More Snake Oil: LifeLock spokesperson's stolen ID leads to lawsuits

More Snake Oil: LifeLock spokesperson's stolen ID leads to lawsuits

Summary: Can you remember being a kid, when your parents first told you what your SSN was?  I remember mine telling me to never give it to anyone.


Can you remember being a kid, when your parents first told you what your SSN was?  I remember mine telling me to never give it to anyone.  Of course, then as soon as I got my first job as a caddy at the local golf course I had to give it up, same with when I bought my first car, hell, my college username was my SSN for awhile, and after that changed, my password was based off of it (not my choice).

Somehow along the way, our government decided not to punish companies for using SSNs, which they should've.  Now we're stuck with this huge identity theft problem, and tons of products that apparently don't work to fix the problem.

From Slashdot:

OrochimaruVoldemort writes "It seems as though LifeLock isn't as secure as Todd Davis makes it out. According to a LifeLock spokesman, his identity has been stolen. For two years, Davis has been daring hackers to steal his ID. Looks like he got what he wanted. CNN reports: 'Now, LifeLock customers in Maryland, New Jersey and West Virginia are suing Davis, claiming his service didn't work as promised and he knew it wouldn't, because the service had failed even him.'"

Wow, and to think I just about bought this service.  Thing about this is, it's just another example of snake oil being sold in this industry, just like HackerSafe, PCI, WAFs, scanning tools, etc.  I wouldn't take so much exception if these companies weren't so damn bold and blatant with their advertising.

Honestly, in Info Sec, you have the perfect maelstrom of advertising... under educated consumers, tons of money, mass confusion , throw in a great product pitch like "Sick of worrying about security, just plug us into your network and you'll be 100% safe", or "LifeLock's so great I can advertise my SSN on the side of this van in the middle of a city."  Seriously though, this guy got what he deserved and I think LifeLock should be facing law suits over this.


Topics: Government US, Government, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Thanks for the story.

    I was interested in this kind of service. I already have an opt out with all the credit unions, but following the links, I found out that as of Jan 1, 2008, I can, in Texas, absolutely freeze my credit report. It used to be only for Victims.

    This means even with your SSN, if they don't have access to your physical home phone and pin, etc, they can't get new credit. I found this site very useful.

    A freeze is for me, I have no need for credit at the speed of light (it takes a few days if needed). People might also be interested in setting up what this guy charged you for (the convenience of renewing for you every 90 days it expires).

    • I wouldn't advise totally freezing your credit

      I have heard some bad stories about people who have had a HELLISH time unfreezing their credit because they forgot the information and pin number that they gave the credit freezing service.

      The real answer to all of this, is to NOT have to give out our Social Security number for any reason. Not when we get a new job (our name, address, phone number, etc. should be enough for even the FEDS to get the SS money and tax money they are supposed to get), not when we apply for credit, not EVER!

      It was stupid to make our Social Security number our 'one stop shop' for credit and for identity theft.
      • Except that....

        It's too late for that. Your SSN flys over the Internet so often it may as well be a credit card number.

    • Wow, that's great!

      I wonder if they have similar for Illinois, I need to check this out. I signed up for Equifax Gold and I've been fairly happy, but I'm not really sure what it does. Hopefully it is above and beyond lifelock.

      • reactive

        Equifax Gold emails you after the accounts have been opened in your name. I had that service, too, but it doesn't help much if the account is opened and bills are run up in the first day. It does nothing for other areas of identity theft like drivers licensing, either, which seems to be a big knock on Lifelock.

        Without a recurring request for fraud alerts on your credit file, you have to do the cleanup. With the proactive fraud alerts, you get the call requesting permission to open the account, not an email after telling you someone already did it.

        You can do that yourself, you don't have to pay for it, it's just a pain to remember to refresh the fraud alerts every 90 days, that's the service that Lifelock does for you.
    • ...

      I don't have a credit card, neither does the wife. We each have one debit card and that's it. Our spending history is so consistent that any large deviations are noted immediately and we are queried by our bank to make sure we made the purchase. We are teaching our children how to live without a credit card and within their fiscal means. It's hard at first but once you get it together it's amazing how much less stress there is in your life and just how little you worry about things like ID theft.

