Stop Identity Theft Crime

Thursday, February 12, 2009

Heartland Data Breach Update - 220 Institutions

As of yesterday, the number of institutions affected by this massive breach has reached 220. It has extended to Canada, Guam and Bermuda.

Following is the latest up-to-date list of institutions impacted by the Heartland breach and - where available - the total number of cards compromised:

Acadian Federal Credit Union, Fort Kent, ME;

Adams Bank & Trust, Grant, NE; (15)

Alerus Financial, Grand Forks, ND;

Alpine Bank, Aspen, CO (3,500);

Alva State Bank, Alva, OK;

Amboy Bank, Old Bridge, NJ;

American Bank Montana, Bozeman, MT;

American National Bank, Denver, CO (2,500);

American Riviera Bank, Santa Barbara, CA;

Apple Valley Bank, Cheshire, CT (100);

Arkansas County Bank, Stuttgart, AR;

Arvest Bank, Mountain Home, AR;

Association of Vermont Credit Unions, VT (6,000);

Baker Boyer Bank, Walla Walla, WA;

Bangor Federal Credit Union, Bangor, ME (3,000);

BancFirst, Oklahoma City, OK;

Bangor Savings Bank, Bangor, ME (18,000);

Bank of America, St. Louis, MO;

Bank of Bridger, Bridger, MT (80);

The Bank of Edwardsville, Edwardsville, IL;

The Bank of Fayetteville, Fayetteville AR;

The Bank of Guam, Territory of Guam;

Bank of Monticello, Monticello, MO;

Bank of Oklahoma, Tulsa, OK;

Bank of the Ozarks, Little Rock, AR;

Bank of Utah, Ogden, UT; (245)

Bank Plus, Graettinger, IA;

BBVA Compass, Birmingham, AL;

Beacon Credit Union, Wabash, IN (4,500)(See what Beacon told their members about the Heartland Breach);

Bellwether Community Credit Union, Manchester, NH;

Big Horn Federal Savings Bank, Greybull, WY (650);

Bremer Bank, St. Paul, MN (See what Bremer Bank told its customers about the Heartland breach) (7,800)

Bermuda Bank, Bermuda;

Brighton Bank, Salt Lake City, UT

Butterfield Bank, Bermuda;

Canadian Tire Financial Services, Niagara, Ontario, Canada (15,000);

Cape Cod Cooperative Bank, Cape Cod, MA (3,600);

Capitol Federal, Topeka, KS (14,000);

Central National Bank, Enid, OK;

The Central National Bank and Trust Company of Enid, Enid OK, (1600);

Central Savings Bank, Sault Ste. Marie, MI (300);

Century Bank FSB, Sarasota, FL (2,200);

Century Bank of Kentucky, Lawrenceburg, KY (1,000);

Charleroi Federal Savings Bank, Charleroi, PA;

Chase Bank, Utah;

Charter Oak Bank, Napa, CA;

Chocolate Bayou Community FCU, Alvin, TX (2500);

Citizens Bank of Newburg, Rolla, MO;

Citizens State Bank of Roseau, Roseau, MN (700);

The Citizens Bank of Swainsboro, Swainsboro, GA;

Coloramo Federal Credit Union, Grand Junction, CO;

Columbia River Bank, The Dalles, OR;

Community Bank, Alva, OK;

Community Bank of Broward, Weston, FL;

Community Bank of The Red River Valley, Grand Forks, ND;

Community First National Bank of Mountain Home, Mountain Home, AR;

Community Savings Bank, Edgewood, IA (1,000);

Core First Bank, Topeka, KS;

Countybank, Greenwood, SC (3,000);

CU Community Credit Union, Springfield, MO; (16)

Cumberland Security Bank, Pulaski, KY;

Dairy State Bank, Rice Lake, WI (1,500);

Denali Alaskan Federal Credit Union, Anchorage, AK (10,300):

Dime Bank, Norwich, CT;

Dollar Bank, Pittsburgh, PA;

Dupaco Community Credit Union, Dubuque, IA;

DuTrac Community Credit Union, Dubuque, IA;

EarthMover Credit Union, Oswego, IL (600);

East Dubuque Savings Bank, Dubuque, IA;

Eastern Maine Medical Center Federal Credit Union, Bangor, ME;

Eastman Credit Union, Kingsport, TN;

Elliott Federal Credit Union, Jeanette, PA (100);

El Paso Employees Federal Credit Union, El Paso, TX (1,000);

Extraco Banks, Killeen, TX (9,000);

Family Community Credit Union, Charles City, IA;

Farmers and Merchants Bank, Stuttgart, AR;

Farmers & Merchants State Bank, Archbold, OH;

Farmers State Bank, West Bend, IA;

Farmers Trust & Savings Bank, Spencer, IA (725)

Fidelity National Bank, West Memphis, AR (1,463);

Fifth Third Bank, Cincinnati, OH;

The First, A National Banking Association, Hattiesburg, MS;

First & Farmers National Bank, Pulaski, KY;

First Bank, Azle, TX (3,000);

First Bank & Trust, Brookings, SD;

First Bank of Delaware, Wilmington, DE;

First Bank Blue Earth, Blue Earth, MN;

First Bankers Trust Company, Quincy, IL;

First Cheyenne Federal Credit Union, Cheyenne, WY (500);

First Citizens National Bank, Charles City, IA;

First Community National Bank, Steelville, MO;

First Enterprise Bank, Oklahoma City, OK;

First Federal Bank, Harrison, AR;

First Financial Bank NA, Terre Haute, IN;

First National Bank of Colorado, Ft. Collins, CO

First National Bank, Carmi, IL;

First National Bank of Farragut-Shenandoah, IA (60);

First National Bank of Hutchinson, KS (1,000);

First National Bank Pratt, Pratt, KS;

First Security Bank & Trust, Charles City, IA (1,400);

1st Source Bank, South Bend, IN;

First State Bank of Illinois, Carthage, IL;

First State Bank, Nora Springs, IA;

First State Bank, Russellville, AR (1,500);

First State Bank of Scottsbluff, Scottsbluff, NE (200);

First Tech Credit Union, Portland, OR;

Five Points Bank, Hastings, NE (200);

Forcht Bank, Kentucky; (8,500);

Forest Park National Bank & Trust Co., Forest Park, IL (500);

Four Corners Community Bank, Farmington, NM;

Franciscan Skemp Credit Union, La Crosse, WI;

Freedom Credit Union, Springfield, MA (2,400);

Gate City Bank, Fargo, ND;

