Identity Theft Letters: Phishing for Business or Customer Notification?

by Alex Stenback on December 23, 2005

Over at The Consumerist (Gawker Media’s latest title) we stumbled across an entry from a skeptical reader who wondered whether a letter sent to ‘alert’ them of identity theft at their mortgage company was really just a trojan-horse marketing ploy, designed to sell affiliated credit protection services. 

Our initial instinct was that this was just a basic CYA letter (‘lost’ data and potential ID theft is fairly common), and after some digging and commenter ‘Billhelm’ summarized the likely scenario perfectly:

…I find the claims in that story of mortgage companies claiming data breaches to get more people to sign up for their credit protection programs to be rather dubious. There likely was a data breach involving an employee. The breadth of customer notification is probably more of the issue than anything else. Companies involved with these breaches have increased the scope of the notifications, and are probably extending these to customers whose data was not breached, but at risk.

We’d also add that if you are concerned that your identity may have been stolen, it is not necessary to sign up for a fee-based service – just initiate a fraud alert.
ยท Countrywide Identity Theft: We Can’t Find the Crime [Consumerist]

{ 2 comments… read them below or add one }

hugh macleod December 23, 2005 at 10:09 am

Hey, thanks for the kind words ;-)

Editor December 23, 2005 at 11:52 am


For those that don’t know, the commenter above publishes – a blog that inspired the creation of Behind the Mortgage back in 2004.

Get on over there and read up.

Leave a Comment


Previous post:

Next post: