On June 01, 2005 a new provision of the FACTA Law became effective. This provision gave financial liability to any person or business that employs even "one" person, or, has "one" client who as a result of their action or inaction, allows confidential informatiion to be compromised by thieves, hackers, mistakes or otherwise. The financial liability is for actual damages and also includes Federal fines of up to $2500.00 and State fines up to $1000.00 per person, per incident.
According to John Gardner, co-author of Chicken Soup for the Entrepreneurial Soul, “The damages are devastating to any business." and the FACTA law assigns responsibility directly to you, the business. Under Facta doing nothing today will cost you much tomorrow.
Business Week says that the average damages for Identity Theft victims are $92,000.00 and up, per person. Using this statistic, if you have 10 employees lose their identities, then on average, your Facta Law liability could be $920,000.00 not including the federal and state fines. How many employees does your company employ? FACTA Law requires action by decision makers or the liability damages could be financially devastating for a company.
So, what if you do shred all potential employee information, and take all necessary precautions to protect your past, current, and future employees’ identities, and the information still gets out somehow? Under the FACTA law, you could still be held responsible.
Effective June 1, 2005 under FACTA, the companies listed below could potentially be liable for hundreds of millions in damages for a crime that has too many opportunities to occur. Opportunities exist from such varied sources as high tech hackers, dumpster divers, disgruntled employees (past, current and future employees), mistakes and oversights, or just a few bad apples that slipped under curtain of the interview process.t Advanced Progressive
Go to Yahoo and type in keywords FACTA Liability.
You will find over 150,000 sites that are speaking on just this issue.
It happened to these companies....are you next?
|
DATE MADE PUBLIC |
NAME |
TYPE OF BREACH |
NUMBER |
|
Feb. 15, 2005 |
ChoicePoint |
ID thieves accessed |
145,000 |
|
Feb. 25 , 2005 |
Bank of America |
Lost backup tape |
1,200,000 |
|
Feb. 25, 2005 |
PayMaxx |
Exposed online |
25,000 |
|
March 8, 2005 |
DSW/Retail Ventures |
Hacking |
100,000 |
|
March 10, 2005 |
LexisNexis |
Passwords compromised |
32,000 |
|
March 11, 2005 |
Univ. of CA, Berkeley |
Stolen laptop |
98,400 |
|
March 11, 2005 |
Boston College |
Hacking |
120,000 |
|
March 12, 2005 |
NV Dept. of Motor Vehicle |
Stolen computer |
8,900 |
|
March 20, 2005 |
Northwestern Univ. |
Hacking |
21,000 |
|
March 20, 2005 |
Univ. of NV., Las Vegas |
Hacking |
5,000 |
|
March 22, 2005 |
Calif. State Univ., Chico |
Hacking |
59,000 |
|
March 23, 2005 |
Univ. of CA, San Francisco |
Hacking |
7,000 |
|
March 28, 2005 |
Univ. of Chicago Hospital |
Dishonest insider |
unknown |
|
April ?, 2005 |
Georgia DMV |
Dishonest insider |
"hundreds of thousands" |
|
April 5, 2005 |
MCI |
Stolen laptop |
16,500 |
|
April 8, 2005 |
Eastern National |
Hacker |
15,000 |
|
April 8, 2005 |
San Jose Med. Group |
Stolen computer |
185,000 |
|
April 11, 2005 |
Tufts University |
Hacking |
106,000 |
|
April 12, 2005 |
LexisNexis |
Passwords compromised |
Additional 280,000 |
|
April 14, 2005 |
Polo Ralph Lauren/HSBC |
Hacking |
180,000 |
|
April 14, 2005 |
Calif. Fastrack |
Dishonest Insider |
4,500 |
|
April 15, 2005 |
CA Dept. of Health Services |
Stolen laptop |
21,600 |
|
April 18, 2005 |
DSW/ Retail Ventures |
