Still More ID Theft News You Can Use

Excerpted from  ID Theft Alerts for October, 2008

Be Prepared for Mandatory Compliance of Federal Red FlagsLaw

Identity theft continues to accelerate, and protecting against it has become a multimillion dollar business. A survey conducted by the Federal Trade Commission (FTC) in 2006 estimated that 8.3 million American consumers, or 3.7 percent of the adult population, became victims of identity theft in 2005. Reported incidents collected by the agency in its annual fraud analysis showed 258,427 cases logged in their databases. Stepping into this foray is the U.S. federal government’s Fair and Accurate Credit Reporting Act and its “Identity Theft Red Flags and Address Discrepancies” provisions. This Act defines specific “Red Flags” that organizations must monitor, act upon, and have a documented program in place to address. Some of these items may be addressed by existing policies and procedures, others may be new. Regardless, responding to this is not an option. The joint final rules and guidelines were effective January 1, 2008 with a mandatory compliance date of November 1, 2008. Overall, regulators have raised the bar and it is not sufficient anymore to simply have policies and procedures. Organizations should be aware of where their data is, how to protect it and how to protect their employees.


Don’t allow you accounts to get hacked liked Sarah Palin

The easiest way to break into online accounts is to use the “forgot password” functions on many sites. You are then asked a series of questions only you should know. However, with blogs and social networking sites much of the this information is now public. For example, if you have your high school listed on your linkedin page then it is easy to find the mascot. Use a geneology site and it is easy to find your mothers maiden name. Think you are careful and don’t publish any of this information? Are your friends or family blogging about your birthday party? Your birthday is now easily found.

It is this little bit of detective work that allowed David Kernell to break into Sarah Palin’s email.  All he had to do is find out that she met her husband in high school and then find out the name of the school.

The solution is to use fake information. Answers that are not true but you can remember.

Still More ID Theft News You Can Use

Excerpted from  ID Theft Alerts for October, 2008

Be Prepared for Mandatory Compliance of Federal Red FlagsLaw

Identity theft continues to accelerate, and protecting against it has become a multimillion dollar business. A survey conducted by the Federal Trade Commission (FTC) in 2006 estimated that 8.3 million American consumers, or 3.7 percent of the adult population, became victims of identity theft in 2005. Reported incidents collected by the agency in its annual fraud analysis showed 258,427 cases logged in their databases. Stepping into this foray is the U.S. federal government’s Fair and Accurate Credit Reporting Act and its “Identity Theft Red Flags and Address Discrepancies” provisions. This Act defines specific “Red Flags” that organizations must monitor, act upon, and have a documented program in place to address. Some of these items may be addressed by existing policies and procedures, others may be new. Regardless, responding to this is not an option. The joint final rules and guidelines were effective January 1, 2008 with a mandatory compliance date of November 1, 2008. Overall, regulators have raised the bar and it is not sufficient anymore to simply have policies and procedures. Organizations should be aware of where their data is, how to protect it and how to protect their employees.


Don’t allow you accounts to get hacked liked Sarah Palin

The easiest way to break into online accounts is to use the “forgot password” functions on many sites. You are then asked a series of questions only you should know. However, with blogs and social networking sites much of the this information is now public. For example, if you have your high school listed on your linkedin page then it is easy to find the mascot. Use a geneology site and it is easy to find your mothers maiden name. Think you are careful and don’t publish any of this information? Are your friends or family blogging about your birthday party? Your birthday is now easily found.

It is this little bit of detective work that allowed David Kernell to break into Sarah Palin’s email.  All he had to do is find out that she met her husband in high school and then find out the name of the school.

The solution is to use fake information. Answers that are not true but you can remember.

More ID Theft News You Can Use

Excerpted from  Shred Nations ID Theft Alert

September, 2008

If You Don’t Need It Don’t Keep It

There’s a school of thought in information technology that encourages businesses to save customers’ data — which may include names, addresses and credit-card numbers — because it may come in handy for market research. But this practice is at odds with credit-card issuers’ attempts to persuade businesses to eliminate data they don’t need — or better yet, not to collect data in the first place.

For the past several years, the payment-card industry has been encouraging businesses to improve data security. The reason is clear: Cyber criminals steal credit-card information stored by these businesses and use the information to make fraudulent purchases. Credit-card issuers cover the cost of fraud, which has more than tripled over the past decade to $5.6 billion world-wide in 2007, according to the Nilson Report, an organization that follows the payment-card industry.


