Happy Holidays and some Catch Up

Once again, I have been remiss in my duties of posting, mostly due to the Holidays. However, here is some current id theft news.

Heartland Payment Systems will pay $3.6 million to American Express to settle charges relating to Heartland's landmark data breach. The payment, Heartland says in a press release announcing the settlement, resolves "all intrusion-related issues between the two parties" regarding the breach of an estimated 130 million credit and debit cards.

Credit card companies, including American Express, Visa and MasterCard, were forced to cancel and reissue credit cards because of the Heartland data breach. Banks and credit unions have also sued the payments processor to recoup the costs of reissuing cards and to cover the cost of fraud that resulted from the breach. 

Earlier this year, Heartland said it had put aside more than $12 million to cover the charges related to the breach. Heartland is expected to be fined by other brands, including Visa and MasterCard.
___________________________

So far this year, there has been 483 data security breaches with 222,305,800 exposed records. To see the full report click here. 
 ___________________________

Was Citibank the Victim of a Massive Breach?

Citigroup Denies News Report of Multi-Million Dollar Hack

December 23, 2009 - Linda McGlasson, Managing Editor

Was Citibank breached by hackers who siphoned tens of millions of dollars from the bank's customers?

The Wall Street Journal on Tuesday reported news of an FBI investigation into an alleged Citibank computer security breach by hackers linked to a Russian cyber gang.

Citigroup executives, however, categorically deny the breach and investigation at Citibank.

"We had no breach of the system and there were no losses, no customer losses, no bank losses," says Joe Petro, managing director of Citigroup's Security and Investigative services. "Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true."

Few details were given about the alleged attack, which is reported to have involved two other entities, one of them a U.S. government agency. The Citibank attack was reportedly discovered in the summer, but may have actually happened months or even a year earlier. The breach is said to have been detected by law enforcement agents who saw activity on Internet addresses previously used by the Russian Business Network, a Russian-based gang. Two years ago, RBN went quiet, but it is suspected by observers the group has reformed into smaller sects.

Whether the breach did or did not occur, security experts agree on one point: Large banking institutions are under constant attack, and this report should remind them to stay on alert for suspicious activity.(Full story at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug

the Best Identity Theft Protection available dot com

HR 2221 Passes Through the House - Now goes to Senate

H.R.2221 - Also known as the Data Accountability and Trust Act was passed by the House this week and now moves to the Senate.

The bill would create nationwide rules for notifying potential victims of identify theft when their personal information that’s stored electronically is improperly exposed.

The bill was introduced in April by Rep. Bobby Rush (D-Ill.)  Under this legislation, companies that hold people’s personal data would be required to notify the affected people who are U.S. citizens and residents and the Federal Trade Commission if people are put at risk by a security breach to a system that holds the electronic data.

If passed, H.R. 2221 would preempt related state information security laws. This federal mandate could simplify a complex patchwork of state laws that have been passed without a federal mandate.

Notification, to those individuals whose information is compromised in a breach, would have to happen within 60 days of the discovery unless notification would jeopardize a law enforcement investigation or National Security. The legislation would apply to entities under the jurisdiction of the Federal Trade Commission (FTC).

Exemption:  Companies would be exempt from the notification requirements if they determine that there is no “reasonable risk of identity theft, fraud, or other unlawful conduct.”  If electronic data is made unusable, unreadable or indecipherable by encryption, the presumption under the law would be that there was no reasonable risk after a security breach.

California was the first State to pass a Breach Notification law and all States should have one. However, a National Federal law adds more teeth to bite the criminal with, that is if they are caught.

For a copy of H.R. 2221 from the Government Printing Office click here!

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug

the Best Identity Theft Protection available dot com

Health Net Loses Information on Almost 1/2 million Clients

Attorney General Richard Blumenthal investigating Health Net data breach.  (He sure has been busy this month with Blue Shield's breach as well)

Attorney General Richard Blumenthal said today his office is investigating a data breach by health insurer Health Net, which led to the loss of almost 450,000 Connecticut residents' health, personal and financial information.

Blumenthal said Health Net lost the information in May, but never informed consumers, the police or his office about the loss of information until today.

He said the six-month delay in giving notice to consumers and the state could be a violation of the law.

"I am outraged and appalled by Health Net's huge loss of personal, financial and medical information and its failure to swiftly inform authorities and consumers," Blumenthal said. "This information vanished six months ago, but Health Net is only now informing authorities and consumers, an inexcusable and inexplicable delay."

Blumenthal said the information was on a hard drive that disappeared from Health Net's Shelton office. The hard drive included all data on 446,000 Connecticut patients, including health information, as well as financial and personal data such as social security and bank account numbers. The data was compressed, but not encrypted, although a specialized computer program is required to read it.

...."My investigation will seek to establish what happened and why the company kept its customers and the state in the dark for so long," Blumenthal added. "The company's failure to safeguard such sensitive information and inform consumers of its loss -- leaving them naked to identity theft -- may have violated state and federal laws. I will vigorously and aggressively seek damages, penalties and other appropriate remedies, if warranted." (full text at www.hartfordbusiness.com)

Here is a link to Health Net's release http://healthnet.tekgroup.com/press_kits.cfm?presskit_id=13


To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Kroll Fraud Solutions Helps Organizations Find and Fix Data Security Vulnerabilities

New Kroll Security Risk Assessment enables organizations to measure current levels of data protection and address unacceptable exposure with ease and minimal internal resource requirements  

Identity theft experts at Kroll Fraud Solutions have upgraded their comprehensive Security Risk Assessment to help impacted organizations identify existing data risk hot spots and determine how well-protected the exposures are at current security levels.