GECU, El Paso, TX (25,000);

Georgetown Savings Bank, Georgetown, MA

GFA Federal Credit Union, Gardner, MA;

The Gordon Bank, Gordon, GA (300);

Great Southern Bank, Springfield, MO;

Health Facilities Federal Credit Union, Florence, SC (3,500);

HealthFirst Federal Credit Union, Waterville, ME; (261)

Heartland Bank, St. Louis, MO;

Heritage Bank, Hastings, NE (50);

Heritage Bank of Nevada, Reno, NV;

Heritage Valley Federal Credit Union, York County, PA;

Home Federal Bank, Treasure Valley, ID (1,800);

Huntington Bank, Ashland, OH;

Idadiv Credit Union, Nampa, ID;

Indiana State University Federal Credit Union, Terre Haute, IN (1,300);

Indiana University Credit Union, Bloomington, IN;

Industrial Credit Union of Whatcom County, Bellingham, WA;

Innovations Federal Credit Union, Bay County, FL (400 cards);

Integra Bank, Evansville, IN;

Iowa State Bank, Ruthven, IA;

Iowa State Savings Bank, Knoxville, IA;

Iowa Trust and Savings Bank, Emmetsburg, IA (700);

Kellogg Company Employee Federal Credit Union, Omaha, NE;

Kennebec Savings Bank, Augusta, ME; (1,500);

Kennebunk Saving Bank, ME (7,000);

Kootenay Savings, Trail, British Columbia, Canada;

Lake Country Community Bank, Morristown MN (245);

Lassen County Federal Credit Union, Susanville, CA (600);

Laurens State Bank, Emmetsburg, IA;

Legence Bank, Evansville, IN;

Liberty Bank, Cheshire, CT;

Liberty Bank, South San Francisco, CA;

Marine Bank and Trust, Carthage, IL;

Merchants & Southern Bank, Gainesville, FL;

Mercy Family Credit Union, Mason City, IA;

Michigan Catholic Credit Union, Troy, MI;

Mid America Bank & Trust Co., Rolla, MO; (200)

MidFirst Bank, Tulsa, OK;

Mid-Oregon Credit Union, (4,000);

Monad Federal Credit Union, Pasco, WA;

Monroe Bank & Trust, Monroe, MI;

Mt. McKinley Bank, Fairbanks, AK;

M & T Bank, Buffalo, NY;

NAFT Federal Credit Union, Pharr, TX (250)

Nebraska Land National Bank, NE (150);

North Country Savings Bank, Canton, NY;

North Iowa Community Credit Union, Mason City, IA;

North Star Community Credit Union, Maddock, ND;

Notre Dame Credit Union, South Bend, IN (2,000);

Oak Valley Community Bank, Oakdale, CA;

O Bee Credit Union, Tumwater, WA; (See what O Bee told its members: http://www.obee.com/)

Ohio Valley Community Credit Union, Clarington, OH (690);

Oklahoma Central Credit Union, Tulsa, OK;

Old National Bank, Evansville, IN;

Oregon Territory Federal Credit Union, Salem, OR;

Patriots Bank, Kansas City, MO;

Patterson State Bank, Patterson, LA;

Pentagon Federal Credit Union, Alexandria, VA;

PeoplesChoice Credit Union, Saco, ME. (500);

Piedmont Credit Union, Danville, VA (15);

Pine Bluff National Bank, Pine Bluff, AR;

Pinnacle Bank, NE;

Pinnacle Federal Credit Union, Edison, NJ;

The Pittsfield Cooperative Bank, Pittsfield, MA;

Planters & Citizens Bank, Camilla, GA (340);

Platte Valley National Bank, Scottsbluff, NE; (388)

Poplar Bluff Federal Credit Union, Poplar Bluff, MO (998);

Port Alliance Federal Credit Union, Norfolk, VA (700);

Premier Bank, Dubuque, IA;

Provident Bank, Baltimore, MD;

Public Service Credit Union, Denver, CO;

Rainier Pacific Bank, Tacoma, WA (5,700);

Regions Financial Corp., Birmingham, AL;

Rivermark Credit Union, Portland, OR;

Rocky Mountain Law Enforcement Federal Credit Union, Denver, CO;

Schertz Bank & Trust, Schertz, TX (600);

Schools First FCU, Orange County, CA;

Shelby Savings Bank, Center, TX (600);

Shore Community Bank, Toms River, NJ (283);

Simmons First National Corp., Pine Bluff, AR;

South Central Credit Union, Jackson, MI (650);

Southside Credit Union, San Antonio, TX (775);

Sovereign Bank, Northeast U.S.;

Spokane Media Federal Credit Union, Spokane, WA; (330)

The State Bank, La Junta, CO (2075);

State Bank of Texas, Irving, TX;

State Employee's Credit Union (SECU), Raleigh, NC; (60,000)

St. Mary's Bank, Manchester, NH;

The Stock Exchange Bank, Woodward, OK;

Stockman Bank, Billings, MT;

Summit Federal Credit Union, Rochester, NY (500 cards);

Surrey Bank & Trust, Mount Airy, NC;

TD Bank, Portland, ME;

TD Bank North, Portland, ME;

Tinker Federal Credit Union, Enid, OK;

Town & Country Bank, Ravenna, NE;

Triangle Credit Union, Nashua, NH;

TrustCo Bank Corp., Glenville, NY;

Trustmark Bank, Jackson, MS; (75,000)

Tulsa Teachers Credit Union, Tulsa, OK;

United Mississippi Bank, MS (200);

United Savings Credit Union, Fargo-Moorehead, ND, (450);

University of Wisconsin-Oshkosh Credit Union, Oshkosh, WI;

U.S. Bank, St. Louis, MO;

Valley Bank & Trust, Gering, NE (16).

Valley View Bank, Kansas City, MO;

Warren Federal Credit Union, Cheyenne, MT; (1,400)

Washington State Employees Credit Union, Olympia, WA (4,000)

Wells Fargo, Utah

Wells Federal Bank, Wells, MN; (160)

WESC Federal Credit Union, Casper, WY (140);

West Iowa Bank, West Bend, IA

Western Illinois Credit Union, Macomb, IL;

Wright-Patt Credit Union, Dayton, OH; (17,200)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Wednesday, February 11, 2009

It Happenned To Me Again!

I am in Las Vegas this week conducting an Identity Theft presentation at a convention for a large nationwide organization. Today, I received a call from my Credit Union that my Debit Card was shut down because Mastercard had called them and said my card had been compromised.