The FTC Issues Requirements for Municipalities to Adopt ID Theft Programs

Sunday, September 14, 2008 — The Federal Trade Commission (FTC) has issued new requirements for municipalities on the adoption of identity theft programs.

The release stated that all municipalities with utility accounts must participate. According to the Tennessee Valley Public Power Association (TVPPA), utilities rank No. 3 as a place for identity thieves to gain information. Credit cards companies and cell phone companies are the top two.

The objective of the program is to identify, detect and respond to red flags, meaning a pattern or practice of specific activity that indicates the possible existence of identity theft.

More ID Theft News You Can Use

Excerpted from  Secured Destruction Business Magazine

August 6, 2008


DOJ Charges 11 With Massive ID Theft Ring

The U.S. Department of Justice has charged 11 people who allegedly are involved in a widespread ring that involved the hacking of nine U.S. retailers and the theft of more than 40 million credit and debit car numbers.

The 11 have been charged with a host of crimes, including conspiracy, computer intrusion, fraud and identity theft.

Announcing the arrests were U.S. Attorney General Michael Mukasey; U.S. Attorney for the District of Massachusetts Michael Sullivan; U.S. Attorney for the Southern District of California Karen P. Hewitt; U.S. Attorney for the Eastern District of New York Benton J. Campbell; and U.S. Secret Service Director Mark Sullivan. The scheme is believed to constitute the largest hacking and identity theft case ever prosecuted by the Department of Justice.


more…

ID THEFT NEWS-USE DR’S YOU CAN TRUST

Patient documents found dumped in trash
Last updated on: 1/22/2008 9:03:09 PM by Cara Sapida

LEE COUNTY: When you visit the doctor’s office, you expect your personal information to be kept private, but we discovered documents carelessly tossed in the trash. The documents contained sensitive information that put patient identities at risk.

Eighty-one-year old Richard Tabbi only reveals four digits of his Social Security number. It’s a precautionary measure that turned out to be well worth it.

We tracked Tabbi down, through a form we found tucked away in the trash among hundreds of patient documents behind a doctor’s office on McGregor Boulevard. They were all clearly labeled Dr. James Barringer.

Barringer quickly showed up with his foot stool.

“Just one little incident, just this much. We’ll get it fixed,” said Barringer.

Barringer immediately began digging in the dumpster for the documents. He claims an office worker forgot to the shred the documents before throwing them away.

He says that worker will be unemployed tomorrow.

“It is somebody else, I’ll take care of it,” said Barringer.

On the same day, in the same hour, inside the same dumpster we found additional documents. Those documents came from an office just a few doors down.

“I don’t want to be on TV all over Fort Myers. All my clients will see me and that’s just ridiculous,” said Lucille Adgate, a Certified Public Accountant.

Adgate collected hundreds of her clients E-file tax forms, each with a Social Security number right on the front.

“It was a mistake. Don’t know how it got in here, we have a new employee, she must have thrown garbage without realizing it was a bag of shredding,” said Adgate.

Both business owners claim this was the first time it has happened and they know the risk involved.

© 2008 by NBC2 NEWS. All rights reserved.

The Dumpster is Fair Game

ID PAPERS IN GARBAGE
By PATRICK GALLAHUE, Transit Reporter

January 7, 2008 — Workers at a Queens bus depot are sputtering mad after reams of papers with their personal information were tossed into the trash.

The workers claim that the files thrown out include “Social Security numbers, copies of driver’s licenses, grievance papers and disciplinary information,” according to a Jan. 2 grievance, a copy of which was obtained by The Post.

“That’s all our personal information,” said one mechanic at the College Point Bus Depot who requested anonymity. “With identity theft, it just goes to show they don’t care about anything. We’re really concerned.”

Employees at the depot claim that personal information for more than 100 people, including mechanics, maintenance men and assistants, ended up in a Dumpster.

According to the complaint, on Dec. 29, the men saw a foreman throwing out some files.

“So we started looking through it and discovered all our identities being thrown out,” the mechanic said. “We were appalled.”

The Metropolitan Transportation Authority confirmed the incident and a spokesman, Aaron Donovan, said, “The error was reported to depot management that day and depot management immediately arranged to have the records removed from the Dumpster and secured.”

patrick.gallahue@nypost.com

Source:

http://www.nypost.com/seven/01072008/news/regionalnews/id_papers_in_garbage_795682.htm