Interview with John Vacca, information technology consultant and internationally known author
by Mirko Zorz - Tuesday, 9 September 2003.
John Vacca is an information technology consultant and internationally known author based in Pomeroy, Ohio. Since 1982, John has authored of 30 books and more than 390 articles in the areas of Internet and Intranet security, programming, systems development, rapid application development, multimedia and the Internet. John was also a configuration management specialist, computer specialist, and the computer security official for NASA's space station program (Freedom) and the International Space Station Program, from 1988 until his early retirement from NASA in 1995. John was also one of the security consultants for the MGM movie titled "AntiTrust".

How long did it take you to write "Identity Theft" and what was it like? Any major difficulties?

It took me approximately 6 months to write the book. Furthermore, it turned out to be quite a learning experience during the process of doing research for the book. What I found out was that despite my best efforts to manage the flow of my personal information or to keep it to myself, skilled identity thieves may use a variety of methods (low- and hi-tech) to gain access to my data. There were no major difficulties in writing the book.

Why did you decide to write this book?

The idea for the book was based in part on an article that I did for Business Security Advisor Magazine - October 2001 - "Protect Yourself from Identity Theft".

What is the most interesting identity theft case you've become aware of while researching for this book?

This was the case of a major credit card company selling accounts to another credit card service company without telling their customers of the sale. The customers eventually found out about the sale when they tried to use their credit card and found that the card transaction was declined. Upon contacting the initial credit card company to inquire about why they couldn't use the card, they were told then about the sale of their account. Eventually, they received a letter from the credit card company that bought the accounts, and were told that their old account was closed and that they had to pay the complete balance "upon receipt of this letter," or legal action would be taken against them; as well as, reporting the uncollected debt to all of the credit bureaus. If that wasn't bad enough, the cancelled account holders received a statement from the credit card company that bought the accounts, showing new charges (purchases and cash advances) that the holders of the cards supposedly had made before the accounts were closed. The problem here was that none of the card holders had made any of these charges. Apparently what happened, was that just before the accounts were closed, several customer service representatives within the company that purchased the accounts, decided to run up charges on the credit cards for their own personal use; and, then sold the account numbers and social security numbers to other criminal elements. These criminals used that information to charge up the cards some more, and open up new accounts in the card holders' names through the use of the stolen social security numbers. I really can't comment any further on this case, it is still pending in the courts. But, what I can say is, that more and more credit card companies are selling your accounts to other unscrupulous financial organizations without your knowledge. And, by the time you find out, your identity has already been stolen.

What is the most important thing people can do to protect them from identity theft on the Internet?


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th