Late last month, four servers containing names, addresses and Social Security numbers of thousands of Wells Fargo & Co. mortgage and student-loan customers were stolen from an Atlanta company that prints loan statements. There's no indication the information has been misused, the bank says, but it's advising affected customers to monitor their accounts for suspicious activity. It's also offering a free one-year credit-protection program and has established a toll-free hotline.
The incident was the latest reminder of how pervasive the threat of identity theft has become, as well as how much of a risk it is for banks and credit-card issuers and their customers. According to the Federal Trade Commission, 9.9 million Americans were identity-theft victims last year. Of those, 6.6 million reported fraudulent use of existing accounts while more than 3 million reported new accounts opened in their names. That cost businesses $48 billion and consumers $5 billion in economic losses.
As banks and other financial institutions outsource operations such as printing statements and sending out direct mail they are going to be continually subjected to incidents like this. What is commonly the case, and astonishing to say the least is that these 3rd parties are not always as "buttoned-up" as they should be with their risk detection, prevention and protection programs. If the consumer has anything to fear, it is that their bank is not taking the time to effectively audit and monitor their outsourced service providers.