First, I'd like to welcome the many new I've Been Mugged readers. Daily readership has grown five-fold since I started this blog. Hopefully, you have learned plenty about tips and advice to protect your identity and personal data. I've Been Mugged readers have learned how companies archive the personal data of employees, former employees, and customers; and how some companies fail to implement strong, state-of-the-art data security processes.
I started this blog in July 2007 after a former employer, IBM, exposed my personal information during a data breach. The IBM data breach occurred exactly one year ago today. The beginning posts in this blog present my conversations with IBM and the free credit monitoring service IBM arranged for it's ID-theft victims.
So far, I haven't experienced any more identity-theft problems as a result of this data breach. But, my sensitive personal data is still out there on IBM's "lost" or stolen data tapes for identity thieves to sell and abuse. I realize that the risk to me has not decreased because my data is still out there. At some future point, the thieves will crack the data encryption on those data tapes and then the "fun will begin."
Is it fair that IBM's free credit monitoring offer ends in June while the risk IBM created with its careless data handling continues indefinitely? Nope. But this is the way many companies deal with identity theft... shift the burden and risk to consumers. Companies would like consumers to believe that the risk ends before the free credit monitoring period ends.