The Register® — Biting the hand that feeds IT

Feeds

ID sales sites start loss leader marketing programme

Journalists find thousands of IDs online

By Joe Fay, 3rd December 2007
  • print
  • alert

Customer Success Testimonial: Recovery is Everything

The Information Commissioners' in-tray got a little bigger today as it confirmed it would be investigating a series of ID trading sites unearthed by journalists.

The Times screamed today that "the financial details of tens of thousands of Britons" were being sold on the internet.

The paper detailed how it had been able to download banking information for 32 people, including account numbers, PINS, and security codes, "without spending a single penny". The data, including that of a deputy judge, was apparently offered as a free taster by the ID traders.

It's no secret that personal details are being traded online, although the fact that criminals are now offering free samples is a new wrinkle.

A spokeswoman for the Information Commissioner's Office (ICO) confirmed the paper had passed on the details of its investigation, and said: "We'll be looking at the evidence."

She pointed out the ICO had previously called for custodial sentences for criminal trading of details.

Given the ICO's remit, the organisation's interest would presumably be in how the data escaped into the wild in the first place.

Criminal investigations would be down to the police, who would also take the lead in shaking down sites which are based abroad – it seems unlikely such sites are being hosted in the Thames Corridor.

Unfortunately, UK police are not falling over themselves to investigate card fraud as it is. A change in the law earlier this year means victims of card crime are now advised to go to their banks, rather than to the police.

The recent release of 25 million IDs into the wild courtesy of HMRC might be expected to further complicate matters, both for consumers looking to keep their IDs out of fraudsters' hands, for the ICO, and for authorities investigating fraud.

Of course, we could always look on the bright side, and hypothesise that the UK government's decision to flood the market with IDs will drive prices down, encouraging some ID traders to pack up shop. ®

Ensure Ease of Recovery with Asigra’s Agentless Software

COMMENTS

House Rules Send Corrections
All Reader Comments (8)
Latest Comments
George

Why don't banks make signature and PIN systems reliable as proposed to deter fraud.

These details show that the government and banks are letting fraud crimes grow by relying on unreliable systems rather than combat them simply by making signature and PIN systems reliable and foolproof as proposed on website www.xwave.co.uk

Fake documents has made our signature system unreliable while skimmers and pin-hole cameras etc. have made PIN system unreliable. We have option to make signatures reliable by personalising them with ID stickers and option to use Card Key Code to make PIN system reliable.

Proposed ID KEY system will deter fraud by making signature and PIN systems reliable and so this will eliminate the need for us to protect our personal and PIN details since fraudsters will not get tempted to misuse them.

Proposed ID KEY can be treated as a reliable international ID card because it will personalise signature and PIN number to only the right individuals.

0
0
Anonymous Coward

Ermm..

If trading in stolen bank details is a crime then surely the buyer is as guilty as the seller - I can inform the police of one such criminal organisation's identity..

"The paper detailed how it had been able to download banking information for 32 people, including account numbers, PINS, and security codes.."

The previous posters are corerct, though; nothing will be done until this sort of crime hits those who actually matter to the government (big banks, rich tax-exiles with brown envelopes full of bribes ..er.. 'legitimate political donations', weapons manufacturers, 'merican presidents, cabinet members' wives' tennis partners and so-on). Until then bugger-all will be done because frankly they couldn't give a soggy toss about the man in the street. hell, they don't even make an effort at lying to us convincingly any more.

0
0
Dunstan Vavasour

Accounts should be frozen

Surely the solution is that any account where the details are known to have been compromised like this should immediately be frozen? I know it would be a serious pain for the account holders, but it would reduce the resale value of such details to zero. I'd sooner go through the process of resurrecting my account than have criminals clean it out.

Penalties depend on people being caught, and credible evidence being presented to a jury with the nous to understand it. The solution is to make the information worthless.

0
0

More from The Register

breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15
Panda-peddlers cuffed for chess gambling gambit
More porridge on the menu for Chinese coders after second offence
13
breaking news
Yes, maybe we should keep hackers in the clink for YEARS, mulls EU
Watch out black hats, they just might throw away the key
39
Microsoft borks botnet takedown in Citadel snafu
Stupid Redmond kicked over our honeypots, wail white hats
19