US Attorney and State AG Call on Businesses to Use Best Practices to Protect Data
Federal investigators in Western Washington are sharpening their focus on employees at banks, medical establishments and other institutions who are stealing or selling personal identifying information. In cases just filed over the last few weeks, employees stole information from banks, medical clinics, and retailers. The data was used to commit hundreds of thousands of dollars in theft and fraud. These cases raise concern about how important personal data is being safeguarded by businesses and organizations. Today United States Attorney John McKay and Washington State Attorney General Rob McKenna laid out some "best practices" businesses should put in place to safeguard customer and employee information.
"Some of these steps are very simple, such as locking up records overnight," stated U.S. Attorney John McKay. "Leaving records with personal information sitting out on desks, is like leaving the keys in the car with the motor running – it’s going to get stolen." In two of the cases recently filed, thieves allegedly stole the information at night while the bank and medical clinic were closed. In one case the thief was employed by a janitorial service, in the other the thief persuaded an employee to give him an access badge allowing him to rifle customer medical records that were sitting out on desks in preparation for the next day’s patients.
Washington State Attorney General Rob McKenna is proposing legislation to help consumers protect themselves from identity theft by freezing unauthorized access to their credit reports. McKenna’s office is also working to implement several initiatives, including helping government and private sector organizations reduce their internal risks of identity theft.
"We have repeatedly urged consumers to shred sensitive documents, secure their mailboxes and install anti-spyware software and computer firewalls," McKenna said. "To win the battle against identity theft, businesses must also take an active role in protecting their customers and themselves. Preventing identity theft in the workplace starts with a comprehensive security plan. A successful plan includes fully implemented administrative procedures, practical physical safeguards and current technical methods for protecting information."
Last year Washington State ranked 7th in the nation in identity theft reports per 1,000 citizens. Washington ranked ahead of New York and just behind Florida in instances of ID theft. The US Attorney’s Office is leading a working group aimed at prosecuting three key types of ID theft: Organized Criminal rings; Inside ID theft; and Repeat Offenders. Over the 18 months that the ID theft working group has been meeting, more than thirty cases have been prosecuted in federal court. Federal prosecution holds defendants responsible for crimes in multiple jurisdictions and usually results in significantly longer sentences. Using the Aggravated Identity Theft statute that went into effect in 2004, prosecutors can get an additional 24 months added on to an underlying sentence for bank fraud or other ID theft related crime.
Next month prosecutors will ask for a 235 month sentence for WARREN ERIC ARMSTEAD, 50, a career offender who led an ID theft ring that burglarized homes and cars, and stole purses and wallets to obtain confidential financial information that was used to empty bank accounts and run up credit card bills. In all the ARMSTEAD ring was responsible for hundreds of thousands of dollars in damage to more than 80 people. Prior to this federal prosecution ARMSTEAD had 20 years of criminal activity, but his longest sentence was 50 months in prison. This federal prosecution will take a major organizer of an identity theft ring out of circulation for a long time.
The US Attorney’s Office working group on Identity Theft contains representatives of the following agencies: Social Security Administration-Office of Inspector General (SSA-OIG), Secret Service, FBI, United States Postal Inspection Service (USPIS), Washington State Patrol (WSP), Washington State Department of Licensing (DOL), the Washington State Attorney General’s Office, King County Prosecutor’s Office, King County Sheriff, and the Seattle Police Department. All law enforcement agencies are welcome to participate, and various local departments have attended meetings providing assistance and using the resource of the working group.
Copies of the suggested best practices from the working group are attached:
- Best Practices for Business, Banks, and Health Care Providers (PDF)
- Original release from U.S. Department of Justice (PDF)
- Prosecution Priorities for ID Theft Working Group (PDF)
- Federal Prosecutions by ID Theft Working Group (PDF)
For additional information please contact Emily Langlie, Public Affairs Officer for the United States Attorney’s Office, at (206) 553-4110.