Identity Theft and Contributed by Organizations or Campuses

The Federal Trade Commission and the federal financial institution regulatory agencies have sent to the Federal Register for publication final rules on identity theft “red flags” and address discrepancies. The final rules implement sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003.

This website is a one-stop national resource to learn about the crime of identity theft. It provides detailed information to help you deter, detect, and defend against identity theft.  

On this site, consumers can learn how to avoid identity theft – and learn what to do if their identity is stolen.  Businesses can learn how to help their customers deal with identity theft, as well as how to prevent problems in the first place.  Law enforcement can get resources and learn how to help victims of identity theft.

This is a legal alert concerning the Red Flag Regulations that go into effect on November 1, 2008

An FTC announcement that financial institutions and creditors are now required to develop and implement written identity theft prevention programs under the new "Red Flags Rules."

NACUBO's brief opinion concerning how the Federal Trade Commission (FTC)'s Red Flags Rule applies to Colleges and Universities as Creditors.

"Identity theft is one of the fastest-growing cyber-crimes, and, as a result, 38 states have identity theft legislation -- with some states using encryption as a safe haven," said Southwestern Illinois Community College CIO Christine Leja. "The education market as a whole is becoming more serious about protecting student information and is looking to encryption as the means to making that happen."

"No matter how robust your firewall, trained faculty and staff are your first line of defense against system breaches."

In recent years, many entities in the private, public, and government sectors have reported the loss or theft of sensitive personal information. These breaches have raised concerns in part because they can result in identity theft--either account fraud (such as misuse of credit card numbers) or unauthorized creation of new accounts (such as opening a credit card in someone else's name). Many states have enacted laws requiring entities that experience breaches to notify affected individuals, and Congress is considering legislation that would establish a national breach notification requirement. GAO was asked to examine (1) the incidence and circumstances of breaches of sensitive personal information; (2) the extent to which such breaches have resulted in identity theft; and (3) the potential benefits, costs, and challenges associated with breach notification requirements. To address these objectives, GAO reviewed available reports on data breaches, analyzed 24 large data breaches, and gathered information from federal and state government agencies, researchers, consumer advocates, and others.