The Security Risk Assessment features improved usability, increased scope of analysis, and next steps to better help organizations ensure that existing safeguards are keeping pace with the evolution of data breach types, be they targeted or accidental forms of data loss and exposure.

Kroll’s upgraded Security Risk Assessment features:

A series of 38 detailed questions that cover 12 risk “domains,” which consist of areas such as administrative, technical and physical security. The questionnaire is completed by the organization and returned to Kroll for scoring. A proprietary algorithm executed by Kroll that calculates organizational risk based on the organization’s specific responses. A scored report for the organization, accompanied by a focused set of recommendations unique to the organization’s situation.

With this upgrade, organizations will be able to pinpoint specific data security risks and use industry-leading recommendations to strengthen security in areas that pose the greatest threat to their enterprise. This assessment is part of Kroll’s multi-faceted breach preparedness program.

WHEN -- Starting today, a demonstration of the new Kroll Security Risk Assessment will be available on the Kroll Fraud Solutions Web site.

HOW -- For more information, visit: http://www.krollfraudsolutions.com or call 1-866-419-2052.

About Kroll

Kroll, the world's leading risk consulting company, provides a broad range of investigative, intelligence, financial, security and technology services to help clients reduce risks, solve problems and capitalize on opportunities. Kroll Inc. is a wholly-owned subsidiary of Marsh & McLennan Companies, Inc. (NYSE: MMC), the global professional services firm. Kroll began providing identity theft solutions in 1999 and created its Fraud Solutions practice in 2002 in response to increasing requests from clients for counsel and services associated with the loss of sensitive personal information, and related identity protection and restoration issues facing organizations and individuals. Since then, Kroll’s Fraud Solutions clients have included Fortune 500 companies, non-profit organizations, and government entities dealing with healthcare, financial services, insurance, consumer service, and any activity involving the collection and use of personal information. Kroll’s Fraud Solutions team presently serves over 10,000 businesses and millions of individual consumers. For more information, visit: www.krollfraudsolutions.com.

To protect yourself and family against identity theft, put Kroll on your side by visiting my shameless plug below.


To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Hackers get $9.4 million in just 12 hours

Eight charged in elaborate theft of debit card data

By Byron Acohido, USA TODAY

 

A U.S. grand jury on Tuesday indicted eight foreigners on charges stemming from an elaborate cyberheist that began by hacking debit card data from Atlanta-based payments processor RBS WorldPay, then using the data to extract millions from ATMs around the world in just 12 hours.

 

Acting U.S. Attorney Sally Quillian Yates called it "perhaps the most sophisticated and organized computer fraud attack ever conducted." She credited "unprecedented cooperation" between the U.S. and Estonia for cracking the case.

....Viktor Pleshchuk, 28, of St. Petersburg, Russia; Sergei Tsurikov, 25, of Tallinn, Estonia; and Oleg Covelin, 28, of Chisinau, Moldova, were charged with wire fraud, computer fraud and identity theft, along with five others.

In November 2008, the trio allegedly hacked into RBS WorldPay's computer network, then cracked the encryption codes protecting account numbers and PINs for 44 prepaid payroll accounts. Companies use such accounts to distribute salaries via debit cards, which employees use at ATMs to withdraw their pay.

Yates says the thieves raised the payroll account limits, then arranged to have the stolen account numbers embedded on the magnetic stripes of blank payment cards. Finally, they set into motion an army of "cashers" in 280 cities worldwide.

In just 12 hours, using the counterfeit cards, the cashers withdrew $9.4 million from more than 2,100 ATMs in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada, says Yates....(full story at www.usatoday.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Connecticut AG More Than Upset with Anthem Blue Cross Blue Shield

Connecticut Attorney General's Office

Press Release

Attorney General Investigating Blue Cross Blue Shield Data Breach Affecting 18,000 CT Health Care Professionals, Seeks Additional Protection For Victims

November 9, 2009

Attorney General Richard Blumenthal is investigating Blue Cross Blue Shield’s loss of confidential information, including tax identification and some Social Security numbers, for all 18,817 of its individual Connecticut health care providers, as well as seeking additional identity theft protection for affected doctors, therapists and other professionals.

Blumenthal said that the company and its affiliates may have violated state law by losing the information and failing to notify providers in a timely manner. The companies are offering professionals one year of identity theft protection, but Blumenthal called these measures “inadequate and unacceptable, and said, “I will fight for at least two years.”

Blumenthal said the information was lost when a laptop was stolen on August 25. The laptop held information on the companies’ providers nationwide, including names, addresses, tax identification and provider numbers and some Social Security numbers.

Although the computer was stolen in late August, Blue Cross Blue Shield and its related companies Anthem and Empire failed to inform health care providers until late last month.
“As appalling as the data loss, equally alarming and potentially illegal is the delay in disclosing it,” Blumenthal said. “We are vigorously investigating this appalling data loss, needlessly exposing more than 18,000 Connecticut doctors and professionals to devastating identity theft.

“Failing to promptly notify providers of the breach is inexcusable — and a possible violation of state law. Waiting two months left providers severely at risk — needlessly and irresponsibly exposing them to financial mayhem.

