The victims' names read like the front page of a supermarket tabloid. KimKardashian, her mother Kris Jenner, Paris Hilton, and there evenappears to have been an attempt to access accounts belonging to FBIDirector Robert Mueller.

The thieves made off with in excess of $70,000, according toreports, and the scariest part is that the perpetrators were19-year-old Luis Flores and his mother (some reports say simplyroommate), 41-year-old Kyah Green.

What they apparently had in quantity in their apartment wasdigitized information about many celebrity accounts – MIchelleObama, Tom Cruise and Beyonce also figured in the haul when thepolice raided. The information is believed to have been retrievedby Flores and Green from easily accessible Internet sites.

What has experts buzzing is how seemingly unsophisticatedthieves have made identity theft look downright simple.

But that's because it is. Huge data breacheshave produced vast stashes of account information that, in thewrong hands, is being put to use to steal. No computer skills areneeded, just a willingness to locate and, in some cases, pay foraccount information online.

At the same time, the Internet – and social media in particular– has produced rich personal data on just about everybody, butespecially so on celebrities. It's an era where secrets are afantasy and that has made traditional challenge questions ofdoubtful value. Your high school mascot, name of your first date,favorite ice cream – all are findable online and, for celebrities,the information may be inescapable.

Add one part valid account information to one part true andplentiful personal details online and it is a recipe for disasterfor unwitting financial institutions.

Call center employees are especially vulnerable, added BryanJardine, product manager for Easy Solutions, a fraud detection andmonitoring company.

Pity the poor call center employee who fields the call thatseeks to make an emergency wire transfer and, by the way, thecaller probably knows “the last four digits of the social,” thehome address, even the phone number associated with theaccount.

“The weakest link is the human,” said George Tubin, a consultant with security firm Trusteer.

Why? Call center employees are trained to be helpful,compassionate, sympathetic. If a debit card holder calls up, says,“I lost my card while on vacation in Moscow” – that employee, atmost institutions, has been trained to say, we will overnight areplacement card to you.

How new-style fraud will get stopped is with toughened employeetraining, said the experts, where certain triggers (sending areplacement card to a previously unknown address, for instance)ought to send up an alert that triggers a second-level review.

At some institutions however – and many fingers point at creditunions that pride themselves on being member centric, friendly andhelpful – that willingness to delay satisfying a member may belacking.

That may be a big mistake because there is every indication thatidentity theft and account takeover – whether involving celebritiesor just everyday people – will continue to rise, simply becausethere is so much account information available.

Worse news for credit union executives: “Fraud is moving downmarket. We have evidence this is occurring,” said Lou AnneAlexander, a senior vice president at Scottsdale, Ariz.-basedsecurity company Early Warning.

Her contention: the biggest institutions, the money centerbanks, have toughened their perimeters and that has promptedfraudsters to hunt for softer targets.

Like credit unions.

A slice of good news from Early Warning: “Security is not acompetitive activity at financial institutions,” said Alexander whosaid that many may be cutthroat when it comes to mobile banking orauto loans. But when the issue is fraud prevention, there usuallyis a large willingness to share.

“We see many institutions sharing information,” she added,pointing to files of voices of habitual criminals that at leastsome institutions are making available so other institutions cancompare the voice records to see if this caller is a knownfraudster.

“We are encouraging more credit unions to get involved in thesekinds of sharings,” said Alexander who indicated that institutionalcooperation may be a fast track to stopping at least some identitytheft.