      Living debt free is the way to be. This whole living off of credit is one reason why we are in such a fiscal mess in this nation. People are living way beyond their means which is one reason why we are seeing so many foreclosures. Peoples purchasing power is being stolen and abused which leads to bankruptcy that means the rest of us pick up the tab on that.

      I listen to economists and all these financial oriented people and all I hear is an inflation lie of speculation and deceit to give the appearance of fiscal health... when the reality is a very sick fiscal state. And it all encourages the theft of peoples ID and purchasing power.

      The wife and I have worked hard to get where we are today and it has been well worth it. While others around us are struggling to make ends meet or to keep their over rated and over priced homes, we are sailing through this without too much notice. The 7 P's and living within ones means, good advice the majority of this nation has lost sight of. Good luck out there, gas is now $4.09 ? 4.21 a gallon here in central California, fire season has started 3-4 months early and the price of all of our goods are on the rise as well, while the dollar limps along.

      Things keep going this way... ID theft will be pointless, nobody will have credit or any fiscal worth to steal! ]:)
      Linux User 147560
      • credit cards

        Whether or not you have a credit card is immaterial. We pay our bills every month. My wife keeps track of our account and if it is close to our biling date, she will "slow" us down on our charges, then when the bill comes it is manageable. She has said that if we EVER have to not pay the whole bill, then it is time to cut up the card! I agree. One has to fiscally responsible, unlike our government. One solution is to have a job like Bill Gates, where you don't have to worry about the amount of your paycheck, but most of us don't have that kind of income.
    • And don't forget about . . .

      He's got all kinds of advice to help with these kinds of problems. . .
  • I think it's an up-hill battle no matter what...

    Since the proprietor of LifeLock's ID theft incident was by an individual using his SSN to open an account by a vendor that never checked his credit.

    So in these cases it really doesn't matter what safeguards you have in place, you are going to wind up having to clean up a mess.

    It happened twice to my wife and luckily both times we were able to clean it up quickly but not without a lot of time, effort and most of all registered, return-reciept mails to the creditors involved.

    While some of these services (even those offered by the credit reporting agencies themselves) will help they are not a "cure all".

    I agree with the poster that said not to totally freeze your credit as even if you are not looking to get credit of any kind potential employers sometimes check this data and if it is not available you are not considered.
  • The plaintiffs must all be Darwin Award candidates

    Honestly, who'd believe and buy into those kinds of "services" just because they saw a commercial? Oh well, "against stupidity the gods themselves strive in vain."

      Someone who believes the BS that they are told (in church) is negatively judging others who believe something (about security) without any real justification or proof is so pathetically ironic. You're so self-absorbed with your own beliefs that you even purport to know what the "gods" struggle with which is even funnier because evidently they are troubled by a problem that they created themselves. I use themselves because you used "gods" and not "God" for some likely even more sillier reason. You are right about one thing and that is that the tide of stupidity is definitely difficult to counter.
  • Who Authorized These Credit Bureaus

    How is that these Credit Bureaus came to have all my financial data? Who gave them the authority to do this? I never gave them anything or in anyway authorized them to open and maintain a dossier on me.
    I have in some way blocked access to my credit and have not had any problems as a result of this blocking. I guess if I needed new credit I?d have a problem.
  • RE: More Snake Oil: LifeLock spokesperson's stolen id leads to law suits

    I was wondering how long before life lock got owned. Yup, just another snake oil salesman! ]:)
    Linux User 147560
  • RE: More Snake Oil: LifeLock spokesperson's stolen id leads to law suits