“My office demands a full accounting from Blue Cross Blue Shield — healthcare providers affected, details of the loss, protections for professionals, policies and procedures for data loss and other information. State laws mandate that companies fully secure sensitive personal information and quickly disclose breaches — laws the companies may have broken.

“Anthem’s one year of identity theft protection is inadequate and unacceptable. Connecticut doctors and health care professionals expect and deserve a stronger shield against identity loss. I will fight for greater safeguards, including longer identity theft protection, as I have done in other data breaches.

“For identity thieves, private personal data is as good as gold — and should be secured with equal vigor and vigilance. Companies must closely protect Social Security numbers and other sensitive data.”

In addition to protections provided by the companies, Blumenthal said that health care providers can protect themselves by asking the three major credit rating agencies to place a free “Fraud Alert” on their credit reports. The companies are: Equifax – 1-800-525-6285; Experian – 1-888-397-3742; TransUnion – 1-800-680-7289.

Health care providers can also have the major credit rating agencies “freeze” their credit, meaning no new credit can be taken out in their names without their express authorization. A credit freeze request must be made in writing by certified mail to one of the three major credit rating agencies, Equifax, Experian and Transunion.

Credit bureaus charge $10 to freeze and $12 to temporarily un-freeze credit. Blumenthal will seek reimbursement to health care providers for credit freezes and un-freezes.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

FTC Extends Enforcement Deadline For Red Flags Rule Again!

At the request of Members of Congress, the Federal Trade Commission is delaying enforcement of the “Red Flags” Rule until June 1, 2010, for financial institutions and creditors subject to enforcement by the FTC.

The Rule was promulgated under the Fair and Accurate Credit Transactions Act, in which Congress directed the Commission and other agencies to develop regulations requiring “creditors” and “financial institutions” to address the risk of identity theft. The resulting Red Flags Rule requires all such entities that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities – known as “red flags” – that could indicate identity theft.

The Commission previously delayed the enforcement of the Rule for entities under its jurisdiction until November 1, 2009. The Commission staff has continued to provide guidance to entities within its jurisdiction, both through materials posted on the dedicated Red Flags Rule Web site (www.ftc.gov/redflagsrule), and in speeches and participation in seminars, conferences and other training events to numerous groups. The Commission also published a compliance guide for business, and created a template that enables low risk entities to create an identity theft program with an easy-to-use online form. FTC staff has published numerous general and industry-specific articles, released a video explaining the Rule, and continues to respond to inquiries from the public. To assist further with compliance, FTC staff has worked with a number of trade associations that have chosen to develop model policies or specialized guidance for their members.

On October 30, 2009, the U.S. District Court for the District of Columbia ruled that the FTC may not apply the Red Flags Rule to attorneys. Today’s announcement that the Commission will delay enforcement of the Rule until June 1, 2010, does not affect the separate timeline of that proceeding and any possible appeals. Nor does it affect other federal agencies’ ongoing enforcement for financial institutions and creditors subject to their oversight.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,700 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

CalOptima Reports Data Breach That Could Affect 68,000 Members

Unencrypted CDs containing names, diagnosis codes, Social Security numbers and other information for about 68,000 CalOptima members have been lost, sparking concerns about identity theft, Computerworld reports.

CalOptima is Orange County's Medi-Cal managed care plan.  Medi-Cal is California's Medicaid program.

In a statement, CalOptima explained that a claims scanning vendor had sent the CDs to CalOptima via certified mail, but CalOptima only received the outside packaging, not the box with the CDs.

A spokesperson for the health plan said there is no evidence that the CDs were stolen (Vijayan, Computerworld, 10/26).

The statement said that CalOptima informed state and federal agencies of the situation on Oct. 14 and posted an alert on its Web site on Oct. 15 (Goedert, Health Data Management, 10/26).

CalOptima is making arrangements to offer credit monitoring services to members affected by the breach (Computerworld, 10/26).

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug

the Best Identity Theft Protection available dot com

FORMER WACHOVIA BANK EMPLOYEE CONVICTED OF BANK FRAUD AND AGGRAVATED IDENTITY THEFT

Juan Rombado, a former Wachovia Bank employee, has been convicted of bank fraud and aggravated identity theft arising from several schemes aimed at defrauding his employer through the theft of customer identities, United States Attorney Tim Johnson announced. Indicted and arrested in August 2009, Rombado pleaded guilty to both counts before United States District Judge Vanessa Gilmore.

 

Rombado, 46, of Houston, admitted that while employed at the N. Eldridge Parkway branch of Wachovia Bank as a financial specialist between March 2007 through Nov. 23, 2007, he used his position to knowingly execute various schemes to defraud Wachovia Bank to obtain money through check kiting. In this scheme, Rombado unlawfully possessed and used the names, dates of birth and Social Security numbers of Wachovia Bank’s loan applicants to unlawfully open bank accounts under the name “Corsan Group,” and then wrote checks from the unfunded accounts knowing they had insufficient funds. Rombado deposited the unfunded checks into his personal bank account and immediately withdrew the funds represented by the fraudulent checks, taking advantage of the time elapsed between the unfunded deposits to his personal account and the money being deducted from the fraudulent accounts.

In addition to the check kiting scheme, Rombado used Wachovia Bank’s customers’ identities to apply for and use unauthorized access devices, namely credit cards. During roughly an eight-month period, Rombado obtained in excess of $1,000 through the use of the credit card. Lastly, Rombado used his position at the bank to embezzle funds from Wachovia Bank customers’ accounts by making unauthorized funds transfers from the customers’ accounts to his personal account. Through the execution of this scheme, Rombado took approximately $16,742.75 from the bank.

