DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

No law, no investigation. So change the law!

Posted on December 17, 2009 by Dissent

On August 28, Missouri’s new data protection law went into effect. Fat lot of good it did for past clients of Nationwide Credit Counseling. When their financial records, replete with personal information, were found in bankers boxes in a dumpster , were they notified of the breach? No. And was any action taken against the company for just dumping their data? No.

OzarksFirst.com, which broke the original story, now reports:

Police are dropping the case against a suspect who threw away sensitive documents in a dumpster in Battlefield….. Dave Vallely, Battlefield police chief, says the company that owns the dumpster does not want to prosecute.

Investigators found a suspect, but now they will close the case. Vallely says he does not believe any crime other than illegal dumping was committed.

Missouri’s data protection law does not cover paper records or paper breaches. So Nationwide may have exposed numerous people to identity theft or fraud and get off scott free.

Nor does H.R. 2221, the Data Accountability and Trust Act, include required notification of breaches involving paper records.

If consumers are to have trust, we need to trust that our personal information will be protected, regardless of whether it is in paper format or electronic. As the ITRC’s press releases this year indicate, paper breaches now account for 27% of all breaches included in their annual statistics. Any proposed federal legislation that does not include both protection of paper records and disclosure of paper breaches is incomplete and should be amended.

No related posts.

Category: Commentaries and AnalysesFinancial SectorOf NotePaper

Post navigation

← Former Lone Star National Bank VP convicted of bank fraud
Autopsy reports altered in data breach at WDH: Frisbie says it will notify families of deceased →

2 thoughts on “No law, no investigation. So change the law!”

  1. 4justice says:
    December 17, 2009 at 9:58 am

    Another great example of how casual our authorities treat this crime. Unfortunately, most of our media would have everyone believe Identity Theft is contained to only financial, and by having a monitoring service you are safe. A thief can get a whole lot further and instill tremendous damage with a social secuirty number and drivers license info than with a credit card and checking account. Our stolen information is a valuable resource to be sold for quick money by the criminals.

    My social secuirty number being sold to 12 illiegal immigrants working at 12 additional jobs in the nation is not going to surface on my credit report nor is the warrants I have for my arrest for crimes someone committed using my personal information. That is why these AG’s need to force these companies to pay for a total restoration services company for those whose information has been breached by a negligent company. An individual cannot cover the five major areas of Identity Theft. We have an epedemic on our hands.

    1. admin says:
      December 17, 2009 at 10:21 am

      I agree with you, but as we both know, the AGs can’t enforce laws that don’t exist.

      This site and its companion sites routinely report breaches that do not involve SSN, financial data, or credit card data. This site also reports paper breaches and breaches that do not affect huge numbers of people, precisely because I think legislators and the media still don’t “get” that while they focus on one aspect of ID theft or fraud, they are missing other significant problems.

      One of the biggest examples I see of this is in reading Medicare or Medicaid fraud stories or press releases. Medicare and Medicaid fraud frequently involves medical ID theft, yet most of those press releases never report how the fraudsters obtained the patient Medicare and Medicaid numbers used for fraud, do not mention whether those patients whose numbers were misused were ever notified, and there is no indication as to how many might have had problems because their medical insurance records not contain false information. And when the fraudsters are sentenced, there is no indication that they are required to pay restitution to patients who may have to spend time and money to straighten out their records.

      For some people, a breach may mean simply calling a bank, getting a fraudulent charge reversed, and getting a new account number and notifying people of same. For others, the consequences are much more serious, as you note. I was horrified to read the story of someone who had suffered for 35 years because of ID theft.

      So I’ll keep beating my little drum over here in my little corner of the blogosphere and hope that others will join in and that many more people will let Congress know that what they’ve proposed to date is not nearly comprehensive enough. And I hope Congress finds its cajones to undo what HHS has done in watering down the breach notification requirements under the HITECH Act.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.