The credit bureaus. They are private businesses, but you can't opt out of participating if you want a bank account in America. They maintain tons of information about you but they don't seem to care at all about protecting that information, or helping you when the information they have is bad.

When I was finalizing reporting on this story in September, I looked through my credit reports with all three bureaus. All three of them still had incorrect information about me, like the thieves' addresses. I filed disputes with all three of them, and each of their sites was broken in some way. As a consumer, it doesn't feel like they're accountable to anyone.

So, this story was about twice as long when I first filed it. For space reasons, and also to keep the narrative flowing, we had to cut a lot out.

I had originally written a lot more about my conversation with Shima Baughman, particularly her work on what she calls "the police myth": the belief that the law enforcement exists to control and solve crime. Statistically speaking, they do not. Certainly not for cyber crime, but also not really for traditional crime. Her work on clearance rates showed 97% of people who commit burglary are not held responsible for their crime by police.

I think identity theft and other cyber crimes are newer types of crime, and law enforcement - from the FBI down to local police - are more invested in violent and property crime. In my piece about potential solutions for identity theft, I wrote about how tracking cyber crime like those other types of crime would be a good start.

People need to make more noise about this. A lot of victims of identity theft and other cyber crimes - stalking and harassment, scams, revenge p*rn, etc - are ashamed. They blame themselves. Don't be. Reaching out to your representatives (over email, or even just tagging them on Twitter) and asking why the FBI doesn't track cyber crime is a good place to start.

The FTC does track the and FBI has access to these numbers, when people take the time to report it.

https://www.usa.gov/stop-scams-frauds

They are basically in information-gathering mode, and won't open investigations into individual cases unless they involve other crimes like money laundering.

It doesn’t have an effect on rich people, so they don’t give a fuck.

Great question! If your child is under 16, you can ask the three major credit bureaus to place a freeze on their credit. (It's a lot of paperwork, which the credit bureaus love, apparently.) Make sure any documents with personal information, like their birth certificate and Social Security card, are stored safely in your home. Wipe phones and computers before trashing, selling or donating them.

And be thoughtful about the information you share about your child. Places LOVE asking me what my baby's Social Security number is. Does his pediatrician really need to know that? Does his daycare? I don't think so. I leave that field blank wherever possible.

Yeah, the banks seem remarkably cavalier about all of this. To them, fraudulent accounts are a cost of doing business. They would rather write off 100 bad charges than possibly prevent one person from becoming their customer.

I think if you use smaller banks and/or credit unions, you are more likely to get good customer service. I have my checking and savings through a smaller bank, and they were great - the thieves were never able to access those accounts, even though they tried repeatedly. But the major banks involved (Bank of America, Wells Fargo and others) were wildly unhelpful.

Oh, you absolutely have to follow up. I did. Multiple times. I called the station repeatedly and asked for the name of the detective assigned to my case, and I regularly left him voicemails and emailed him. He was not particularly helpful. The only reason I know who stole my identity is because they were caught doing other crimes.

Really, the benefit of reporting identity theft to the police is having that police report as evidence when debt collectors start calling you. It is statistically extremely unlikely that police will do much to help you.

The benefit is that no one can open a new line of credit using your identity. The downside is that if you want to do something like apply for a mortgage or a car loan, or get a store credit card somewhere, you have to un-freeze it. But you can download the apps for the credit bureaus and do that in seconds from your phone.

The credit bureaus don't want you to freeze your credit because they make money by making your information available to creditors. You are less valuable to them if your credit is frozen. To me, that is a good thing.

One interesting thing I learned while reporting this: Equifax, Experian and TransUnion are the major players, but there are more than 100 related bureaus that monitor your financial activity, including ones for checking accounts, payday loans, phone lines, utilities, etc. There is no way to completely "freeze" your financial identity with all of them at once. Frustrating!

Dwight is absolutely correct!!! (Fun fact: Rainn Wilson and I went to the same high school. Not at the same time.)

My favorite TV/movie quote - or at least the one I repeat the most often - is from The Simpsons movie, when Bart says, "this is the worst day of my life" and Homer says, "the worst day of your life so far."

Yes, but only at the point that the entire system is worthless. Eventually, you'll probably be able to google Social Security numbers just like you can search for people's phone numbers and home addresses right now. If you think your SSN doesn't exist somewhere on the dark web (and, increasingly, with "light web" data brokers), you are wrong.

So yes, at some point, we will need to move beyond static data like SSNs and the tiny photo on your driver's license. I think we'll see more financial and government institutions adding the option for things like Face ID or fingerprints for identification. That tech isn't perfect either, but it's a lot better than a 9-digit number.

Freeze your credit! I was really surprised at how easy it was to do that. It took me 15 minutes to set up accounts and freeze my credit with all three bureaus.

And, if possible, report your stolen wallet to the police. They probably aren't going to do anything about it, but having that report was vital when I was dealing with debt collectors and investigators. I basically had to mount a court case in defense of my innocence over and over again. The police report about the stolen wallet showed how it all had started.

My wallet was stolen in late November. I first realized something was going on in mid-January, when I got a bunch of mail congratulating me on my new checking and savings accounts with Bank of America and Wells Fargo, and getting alerts from my free credit monitoring that there were new inquiries on my report.

In retrospect, I should have frozen my credit when my wallet was stolen. Really, I should have left it frozen all the time (and so should you, and everyone else reading this). But I had no idea what people could do with a wallet that only had my driver's license, a couple credit cards and some gift cards and a couple bucks in cash in it. I didn't realize how vulnerable I was, and that even though I'm financially conscientious and tech-savvy, anyone can be a victim with the way our systems exist now.

If I had frozen my credit before the thieves got their hands on my wallet, they probably would have had trouble opening those checking accounts. Because I used free credit monitoring and acted quickly once I realized what was going on, they weren't able to take out any credit cards in my name (though they sure tried! a lot!). They still would have been able to use my driver’s license to steal the car and various other crimes, because California does not flag licenses that have been reported stolen to banks or law enforcement. There was no single thing I personally could have done to stop everything they did.

*edit - typo

No!!!!! I really am still sad about that.

I debated it, but ultimately decided against it for both. I was so overwhelmed with this stuff in early 2019 - I just couldn't add any more bureaucratic paperwork to my plate. I was (and am!) furious at how much work I was expected to do to clean up after someone else's mess, and going in person to appointments with the Social Security office and the DMV sounded like a new circle of Hell.

The bar is very, very high to get a new SSN. Even as a victim of identity theft, I'm not sure I would quality. Leaving my credit permanently frozen and locking down my identity in other ways is sufficient for me, for now.

Thanks for sharing that! I had a great time on that podcast.

The most stubborn company was probably the bail bond people. They really, really wanted me to come in person with printouts of all my reports before they'd believe I didn't write that bad check. I was determined not to lose any more time or money than I had to in order to fight this, so I refused to do that on principle.

Eventually, they sent a lawyer after me - I can't remember if it was their lawyer or a debt collection agency's lawyer - and I was able to work it out with them over email.

Yes I have!