You won't guess who's the bad guy of ID theft

— -- "Identity theft" has become a well-known term in the new century, the subject of news reports and talk shows. Its specter worries consumers as they use their credit cards, write checks, show a driver's license to a store clerk or order merchandise online.

The conventional wisdom is that just about everybody is vulnerable to identity theft. Furthermore, after it occurs the remedies are both painful and unsatisfactory. The book's title itself —Zero Day Threat — is scary when translated into common parlance. A zero day threat, as defined by the authors, is "a hazard so new that no viable protection against it yet exists."

Despite the currency of the subject, nobody has written a book about identity theft quite the way Byron Acohido and Jon Swartz have done. Both technology reporters for USA TODAY, Acohido and Swartz have ferreted out scandal within the identity-theft realm that is bound to lead to reader outrage. Whether the revelations will lead to meaningful reform by Congress and federal regulatory agencies remains to be seen.

Surprisingly, the real villains in Zero Day Threat are not the identity thieves themselves, despite their unsavory lives of crime. Rather, the villains are supposed pillars of communities: bankers, credit-bureau managers and computer makers who enable the burglars, and who could ameliorate the identify-theft crisis but, instead, look away in the name of larger corporate profit.

Acohido and Swartz did not expect to write a book about villainous bankers, credit-bureau managers and computer makers when they began research five years ago. They began by writing reports for this newspaper on PC viruses and spam, which at first seemed like mutually exclusive topics. The more they reported on their disparate stories, the more Acohido and Swartz realized that spammers and virus writers were more than amateur disrupters in cyberspace. In fact, many of them had become cybercrooks, capitalizing on the vulnerabilities of the Internet.

"We found that there were much more complex contagions eroding the security and privacy of sensitive data" than mere spammers and virus writers, Acohido and Swartz comment, "and those corrupters had more to do with business practices and marketing strategies of the financial services and technology industries."