This is an archived article that was published on sltrib.com in 2012, and information in the article may be outdated. It is provided only for personal research purposes and may not be reprinted.
Utah Gov. Gary Herbert's hiring of an ombudsman to help consumers whose personal information was exposed in a large health data breach appears to be paying off.
About 51,000 of the 280,000 people whose Social Security numbers were compromised have signed up for a year of free credit monitoring offered by the state — up from 10,000 last month.
But health officials would like to see that number grow, and say they are particularly concerned about safeguarding children.
Children have become sweet targets for identity thieves because their credit histories are blank slates, allowing criminals ample room to use their information to open fraudulent credit cards and loans. It's hard to monitor minors' credit. And for teens just shy of their 18th birthday, there is no monitoring available.
"This population is sort of falling through the cracks of protections available to them," said Utah Department of Health spokesman Tom Hudachko.
Adults can sign up for monitoring. And parents can keep tabs on their children through family monitoring, which flags any activity on their dependents' Social Security numbers, he said. That lasts until seven days before their 18th birthday.
But, once teens turn 17 years and nine months of age, parents can no longer add them to family monitoring.
"The credit-reporting agencies don't treat them like children or adults," said Hudachko.
And when teens become eligible for their own monitoring at age 18, they might not have any credit cards or loans to monitor — and credit agencies will no longer monitor only their Social Security number.
Susan Henson, a spokeswoman for Experian, which contracted with the state to do the monitoring and provide fraud insurance, said the policy is driven by the Fair Credit Reporting Act. It dictates when lenders can run credit checks and access information on minors.
Credit agencies have taken heat for not doing enough to safeguard kids and have begun expanding their services. The Utah Attorney General's Office launched a program that allows guardians to register their dependents for identity protection at no cost. But it's only available through TransUnion and ends when kids turn 17.
The gap in services frustrates parents.
Julie Slack's daughter, Aubrey, was among those whose Social Security numbers were stolen by the hackers who, exploiting a factory password, broke into a state Medicaid server.
It took weeks for the family to confirm this with the state, said Slack, who was doubly dismayed to learn that the "olive branch" of credit monitoring was worthless to her adopted daughter.
News of the breach arrived just as Aubrey was diagnosed with a chronic heart problem. She's on Medicaid as part of her adoption subsidies and turned 18 this month.
When the breach occurred, she was in the three-month gap when her Social Security number could not be added to her parents' monitoring.
"We have a sick child trying to become a young adult. These are people's lives we're talking about. Why don't they just put a system in place?" said the 51-year-old Slack, of Sandy. "I understand the state can't control these credit agencies. But why didn't they do their homework?"
Hudachko said young adults aren't completely without options.
Parents can sign up their 17-year-olds for fraud alerts by registering their Social Security numbers with the three major credit bureaus. "This notifies creditors making credit inquires, such as banks, that the number is possibly being used for fraudulent purposes," he said. "But you have to renew it every 90 days."
Once children turn 18, they can also establish credit by applying for a credit card or college loan, allowing them to check their own histories. Parents can also add their teenage children to their credit cards.
Twitter: @kirstendstewart —
Keep your kids' identities safe
O Child IdentityProtection program > idtheft.utah.gov