Top 10 Security Breaches of 2008?

The following is an article from Bank Info Security and what they feel were the top 10 Security Breaches in 2008 and the lessons that were learned. As usual, clicking on the above title will take you to the whole article. The links on each numbered breach below will take you to an in-depth article regarding that particular breach.

Top 10 Security Breaches of 2008

Ghost of Christmas Past (TJX) Still Casts Specter on Present and Future

December 22, 2008 - Linda McGlasson, Managing Editor

From Hannaford to Countrywide to the Bank of New York Mellon, 2008 has been a year of high-profile security breaches in or impacting the financial services industry. Here's our list of the top 10 - and lessons that should be learned, so we aren't back revisiting these issues in '09.

1. TJX Case Winds Up, Arrests Made

The August arrest of 11 alleged hackers accused of stealing more than 40 million credit and debit cards brings law enforcement closer to closing what is still the largest hack ever.

2. Bank of New York Mellon

An unencrypted backup tape with 4.5 million customers of the Bank of New York Mellon went missing on Feb. 27, after it was sent to a storage facility.

3. Hannaford Data Breach

In March, the Maine-based Hannaford Brothers grocery store chain announced that 4.2 million customer card transactions had been compromised by the hackers. More than 1800 credit card numbers were immediately used for fraudulent transactions.

4. Countrywide Insider Theft

In August, a former Countrywide Financial Corp. senior financial analyst, Rene Rebollo, was arrested and charged by the FBI for stealing and selling sensitive personal information of an estimated 2 million mortgage loan applicants.

5. GE Money Backup Tape Goes AWOL

Early in January, Iron Mountain said it could not find a backup tape that belonged to GE Money, containing information on about 650,000 J.C. Penney customers and the other 100 retailers.

6. RSA Report: Half-Million Banking ID's Stolen

In November, security vendor RSA said it found a single Trojan that had taken more than 500,000 online banking accounts credentials, credit cards and other resources.

7. Compass Bank Hard Drive Stolen, 1 Million Accounts Taken

At the sentencing of a former bank programmer at Compass Bank in Birmingham, AL. in March, it was revealed that the accused had stolen a hard drive with 1 million customer records and used it to commit debit-card fraud.

Lesson Learned: Compass Bank dodged a bullet in terms of cost on this breach. It would have had to notify all 1 million customers of the compromise of their data had the hard drive theft been in a state that requires notification. Other than the 250 customers that Real took money from, no other customers were notified of the data loss. That means that 999,750 of the other 1 million customers weren't notified of the potential risk.

8. Ski Resort Okemo Suffers Hannaford-Like Data Breach

In an attack similar to what hit Hannaford Brothers in March, the Okemo Ski Resort in Vermont said in April it had been hit by hackers that installed malicious software to capture credit card data as it was being processed at the resort.

9. Retailer Montgomery Ward

Six months after a breach happened at the parent company of the Montgomery Ward website, the company Direct Marketing Services finally began notifying customers that their credit card information was stolen in the hack. At least 51,000 records were stolen....

10. More Than $5 Million Taken By ATM Capers

In June, two men were charged with making hundreds of withdrawals from New York City ATMs, grabbing $750,000 in the process,....One of the same accused also allegedly took $5 million in withdrawals from iWire prepaid MasterCard accounts.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Busy Week and Security Breach Update

I can't believe it's been a over a week and I haven't posted anything. It's been a busy week with getting ready for the Holidays and getting a new Red Flags Rule presentation completed as well as working on an Identity Theft Awareness Seminar.

Hopefully, all will be back to normal in a few days. Meanwhile, clicking on the above title will take you to the latest security breach report. This week the total is up to 623 security breaches but the total records exposed is still at 34,028,410. Obviously, the recent companies that were breached have not released any figures yet.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Security Breaches Update

The Identity Theft Resource Center compiles an ongoing Security breach list and publishes it weekly. It presents individual information about data exposure events and running totals for the year.

As 12/09/08, the totals for this year are now 614 breaches with 34,028,011 records exposed.

Actually, the number of records exposed (possibly your personal information) is much higher. To understand why I say this, one only has to look at the report and see how many breaches have a zero listed as the number of records exposed.

Still think your information is safe?

To view this report, click here or on the title of this post.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Update on Class Action Complaint Against Lifelock

Clicking on the above title will take you to the pdf of the actual class action complaint filed against Lifelock. You can read all items of the complaint and why it was filed in March 2008.

