News & Resources

Companies at risk for losing consumer credit data

Apr 15, 2014 Dave King

Companies at risk for losing consumer credit data

For organizations handling a large amount of consumer credit data, it's imperative that they diligently observe the actions of their employees and customers. Financial institutions across the United States are constantly on the lookout for potential identity theft attempts committed by hackers, office workers and even their own patrons. In the event that such sensitive information is stolen from a company, it could severely tarnish its reputation.

Activity on the rise

According to a study conducted by Javelin Strategy and Research, the number of identify fraud incidents rose by about 1 million consumers in 2013, amounting to a three-year high of approximately $21 billion stolen. Although many companies utilize software programs capable of identifying monetary credit activity, an estimated 1 in 4 data breach notification recipients became a victim, signifying that a large number of consumers have neglected the severity of these threats.

In addition, the report noted that perpetrators used the financial data as a form of alternative credit for 48 days on average in 2012, down from 95 days in 2010. This statistic displays the patience and caution executed by these particular criminals. Many of them strayed away from paying for anything that might connect them to their true identities, such as phone or electric bills. Either through banks or payment companies, more than 50 percent of victims received financial alerts, credit monitoring or identity protection services.

The problem for some organizations handling a large amount of consumer credit is that they lack the necessary tools to monitor customer activity in real-time. In the event a debit card number is stolen, it's possible that the wrongdoer has the ability to steal hundreds of dollars in a matter of seconds.

Locking up public enemies
According to the U.S. Department of Justice, eight defendants are cumulatively facing 22 indictments after recently being apprehended by members of the Federal Bureau of Investigation and the Internal Revenue Service's Criminal Investigation unit. Each perpetrator was charged with one count of conspiracy by the Southern District of Florida, while a select few others were accused of committing access device fraud and active identity fraud.

Chouman Syrilien, one of the alleged co-conspirators, was recently employed by Interactive Response Technologies, a company that provides staffing for call centers to handle direct sales and customer inquiries for telephone company AT&T. Syrilien allegedly gave away sensitive customer information to Carlos Alexander of Orlando and Monique Smith of Pompano Beach, who both supposedly added themselves as authorized users on victims' credit card or bank accounts. The two deviants were then thought to have used the consumer credit to make purchases as retail outlets and receive cash advances in excess of $24,000 dollars.

If found guilty, each defendant will face a maximum of 30 years in prison to satisfy the conspiracy charge. Although the offenders were ultimately apprehended, it's likely that their victims had to turn to short term lending in order to bounce back from the financial setback. As these incidents continue to occur, credit unions and other financial organizations need to implement new ways of identifying who has authorized access to an account and who doesn't.