Here I am with no credit cards with me and a useless debit card. Luckily, my room was already paid for and for friends with me or I would have had to have somebody wire me some cash.

I always tell people, it's not if Id Theft will happen to you BUT WHEN!

Here's a video on how thieves card easily get your credit/debit card info.

Wednesday, February 4, 2009

Average Cost of a Data Breach is Now $202

Average Cost of a Data Breach is $202 Per Record
Annual Study Shows 2.3 % Increase Over 2007
February 2, 2009 - Linda McGlasson, Managing Editor

The news of the Heartland Payment Systems (HPY) data breach gives new meaning to an annual study of what such a breach truly costs a business.
The average cost of a data breach was $202 per compromised record in 2008, according to the Ponemon Institute's Cost of Data Breach study. This represents a 2.3 percent increase from 2007, when a data breach cost an average of $197 per record. In 2006, the average cost was $182 per record.
The average total cost per reporting company was more than $6.6 million per breach, ranged from $613,000 to almost $32 million.
The study also shows that the cost of lost business continues to carry the highest impact, averaging $4.59 million, or $139 per record compromised, notes Larry Ponemon, chairman and founder of the Ponemon Institute. Lost business now accounts for 69 percent of data breach costs, up from 65 percent in 2007 and 54 percent in the 2006 study.
Third-party data breaches are on the increase, and they cost more. Breaches by third-party organizations such as outsourcers, contractors, consultants, and business partners were reported by 44 percent of respondents, up from 40 percent in 2007, 29 percent in 2006, 21 percent in 2005. Per victim cost for third party flubs is $52 higher, says Ponemon -- $231 compared to last year's $179. (Full text at bankinfosecurity.com)

Tuesday, February 3, 2009

Heartland Data Breach: 27 New Institutions Linked

The latest institutions to announce their connection to the breach are:

Warren Federal Credit Union, Cheyenne, MT;
Idadiv Credit Union, Nampa, ID;
Gate City Bank, Fargo, ND;
Provident Bank, Baltimore, MD;
MidFirst Bank, Tulsa, OK;
HealthFirst Federal Credit Union, Waterville, ME;
Sovereign Bank, Northeast U.S.;
Trustmark Bank, Jackson, MS;
Platte Valley Bank, Scottsbluff, NE;
Monroe Bank & Trust, Monroe, MI;
Bank of Oklahoma, Tulsa, OK;
BancFirst, Oklahoma City, OK;
CU Community Credit Union, Springfield, MO;
First Bank Blue Earth, Blue Earth, MN;
Wells Federal Bank, Wells, MN;
St. Mary's Bank, Manchester, NH;
Triangle Credit Union, Nashua, NH;
Bellwether Community Credit Union, Manchester, NH;
State Employee's Credit Union (SECU), Raleigh, NC;
Innovations Federal Credit Union, Bay County, FL (400 cards);
Summit Federal Credit Union, Rochester, NY (500 cards);
The Bank of Fayetteville, Fayetteville AR;
Farmers and Merchants Bank, Stuttgart, AR;
Arkansas County Bank, Stuttgart, AR;
The Central National Bank and Trust Company of Enid, Enid OK, (1600);
Adams Bank & Trust, Grant, NE;
Valley Bank & Trust, Gering, NE (16).

Sunday, February 1, 2009

Monster.com Data Breach

I missed this one last month. Monster.com announced they had a data breach. Below is their official breach alert.

Monster Database Security Breach Official Alert
January 23, 2009

As is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database. We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. The information accessed does not include resumes. Monster does not generally collect – and the accessed information does not include - sensitive data such as social security numbers or personal financial data.

Immediately upon learning about this, Monster initiated an investigation and took corrective steps. It is important to know the company continually monitors for any illicit use of information in our database, and so far, we have not detected the misuse of this information.

In order to help assure the security of your information, you may soon be required to change your password upon logging onto the site. Please follow the instructions on the site. We would also recommend you proactively change your password yourself as an added precaution. We regret any inconvenience this may cause you, but feel it is important that you take these preventative measures.

As a further precaution, we want to remind you that an email address could be used to target “phishing” emails. Monster will never send an unsolicited email asking you to confirm your username and password, nor will Monster ask you to download any software, “tool” or “access agreement” in order to use your Monster account. Monster’s security page, http://my.monster.com/securitycenter, provides users with a substantial amount of information about different types of Internet fraud. We encourage you to review the information to learn more about what you can do to protect yourself on the Internet.

The protection of your data is a high priority for Monster. Our newly redesigned Web site has, and will continue to add, safety and security features to protect your information and we want you to feel confident using it.

We continue to devote significant resources to ensure Monster has appropriate security controls in place to protect our infrastructure, and while no company can completely prevent unauthorized access to data, Monster believes that by reaching out to job seekers, the company can help users better defend themselves against similar attacks.

We truly value the trust you place in Monster and appreciate the opportunity to continue to serve as your online career resource.

Sincerely,
Patrick Manzo

Senior Vice President, Global Chief Privacy Officer
Monster Worldwide

Subject: Resetting passwords
In an effort to ensure data security for our customers, starting Wednesday, January 28, 2009, at approximately 10:00 PM Eastern Standard Time, we will be instituting a mandatory password reset for all accounts that could potentially be affected. Those affected users will be prompted to change their password on their next login to the site, and will be notified that an email has been sent to their email account of record with a one-time password. To complete the change password process, please use this one-time password to log into your account and create a permanent password that is in compliance with Monster's password standards. Requiring these password resets helps us ensure that accounts are secure from any fraudulent activities. If you encounter any difficulties, please contact Monster Customer Service or your sales representative who can assist you.

An important thing to note is that the password change process is only initiated when you come to the Monster website and as a result an email is sent to you. Do not respond to any other unsolicited emails regarding password changes from Monster. Monster will not contact you by email regarding a password change unless you initiate such a change on the Monster website in accordance with the instructions above.

FAQ

Are you contacting consumers directly?

Monster elected not to send e-mail notifications to avoid the risk those e-mails would be used as a template for phishing e-mails targeting our job seekers and customers. We believe placing a security notice on our site is the safest and most effective way to reach the broadest audience. As an additional precaution, we will be making mandatory password changes on our site.

Have you contacted law enforcement?

We are working with appropriate law enforcement officials.

What security measures do you have in place?

Monster has made, and will continue to make, a significant investment in enhancing data security, and we believe that Monster’s security measures are as, or more, robust than other sites in our industry.