Judge Gilmore has set sentencing for Feb. 23, 2010. Rombado faces up to 30 years imprisonment and a $1 million fine for the bank fraud conviction. The aggravated identity theft carries a mandatory sentence of two years imprisonment to be served consecutive to the sentence imposed for the bank fraud conviction. Rombado will remain free on a $50 thousand bond pending sentencing.

The charges against Rombado are the result of an investigation conducted by the United States Secret Service and the Houston Area Fraud Task Force. Special Assistant United States Attorney Justo A. Mendez is prosecuting the case.

Source: U.S. Attorney’s Office

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

H.R.3763 - To amend the Fair Credit Reporting Act to provide for an exclusion from Red Flag Guidelines for certain businesses.

Official Summary

10/8/2009--Introduced.Amends the Fair Credit Reporting Act with respect to the duties of users of consumer reports who take adverse actions on the basis of information contained in such reports. Excludes any health care practice, accounting practice, or legal practice with 20 or fewer employees from the meaning of creditor subject to Red Flag Guidelines regarding identity theft promulgated by the proper federal financial regulatory agency. Excludes any other business which the Federal Trade Commission (FTC) determines:
(1) knows all its customers or clients individually;
(2) only performs services in or around the residences of its customers; or
(3) has not experienced incidents of identity theft, and identity theft is rare for businesses of that type. States that such exclusion shall no longer apply to any business that can no longer meet such eligibility criteria.

If this bill passes it will exclude about 90% of healthcare professionals from having to comply with the FTC's Red Flags Rule Amendment to the Fair and Accurate Credit Transactions Act (FACTA). I have added a widget on the top of the blog so if you are interested, you can follow this bill by visiting my blog.

Enforcement of the Red Flags is to begin on11/01/09. 


To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Sixty-six percent of U.S. adults say they worry "frequently" or "occasionally" about being a victim of identity theft

Being a victim of car theft or home burglary when away rank a distant second

by Lydia Saad

PRINCETON, NJ -- Identity theft debuts on Gallup's Crime survey as Americans' top-ranked crime concern. Sixty-six percent of U.S. adults say they worry "frequently" or "occasionally" about being a victim of identity theft, higher than the reported anxiety about 11 other types of crime and the only crime that a majority worry about at least occasionally.

Gallup trends measuring Americans' fear of being victims of specific crimes date back several decades, but for each of 10 crimes, the question has been updated annually on Gallup's Crime survey since 2000. Terrorism was added to the list in 2001, and 2009 marks the first year identity theft has been included.

Men and women are about equally likely to say they worry about identity theft, but there are differences by income. Americans in households earning less than $30,000 per year are significantly less likely to say they worry frequently or occasionally about this crime than are those making higher amounts.

However, other data in the Oct. 1-4 survey suggest that identity theft is not related to income. According to respondents' self-reports of their crime victimization in the past year, 12% of low-income Americans -- identical to the percentage in high-income households -- say that they or another member of their household was the victim of identity theft in the past year. (Full report at www.gallup.com)

There is one comment in Lydia Saad's story that is incorrect. She wrote: "Although most victims can quickly undo the damage by canceling their credit cards,..." This may be true for some financial identity theft but financial only is about 22-25% of all identity theft. Canceling a credit card will not help if you are a victim of social security, drivers license, criminal or medical identity theft which was up 400% last year.

That is why when obtaining Identity Theft protection, choose a company that offers restoration for all areas of id theft such as the one I offer. Visit my shameless plug below for more information. And we also now protect child identities.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

New Phishing Attacks Target Institutions in Four States

CA., NY, PA and WI Customers Victimized by Text, Phone Messages

October 13, 2009 - Linda McGlasson, Managing Editor

A fresh string of phishing attacks have struck financial institutions nationwide over the past two weeks, with customers of 10 banks and credit unions in California, New York, Pennsylvania and Wisconsin receiving fraudulent text messages or automated phone calls.

These incidents are concurrent with a new report from the Anti-Phishing Working Group, which says such attacks are up nearly 600 percent this year.

Text Messaging Scams

Members 1st Federal Credit Union of central Pennsylvania reported on Sept. 28 that it received calls from customers about text messages claiming that their cards were blocked. The calls were purportedly from Members 1st, and the customer phones that were targeted were reportedly AT&T mobile phones.....

.....Similar attacks happened on Oct. 2 in Nebraska to Greater Omaha Credit Union customers. Omaha police say the phishers sent text messages to mobile phones in the Omaha area, claiming their bank card had been deactivated and instructing them to call an 877 number to reactivate it. At least one customer fell victim, losing several hundred dollars to phishers located in Huntington Beach, CA. "Once he changed his PIN, somebody went in and withdrew the money," said Richard Patterson, president of Greater Omaha Federal Credit Union....

...How the scam works: Fraudsters learn the first three digits for certain cell phone providers in an area and just dial in remaining digits for mass texting, hoping to catch customers...

California Bank Hit in Automated Attack

The phishing scam that hit Liberty Bank, Boulder Creek, CA on Oct. 2, is still happening. The bank reports that an automated phone call phishing scam references Liberty Bank by name, making the scam more believable to unsuspecting bank customers.

Listen to the automated vishing call:
The Santa Cruz Sheriff's office initially handled the investigation, but the case has been turned over to the FBI, says Jill Hitchman, first vice president of the bank. "We've been told that Bank of America, Wells Fargo Bank, Citibank and some credit unions as far away as Humboldt County have been targeted," Hitchman says.

