In many cases, they have then come forth repeatedly over next few weeks, or even months revising estimated number of impacted customers. To date, I don’t think any have ever lowered those numbers.

Identity Theft and Respected Companies -------------------------------------- Generally speaking, these aren’t fly-by-night organizations. These are respected companies who we’ve come to trust. In many instances, loss wasn’t even work of a “malicious hacker” or other mystical force beyond their control; it was simple carelessness. The frequency of such reports of identity theft is making it difficult for consumers to feel confident in those with whom we do business. Customers are outraged that companies are not doing more to protect their information from forces of evil.

You and Your Personal Information --------------------------------- What about you? How are you at keeping you personal information under wraps? Some of these high profile incidents were result of a trivial mistake that could have happened to anyone, including you.

Let’s consider two events that didn’t make front page of C|Net or CNN.

The Keys To The Castle ---------------------- I consult for a client who doesn’t trust me. It’s nothing personal, they don’t trust anyone. Whenever I visit this site, I am forced to contact client throughout visit to have them type a credential, or password, to grant access to a server or router. It’s really annoying.

I really respect this client.

They don’t really know me; I’m “the consultant”. They’re taking proper steps when dealing with a consultant, providing absolute minimum amount of information required. They would never give me unsupervised access to network, and certainly wouldn’t consider giving me passwords to their servers or routers. Not on purpose anyway.

Then there was day I was working alongside client and needed to reconfigure a router to complete a task. It’s a long walk to client’s office to get password for that particular router. Yes, this is a client who apparently has a unique password for every piece of equipment they own. Conveniently client does keep a password protected file on a USB key that contained needed information. The client was completely appropriate and even asked permission before using my laptop to fetch file. I consented, and even made gesture of turning away while he unlocked file and retrieved required password.

Have you ever used Google Desktop Search? It’s a very cool, and aptly named, program that is a Google for your PC. It will index your files and make them searchable through a fast, flexible, and easy to use interface. It’ll even cache contents of files so if you move it off your hard drive, you’ll still be able to see contents of what was once there. Normally it does all this in background when you computer is sitting idle. It also does it anytime you open a file.

Your Personal Information Is The Prize -------------------------------------- You guessed it. Logins, passwords, public and private IP addresses. You name it, I had it. The client who would never give me a single password had turned over all of them at once.