    Nate, Why is it Snake Oil? Maybe I'm missing something and you can help enlighten me, but I dont see where LifeLock is guaranteeing that NO ONE can EVER use your information fraudulently or without your permission. If you go to their website, the first thing that you see is $1 Million Guarantee which exists as insurance IF AND WHEN someone does break a barrier and harms your credit or wallet. Their website is full of testimonials of people WHO WERE VICTIMS - with or without the service because Todd Davis is not saying that they can PREVENT IT ALL THE TIME 100% - he's saying they can help you in many ways to do everything possible to help prevent it. I read about this yesterday and saw Todd Davis on the Today Show this morning, and I feel the company is offering a service that the common consumer has a right to pay for if they want it. They also can go and create their own alerts for free themselves, which LifeLock clearly tells you, but that's only one of the things covered by the $10/month. As a regular consumer, I can't go and scan 10,000 websites that are selling stolen data, I cant cover up to $1 Million of usage out of my own pocket if I were held liable from creditors where theft occured, I'd rather call up one number if I lost my wallet and get all my credit cards and information cancelled in a minute than go do it myself at the time....I don't have LifeLock as a service, but I probably will get it after all this media press due to convenience. It's a service and it provides just that - a guarantee, or insurance, against the 'what if' of the biggest crime in the nation today - identity theft. I have house insurance in case my house is robbed or burns down, I have car insurance in case I get into an accident, I have life insurance but I'm not hoping to die tomorrow - this is no different. What bothers me is that your bio says you are a Security Advisor for E&Y, so your opinion does matter and could provide information to the average consumer who's not in this type of arena professionally. You have a right to your opinion if you think there service is valid or useful, but isn't 'Snake Oil' just a bit strong? Instead of 2 Starbucks a month, or the cost of one cheap designer handbag in a year, a person could benefit from a lot of the services provided for the $10/month IN THE EVENT they needed it. As stated above and with all insurance we buy, the point is you hope you'll never need it, but speaking as a person who was comprimised in the past and knows the extreme hassle and money lost, this isn't 'Snake Oil' to everyone....

    • Sara

      Can you please go back and edit your post so it has paragraph breaks? It makes it much easier to read than a large run on mass of text.

      We all thank you! ]:)
      Linux User 147560
    • Couldn't have said it any better...

      I advised my kids to use Lifelock and still do; exactly for the reasons you just outlined. Most people do not have the time, money or personal resources to be able to do what this company does for themselves.

      There are never any total guarantees in life, but I would say the $1,000,000 guarantee is good enough for me and should be for most people. If it isn't then I do agree, the person should then do something other.

      This guy getting on the soap box calling it 'Snake Oil' is typical of the personallity that looks for all the bad and does not weigh it properly against the good. Someone who just likes to complain and tear down someone else to try and build himself up.
      • Identity Theft and Lifelock

        LifeLock does for a fee what you can do for free. That is, to contact the major crecdit bureaus and put a fraud alert.

        One of these credit bureaus, Experian, sued LifeLock for fraud and false advertising. Experian alleged that LifeLock initiated false credit fraud alerts on Experian customer accounts and misled the public as to the necessity of its services.

        The leading way that people get their Identity stolen is through carelssness - leaving receipts and CC and SS numbers in the open and not disposing of them propberly. The leaders in stolen identity are illegal aliens, who need a valid ID to get a job.
      • He was just looking for something to post

        it seems
  • Where's the snake oil

    Try looking up the definition of snake oil salesmen. They sold a product that they knew didn't work. Lifelock has demonstrably worked.

    Out of 87 attempts known, the Lifelock guy had his name used once, a $500 loan from an online loan center that didn't bother to go through the credit agencies to validate before lending. This is the fault of the lender, not Lifelock.

    The issue with his driver licenses is not his issue, it's the fault of the DMV, who issues a license based solely on the SSN, which wasn't supposed to be the end-all of identfication, but has become that. Lifelock never promised anything about insuring against DMV stupidity, although the wording of their website may indicate full identity protection, in which case they need to be more clear, for sure. Our government is a great example of the worst possible security in SSNs and drivers licensing. No private company can compete with that idiocracy.

    The fact that he has no hits against his credit report seems to be a decent sales pitch.

    If you don't broadcast your SSN, and you use a proactive credit protection, it's a pretty good combination, and better than nothing.
    • Not A Panacea

      Doesn't this story however show us that there is no single panacea? The mantra is security is a process, not a product. Just because you have one piece of the network secured does not mean you have 100% fault protection.
      MBridge llc