Residents of San Lorenzo Valley and parts of Santa Cruz reported receiving automated phone calls, purportedly from Liberty Bank, saying, "Your card has been suspended because we believe it was accessed by a third party. Please press 1 now to be transferred to our security department."

Customers who pressed "1" were asked to enter their credit/debit card number and personal identification number. Once usernames and passwords to a web-based e-mail account are captured from a customer, criminals can access the login information and transfer money out, Hitchman says.

Hitchman explains that the phishers used phone systems that were hijacked in small companies to make the calls. "They used voice over IP technology to get into the back door of these companies," she says. This recording is the actual message that customers heard from the phishers. (full text at www.bankinfosecurity.com)

NOTE: In April while in Michigan, I answered two calls at my sister's home that were of this nature and "Caller id spoofing" was used as well. Read the article on caller id spoofing here.

This article is from a week ago. Sorry, I missed it the first time.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Payroll Processor Breached Twice in One Month

PayChoice Warns Business Clients of Network Breaches, Potential Fraud

October 19, 2009 - Linda McGlasson, Managing Editor

For the second time in less than a month, New Jersey-based payroll processor PayChoice has alerted customers to a network breach.

PayChoice, based in Moorestown, NJ, had to take its Online Employer site offline last Thursday for a short time after the latest security breach was discovered. While the exact cause of the breach was not revealed, the company says it has taken new precautions.

"PayChoice deployed additional security measures to protect client data after the company identified a key mechanism used by online attackers," says CEO Robert Digby. PayChoice's Online Employer site was briefly taken offline after the company discovered the breach, which occurred on Oct. 14. Digby says PayChoice has reopened the site with most functionality after protecting against the methods used in the attack.

The payroll processing company, which boasts more than 125,000 business clients, warned its customers by letter about the new breach after some clients reported "phantom" employees showing up on their payrolls.

The message to PayChoice customers indicated that the hackers may have stolen customer login IDs and passwords by going through a hole in security on the website feature that helps customers change their password. PayChoice says it turned off the change-password feature to fix the vulnerability. (Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Online Crime up Nearly 600% in '09

Expert: 'The Internet Has Never Been More Dangerous'

October 5, 2009 - Linda McGlasson, Managing Editor

Bogus security software applications are among the types of electronic crimes that grew 585 percent over the first half of this year, according to a new study.

The Anti Phishing Working Group's (APWG) latest report shows that rogue anti-malware programs, infected computers and crimeware broke new records in the first half of 2009. The report shows that criminals are innovative and have "apparently unchecked ambition" with crimeware designed to target financial institutions' customers....

....The report also shows:

• The number of unique phishing websites detected in June rose to 49,084 -- the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement.


• The number of hijacked brands ascended to an all-time high of 310 in March and remained at an elevated level to the close of the half in June.


• The total number of infected computers rose more than 66 percent to 11,937,944 - now more than 54 percent of the total sample of scanned computers.


• Payment Services became phishing's most targeted sector, displacing Financial Services. Jevans notes that institutions' customers still are a primary target of electronic criminals.

"The Internet has never been more dangerous," Jevans says. "In the first half of 2009, phishing escalated to some of the highest levels we've ever seen." Full text at www.bankinfosecurity.com)

I don't want to tell you that "I Told You So...but..."

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Lawsuit: Heartland Knew Data Security Standard was 'Insufficient'

Complaint Says CEO Described PCI as 'Lowest Common Denominator' of Protection

October 5, 2009 - Linda McGlasson, Managing Editor

Months before announcing the Heartland Payment Systems (HPY) data breach, company CEO Robert Carr told industry analysts that the Payment Card Industry Data Security Standard (PCI DSS) was an insufficient protective measure.

This is the contention of a new master complaint filed in the class action suit against Heartland, which in January announced a data breach that is now estimated to be the largest known hack, involving 130 million credit and debt card accounts.

In a November 2008 earnings call, according to the complaint, Carr told analysts, "[We] also recognize the need to move beyond the lowest common denominator of data security, currently the PCI DSS standards. We believe it is imperative to move to a higher standard for processing secure transactions, one which we have the ability to implement without waiting for the payments infrastructure to change." ...

....Heartland executives have said consistently that the company was PCI-compliant at the time on the breach, which the complaint now says may have begun as early as December 2007. Visa, however, removed Heartland from its list of PCI-compliant service providers in March of this year, and one Visa security executive was quoted as saying "We have never seen anyone breached that was PCI compliant."

Heartland was re-certified as PCI compliant in May. (Full text at www.bankinfosecurity.com)

As I've said in past articles, I was one of the 130 million victims. When I was notified in January 2009, I was in Las Vegas doing a seminar on Id Theft at a national convention. My credit union called me and told me that they had to close out my debit card due to the breach. Here I was with $7 in my pocket, no other credit cards with me and 2 more days in Vegas.

I guess "What happens in Vegas - Stays in Vegas!"

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

The Data Breach Blog Missing Blue Cross laptop puts 39,000 physicians at risk

The loss of a Blue Cross laptop has put the sensitive information of possibly 39,000 physicians at risk.

How many victims? Approximately 39,000 individuals have been notified though the actual scope of the breach is unknown.

What type of personal information? Personal information including tax identification numbers, which for some, are the same as their Social Security number.

