I am a victim of identity theft. Someone used my social security number, address, and other personal information to go on a $6,000 spending spree in my name. I’m told they probably had a fake id too since they applied for the accounts in person in Bloomington, Indiana. Here is where they successfully opened accounts and how much they spent:
- Victoria’s Secret: $998.68
- Kohl’s: $1,483.98
- Macy’s: $1,668.28
- Buckle: $1,896.46
That’s a total of $6,047.40 ill-gotten gains from a few days worth of work (actually just lying and shopping). They also attempted to open accounts at Sam’s Club, Best Buy, Sprint, T-Mobile, Walmart, Target, and Simply Mac. Luckily, all those other applications were rejected.
How did this happen?
Despite reports filed with both the Chicago and Bloomington police departments I still have no idea who did this or how they got my information. I’m pretty paranoid about giving out my personal information, but I still have given out my social security number out to current and past employers, landlords, and banks to name a few. I was a part of the OPM data breach although this seems like small potatoes for someone with access to that trove of personal data.
I did do two things the week before this happen that may have put my information at risk. I applied for a home equity loan, so people at my bank were handling forms with this information. I also renewed my drivers license. Did someone at the DMV take my old driver’s license and my info in order to steal and possibly sell my identity? I don’t know, although I find it curious that no new accounts were open after my birthday, which is when my old license would have shown as expired.
Realistically, I will probably never know who did this or how they got my information.
How does identity theft hurt the victim?
I didn’t have to pay the $6,000 worth of bills for credit cards I never opened, but that doesn’t mean I wasn’t impacted.
My credit score dropped 20 points in two weeks and probably would have dropped more had I not been notified of the new activity from my credit monitoring service. Luckily, that home equity loan had already been approved, but had my identity theft gone unnoticed I might have gotten an unpleasant surprise when I tried to apply for a loan in the future.
The biggest impact on me was time. Time to make phone calls to ensure all the fraudulent accounts were closed. Time to fill out forms attesting the charges as fraud. Time to contact credit agencies and police departments. I’m lucky to have the sort of job where I can keep working while I’m on hold with the Macy’s fraud department for 2 hours (true story), but many other people would have a hard time getting these things done.
The ironic thing about reporting identity theft
Identity theft occurs when someone gets your social security number, so what do you have to do when you are a victim of identity theft? Tell a bunch of people your social security number! All those calls and many of the forms required me to supply my social security number to locate the correct accounts. Great.
Identity theft doesn’t go away
If someone gets your credit card number you get a new credit card number. If a website’s password data is stolen you change your password. But if someone uses your social security number you are stuck. (New social security numbers are only issued in extreme cases.) Sure, I have an extended credit alert, but I’ll still be wondering about the next time this someone might use my identity.
As if I might forget, I continue to get fliers and coupons from the stores listed above even though the accounts are closed. Getting off those mailing lists is just another thing on my to do list from this whole thing.
Identity theft is disturbingly common
I talked to a few people about this and almost all of them knew someone who went through the same thing, even a police detective I spoke to. In fact, as the worst of my identity theft experience was wrapping I up I saw that Lorrie Cranor, one of my former privacy professors and the current Chief Technologist for the FTC, recently had her identity stolen in the form of cell phone account hijacking. This can happen to anyone.
What can you do to avoid being a victim of identity theft?
Sadly, even if you do your best to protect your personal data there are always other people who have that data, which makes it very hard to be certain that your information is protected. Still, that doesn’t mean there aren’t things you should do to try to protect yourself.
- Limit who has access to your information, including shredding sensitive documents when they are no longer needed.
- Check your credit reports at least annually, which you have the right to get to for free. Just make sure use the site recommended by the FTC not anything that advertises on late-night TV.
- Consider getting a credit monitoring service. I was lucky to have this as a benefit through my work, but similar services are available on a subscription basis.
I hope you are never a victim of identity theft. It sucks.
RELATED POST: 1 in 21 million – The OPM data breach and me
Get notified of new posts by email. Type your email address in the box and click the “create subscription” button. My list is completely spam free, and you can opt out at any time.
You can also find Kim Z. Dale on Twitter, Facebook, and Google+ .
Kim Z. Dale 
One thought on “What I learned about being a victim of identity theft”