The Federal Trade Commission (FTC) released a report that recommends five measures to help prevent Social Security numbers from being used for identity theft.

The FTC urged Congress to take action to strengthen the procedures that private-sector organizations use to authenticate their customers’ identities. “Identity theft continues to be a major problem in this country, with victims numbering in the millions each year and out-of-pocket losses (primarily to businesses) in the billions of dollars,” according to the report.

The FTC report states that adopting nationwide standards for how businesses and other organizations verify the identity of new and existing customers would make it harder for thieves to use SSNs to commit identity theft.

“The first step in minimizing the role of SSNs in identity theft is to limit the demand for SSNs by making it more difficult for thieves to use them to open new accounts, access existing accounts, or obtain other benefits or services,” the FTC states in the report.

The FTC report also recommends that steps be taken to reduce the unnecessary display and transmission of SSNs.

Data Loss Source:
Oregon Health & Science University has sent letters to 890 patients informing them that a stolen laptop may have contained their health records.
Date of Breach: Dec. 13, 2008
Size of Loss : 890
Affected Individuals: Patients
Geographic Focus: Oregon
Data contained: In an effort to reassure patients, OHSU said the laptop was password-protected and called the risk of identity theft low. The data did not include Social Security numbers, addresses or specific treatments, OHSU said.
Additional Notes: The laptop was stolen from an OHSU employee in a Chicago hotel, while he was traveling on business.
Additional Information: The Oregonian

Data Loss Source: Personal information was compromised after a data backup tape from Bill Dube Ford/Toyota was stolen.
Date of Breach: Dec. 5, 2008
Size of Loss : About 10,000
Affected Individuals: Customers at Bill Dube’s dealerships
Geographic Focus: New Hampshire and Massachusetts
Data contained: Names, addresses, Social Security numbers and driver’s license information, but no financial data such as credit card information
Additional Notes: Police are investigating the breach as a theft, but so far none of the information has been used to steal anyone’s identity,
Additional Information: Union Leader

Data Loss Source: Luxottica Group’s computer system was hacked, exposing the company’s payroll records.
Date of Breach: Dec. 5, 2008
Size of Loss : 59,000
Affected Individuals: Employees of Cleveland-based Things Remembered, a chain Luxottica sold in 2006.
Geographic Focus: Cleveland, OH
Data contained: Names, addresses and Social Security numbers
Additional Notes: It isn’t clear whether anyone has used the information to steal identities.
Additional Information: CNN Money

Data Loss Source: A laptop containing private information on Starbucks employees was stolen.
Date of Breach: Dec. 5, 2008
Size of Loss : 97,000
Affected Individuals: Employees
Geographic Focus: Seattle, WA
Data contained: The information included names, addresses and Social Security numbers, according to a memo addressed to affected employees
Additional Notes: Starbucks asked affected employees to monitor their financial accounts for suspicious activity and to take appropriate steps to protect against potential identity theft.
Additional Information: Seattle Post Intelligencer