Monster has a full-time worldwide security team, which constantly monitors for both suspicious behavior on our site and illicit use of information in our database. To maintain the integrity of these security and monitoring systems, we cannot provide further details.

Will you be providing additional details about the breach?

Monster is sharing the information necessary to assist and protect our job seekers and customers. As previously mentioned, we cannot disclose specific details of the situation because we need to protect the integrity of our security systems and our ongoing inquiry into this situation.

Thursday, January 29, 2009

Heartland Update: Class Action Suit Filed

Heartland Update: Class Action Suit Filed
Processor Charged with 'Belated and Inaccurate statements' about Breach
January 29, 2009 - Linda McGlasson, Managing Editor
Exactly one week after the Heartland Payment Systems (HPY) breach was first announced to the public, the first lawsuit has been filed against the payments processor.
The class action lawsuit filed Tuesday by Chimicles & Tilellis LLP of Haverford, PA in the U.S. District Court for the District of New Jersey on behalf of Woodbury, MN resident Alicia Cooper, asserts that Heartland "made unreasonably belated and inaccurate statements concerning the breach."
The complaint says Heartland does not appear to be offering any credit monitoring services or other relief to consumers affected by the breach. Chimicles & Tilellis' complaint also says in addition to the questionable timing of the announcement of its breach, (Read Heartland Class Action suit PDF) "there are materially misleading statements and omissions in Heartland's public description of the breach and its consequences."
Heartland announced the breach in a press release on the same morning of President Barack Obama's inauguration. (Full text at www.bankinfosecurity.com)

All I can say is that Heartland better contact the best in the world for their HUGE new problem, if they haven't already, and that is Kroll Fraud Solutions. This is what they do best, protecting people from id theft and offering restoration services if an identity is compromised.

I will actually be surprised if this doesn't bankrupt Heartland because fixing the situation (helping the victims) will cost more than the fines from the FTC for the violation.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Thursday, January 22, 2009

Heartland Payment Systems Breached

Heartland Payment Systems is the 6th largest in the US. They process over 100 million credit card transactions a month for over 250,000 merchants. Hackers had been in their system for at least 2 months capturing info and transactions.

Heartland Payment Systems, Forcht Bank Discover Data Breaches
Both Companies Might be Victims of Larger Fraud Schemes
January 21, 2009 - Linda McGlasson, Managing Editor
Heartland Payment Systems, the sixth-largest payments processor in the U.S., announced Monday that its processing systems were breached in 2008, exposing an undetermined number of consumers to potential fraud.
Meanwhile, Forcht Bank, one of the 10 largest banks in Kentucky, told its customers it would begin reissuing 8,500 debit cards after being informed by its own card processor of a possible breach.
In the case of Heartland, while the company continues to assess the damages inflicted by the attack, Robert Baldwin, the company's president and CFO, says law enforcement has already noted that the attack against his company is part of a wider cyber fraud operation.
...Heartland, headquartered in Princeton, NJ, handles approximately 100 million transactions per month, although the number of unique cardholders is much lower. "It is still a question as to the percentage of the data flow they were able to get," Baldwin says, adding he would not speculate on the number of cards potentially exposed..(Full text at www.bankinfosecurity.com).

So far. Heartland sounds pretty smug about it all. They haven't offered Id Theft protection yet but said this: "Consumers will know if their card account numbers have been used by reviewing their monthly statements. Cardholders should report suspicious activity to their issuing banks (the bank that issued the card, not the card brand). If unauthorized use is confirmed, cardholders are reimbursed for the fraudulent purchases and are not held financially responsible. (Read whole statement at www.2008breach.com)

Friday, January 16, 2009

ACLU Challenging Identity Theft Investigation

Most people in Law Enforcement refer to the ACLU as the All Criminal Lover's Union. I can't remember when the ever helped someone who was not under arrest. In this case, the will challenge the validity of a search warrant in one of the biggest cases of Identity Theft in Colorado history.

ACLU questions massive ID theft case in Greeley
By Howard Pankratz
The Denver Post
A probe of one of the biggest identity theft cases in Colorado history will be undertaken by two grand juries although the ACLU of Colorado says it is "highly likely" it will challenge the legality of the investigation.
The grand jury probe stems from the seizure last October of 4,900 tax files from Amalia's Translation and Tax Service in Greeley by the Weld County Sheriff's Office.
...Sheriff's deputies discovered that out of the nearly 5,000 files seized, there were 1,338 suspected cases of identity theft or criminal impersonation on tax returns filed in 2006 and 2007.
At the time, investigators said many people using the tax service were obtaining false names and Social Security numbers in a massive identity-theft scam.
Authorities traced approximately $2.6 million in payments to illegal immigrants using phony Social Security numbers who used the tax service, said Weld County District Attorney Ken Buck.
...Specifically, Weld County District Judge James Hartmann said he didn't believe that a state court had jurisdiction to issue a search warrant for federal tax files. Federal tax return information in the possession of a tax preparer falls within the confidentiality mandates of federal statute, said Hartmann.

....In a letter to Klein, Silverstein said it is "highly likely" that the ACLU will file a civil lawsuit on behalf of Cerrillo seeking the return or destruction of copies of the materials seized from her business.
"We are concerned about what appears to be an illegal search and seizure and an illegal invasion of the constitutional rights not only of Amalia but also her 5,000 clients and customers," said Silverstein. (Full text at www.DenverPost.com)

Tuesday, January 13, 2009

Big Brother Helping ID Theft Victims in New York

A new State law in New York will assist victims of Identity Theft. The State Consumer Protection Board must help clean up your credit. A victim will get financial compensation for the time they spend fixing their credit (which could be in the 100's of hours). Victims will also now be able to freeze their credit via the telephone or the internet.

I tried to import a news video of the story but had problems. You can see the video by clicking here. The story starts at 1:15. After the commercial.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Monday, January 12, 2009

16,000 Katrina evacuees personal information posted on two Web sites

FEMA's Katrina evacuee info on Web sites spurs probe
By Mike Hasten • mhasten@gannett.com

BATON ROUGE — An investigation into a security breach in Texas has found that an agency providing services to Hurricane Katrina evacuees inadvertently allowed the names and personal information of more than 16,000 evacuees to be posted on two Web sites.

The Federal Emergency Management Agency was not responsible for the breach but has taken steps to prevent the evacuees from becoming victims of identity theft, said spokesman Andrew Thomas, of FEMA's office in Baton Rouge.

...An investigation found 16,857 lines of data had been posted on a site publicly displaying information about evacuees from Louisiana, Mississippi and Alabama who had been transported to Texas....

