News -> News TUE, MAY 3 6:00PM by R. Reese Fuller

Vanishing Coast

When I first contacted Robert Zorn, I wanted to know if my name was on the computer that he had bought at Goodwill and which contained personal financial information of the customers of Coast Capital Mortgage Company. My wife and I were former customers, just a couple of years ago.

"Yeah," Zorn said. "Your name's on here." Then he told me the exact date that Coast Capital had accessed our credit reports. It was unnerving.

The 20-year-old Zorn bought the computer at a Goodwill location in Scott for $9 and found the sensitive personal financial information for 764 of Coast Capital's customers. When he alerted the company of the problem and tried to sell it back to Coast Capital, the mortgage company claimed that Zorn was trying to extort $3,500 for the return of the information.

As I read the local media accounts, I kept wondering how my information ' that I supplied to Coast Capital years ago ' ended up for sale in a Goodwill store? Why wasn't it disposed of? And if Zorn hadn't gone public with the story, how would I have ever known that my personal financial history had been donated to Goodwill? As a consumer, I thought these were reasonable questions. But instead, the media focus seemed to be on Zorn, "the extortionist."

Cathy Leblanc, Coast Capital's Louisiana operations division manager, informed me that the company was sending out letters that would fill me in on the details. When I explained that I had questions as a reporter as well, I was told that I would need to talk to Coast Capital CEO Robert Genisman, who was out of the office that day.

In the meantime, I paid Robert Zorn a visit.

In his apartment living room in Lafayette, Zorn looked quite at home in front of his computer, flanked by three monitors and two keyboards. He was surrounded by computer parts ' motherboards, printers and monitors. In the corner of the room, a full-sized, disemboweled video arcade game flashed images across its monitor.

Zorn was dressed in shorts, T-shirt and sandals and was thumbing through a restraining order delivered to him that day. He voluntarily handed the computer over to the district attorney's office the day before, but kept a list of the names that were found on the computer.

"[Coast Capital] is not going to tell these people," Zorn says. "They have a right to know what happened to their information. [Coast Capital] says that I listed the names online. I never once listed the names online. I put an email address, and if they emailed with a first name, middle initial and last name, I replied to them 'yes' or 'no.' These people have a right to know."

Coast Capital's attorney, Michael Hebert, argues in the restraining order that Zorn's possession of any of Coast Capital's customers' information is a "potential violation of the law, including, but not limited to, the privacy provisions of the Graham [sic] Leach Bliley Act." The Gramm-Leach-Bliley Act includes provisions to protect consumers' personal financial information held by financial institutions, such as mortgage companies like Coast Capital. The GLB Act's Safeguard Rule requires financial institutions to design, maintain and implement a security plan that protects the confidentiality and integrity of consumers' information.

"Their lawyer said that I have no right releasing the names," Zorn says. "They had no right in releasing it to me in the first place. Why did this information get out? They're not sure how. Nobody says anything about that."

Zorn says he kept none of the financial data and that he hasn't had the time to respond to 200 emails in his email account from people asking if their information was on the computer. Through his Web site, www.zorntech.net, Zorn has been telling his story of how he acquired the computer.

On the evening of April 12, after buying the computer that day, he tested it and found it had a bad power supply. He replaced the power supply and, voila, the machine came alive. After it booted up, the computer began searching for a network connection. Zorn cancelled the action and went to the computer's desktop. In a folder he accessed a file titled "usernames and passwords" where he found access to all of Coast Capital's programs.

"They took no precautions in securing this information," he says. "Everything was on the desktop." He says he accessed about five documents before he realized what he was looking at ' loan applications, bank account numbers, credit reports, names, addresses and Social Security numbers. Nearly 800 Coast Capital customers had their information on this one machine.

The next day, Wednesday, April 13, Zorn called an acquaintance he thought worked for Coast Capital. The acquaintance no longer worked there but gave Zorn the cell phone number of the Coast Capital employee whose name was on the computer. (Zorn declined to identify the employee.) He contacted the worker that afternoon, who told him that she had donated the computer to Goodwill. Zorn asked what Coast Capital's procedure was for handling this situation, and according to him, the employee replied, "I'm sure you can just go ahead and delete it." Zorn said he needed for her to talk to the company about exactly how to proceed.

Zorn says he spoke again with a Coast Capital representative on Thursday, April 14, and with Genisman on Friday and that his cell phone records confirm his claims.

Coast Capital contends ' both in its restraining order and in an interview ' that the first contact the company had with Zorn was on April 15, the day that it also contacted Lafayette police. Zorn's cell phone records indicate that two days had passed before Coast Capital notified police. "We took aggressive and immediate action to regain this information and secure it," Genisman wrote in a letter to select Coast Capital customers.

In an interview with Genisman, the CEO says he spoke to Zorn once on the afternoon of April 15.

