Identity Theft

Speaking in front of an audience used to be Americans' greatest fear. According to a Chapman University study done last year, public speaking has dropped to number five. Number one is now walking down a dark alley alone.

And the number two fear? Identity theft


I found this hard to believe until I started noticing all the ads on identity theft. They warn that not only can your bank account be stolen, so can your retirement nest egg and yes, even your home equity! They suggest you can be wiped out in one fell swoop. What isn’t there to be terrified of here?

The ads' answer to calming your fears is simple: buy identity theft insurance.

While there is a grain of truth in the outrageous claims, the probability of horrendous financial losses from identity theft is slim. Most identity theft insurance policies provide the services of a professional to help reestablish your credit in addition to covering some monetary losses from a theft.

Still, I don’t recommend identity theft insurance.


So it was ironic that a few months ago I was the victim of identity theft. Someone from our bank called, suspicious about a scheduled a wire transfer on a personal account for $904 to an account in Mexico. The account had been hacked. As best we could determine, hackers had gained access to my wife’s computer which, unknown to us, had the Microsoft update feature disabled 18 months prior and was 161 updates behind.

We had six other personal and business accounts at this bank under a number of different usernames and passwords. We learned that all these accounts were tied together into one group that could be accessed by any individual account's username and password. The fraud department agent said all the accounts were compromised and would need to be closed.

Of course, this was a major inconvenience. It meant rescheduling scores of automatic payments on seven checking accounts, getting new authorizations, notifying vendors, and purchasing new checks. But at least the problem was resolved.

Until three months later my bookkeeper called to ask about nine wire transfers, totaling $6,300, in one month out of one infrequently used account. The bank confirmed that hackers used a username and password to gain access to the account, and the transfers escaped the watchful eye of their fraud department.

I had not set up online banking on any of the new accounts. There were no usernames or passwords, so how could anyone have gained access? Then I discovered that even though the bank had closed all the accounts and opened new ones, they only disabled the username and password the hackers had used to gain access the first time. They left all the others active.

This was baffling. It had seemed obvious to me that closing the accounts included disabling all access to the accounts. I found out otherwise.

Fortunately, the bank covered our loss. We did have to close all the accounts a second time; this time disabling all the usernames and passwords.

This experience taught me two lessons.


First, don't assume a protective action has been taken just because it seems obvious to you: ask questions and make sure. Second, if your bank links all your accounts when you do online banking, it may be wise to only have one or two accounts at a bank and only access them using one username and password.

I also learned that insurance would not have compensated us for our personal time and hassle involved in signing and approving new accounts, something which could not be outsourced. My advice to skip identity theft insurance still stands.