..."We immediately worked to have it removed from public view," Thomas said.
A few days later, FEMA found another Web site had the same information.
The agency was able to get that information pulled down, too.
"FEMA did not release this information," Thomas said...
...Regardless, FEMA notified all of the 16,857 people by telephone and later by letter that the breach had occurred.
The federal agency purchased identity theft insurance and enlisted the services of an identity theft protection service...(Full text at Shreveporttimes.com)

Friday, January 9, 2009

Dumb and Dumber

You tell me who is Dumb and who is Dumber after reading this article. An illegal immigrant uses someone else's social security number to obtain employment, buy a $33k truck, obtained $787,000 in loans and had bought 2 cars since 2001 with the same SSN.

Illegal immigrant pleads guilty to ID theft
Mike Sakal, Tribune January 8, 2009 - 2:19PM
An illegal immigrant from Mexico who was living in Mesa, is facing at least two and a half years in prison for identity theft-related offenses after he bought a $33,000 truck and racked up nearly $800,000 in loans by using another person’s Social Security number, the Maricopa County Attorney’s Office announced today.

Adan Guerrero, 37, pleaded guilty to one count each of identity theft and fraudulent schemes and artifices in Maricopa County Superior Court on Thursday....

...At the time of his arrest in June, Guerrero told police they should be arresting real criminals and not a good family man, according to the county attorney’s office...(Full text at www.eastvalleytribune.com)

Now who is dumber, the victim who allowed somebody to use their SSN for almost 8 years, or the criminal. Personally, I check my credit report 3 times a year. What I don't understand is how the victim dealt with IRS since obviously there were tax returns involved.

unless..it was an inside job.

Postmaster Justice will get Justice

Times must be getting hard for everyone because now the Postmaster, Jennifer Justice, in Bethel, Ohio has been charged with identity theft.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Thursday, January 8, 2009

Ex-Diplomat from Pakistan Victim of Identity Theft in Canada

Ex-diplomat falls victim to identity theft
Tuesday January 6 2009
By NOUMAN KHALIL

An ongoing hush-hush investigation into a suspected case of identity theft that has just surfaced - and which had shaken the diplomatic mission of Pakistan in Canada in 2007 - is raising doubts and fears among the community.

The issue came to light after more than a year when Shoaib Sarwar, former vice consul of Pakistan in Toronto, went public to say he had fallen victim to identity theft.

"I was shocked to hear that I own a property in Canada," Sarwar informed SA Focus this week via an email from New York where he is currently pursuing higher studies.....

...The Pakistani mission in Toronto refused comment. Sarwar said he had officially informed Canadian and Pakistani foreign ministries and reported the matter to Toronto Police in Nov. 2007... (Full text as SouthAsianFocus.com)

Wednesday, January 7, 2009

Data Breach reports increased dramatically in 2008

The Identity Theft Resource Center’s (ITRC) 2008 final breach report reached 656 reported breaches at the end of 2008, reflecting an increase of 47% over last year’s total of 446. In terms of sub-divisions by type of entity, the rankings have not changed between 2007 and 2008 within the five groups that ITRC monitors. There was a total of 35,691,255 records exposed.

According to ITRC reports, only 2.4% of all breaches had encryption or other strong protection methods in use. Only 8.5% of reported breaches had password protection. It is obvious that the bulk of breached data was unprotected by either encryption or even passwords.

Clicking on the above title will take you to the whole story at IRTC. Click here to read the breach list report, all 201 pages.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Monday, January 5, 2009

RBS Worldpay Breach - 1.5 million victims

This is probably the largest security breach at the end of 2008. RBS WorldPay (formerly RBS Lynk), the U.S. payment processing arm of The Royal Bank of Scotland Group, announced on 12/23/08 that it had an unauthorized access to its system and about 1,5 million people may have had certain information taken with 1.1 million possibly having their social security numbers accessed. The event actually occurred on 11/10/08.

1.5 million individuals affected in RBS WorldPay breach
Angela Moscaritolo

Electronic payment processing service, RBS WorldPay, last week disclosed a data breach affecting 1.5 million cardholders.

Atlanta-based RBS WorldPay processes electronic payments, such as debit, credit and ATM transactions. It also processes gift card and payroll card transactions.

An unauthorized user accessed the company's computer system, and personal information of 1.5 million gift card and payroll cardholders may have been compromised, a company spokesman told SCMagazineUS.com on Monday. Personal information of payroll cardholders – including names, addresses, dates of birth, Social Security numbers – may have been accessed....

...Since the breach, identified Nov. 10, there have been approximately 100 instances of actual fraud, where cards were used to conduct fraudulent transactions. Victims will not be held financially responsible for fraudulent withdrawals, the spokesman said.... (Full text at SCMagazine.com)

Tuesday, December 23, 2008

Top 10 Security Breaches of 2008?

The following is an article from Bank Info Security and what they feel were the top 10 Security Breaches in 2008 and the lessons that were learned. As usual, clicking on the above title will take you to the whole article. The links on each numbered breach below will take you to an in-depth article regarding that particular breach.

Top 10 Security Breaches of 2008
Ghost of Christmas Past (TJX) Still Casts Specter on Present and Future
December 22, 2008 - Linda McGlasson, Managing Editor

From Hannaford to Countrywide to the Bank of New York Mellon, 2008 has been a year of high-profile security breaches in or impacting the financial services industry. Here's our list of the top 10 - and lessons that should be learned, so we aren't back revisiting these issues in '09.
1. TJX Case Winds Up, Arrests Made
The August arrest of 11 alleged hackers accused of stealing more than 40 million credit and debit cards brings law enforcement closer to closing what is still the largest hack ever.
2. Bank of New York Mellon
An unencrypted backup tape with 4.5 million customers of the Bank of New York Mellon went missing on Feb. 27, after it was sent to a storage facility.
3. Hannaford Data Breach
In March, the Maine-based Hannaford Brothers grocery store chain announced that 4.2 million customer card transactions had been compromised by the hackers. More than 1800 credit card numbers were immediately used for fraudulent transactions.
4. Countrywide Insider Theft

In August, a former Countrywide Financial Corp. senior financial analyst, Rene Rebollo, was arrested and charged by the FBI for stealing and selling sensitive personal information of an estimated 2 million mortgage loan applicants.
5. GE Money Backup Tape Goes AWOL
Early in January, Iron Mountain said it could not find a backup tape that belonged to GE Money, containing information on about 650,000 J.C. Penney customers and the other 100 retailers.
6. RSA Report: Half-Million Banking ID's Stolen
In November, security vendor RSA said it found a single Trojan that had taken more than 500,000 online banking accounts credentials, credit cards and other resources.
7. Compass Bank Hard Drive Stolen, 1 Million Accounts Taken
At the sentencing of a former bank programmer at Compass Bank in Birmingham, AL. in March, it was revealed that the accused had stolen a hard drive with 1 million customer records and used it to commit debit-card fraud.