What happened? The laptop, which contained a database with sensitive information about physicians nationwide, was stolen in August from an employee of the Blue Cross and Blue Shield Association’s national headquarters in Chicago.

Details: It is Blue Cross’ policy to encrypt all information on company computers, Jeff Smokler, national Blue Cross-Blue Shield spokesman told Boston.com. An employee who was authorized to have the information violated company rules, however, by downloading an unencrypted version of the database onto a personal laptop. The laptop was stolen after the employee left headquarters with it.

The breach might affect Massachusetts physicians and other providers the worst because they typically use their Social Security numbers as their tax identification numbers — which was part of the information breached.

Quote: “It took some time to figure out what type of data was on the laptop,’’ Tara Murray, Blue Cross and Blue Shield of Massachusetts spokeswoman told Boston.com. “There is no reason to be believe the data has been used to steal people’s identity, but we are just being cautious . . . to notify them and offering free credit monitoring.’’ (I highlighted this because this is standard boilerplate verbal vomit every time there is a breach! Credit monitoring only covers about 25% of all id theft. What if......the docs will find out the hard way or they can get our service that protects them in all 5 areas of id theft).

What was the response? Blue Cross will review its security procedures and make it a priority to persuade state physicians and other health care providers to apply for a new tax ID number that is different from their Social Security number. In addition, additional encryption will be implemented.

Source: Boston.com, “Blue Cross physicians warned of data breach,” Oct. 3, 2009.

By the way, any Physician reading this and still needs to get his Red Flags Policy before enforcement begins by the FTC on 11/01/09, feel free to visit www.stopidtheftcrime.com for a video and link to create your policy.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Senate Bill (SB-20) to bolster California breach law awaits governor

Bill to bolster California breach law awaits governor

Dan Kaplan

September 11, 2009

A new Senate bill in California, which seeks to complement the state's trailblazing SB-1386 data breach disclosure bill, is ready for Gov. Arnold Schwarzenegger's signature.

The new legislation, SB-20, builds on the 2003 bill by requiring that breach notification letters also contain specifics around the data-loss incident, including the type of personal information exposed, a description of the incident and advice on steps to take to protect oneself from identity theft. The law also would require that organizations that suffer a breach affecting 500 or more people must submit a copy of the alert letter to the state attorney general's office.

"Experience over the past half dozen years indicates that too often, the information received [in the letter] is confusing, not clarifying," state Democratic Sen. Joe Simitian, author of both bills, said this week in a news release. "SB-20 ensures that notice of a security breach will be genuinely helpful to consumers."

...The governor must sign or veto the bill by Oct. 11.

SB-1386 laid the groundwork for roughly 45 other states to pass similar laws requiring organizations that expose personal information to notify victims. (Full text at www.scmagazineus.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Chase Bank Notifies Customers of Breach

Backup Tape Reported Missing from Vendor Storage Facility
September 11, 2009 - Linda McGlasson, Managing Editor

Chase Bank has sent out data breach notification letters to an undisclosed number of customers after a computer tape with customers' personal information was reported missing from a third-party vendor's storage facility.

Tom Kelly, spokesperson for New York-based Chase, the commercial/consumer banking arm of financial giant JPMorgan Chase, says the vendor -- which he would not name -- confirmed it received and maintained the tape, and that its offsite facility had been searched thoroughly after the tape disappeared. Kelly would not say if the data on the tape was encrypted, but says its data can be read only with special equipment and software. "We have no evidence to indicate any of the information has been viewed or used inappropriately," Kelly says. (emphasis added because: That's what they all say. It must be a boilerplate all use in case of a breach) (Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

More on Heartland Breach Court Case

I have been out of town since Sept 9th. Now I have to play catch-up or is it Ketchup?

Heartland Update: Judge to Hear Motions to Dismiss Class Action Suits

Attorney: Discovery is "the Biggest Battlefield"

September 9, 2009 - Linda McGlasson, Managing Editor

Preliminary legal hearings have begun in the class action suit against Heartland Payment Systems, the U.S.-based payments processor that was breached in 2008

More than 30 financial institutions from 22 states have joined the lawsuit against Heartland, which is the largest data breach on record, with a reported 130 million credit and debit cards stolen.

....There are two class action suits -- one on the consumer side and the second on behalf of the financial institutions affected by the massive breach. Earlier in June, a Multidistrict Litigation (MDL) panel decided the suits would be held in Houston. ...

..Coffman said that the biggest battle during the August 24 hearing was discovery; specifically, what Heartland will be required to produce now and what will be deferred until next spring after Heartland's anticipated motion to dismiss is argued. Heartland already has filed a motion with the Court asking that all discovery be stayed until after the Court rules on the motion to dismiss. Coffman anticipated that the Court will rule on Heartland's motion to stay discovery shortly....(Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Another Guilty in ID Theft that nailed Bernacke

Makieta Leake, 36 years old, of Prince Frederick, Md, plead guilty to a single count of conspiracy to commit bakn fraud Tuesday in federal court in Alexandria, VA.

She was the fifth person to plead guilty in the scheme that resulted in more than $2 million in losses at 10 banks.

Leake was a doctor's receptionist and admitted stealing bank account information from 37 patients as part of the ID Theft ring that took advantage of Federal Reserve Chairman Ben Bernacke.

She was paid between $200 and $500 for each victim's information. About 40% of the above losses can be traced to her.

Note: It still amazes me that most healthcare professionals still don't know about the FTC's Red Flags Rule and that the must comply with this amendment to the FACTA law. Enforcement begins 11/01/09.