Hacking |
Additional 1,300,000 |
|
April 20, 2005 |
Ameritrade |
Lost backup tape |
200,000 |
|
April 21, 2005 |
Carnegie Mellon Univ. |
Hacking |
19,000 |
|
April 26, 2005 |
Mich. State Univ's Wharton Center |
Hacking |
40,000 |
|
April 26, 2005 |
Christus St. Joseph's Hospital |
Stolen computer |
19,000 |
|
April 28, 2005 |
Georgia Southern Univ. |
Hacking |
"tens of thousands" |
|
April 28, 2005 |
Wachovia,
Bank of America,
PNC Financial Services Group and
Commerce Bancorp |
Dishonest insiders |
676,000 |
|
April 29, 2005 |
Oklahoma State Univ. |
Missing laptop |
37,000 |
|
May 2, 2005 |
Time Warner |
Lost backup tapes |
600,000 |
|
May 4, 2005 |
CO. Health Dept. |
Stolen laptop |
1,600 (families) |
|
May 5, 2005 |
Purdue Univ. |
Hacking |
11,360 |
|
May 7, 2005 |
Dept. of Justice |
Stolen laptop |
80,000 |
|
May 11, 2005 |
Stanford Univ. |
Hacking |
9,900 |
|
May 12, 2005 |
High ScHinsdale Central hool |
Hacking |
2,400 |
|
May 16, 2005 |
Westborough Bank |
Dishonest insider |
750 |
|
May 18, 2005 |
Jackson Comm. College, Michigan |
Hacking |
8,000 |
|
May 18, 2005 |
Univ. of Iowa |
Hacking |
30,000 |
|
May 19, 2005 |
Valdosta State Univ., GA |
Hacking |
40,000 |
|
May 20, 2005 |
Purdue Univ. |
Hacking |
11,000 |
|
May 26, 2005 |
Duke Univ. |
Hacking |
5,500 |
|
May 27, 2005 |
Cleveland State Univ. |
Stolen laptop |
44,420 |
|
May 28, 2005 |
Merlin Data Services |
Bogus acct. set up |
9,000 |
|
May 30, 2005 |
Motorola |
Computers stolen |
unknown |
|
June 6, 2005 |
CitiFinancial |
Lost backup tapes |
3,900,000 |
|
June 10, 2005 |
Fed. Deposit Insurance Corp. (FDIC) |
Not disclosed |
6,000 |
|
June 16, 2005 |
CardSystems |
Hacking |
40,000,000 |
|
June 17, 2005 |
Kent State Univ. |
Stolen laptop |
1,400 |
|
June 18, 2005 |
Univ. of Hawaii |
Dishonest Insider |
150,000 |
|
June 22, 2005 |
Eastman Kodak |
Stolen laptop |
5,800 |
|
June 22, 2005 |
East Carolina Univ. |
Hacking |
250 |
|
June 25, 2005 |
Univ. of CT (UCONN) |
Hacking |
72,000 |
|
June 28, 2005 |
Lucas Cty. Children Services (OH) |
Exposed by email |
900 |
|
June 29, 2005 |
Bank of America |
Stolen laptop |
18,000 |
|
June 30, 2005 |
Ohio State Univ. Med. Ctr. |
Stolen laptop |
15,000 |
|
July 1, 2005 |
Univ. of CA, San Diego |
Hacking |
3,300 |
|
July 6, 2005 |
City National Bank |
Lost backup tapes |
unknown |
|
July 7, 2005 |
Mich. State Univ. |
Hacking |
27,000 |
|
July 19, 2005 |
Univ. of Southern Calif. (USC) |
Hacking |
270,000 possibly accessed "dozens"exposed |
|
July 21, 2005 |
Univ. of Colorado-Boulder |
Hacking |
42,000 |
|
July 30, 2005 |
San Diego Co. Employees Retirement Assoc. |
Hacking |
33,000 |
|
July 30, 2005 |
Calif. State Univ., Dominguez Hills |
Hacking |
9,613 |
|
July 31, 2005 |
Cal Poly-Pomona |
Hacking |
31,077 |
|
Aug. 2, 2005 |
Univ. of Colorado |
Hacking |
36,000 |
|
Aug. 9, 2005 |
Sonoma State Univ. |
Hacking |
61,709 |
|
Aug. 10, 2005 |
Univ. of North Texas |
Hacking |
39,000 |
|
Aug. 19, 2005 |
Univ. of Colorado |
Hacking |
49,000 |
|
Aug. 22, 2005 |
Air Force |
Hacking |
33,300 |
|
|
|
|
|
TOTAL |
|
|
50,579,179 |
.........and the list continues to grow.
“An ounce of prevention is worth a pound of cure", is definitely the case when it comes to securing personal information. However, no matter what prevention steps you take, there is no 100% effective way to be sure that employee’s information won't be compromised. Even if the information doesn't get out from your company, an employee can claim that it did. Find out what you should do to protect yourself. Go to Yahoo or MSN and type in keywords FACTA LAW or FACTA LIABILITY. |