Lesson Learned: Compass Bank dodged a bullet in terms of cost on this breach. It would have had to notify all 1 million customers of the compromise of their data had the hard drive theft been in a state that requires notification. Other than the 250 customers that Real took money from, no other customers were notified of the data loss. That means that 999,750 of the other 1 million customers weren't notified of the potential risk.
8. Ski Resort Okemo Suffers Hannaford-Like Data Breach
In an attack similar to what hit Hannaford Brothers in March, the Okemo Ski Resort in Vermont said in April it had been hit by hackers that installed malicious software to capture credit card data as it was being processed at the resort.
9. Retailer Montgomery Ward
Six months after a breach happened at the parent company of the Montgomery Ward website, the company Direct Marketing Services finally began notifying customers that their credit card information was stolen in the hack. At least 51,000 records were stolen....

10. More Than $5 Million Taken By ATM Capers

In June, two men were charged with making hundreds of withdrawals from New York City ATMs, grabbing $750,000 in the process,....One of the same accused also allegedly took $5 million in withdrawals from iWire prepaid MasterCard accounts.

Friday, December 19, 2008

Busy Week and Security Breach Update

I can't believe it's been a over a week and I haven't posted anything. It's been a busy week with getting ready for the Holidays and getting a new Red Flags Rule presentation completed as well as working on an Identity Theft Awareness Seminar.

Hopefully, all will be back to normal in a few days. Meanwhile, clicking on the above title will take you to the latest security breach report. This week the total is up to 623 security breaches but the total records exposed is still at 34,028,410. Obviously, the recent companies that were breached have not released any figures yet.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Wednesday, December 10, 2008

Security Breaches Update

The Identity Theft Resource Center compiles an ongoing Security breach list and publishes it weekly. It presents individual information about data exposure events and running totals for the year.

As 12/09/08, the totals for this year are now 614 breaches with 34,028,011 records exposed.

Actually, the number of records exposed (possibly your personal information) is much higher. To understand why I say this, one only has to look at the report and see how many breaches have a zero listed as the number of records exposed.

Still think your information is safe?

To view this report, click here or on the title of this post.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Tuesday, December 9, 2008

Update on Class Action Complaint Against Lifelock

Clicking on the above title will take you to the pdf of the actual class action complaint filed against Lifelock. You can read all items of the complaint and why it was filed in March 2008.

You will notice that Grant Woods, PC is also listed as an attorney for the plaintiff. He is the former Arizona Attorney General.

I spoke with Attorney Leonard Aragon at the law firm of Hagens Berman Sobol Shapiro LLP. He told me that 15 cases, against Lifelock, which have been filed nationwide have all been brought together in Arizona at the United States District Court under Honorable Judge Mary H. Murguia

As soon as more information is available, I will let everyone know. The case could take 1-3 years.

Click here to visit the website of the law firm of Hagens Berman Sobol Shapiro LLP. They are the firm who has filed the complaint. Their main focus is to represent plaintiffs in securities, investment fraud, product liability, tort, antitrust, consumer fraud, employment, environmental, and ERISA cases. In doing so, their firm has become particularly skilled at managing multi-state and nationwide class actions through an organized, coordinated approach that implements an efficient and aggressive prosecutorial strategy in order to place maximum pressure on the defendant.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Sunday, December 7, 2008

Interesting Articles From This Past Week

Since my last post, I was out of town again with the Crime Victims Coalition. Below are some of the more interesting articles in the world of Id Theft while I was gone. Just click on the title of the article to read the whole story.

Feds nab more members of alleged identity theft gang
Four more U.S. residents accused of using stolen data to take millions from bank accounts

By Jaikumar Vijayan
December 2, 2008 (Computerworld) Federal authorities say they have taken another step toward busting a multinational identity theft ring that is alleged to have used stolen personal data to withdraw millions of dollars from home equity line-of-credit accounts at dozens of financial institutions in the U.S., including some of the country's largest banks.

Four individuals were arrested last week in connection with the alleged scheme, which has resulted in more than $2.5 million being stolen from the affected financial institutions, according to law enforcement officials. Another $4 million worth of attempted withdrawals by the gang were unsuccessful, the U.S. attorney's office in New Jersey said in announcing the arrests last Wednesday (download PDF).
...The identity theft gang operates in the U.S. as well as the U.K., Canada, China, Japan, Vietnam, South Korea and several other countries, the court documents said...
... The documents said that accounts were compromised at Citibank, JPMorgan Chase, Wachovia, Bank of America and "dozens" of other banks and credit unions, including the Navy Federal Credit Union, U.S. Senate Federal Credit Union and State Department Federal Credit Union...
Theft of children's identities often goes unnoticed for years

Social Security numbers can make kids easy targets
By Diane C. Lade |South Florida Sun-Sentinel
December 1, 2008
Randy Waldron Jr. deposited his first paycheck when he was an infant. By the time he was in elementary school, he had bought and sold property, cars and restaurants and racked up tax liens because of financial problems.

He had a felony record at age 7.

At least so said credit reports, property records and court documents. But the true culprit, Waldron said, was his estranged father, Randolph Waldron Sr., of Loxahatchee, who covertly used the boy's Social Security number for 22 years, beginning shortly after his birth.

....The Federal Trade Commission estimates about 500,000 identity theft incidents annually involve children under age 19, with the majority of the thefts occurring between birth and age 5. That's about 5 percent of all suspected ID theft cases. Federal officials said they have seen the numbers rise slightly during the past several years.

'Jackal' jailed for identity theft of dead boy

Published Date: 28 November 2008

AN Edinburgh man who obtained a false passport using the identity of a dead child has been jailed.

Gerald Duffy, 39, used the method outlined in Frederick Forsyth's bestseller The Day of the Jackal to get the document. He applied for the passport using the birth certificate of Andrew Lappin, who died in a road accident in 1972, aged three, and then used it to open a bank account.

Jailing Duffy – who lived in Newbattle Terrace in Morningside – for four years and nine months, judge Lord Turnbull told him: "You opened a bank account in a false name and then used it to pay for flights abroad and overseas hotels where you would have used the false passport. I consider there was a sinister and sophisticated aspect to all of this. The insult to the family of Andrew Lappin and the upset it caused them is obvious."