We can assist any business with the Red Flags or FACTA training of their employees. For more info visit http://www.redflagsrulepolicy.com/ or call me.

To learn more about Identity Theft and what to do if you are a victim, visit http://www.stopidtheftcrime.com/ and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

66% of Social Networkers Vulnerable to Attack

Twitter, Facebook, LinkedIn and other social networking sites are sweeping the world with tweets, friends and more messaging than ever before, but what’s the cost of all this networking? More than two-thirds of social community members don’t proactively protect themselves from cyber attacks, a survey by the CMO Council and security software maker AVG found.

The study surveyed 250 social networking site users during the second quarter of this year and found that a whopping 64 percent never or rarely change their passwords. All networking sites offer privacy controls to some extent, but 57 percent don’t regularly adjust these settings, therefore providing little to no real protection.

How often do you receive “friend invites” or links within messages from people you don’t know? According to this study, 21 percent of users have accepted such invitations and 64 percent have clicked on links sent by people they didn’t know. (Full story at www.ditio.net)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

"Soup Nazi" Accepts Plea Deal!

Albert Gonzalez, plead guilty on Friday to 19 count indictment regarding his involvement in the largest identity fraud case in U.S. history. the Heartland Data Breach, where over 170 million credit and debit card numbers were stolen. He agreed to plead guilty to conspiracy, wire fraud and aggravated identity theft charges.

Under a plea agreement with federal prosecutors, he will serve a sentence of 15 to 25 years. He will also forfeit some $2.8 million in cash, a Miami condo, a car and expensive jewelry.

Gonzalez had once been an informant for the U.S. Secret Service. (For more info on this case, click here)

It still surprises me that most people think they will never be a victim and fail to protect themselves. I can help protect anyone and their identity for as low as $9.95/month and it covers both you and your spouse or significant other. Identity THEFT Shield is provided by a Stock Exchange company and has restoration included should you become a victim of identity theft in any of the 5 areas of id theft. Not just financial.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

FDIC Warns of Online Fraud Against Banks, Small Businesses

Alert Cites Increase in ACH, Wire Transfer Fraud
August 26, 2009 - Linda McGlasson, Managing Editor

Online crime is increasingly hitting small and mid-size companies in the U.S., draining those entities' bank accounts through fraudulent transfers. The problem has gotten so bad that a financial services group recently sent out a warning about the trend, and the Federal Deposit Insurance Corporation (FDIC) issued an alert today.

"In the past six months, financial institutions, security companies, the media and law enforcement agencies are all reporting a significant increase in funds transfer fraud involving the exploitation of valid banking credentials belonging to small and medium sized businesses," says a bulletin sent on Aug. 21 to member financial institutions by the Financial Services Information Sharing and Analysis Center, (FS-ISAC). The FS-ISAC is part of the government-private industry umbrella working with the Department of Homeland Security and Treasury Department to share information about critical threats to the country's infrastructure. The member-only alert described the problem and told its members to implement many of the precautions and monitoring currently used to detect consumer bank and credit card fraud.

The FS-ISAC notice -- and subsequent media attention -- in turn prompted the FDIC alert to warn banking institutions about this kind of fraud.

The Threat
The FDIC traces the fraud to compromised login credentials on online banking websites. Over the past year, the FDIC says, it has detected an increase in the number of reports and the amount of losses resulting from unauthorized electronic fund transfers (EFTs), such as automated clearing house (ACH) and wire transfers.

...While the institutions and business customers are not necessarily large or high-profile, the money that is being drained by the criminals can add up to significant amounts. One recent example: Dwelling House Savings and Loan Association, Pittsburgh, PA. The tiny institution failed after an ACH fraud event siphoned off a whopping $3 million. ...
(Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Federal Reserve Chairman Id Theft Victim

No one is safe from id theft, not even chairman, Ben Bernake, of the Federal Reserve. His personal checking account became an elaborate id theft scheme after his wife, Anna, had her purse stolen last August at a Capital Hill Starbucks. According to a Washington DC police report, it contained her social security card, checkbook, credit cards and IDs.

It's not revealed how much money was stolen from their account but someone started cashing checks on their account just days after the purse was stolen. The thefts helped an ongoing investigation into a sophisticated ring.

Losses from the fraud totaled more than $2.1 million and involved at least 10 financial institutions, court documents said.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

"One Tree Hill" star actor who plays Skills guilty of selling Social Security Numbers.

Yes, you read the title right! "One Tree Hill" actor Antwon Tanner pleaded guilty to selling 16 Social Security Numbers and 3 Social Security cards for $10,000.

He told the federal judge that he was just a middleman selling the numbers someone else gave him. Tanner will be sentenced on Nov 20 and could get up to one year in the slammer and a cool $250,000 fine.

I'm told that he also faces similar charges here in California.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Radisson Hotels Suffer Data Breach

Radisson Hotels Suffer Data Breach. It's not this article that amazes me but the number of people that I speak with daily who do not see the need for Identity Theft Protection with full restoration services and/or Prepaid Legal Services since an identity theft is going to be a legal issue.

Radisson Hotels Suffer Data Breach

Unknown Number of Records Exposed During 6-Month Period

August 21, 2009 - Linda McGlasson, Managing Editor

An unknown number of Radisson Hotel guests in the U.S. and Canada may face credit card fraud in the wake of a data breach announced by the hotel chain this week.

