Even the billionaire co-founder of Microsoft isn't immune to identity theft, it seems.
A simple scheme to defraud Paul Allen, one of the richest men in the world, has landed an AWOL soldier in federal custody, authorities said this week. The case raises basic questions about how safe anyone's information can really be.
Federal investigators allege in a complaint unsealed Monday that Brandon Lee Price, 28, changed the address on a bank account held by Allen, then had a debit card sent to his Pittsburgh home to use for payments on a delinquent Armed Forces Bank account and personal expenses.
"Clearly, it's a reminder that anyone can be a victim of this," said David Postman, a spokesman for Allen. "It certainly is a surprise and reason for everyone to make sure that all that stuff is properly cared for and monitored."
So, how would someone go about stealing the identity of the man who helped start a company that itself was a pioneer in digital security?
Price called Citibank in January pretending to be Allen and changed the address on one of Allen's accounts from Seattle to Pittsburgh, then called back three days later to say he had lost his debit card and asked for a new one to be sent to him, an FBI investigator wrote in a criminal complaint filed in February.
The card sent to Allen's address was used to attempt a $15,000 Western Union transaction and make a $658.81 payment on the Armed Forces Bank loan account the day it was activated, according to the complaint. Surveillance footage also captured him attempting purchases at a video game store and a dollar store, authorities alleged.
The fraud was detected by the bank, which alerted law enforcement officials, Postman said. None of Allen's other accounts was compromised, and the only transaction that apparently made it through was the loan payment, he said.
Investigators found Price had been listed since June 2010 as absent without leave from the Army and was wanted as a deserter, authorities said. He was arrested March 2, as first reported by WPXI-TV, and an Army spokesman said he was returned to Fort Polk in Louisiana.
Citibank is not talking, citing customer confidentiality rules, and Price's lawyer did not return a call Tuesday.
But there's no reason to assume that a public figure like Allen is any less susceptible to identity theft, experts said.
Nearly everyone has personal information readily available online — more so for public figures like Allen — that can provide answers to many basic security questions like birthdate, address, mother's maiden name, pet's name and high school name, said Nikki Junker of the Identity Theft Resource Center, a nonprofit providing victim services and consumer education about identity theft.
Too few customers take advantage of added layers of security offered by many credit card companies, such as using unique verbal passwords or signing up for automatic alerts when account information is changed, Junker said.
"As we strive for more convenience, the safety goes down," she said. "You would think being one of the richest men in the world would make you more careful about your account."
Allen made the bulk of his fortune founding Microsoft Corp. with Bill Gates in 1975. (Msnbc.com is a joint venture of Microsoft and NBCUniversal.)
Allen left the company in 1983 and now owns the Seattle Seahawks and the Portland Trail Blazers. He is the founder and chairman of Vulcan Inc., the company that manages his business and charitable undertakings.
Forbes estimates Allen's net worth at $14.2 billion.
"On one hand, you can say that there's lots we can find out about the Paul Allens of the world," said Dennis Adsit, vice president of consulting services for KomBea Corp., a company that develops security technology for call centers. "On the other hand, a guy like Paul Allen can hire and pay someone to scrub his information on the Internet, to make him more bulletproof."
About 280,000 cases of identity theft were reported in 2011, according to the Federal Trade Commission's Bureau of Consumer Protection. That includes complaints through the Better Business Bureau and state attorney general offices and other law enforcement agencies.
Jeff Blyskal, senior editor at Consumer Reports, noted that banks "do have systems in place" to counter fraud.
"This is surprising that they would do this," he said of the allegations that Price simply called the bank on Jan. 9 and changed Allen's address, called again Jan. 12 identifying himself as Allen and asking for a replacement debit card, and got a debit card delivered to his own home the next day.
"They have ways to ID you when you call up," Blyskal said. "Passcodes, security questions."
Citibank would not comment on how the address on the account was changed or any other details. The bank will continue to work with investigators, spokeswoman Catherine Pulley said in an emailed statement.
One likely bonus for Allen? "If your bank gives your money away to someone else, you shouldn't have to pay for it. You're not going to be liable for it," Blyskal said.
Associated Press writer Joe Mandak in Pittsburgh contributed to this report.