As far as I know, no one can steal my identity. Even if my bank account number, my credit card number and all my passwords are stolen, I am fairly confident that I will still be me and the thief will be a different person.

Yes, the criminal will be masquerading as me. But anyone who knows me–my husband, my children, my colleagues, my doorman, my employer–will not be fooled. If “I” was actually stolen, I believe that would be called a kidnapping.

The entities that would be fooled by a masquerader are ones that don’t really know me: my bank, my credit card company, places where I do online or offline shopping. Maybe they should have done a better job figuring out who I was before parting with my money or their goods.

Read the rest of this post on the original site

In letters to sent Monday to 90,000 developers who work on eBay’s Developers Program, the company warns about a security hole that could cause problems, but hasn’t yet. It also takes pains to point out that the security flaw doesn’t affect eBay customers themselves. eBay says third-party software now accounts for 25 percent of its listings.

An eBay spokesman tells me that eBay came across the weakness itself not because a hacker had exploited it, and that the company is acting “out of an abundance of caution,” which is a term the eBay folks seem to favor (see email text below). “The information that *may* have been compromised consisted of basic contact information that could potentially be used in a phishing attack. At this point, we have not identified any unusual patterns in our developer accounts and we are notifying them and requesting they change their developer passwords out of an abundance of caution [sic].”

Here’s the complete text of eBay’s heads-up letter:

Hello [redacted], this is Kumar Kandaswamy, and I manage the eBay Developers Program. I’d like you to read this important message about account safety. The safety and security of the eBay Developers Program is a top priority. While we believe that people are basically good, we also must live with the reality that there are fraudsters out there who have made it their illicit “profession” to find ways to exploit others on the Internet.

Occasionally, fraudsters attempt to gain unauthorized access to the eBay Developers Program. eBay has recently identified a means by which someone could gain access to eBay Developers Program account information. This type of access DOES NOT allow the capture of financial or other sensitive information, such as credit card or bank account information or Social Security numbers.

Fortunately, we have not detected any unusual activity with any Developer account. Out of an abundance of caution and to help ensure the security of the eBay Developers Program, we are requiring that all developers take the following steps:

* Take advantage of our new, stricter password standards and change your eBay Developers Program (developer.ebay.com) passwords. It is not necessary to change eBay (www.ebay.com) passwords. If you believe you or your customers have been the victim of fraudulent activity, contact us immediately at apifeedback@ebay.com.

Sincerely, Kumar Kandaswamy

Seems the personal data of Googlers hired prior to 2006 were stolen during a May 26 burglary at Colt Express Outsourcing Services, a financially troubled human resources outfit Google (GOOG) once used to administer employee benefits. The data, which astonishingly were not encrypted, thankfully did not include driver’s license, credit card or bank account numbers. It did, however, include employee names, Social Security numbers, birthdates, and addresses–everything an identity thief would need to open a credit card account under another’s name.

It’s unclear how many Googlers are affected by the breach, but it could be quite a few. CBS’s (CBS) CNET Networks was also affected by the burglary, with details from about 6,500 employees stolen.

“We take the security of our employees very seriously and require outside vendors to meet appropriate security standards. We review and update these standards on an ongoing basis,” a Google representative said. “Google is not currently using Colt’s services and had made this decision long before this incident.”

If that’s the case, what was Colt doing with that data in the first place?

Seems the personal data of Googlers hired prior to 2006 were stolen during a May 26 burglary at Colt Express Outsourcing Services, a financially troubled human resources outfit Google (GOOG) once used to administer employee benefits. The data, which astonishingly were not encrypted, thankfully did not include driver’s license, credit card or bank account numbers. It did, however, include employee names, Social Security numbers, birthdates, and addresses–everything an identity thief would need to open a credit card account under another’s name.

It’s unclear how many Googlers are affected by the breach, but it could be quite a few. CBS’s (CBS) CNET Networks was also affected by the burglary, with details from about 6,500 employees stolen.

“We take the security of our employees very seriously and require outside vendors to meet appropriate security standards. We review and update these standards on an ongoing basis,” a Google representative said. “Google is not currently using Colt’s services and had made this decision long before this incident.”

If that’s the case, what was Colt doing with that data in the first place?