In an open letter to customers, Fredrik Korallus, CEO of the hotel chain detailed the breach, which involved computer systems invaded by hackers for a six-month period, from Nov. 2008 to May 2009.

According to the hotel chain's spokesperson, David Chamberlin, the forensic investigation of the breach is still underway, with federal law enforcement involved, and the company isn't unable to provide accurate estimates of the number of potentially exposed records.

...The facts of the breach released by Radisson:

• Between November 2008 and May 2009, the computer systems of some Radisson Hotels & Resorts in the U.S. and Canada were accessed without authorization. This past spring, the company was able to confirm an intrusion. The investigation is ongoing.

• The accessed computer systems contained guest information such as the name printed on a credit or debit card, the account number and the expiration date on the card. "We do not know, however, whether a particular name, credit or debit card number or card expiration date were in fact accessed or taken," he says.

• The accessed computer systems did not include Social Security numbers.

• The hotel says at this time, "it appears to be an unauthorized attack from an outside source, and have no reason to believe it was an insider."

• The hotel says it has worked closely with the major credit card brands, issuers, the credit reporting agencies, and its payment processor, Elavon, to address the incident.

• It also placed ads announcing the breach in the Wall Street Journal and USA Today on Wednesday and has set up a dedicated web site to address customer questions.

• Notification letters were sent to affected consumers, where they were able to be identified, Chamberlain says.... (Full story at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Massachusetts Data Protection Law Amended, Delayed - Again

Before you read this article you should know that the Massachusetts law mentioned here is the strictest law in the nation. It has requirements that a business must comply with in regards to identity theft in the workplace. Their requirements are tougher than the FTC's current FACTA law and the Red Flags Rule amendment.

For those business owners reading this, this is what we do at no direct cost for most businesses:
1. We provide a personalized written policy outlining specific requirements for protecting the non-public information of customers vendors and employees.

2. A letter that can be used when appointing a security compliance officer - see www.ftc.gov under Gramm, Leach, Bliley.

3. A comprehensive training program which (www.FTC.gov "Protecting Personal Information: A Guide for Business") is a suggested first step (pages 16-17) in protecting NPI and educating employees about the risks/liabilities of identity theft and data loss.

4. When employees complete the training, we provide the "Use of Confidential Information by Employee" form that serves as proof they've completed a mandatory training in handling NPI. This signed document demonstrates that the company is taking reasonable measures to protect customer, employee and vendor information.

We also offer an online Red Flags Rule compliance module at www.RedFlagsRulePolicy.com

Massachusetts Data Protection Law Amended, Delayed - Again

New Rules Now Won't Apply Until March 2010

August 20, 2009 - Linda McGlasson, Managing Editor

Once again, Massachusetts is delaying the compliance deadline for its toughest-in-the-nation data protection rules. The new effective date is March 1, 2010.

Saying that the state must balance the needs of consumer privacy protection with the needs of small business, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) has also amended its data security regulations. Earlier this week the OCABR announced the revised rules will facilitate a "risk-based approach" to data security - an approach that is expected to help the small-business community.

The OCABR also modified the regulations to make them technology neutral. A public hearing on the changes will be held on September 22 in Boston.

Barbara Anthony, the Massachusetts Undersecretary of the Office of Consumer Affairs and Business Regulation, says the adjustments to Massachusetts' identity theft regulations will also reinforce flexibility in compliance by small businesses.

The risk-based approach is especially important to small businesses that may not handle a lot of personal information about customers, says Anthony. Under a risk-based approach, a business, in developing a written security program, should take into account its size, nature of its business, the kinds of records it maintains, and the risk of identity theft posed by its operations. (Full text at www.bankinfosecurity.com)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

"SoupNazi" Indicted in largest US Identity Theft Case

Federal Authorities indicted three men in New Jersey in a massive identity theft case that the Justice Department is labeling as the largest in American history.

Truth of the matter is that only one body is actually in custody. The other two that were indicted are Russians, whereabouts unknown. Albert Gonzalez of Miami, age 28, also known as the "SoupNazi" online (must have been a Seinfeld fan) if convicted, could face up to 20 years on a charge of wire-fraud conspiracy and an additional five on the conspiracy charge. He also faces fines of up to $250,000 for each charge.

The Department of Justice calls this "the single largest hacking and identity theft case ever prosecuted." There were about 130 million credit and debit card numbers stolen. I was one of the victims back in January.

The three culprits, hacked into and took the card numbers from Heartland Payment Systems; 7-Eleven Inc., a Texas-based convenience store chain and Hannaford Brothers Company, a Maine-based supermarket chain.

This is not Mr. Gonzalez' first crime either. in May 2008, the U.S. Attorney's Office of New York charged him for his alleged role in the hacking of a computer network run by a national restaurant chain. He is slated to stand trial on those charges in September of 2009.

In August of 2008, he was indicted on additional charges for a number of hacks into eight major retailers including discount giant TJ Maxx that involved an estimated 40 million credit cards and cost TJ Maxx $200 million. He is scheduled for trial on those charges in 2010, the Department of Justice said.

Gonzalez, if convicted, will undoubtedly be spending a long time in Federal Prison after all the trials, that is unless he can prove that it was not him. Maybe somebody stole his identity to do the crime.

Either way, with the money he must have been paid for his work, I don't understand why he is still in the US and not abroad with the Russians avoiding extradiction.

After research, I found the following video with Albert Gonzalez and it could actually be his Attorney's best defense for him, click here to watch.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com