You will notice that Grant Woods, PC is also listed as an attorney for the plaintiff. He is the former Arizona Attorney General.

I spoke with Attorney Leonard Aragon at the law firm of Hagens Berman Sobol Shapiro LLP. He told me that 15 cases, against Lifelock, which have been filed nationwide have all been brought together in Arizona at the United States District Court under Honorable Judge Mary H. Murguia

As soon as more information is available, I will let everyone know. The case could take 1-3 years.

Click here to visit the website of the law firm of Hagens Berman Sobol Shapiro LLP. They are the firm who has filed the complaint. Their main focus is to represent plaintiffs in securities, investment fraud, product liability, tort, antitrust, consumer fraud, employment, environmental, and ERISA cases. In doing so, their firm has become particularly skilled at managing multi-state and nationwide class actions through an organized, coordinated approach that implements an efficient and aggressive prosecutorial strategy in order to place maximum pressure on the defendant.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Interesting Articles From This Past Week

Since my last post, I was out of town again with the Crime Victims Coalition. Below are some of the more interesting articles in the world of Id Theft while I was gone. Just click on the title of the article to read the whole story.

Feds nab more members of alleged identity theft gang
Four more U.S. residents accused of using stolen data to take millions from bank accounts

By Jaikumar Vijayan

December 2, 2008 (Computerworld) Federal authorities say they have taken another step toward busting a multinational identity theft ring that is alleged to have used stolen personal data to withdraw millions of dollars from home equity line-of-credit accounts at dozens of financial institutions in the U.S., including some of the country's largest banks.

Four individuals were arrested last week in connection with the alleged scheme, which has resulted in more than $2.5 million being stolen from the affected financial institutions, according to law enforcement officials. Another $4 million worth of attempted withdrawals by the gang were unsuccessful, the U.S. attorney's office in New Jersey said in announcing the arrests last Wednesday (download PDF).

...The identity theft gang operates in the U.S. as well as the U.K., Canada, China, Japan, Vietnam, South Korea and several other countries, the court documents said...

... The documents said that accounts were compromised at Citibank, JPMorgan Chase, Wachovia, Bank of America and "dozens" of other banks and credit unions, including the Navy Federal Credit Union, U.S. Senate Federal Credit Union and State Department Federal Credit Union...

Theft of children's identities often goes unnoticed for years

Social Security numbers can make kids easy targets

By Diane C. Lade |South Florida Sun-Sentinel

December 1, 2008

Randy Waldron Jr. deposited his first paycheck when he was an infant. By the time he was in elementary school, he had bought and sold property, cars and restaurants and racked up tax liens because of financial problems.

He had a felony record at age 7.

At least so said credit reports, property records and court documents. But the true culprit, Waldron said, was his estranged father, Randolph Waldron Sr., of Loxahatchee, who covertly used the boy's Social Security number for 22 years, beginning shortly after his birth.

....The Federal Trade Commission estimates about 500,000 identity theft incidents annually involve children under age 19, with the majority of the thefts occurring between birth and age 5. That's about 5 percent of all suspected ID theft cases. Federal officials said they have seen the numbers rise slightly during the past several years.


'Jackal' jailed for identity theft of dead boy

Published Date: 28 November 2008

AN Edinburgh man who obtained a false passport using the identity of a dead child has been jailed.

Gerald Duffy, 39, used the method outlined in Frederick Forsyth's bestseller The Day of the Jackal to get the document. He applied for the passport using the birth certificate of Andrew Lappin, who died in a road accident in 1972, aged three, and then used it to open a bank account.

Jailing Duffy – who lived in Newbattle Terrace in Morningside – for four years and nine months, judge Lord Turnbull told him: "You opened a bank account in a false name and then used it to pay for flights abroad and overseas hotels where you would have used the false passport. I consider there was a sinister and sophisticated aspect to all of this. The insult to the family of Andrew Lappin and the upset it caused them is obvious."

Man steals toddler's identity

Nov 27, 2008

A man in North Carolina stole the identity of a three-year-old girl to sign up for phone and gas accounts.

When the little girl's grandmother started getting bills in the child's name and a collection agency arrived at their home, she called police.

The services were traced to Michael Maris, who was charged with identity theft.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com