Business and government agencies appear to be incapable of protecting personal information. Recent scandals include ChoicePoint's admission that it had been fooled into revealing personal data to identity thieves. The U.S. Department of Justice also recently exposed Social Security numbers on its Web site. Its no surprise that fraud is on the rise, and consumer confidence as plummeted. A spokesman for the Justice Department's Executive Office for Immigration Review said that he is aware that SSA numbers should not be posted on Web sites and said the information would be removed and that at least one affected person would be notified. A search of usdoj.gov showed that the Portable Document Format (PDF) document in a 2003 immigration case in showed the SSA number through a link available via Google and Yahoo! searches, which showed a government-blocked PDF in which the SSA number continued to be visible. The DOJ office is still trying to have the documents removed from the search caches of Google and Yahoo! Other highlighted instances of erroneous personal information revelation are those of Sams Club, ABN Amro Mortgage Group, Ford Motor Company, and the state of Florida. To stop these types of problems from continuing and growing in number, security professionals have to attack them by thinking of data loss as the entire reason the profession exists, says Pete Lindstrom, research director for Spire Security. A security checklist for those storing private data highlights measures related to data protection policies, comprehensive knowledge of existing inventory data and its types and levels of risk, the need for encryption, the need for both hard exterior and hard interior security system protection solutions, extension of policies to laptops and cellphones, the importance of ongoing investments in the best possible security components and upgrades, and adherence to such high standards as ISO, The British Standards Institution, or the credit industry's Payment Card Industry Data Security Standard.