<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=US-ASCII">
<META content="MSHTML 6.00.6000.16643" name=GENERATOR></HEAD>
<BODY id=role_body style="FONT-SIZE: 10pt; COLOR: #000000; FONT-FAMILY: Arial"
bottomMargin=7 leftMargin=7 topMargin=7 rightMargin=7><FONT id=role_document
face=Arial color=#000000 size=2>
<DIV>
<DIV>Credit monitoring is the cheapest reactive measure, plain and
simple. And without a doubt, its a false sense of security these
"careless organizations" are giving the effected individuals. </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>Mike</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-fareast-font-family: 'Times New Roman'; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA">Michael
Hill <BR>Certified Identity Theft Risk Management Specialist<BR><A
href="http://www.idtheft101.net/">www.idtheft101.net</A> <BR>404-216-3751<BR
style="mso-special-character: line-break"><BR
style="mso-special-character: line-break"></SPAN></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>In a message dated 6/11/2008 3:33:05 A.M. Eastern Daylight Time,
lyger@attrition.org writes:</DIV>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: blue 2px solid"><FONT
style="BACKGROUND-COLOR: transparent" face=Arial color=#000000
size=2><BR>http://attrition.org/security/rant/dl-compensation.html<BR><BR>Wed
Jun 11 03:38:35 EDT 2008<BR>Apacid, Jericho<BR><BR>If you have been the victim
of a data loss incident, odds are you have <BR>received a letter from the
careless organization that lost your <BR>information. These letters always
offer apologies and sincere hope that <BR>your identity or personal
information isn't abused. The recent BNY Mellon <BR>incident (which now stands
at 4.5 million potential customers affected) <BR>resulted in customers
receiving such a letter:<BR><BR>[.]<BR><BR>Notice that in return for having
your personal information lost, they are <BR>offering free credit monitoring
for 12 whole months! This seemingly <BR>generous offer has apparently become
the standard business practice for <BR>acceptable compensation when your
personal information is treated with <BR>carelessness. BNY opted to go with
ConsumerInfo.com's "Triple Alert" <BR>credit monitoring product (despite no
mention of that 'product' on the <BR>consumerinfo.com web page), which watches
for changes to your credit <BR>reports from the three national credit
reporting agencies in the United <BR>States (Experian, Equifax, TransUnion).
If you are unlucky and get caught <BR>up in multiple data loss incidents, you
may receive this "gracious <BR>compensation" many times over.<BR><BR>First,
why is this type of reactive credit monitoring acceptable <BR>compensation?
This seems to be another case of one business following <BR>another and...
voila, we have an industry 'standard' that does little to <BR>serve the
customer but does everything to serve businesses that want to <BR>look caring
and "customer-centric" in the
media.<BR><BR>[...]<BR>_______________________________________________<BR>Dataloss
Mailing List
(dataloss@attrition.org)<BR>http://attrition.org/dataloss<BR><BR>Tenable
Network Security offers data leakage and compliance monitoring<BR>solutions
for large and small networks. Scan your network and monitor your<BR>traffic to
find the data needing protection before it leaks
out!<BR>http://www.tenablesecurity.com/products/compliance.shtml<BR></FONT></BLOCKQUOTE></DIV>
<DIV></DIV>
<DIV> </DIV></FONT><BR><BR><BR><DIV><FONT style="color: black; font: normal 10pt ARIAL, SAN-SERIF;"><HR style="MARGIN-TOP: 10px">Vote for your city's best dining and nightlife. <A title="http://citysbest.aol.com?ncid=aolacg00050000000102" href="http://citysbest.aol.com?ncid=aolacg00050000000102" target="_blank">City's Best 2008</A>.</FONT></DIV></BODY></HTML>