ID Theft in 90 Seconds - Scary & True

posted Jun 1, 2010, 8:03 AM by Michael Hoffman
Over the weekend, someone contacted me regarding my scary post about how easy it is to steal people's identities, sometimes when you are not even trying. 

There are two messages here - 1. organizations need to be more responsible 2. individuals need to be on guard and vigilant 
ID theft in this case is not Google's fault, Google is part of the solution as they highlight what others could easily steal without anyone noticing.

Regardless - be part of the solution and spread the word.

Identity Theft in 90 Seconds, Why Google and other Search Engines Are a Big Deal 

From Customer Worthy, Why and How Everyone in Your Company Must Think Like a Customer, Michael R. Hoffman 

Chapter 11 Customer Privacy Is Nothing to Kid About; Electronic data is everywhere and growing 

… In case you think the news media or a couple of individuals are overreacting 
to data theft and easy access to personal and confidential data, please go 
through this quick exercise. 

Step 1. Go online to 

Step 2. Type “Attendee List” in search window. 

Step 3. Select “Advanced Search,” go to options under “File Type,” and 
select “Microsoft Excel (.xls)” 

Step 4. Click “Advanced Search” or hit “enter.” 

Step 5. Take a look at the Excel files presented. No, don’t open them. 
They are private information. 

Step 6. Edit the search box by adding “Mike” to the front of the search 

Step 7. Reexamine the files. 

Hopefully, after a couple of people read this book (Customer Worthy @, these files will become harder to access and will be more protected. Just maybe, companies, individuals, 
churches, and membership organizations will protect information more seriously. 

Is this identity theft? This entire exercise takes about 90 seconds, and if anyone has wised up to this application and no results appear, you can spend another 90 seconds experimenting with words like “name,” “phone,” “home,” “addr_2,” and other file types to see what pops up. 

Organizations and companies are too careless with customers and members data which is why makes the fact that Google mistakenly captured 600 gigabytes of private information a big deal. 

Individuals and companies just leave information everywhere and Google, as an example, scoops it up. The fact that major companies and companies of all sizes still have a high incidence of using default passwords on databases, devices and applications is just embarrassing and 'criminal.' 

If you want to be scared and paranoid on a daily basis subscribe to Dark Reading