until they’ve become a victim to find a way to ensure their personal identity. Enter Lifelock, an ID theft service that people can subscribe to for a minimal monthly fee. The company contacts all three credit bureaus and alerts its customers whenever a new credit card or loan application is filed in their name. By stopping these applications at an early phase, less people become victims of identity theft.