"I immediately called him and said, 'How do we work together? What can we do here?' And he said, 'Give me $3,500 by 6 o'clock this evening, or' ' I don't really remember what he said the 'or' was. He just demanded the $3,500. And I said, 'This sounds like extortion to me.' He said, 'That's what it's worth. I didn't pay very much for it, but it's worth that to me. And that's how much I would get for it on the open market.' And that sounded very suspicious."

Zorn doesn't deny asking for $3,500. "I'm not an idiot," he says. "I've made sure that this is not extortion. One newspaper said I demanded money by 6 that afternoon. What I said was, 'I want to hear back from you before 6 o'clock.' This was when I was fed up. I didn't say I had to have the money by 6 o'clock.

"The information was never for sale because I never owned the information," Zorn continues. "The value to me was my loss of time. That's how I make my living ' buying junk, fixing it and selling it. They want to say it was a $9 computer. I bought a $20 accordion that sold for $600 online. I bought a 1952 Sears Silvertone reel-to-reel recorder that sold for $400 online. It's the buy low, sell high market. I always said this computer was for sale. I never said, 'Buy this computer, or I'm going to the DA.'"

Zorn says he went to the district attorney's office, on Monday, April 18, explained his situation and asked what to do with the computer's hard drive. He claims he was contacted by the DA's office a week later, only after local media picked up on the story. (Calls placed to the DA's office were not returned by press time.)

"The only basis [Coast Capital] has for extortion charges is the value I was asking over what I paid for it," says Zorn. "That's ridiculous. The Goodwill value is not a retail value."

Cpl. Mark Francis of the Lafayette Police Department says an investigation is ongoing, but no charges have been filed against Zorn.

Rather than contact all its customers ' and because Coast Capital still doesn't know how many customers' records were on the computer ' it sent letters to approximately 80 concerned customers who had contacted the company about the incident. Genisman wrote: "The man contacted Coast Capital and instead of willingly turning over the information for a reasonable price, he demanded $3,500 for the return of the computer and the information."

I asked Genisman what would have been a reasonable price. "I told him if it's worth $300 or $400, fine. Further, I would be willing to buy it back for that amount, plus $100 or $150 for your trouble, or I will put a new hard drive in for you. And he wasn't having any of that." Zorn claimed the offer was for $100, and he declined.

I also wanted to know where the computer was used before it surfaced in the Goodwill store. Initial media accounts stated that a Coast Capital employee had used the computer in a home. In his letter, Genisman described it as "a computer owned personally by an employee of Coast Capital."

Why would sensitive customer information be stored on someone's personal computer within a home? What measures had been taken to make sure that the employee's family members or friends didn't access that information? If the computer was connected to the Internet, was there a firewall in place or any other security measures to protect the information from outside access?

Genisman says, "Well, it wasn't a personal computer. It was personally owned by one of our employees who used it for the purpose of operating as a loan agent in the office, and that was it. When it left the office, we believed ' but that's part of our investigation ' that the information was erased."

He adds that Coast Capital has no idea how the computer found its way to the Goodwill store. "That's one of the problems we have here that we're working on," he said. "We have an internal investigation going on, obviously, to determine which computer it was, what was on there, where it came from, how it got to where it was going and therefore, I don't think I can answer the question or should answer the question now, until we are sure of the correct answer."

In his letter to the 80 customers, Genisman wrote: "Coast Capital is confident and has been informed that to date no confidential customer information has been distributed ... This is the first incident of loss of confidential information ever experienced."

"Robert Genisman said that he's confident, that he knows this has never happened," Zorn says. "I could have never said anything, and he would have never known this happened."

Privacy Matters

The Federal Trade Commission's focus is to protect consumers. One of its jobs is to enforce federal consumer protection laws, like the Gramm-Leach-Bliley Act, which protects consumers' financial information held by financial institutions. To learn more about this act, visit www.ftc.gov/privacy/glbact/

For more information on privacy issues, your rights as a consumer, or to register a complaint with the Federal Trade Commission, visit www.ftc.gov/privacy/

Links of Interest

Coast Capital Mortgage Company

Robert Zorn's Web site

Federal Trade Commission

Articles by this Author:

A Bright Idea
Frankie's Grilling
A Sense of Place
The Power of Poo-Poo

View all articles by this author

Comments (0)

Subscribe to this comment's feed

You must be logged in to post a comment. Log in using your Facebook account or register if you do not have an account yet.

