A recent story by the Boston Globe highlighted how a painful case of identity theft can lead to years of even greater suffering because of seeming indifference to the plight of victims by the credit bureaus.

The story looked at the plight of two couples whose identity had either been stolen, mistaken, or manipulated - nobody seems quite sure. In both cases, the harassment of the victims by debt collectors was compounded by the indifference of the credit bureaus and the lack of any real action by law enforcement.

One victim discovered that he a home, a wife, and a pile of bills he never heard of, while another battled for six years to clear debts that were not his. In both cases the victims suffered through years of effort to clear their name, denied credit, and constant threats of legal action. Not to mention the humiliation of constantly being accused (even subtly) of being the thief and not the victim, and compounded by lack of interest and co-operation from the credit bureaus and law enforcement.

While the article focused mainly on the indifference of the credit bureaus and deby collectors to the plight of victims, it also highlights the real cost of identity theft to the victims. If you think that "zero liability" means that you have nothing to lose as a victim of identity theft, and that your bank or credit card companies will carry all the losses, then maybe these stories will change your mind.

The biggest costs to identity theft victims are rarely covered by banks or credit card companies - costs like endless legal battles, denied or even ruined credit, frustration at the indifference of law enforcement and incompetence of the credit bureaus, and the overal emotional impact of years of effort to undo someone else's wrongdoing.

Zero liability is little more than marketing spin by the financial industry to persuade consumers not to worry so much about identity theft. You should worry, a lot, or you could end up with a lot more to worry about.

UCLA just admitted that not only had the personal information of around 800,000 students, former students, faculty and even sudent parents been compromised by a hacker, the hacker had undetected access to the University's computer systems for at least a year.

Of course we probably wouldn't even have heard about the incident if it weren't for the new data protection laws that require orgizations to publicly disclose data breaches. And while the University offered those affected some canned advice on what they can do if they're worried about becoming a victim of identity theft as a result of the breach, the college did not offer the usual "one year of free credit monitoring for everyone" that has also become a stock response to embarrassing data breaches.

Maybe they figured that too few victims would take them up on the offer to bother - which might have been a good reason to offer it to everyone while actually spending very little in the end.

MSNBC reporter Bob Sullivan wrote an article earlier this year that highlighted how few potential victims actually take up offers of free credit monitoring after they receive one of those dreaded breach disclosure letters.  In some of the most notorious breaches, including LexisNexis, Choicepoint, Citibank and Wells Fargo, only around 6% of people offered free credit monitoring actually took them up on the offer.

And the reason? According to research firm the Ponemon Institute, most consumers still either don't believe the offers are anything other than a gimmick, or don't trust the provider of the service.

A sad but understandable indictment of the state of the credit monitoring industry, and of a security solution that I think is one of the most valuable available to every consumer.

A recent report by security firm McAfee highlights the growing trend in organized gangs hiring students to train as hackers, virus authors and spyware creators. Nothing new in that, and gangs in Russia and Buglaria have been using students and teachers of computer sciences over the last decade to help them capitalize on the new crime opportunities the internet presented.

But a slightly new twist has organized gangs taking a smarter step further, and planting their prodigies in large businesses so they can launch their attacks from the inside. It makes perfect sense, and identity theft by insiders has been on the rise for years. And these insiders get paid twice - by their surrogate employers and by their real employers - to hone their expertise.

It's another reminder, as if you needed one, that the best firewalls and spyware protection will do little to protect you against trusted companies that have been infiltrated by criminals.

Don't worry as much about stopping thieves stealing your information but stopping them from using it. The best protection is monitoring your personal information around the clock so that whenever a thief, insider or outsider tries to abuse your info, you'll be ready to block it.