Man steals toddler's identity
Nov 27, 2008

A man in North Carolina stole the identity of a three-year-old girl to sign up for phone and gas accounts.
When the little girl's grandmother started getting bills in the child's name and a collection agency arrived at their home, she called police.
The services were traced to Michael Maris, who was charged with identity theft.

Friday, November 28, 2008

Black Friday and Cyber Monday

With Black Friday today and Cyber Monday fast approaching, consumers are entering into the most active spending period of the year. Reinforced by the soft economy, this is "high season" for identity theft with identity thieves seeking to take advantage of shoppers. Identity theft generally rises during the holidays because thieves assume that consumers aren't paying attention to their credit card purchases, debit card purchases, receipts etc. as closely.

Retailers on Black Friday - the day after Thanksgiving and the unofficial beginning of the holiday season on which retailers first start to turn a profit and are "in the black" - rake in over $2 billion in a single day, according to the NPD Group.

Consumers numbering over 72 million collectively spend about $700 million, according to the National Retail Federation, on the Monday after Thanksgiving, a day known for exclusive online sales that has recently been deemed Cyber Monday.

That enormous pool of shoppers, however, serves as a breeding ground for identity theft. Last year, consumers reported a loss of $1.2 billion to fraud and identity theft, according to the Federal Trade Commission, much of those losses coming during the holiday season.

As a Certified Identity Theft Risk Management Specialist, I am offering basic tips to help consumers avoid putting their identity at risk during the 2008 holiday season. In addition to watching budgets this season, consumers also need to be vigilant in the face of possible identity theft.

Use credit cards instead of debit cards: Under the Fair Credit Billing Act, Credit Cards provide consumers protection again fraudulent charges and your liability is limited to $50. You also have the right to dispute charges and withhold payment during investigation. However, debit cards are entirely different. Although they market themselves to deliver the same protection, they are not required to by any law. Bottom line, your liability for fraudulent charges is the entire amount in your checking account as well as the credit line you have been authorized to receive.

Use a single credit card to consolidate your purchasing: The more credit cards open in your name, the greater the risk that a thief will obtain the account information for one (never mind that having numerous cards with big lines of credit can be a bad temptation and can actually drag down your credit score--even if you don't have balances). It's also easier to monitor a single statement for signs of fraud, and you won't incur the annual fees associated with having multiple cards. Make sure to cross-check all your receipts against your statements to see that they match.

If you write "SEE ID" on the back of credit cards: Make sure you also sign the card. If you don't sign the back, you may violate the issuers agreement and you will be liable for any thefts.

Shop on secure sites and be wary!: While the majority of identity fraud occurs offline, identity theft is also a problem online. You must exercise caution when shopping on the web. Stick to sites that you know are legitimate, and if you are trying a new site for the first time, here are a few things to look for: the URL should have "https" in the shopping cart; there should be a lock icon on the bottom right hand side of the window and look for icons that indicate site safety (the Better Business Bureau, VeriSign and Hacker Safe icons).

Watch out for "phishing" and "vishing" scams: These scams can be a real problem, as identity thieves try to play on people's generosity during the holiday season. Phishing emails often take the forms of requests purporting to be from a bank or credit card company; they ask you to "verify" account information such as login and password or they request a donation or assistance for the less fortunate during the holidays. Vishing scams--which involve fraudulent calls—seek to exploit consumer concerns over fraud by seeming to offer fraud prevention assistance. The bottom line: no legitimate vendor will ask for your login and password via email or on the phone.

Be careful when using ATMs: Only use ATMs with monitoring cameras, such as those in bank lobbies. Avoid kiosk ATMs, those freestanding units often do not have cameras and are statistically more likely to be infected by skimmers (electronic devices that allow thieves to record account and PIN numbers). "Shoulder Surfing" can also be a problem at a crowded mall. While you assume that the man behind you is uncomfortably close because of mall crowding, he may actually be looking over your shoulder trying to get your login.

Place fraud alerts to prevent new credit card accounts from being opened: Free fraud alerts placed on your credit report are good for 90 days (if you can demonstrate that you've been an identity theft victim, they can be set for 7 years) and, in combination with other proactive measures, can be used to help to prevent identity theft.

An Identity is stolen every 2-3 seconds in the U.S. If you would like to educate yourself further about the fastest growing crime, which has now exceeded drug trafficking for revenues, then visit www.stopidtheftcrime.com
Identity Theft Shield by Kroll, Inc., the largest Risk Consulting firm in the world and Pre-Paid Legal Services offer the best suite of services to help consumers safeguard their privacy and identity and offer restoration if your identity is compromised. Restoration is important because if you have your identity compromised, on average it will take you 600 hours and $6000 to fix the problem yourself. This is according to President Bush's Identity Theft Task Force in their recent report.

Pre-Paid Legal is a 36 year old NYSE company currently traded at over $40 (as compared to the Big 3 under $2). They have 3 former Attorneys General on their advisory board and are endorsed by the President of the US Chamber of Commerce. They offer plans for individuals and businesses up to 99 employees.

Please let me know if you have any questions or if you’d like more information. Thanks for your time and a Happy and Blessed Thanksgiving to you and your family.

Joe Nollet, CITRMS

(909) 208-3728
To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Monday, November 24, 2008

Express Scripts Warns of Potential Large Data Breach Tied to Threat

Express Scripts Warns of Potential Large Data Breach Tied to Threat
ST. LOUIS, Nov 6, 2008 (GlobeNewswire via COMTEX News Network) -- Express Scripts (Nasdaq:ESRX), one of the largest pharmacy benefit management companies in North America, today announced that it has received a letter from an unknown person or persons trying to extort money from the company by threatening to expose millions of the company's patients' records.

The letter included personal information of 75 members, including their names, dates of birth, social security numbers, and in some cases, their prescription information. The company said it has notified the affected members. It also immediately notified the FBI, which is investigating the crime. The company also said that it is conducting its own investigation with the help of outside experts in data security and computer forensics. The letter arrived in early October.

"We have been conducting a thorough investigation since we received this threat and we are taking it very seriously," said George Paz, chairman and chief executive officer. "We are cooperating with the FBI and are committed to doing what we can to protect our members' personal information and to track down the person or persons responsible for this criminal act."(Full text at express-scripts.com)

And a followup report states that Express Scripts has hired Kroll, Inc. to assist with the Identity Theft investigation and protection of its clients.