Gill pokes fun at the polls -- in the Advocate
MAY 17 Here's a column from James Gill, this time in the Advocate. Gill, who has jumped ship from the Picayune, writes about the absurdity of dueling polls in this post. The numbers are so wildly different, it is obvious that both sides are "cooking the books," he writes. In particular, he looks at Sen. Mary Landrieu, and how her recent actions in DC have been received by those polled. Gill's acerbic, amusing prose is a welcome addition to a paper so conservative as to be occasionally lacking in personality.
Students signed up for charter without their knowledge?
MAY 17 Blogger Tom Aswell continues delivering bombshells about the state education department and Gov. Jindal's education "reform" efforts. In this post, he reports that students in the Shreveport area have been signed up for a charter school without their knowledge or consent. Most interesting to Aswell is how this Texas-based charter (with ties to GOP types) got the personal student information it has, if the students didn't give it.
Ball on BR economic development efforts
MAY 17 This post by JR Ball in the Baton Rouge Business Report is an interesting tongue-in-cheek look at recent Baton Rouge economic development efforts. Among the items he examines is the idea that gaining a Costco makes BR a "world-class city." (Really? All you need is a different brand of Sam's? MK!) This effort, and other recent ones, are all built on the taxpayer's back, with tax zones, tax incentives and tax rebates, Ball writes.
Forgotston on Lege chicken-counting
MAY 17 Blogger CB Forgotston is critical of the legislature's reliance on a revenue-estimating committee's decision to include projected tax amnesty income in this year's forecast. That's a problem, CB posts, because the deadline for these people to pay their taxes is June 30, 2014. So when do you think these people who haven't paid taxes in years are going to pay their taxes? Surely not before June 30, and that means the money won't be there for this year's budget, he argues.
LSU's King target of investigative blog
MAY 17 Here's an interesting blog out of California by a Hollywood writer, attorney and academic named Brian Alan Lane. He blogs about higher ed, and was a whistle-blower in a scandal over false credentials. In this post, he takes aim at LSU's new top dog, King Alexander. It's convoluted and a little confusing, but it sure makes Alexander a lot more interesting than he was yesterday.
Cerise not allowed to testify: why not?
MAY 17 Blogger Robert Mann writes about the LSU Board's refusal to allow Dr. Fred Cerise to testify before the legislature about Gov. Jindal's plan to close down all the state's charity hospitals and dump the poor on the private system. It's hard to imagine anyone more qualified than Cerise to testify about that, so why would anyone try to prevent him doing so? Mann thinks it is because the powers that be aren't interested in hearing any truth about the plan.
Lake Peigneur salt dome expansion?
MAY 17 This post on the Louisiana Sinkhole Bugle, a blog that notes developments in the Bayou Corne and Jefferson Island salt domes, talks about a proposed expansion of the salt dome storage under Lake Peigneur in Iberia Parish. Residents are working against it for several reasons, including two biggies: the sinkhole disaster in Bayou Corne and the continuing, unexplained bubbling on the surface of the Lake.
NOLA chief lays down gauntlet to gangs
MAY 17 NOLA police arrested more people Thursday accused of either being involved in the Mother's Day shooting or hiding the suspect afterward, this Gambit story reports. The NOLA police chief said he suspects the whole thing was gang-related and throws out a challenge to the gangs: he's got informants now, he says, and he knows a lot more than the gangs want him to know. The people who live in the neighborhoods terrorized by gangs are ready to talk, he says.

Most Read

Alex Lege: 'The Cop Watcher'

Is it a crime for citizens to photograph, video, or take notes of a police officer in the line of duty, or a right protected by the First Amendment of the U.S. Constitution? Locally, such activity, as witnessed recently, will at the very least result in a night spent behind bars.
David Calhoun, ‘EB’ Brooks join Lafayette Central Park

David Calhoun and Elizabeth “EB” Brooks are the first two employees of Lafayette Central Park Inc., the nonprofit charged with turning Lafayette Consolidated Government’s 100-acre Johnston Street Horse Farm property into a passive public park. Calhoun was named executive director, and Brooks is director of planning and design.
Update: PXP creating 600 jobs averaging 100k

At Thursday's State of the Economy luncheon, LEDA President and CEO Gregg Gothreaux said PXP has already quietly hired 180 people for its Broussard expansion.
Today in awesome: ESA’s Caffery wins fellowship

Episcopal School of Acadiana’s Dr. Joshua Caffery, chair of the school’s English Department, is headed to Washington, D.C., and the Library of Congress as the latest winner of the Alan Lomax Fellowship in Folklife Studies.
Zachary Barker takes helm of the Opportunity Machine

Zachary Barker continues making waves in Lafayette’s business scene, mostly recently being named director of the Opportunity Machine.

in case you missed it

COOL TOWN 2013

This year’s Cool Town issue is all about people who are not native to South Louisiana but made a conscious decision to be here, to be among us, to participate in our culture and contribute to it.
A curious compact

A shelved ordinance transferring $200,000 from a northside drainage project to a south Lafayette development may not break any laws, but it stinks to high heaven.
Pooyie 2012

It's good, it's bad and it's just plain crazy.
Saving Saturday Night

An effort to restore a shuttered dancehall and document other vacant or razed honky-tonks could serve as a model for saving an endangered species of entertainment.
Posthaste vs. HART FORTENBERY

Lafayette’s gene pool has been host to a long line of eccentric characters who have blurred the lines between crazy, genius, disturbed and curiously entertaining.