Governments and commercial companies connect more and more computer systems to the Internet, giving people easier access to ser- vices. Many of these online services handle personal information. Leak- age of such information can facilitate large-scale identity theft. This paper determines how personal information leaks from online systems of national importance, discusses proof of concept software to demon- strate the seriousness of the problem, and suggests how to improve the situation.