The AP reports that the data pertaining to 1,500 Department of Energy employees, many of who worked on nuclear weapons, was stolen from an unclassified computer.
A computer hacker stole a file containing the names and Social Security numbers of 1,500 people working for the Energy Department's nuclear weapons agency. ... The data theft occurred in a computer system at a service center belonging to the National Nuclear Security Administration in New Mexico. The file contained information about contract workers throughout the agency's nuclear weapons complex, a department spokesman said.
The administrator, Linton Brooks, told a House of Representatives hearing that he learned of the security breach in late September but did not inform Energy Secretary Samuel Bodman about it. It had occurred earlier that month.
Brooks blamed a misunderstanding for the failure to inform either Bodman or Deputy Energy Secretary Clay Sell about the security breach. Brooks' NNSA is a semiautonomous agency within the department, and he said he assumed DOE's counterintelligence office would have briefed the two senior officials.
Defense Industry Daily reports that a previously reported loss of Veteran's Administration data from an analyst also contains information on active duty servicemen.
In a follow-up to the events described in DID's May 25, 2006 article, the US government has disclosed that personal data on up to 50,000 active Navy and National Guard personnel were among those stolen from a Veterans Affairs employee's home last month. An Associated Press article says that information including names, Social Security numbers and dates of birth of up to 20,000 National Guard and Reserve personnel who were on at least their second active-duty call-up were "potentially included"; the same status applies for up to 30,000 active-duty Navy personnel who completed their first enlistment term prior to 1991. ...
So how much data theft is there? There are apparently a fair number of attempts even on banks, though the seriousness of the losses is apparently limited ("in the range of $1 million")
Deloitte's '2006 Global Security Survey' of the world's top 100 global financial institutions found that 78% of banks experienced a security breach from outside the organisation in the past 12 months, up from 26% in 2005, while 49% had experienced at least one internal security breach, up from 35% in 2005. Almost three-quarters (72%) of financial institutions that experienced a security breach indicated the estimated amount of damage, including direct and indirect costs, was in the range of $1 million.
Naturally something, once stolen has got to be fenced. There's apparently a market in stolen data. The International Herald Tribune filed this report in mid-2005.
The players come from all over the world, but most of the Web sites where they meet are run from computer servers in the former Soviet Union, making them difficult to police. ... In October, the Justice Department and the Secret Service announced the internationally coordinated arrests of 28 people in eight U.S. states and several other countries, including Sweden, England, Poland, Belarus and Bulgaria. ... But eight months later, the traders have adapted and resumed business, though they seem a bit more wary now ...
Most of the data theft instances cited above are actually instances of identity theft. An identity token is something that stands for "you". What we use to represent us reflects the tradeoff between the usefulness of the form chosen and the danger it represents to us. Wikipedia cites the example of the USA where the use of "semi-secret" information is more commonly used to authenticate transactions than in Europe, where a physical identification card is required. The card is harder to counterfeit, but reliance on it means that "it is also less common to do business by phone as it is e.g. in the USA". Printing a high-security physical ID doesn't solve every problem. Alan Dershowitz, notes that behind every system of ID cards lies -- you guessed it -- a database which contains not only the master recordset but information that can be used to match the ID card to the record key.
The next group of issues relates not to the card itself but to the database connected to the card. The most important question in this regard is what information the database should contain. Further still, should there be a single database or separate databases, each containing different kinds of information for different purposes. Related to this is the question of sharing information on any databases. Should government agencies be permitted to share information freely? What about the private sector? Should there be a presumption in favor of sharing or in favor of separation? Prior to 11 September 2001, these important issues were decided largely by happenstance, computer connections, and intragovernmental rivalries. Following 11 September 2001 there has been greater sensitivity to the need to make principled decisions about when information should be shared and when it should be kept separate. Finally, there are the technical questions related to whether we can develop the capacity to limit access to data according to the need to know.
With respect to "what information the database should contain", the British have decided to use biometric information so identities can be checked not only by matching the ID photo with the bearer's face but by doing any further lookups necessary on the stored biometric file. Biometrics are going to be incorporated into the various forms of US IDs. But even this isn't foolproof because anyone seeking to biometrically authenticate a person against a database will in practice have to transmit a digital representation of the biometric, with allowances for an error within a specified limit, to do the lookup. "If a person's credit card number is stolen, for example, it can cause them great difficulty. If their iris scan is stolen, though, and it allows someone else to access personal information or financial accounts, the damage could be irreversible." If someone has stolen the digital representation of your iris scan it could in principle be fraudulently used to represent "you"; and unlike a credit card number there is no easy way to get a new set of irises.
If a perfect ID card could be developed, it would self-answer the question of who can collect information about "you": it is anyone who takes the trouble to.
some high-tech bars are scanning driver's licenses, presumably as a means of stopping underage drinkers, but also as a means of gathering statistics on their patrons, such as what hours certain demographic groups drink. This latter use is worrisome, and it's likely to get worse, in part because of legislation approved by Congress last year. The Real ID Act requires states to adopt uniform standards for their driver's licenses, including common machine-readable technology, presumably RFID. The idea is that a driver's license in one state can be scanned by someone in another state. Under the Real ID Act, the information will not be encrypted--a boon for identity thieves who can already scan copycat credit and debit cards at their leisure. With the Real ID Act, look for more businesses to scan driver's licenses with an eye toward selling the data to data warehouses, such as ChoicePoint, which have proven to be insecure.
A foolproof ID card with RFID would represent a tracking device of considerable power. With enough sensors available there it should be possible in principle to locate a person 24x7. The downside of carrying an object that strongly identifies you is that it identifies you in practically every conceivable situation. Do you really want to be you?