<p>DEARBORN, Mich. – Since recently being notified by Ford Motor Credit Company that 13,000 credit reports were stolen from credit reporting bureau Experian, consumers are on an anxious watch for signs of identity theft. Posing as employees, thieves somehow used Ford Motor Credit Company access codes to tap into a database that Experian uses and download personal information on consumers in affluent neighborhoods across the country. Between April 2001 and February, 2002 unauthorized inquiries were made into about 13,000 credit reports, of which about 400 belonged to Ford Motor Credit customers. With information such as social security numbers, addresses, account numbers, creditor names and payment history on credit reports; the thieves have everything needed to commit credit fraud. With as many as 700,000 cases a year and 86,000 complaints reported to the Federal Trade Commission last year, identity theft tops the list of consumer fraud concerns. According to experts thefts of credit reports are far more common than is reported. "This really shows a couple of things," said Digital Defense Inc. Vice President of Strategic Technology Rick Fleming. "First that even the big guys have problems and two recurring testing might-and without all the details it is difficult to know for sure- but it might have detected this problem sooner." Fleming also says credit unions should ask the question if someone could come through Experian to get to credit union members. "Now I don't want credit unions to panic and think `the sky is falling' but they should examine access to their network," said Fleming. "Do a complete vulnerability assessment test. Determine who is connected to what and who has access to what. If you are not testing your systems thoroughly on recurring basis with the same types of tools in a controlled environment then hackers will test it for you-but they won't tell you the results until it is too late." According to Fleming, "recurring basis" should be defined as frequently as once a month. Experian Spokesperson Donald Girard asserts that since the perpetrators had codes and did not try different combinations and codes to break in, Experian systems were not "hacked" but he agrees that this is a good opportunity for credit unions to reassess their security. "Remind your staff not to take shortcuts and gone are the days when you can just do an annual check of your system," said Girard. "It pays to be diligent with basic security, reexamine your processes and review how information is shared or stored." Earlier this month Attorney General John Ashcroft announced plans for a two-pronged initiative to crack down on the growing problem of identity theft. "The first component is a coordinated nationwide effort by law enforcement, led by U.S. attorneys to prosecute identity theft," said Ashcroft. "And the second is to develop and match the prosecution effort with the development of legislation to address the most serious cases of this crime and to provide greater protection to the public." While the Federal Bureau of Investigation is working the case, consumers have been urged to contact Experian and the two other major credit reporting firms Equifax and TransUnion and report any evidence of abuse. A special phone line has also been set up to help victims resolve discrepancies and get a free copy of their credit report. According to Girard so far 3,500 consumers have called in. "We are confident that the FBI will find out who did this and both Experian and Ford Motor Credit Company are prepared to prosecute to the fullest extent of the law," said Girard. [email protected]</p>