Express Scripts Reports New Threats Tied to Data Security Breach

Company Announces $1 Million Reward

Company Hires Kroll to Offer Data Security Consultation, Investigation and Restoration to Its Members
ST. LOUIS, Nov. 11, 2008 (GLOBE NEWSWIRE) -- Express Scripts (Nasdaq:ESRX), one of the largest pharmacy benefit management companies in North America, announced today that a small number of its clients have received letters threatening to expose the personal information of its members. The threats are believed to be connected to an extortion threat the company made public last week.

The letters, which were received by Express Scripts' clients in the past few days, are similar in form to the one that Express Scripts said it received in early October from an unknown person or persons threatening to publicly expose millions of the company's members' records if an extortion threat was not met. That original letter included the personal data of 75 Express Scripts members. The company publicly disclosed the extortion threat last week and is notifying affected members.
...In a separate announcement, Express Scripts said it would offer its members free identity restoration services if they become victims of identity theft because of this incident...
...Express Scripts said it has contracted with Kroll, a New York-based risk-consulting firm and global data security leader to offer expert assistance to its members if they have become victims of identity theft because of this incident. (emphasis added) The members will have access to Kroll's expert consultants and licensed investigators who will work with them to evaluate their cases and determine the appropriate course of action. Express Scripts said that it is not aware of any actual misuse of its members' data.
Details about Kroll's services and the identity restoration offer can be found at www.esisupports.com...
About Kroll

Kroll, the world's leading risk-consulting company, provides a broad range of investigative, intelligence, financial, security and technology services to help clients reduce risks, solve problems and capitalize on opportunities. Kroll Inc. is a wholly-owned subsidiary of Marsh & McLennan Companies, Inc. (NYSE:MMC), the global professional services firm. Kroll began providing identity theft solutions in 1999 and created its Fraud Solutions practice in 2002 in response to increasing requests from clients for counsel and services associated with the loss of sensitive personal information, and related identity protection and restoration issues facing organizations and individuals.

For more information, visit: www.krollfraudsolutions.com. (Full text at ExpressScripts.com)

Now there should be no question as to why I only offer the Identity Theft Services from Kroll, Inc. They are the world leaders!

Friday, November 21, 2008

FBI busts ID theft ring targeting NW health club customers

FBI busts ID theft ring targeting NW health club customers
By TERESA YUAN, NWCN Staff

SEATTLE, Wa. -- Federal agents said they caught a key suspect in an identity theft ring that stretched from Seattle to the Portland-area and targeted health club customers.
gents arrested the so-called "leader" of the group, Gabriel Jang. They searched Jang's house near Seattle Thursday.

Federal prosecutors said the group would steal credit cards from gym locker rooms in Washington and Oregon as well as Colorado and Georgia. The suspects then altered the credit cards and made fake identification cards. Prosecutors called it an elaborate set-up.
(Full text at www.kgw.com)

Thursday, November 13, 2008

Today, I offer you a few good articles.

Stolen Hard Drives Spark Identity Theft Concerns
David Goodhue - AHN ReporterTucson, AZ (AHN) -

Hard drives containing sensitive information regarding 40,000 children in Arizona were stolen from a Phoenix storage unit in mid-October, state officials said this week.
The hard drives were stolen from a storage unit used by the Arizona Department of Economic Security and contain information about children whose families were interested in DES programs. (Full text at allheadlinenews.com)
Nation's first encryption law
Greg Masters

For the first time in the United States, a law specifies that encryption be used for the transmission of any electronic data. Nevada's NRS 597.970, which went into effect on Oct. 1, states: “A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of electronic transmission.”

While 39 states have already passed data protection laws, most requiring disclosure of breaches, and several other states with data laws introduced, Nevada's statute is thought to be the first law requiring encryption of transmitted data. (Full text at SCmagazine.com)

ID Theft Red Flags Rule: FTC Extension is no 'Break'
Enforcement Delayed for FTC-Governed Institutions; Liability is Not
November 12, 2008 - Linda McGlasson, Managing Editor
State-chartered credit unions may think they've at least temporarily dodged the enforcement bullet re: the Identity Theft Red Flags Rule. But just because the Federal Trade Commission (FTC) pushed back the compliance enforcement deadline for these institutions doesn't mean that they can take a break, industry experts say.
In fact, compliance will be a huge challenge for non-banking entities and those state-chartered credit unions, says Debra Geister, Director of Fraud Prevention and Compliance Solutions at Lexis-Nexis, an information services provider. While the bigger, federally-regulated banking institutions have pre-existing programs in place to meet the ID Theft Red Flags Rule under the Fair and Accurate Credit Transactions Act (FACTA) requirements -- including a Customer Identification Program -- they are still struggling to meet compliance with the guidance, which had been estimated by federal regulators to take anywhere from 20 to 40 hours of work to be compliant.
.."Many businesses don't realize that point, that even though the FTC isn't enforcing compliance, it doesn't mean those businesses won't be liable if a data breach or loss of information occurs," Geister notes. The key issue is that the law was effective January 1, 2008. It was only the compliance portion that was not being enforced until November 1.
...However, it's much different for non-banking entities,..."If I were a business on the FTC side of enforcement, I would be nervous. At any time it could fall directly into your lap, and at $2500 per infraction.....
..The FTC will look to put some "heads on sticks" when enforcing this regulation, predicts Geister. "They anticipate non-compliance, and when a business is hit with a breach, they will march you out to the center of the square and shoot you publicly." (Full text at www.bankinfosecurity.com)

To read more on the FTC extension and Red Flags Rule from my October 25 post - click here.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Wednesday, November 12, 2008

Security Breaches Update

The Identity Theft Resource Center compiles an ongoing Security breach list and publishes it weekly. It presents individual information about data exposure events and running totals for the year. My last blog update on these security breaches was on 10/28/08. At that time, there had been 544 Security Breaches with 30,422,125 records exposed.

As 11/11/08, the totals are now 570 breaches with 41,355,511 records exposed. In 3 weeks, that is about a 36% increase in the number of records exposed!

Actually, the number of records exposed (possibly your personal information) is much higher. To understand why I say this, one only has to look at the report and see how many breaches have a zero listed as the number of records exposed.

Still think your information is safe?

To view this report, click here or on the title of this post.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Tuesday, November 11, 2008

Former Massachusetts inmate charged with Identity Theft

Former Massachusetts prisoner charged with identity theft
by Sachin Seth
Francis Janosko, 42, a former inmate at Plymouth County Correctional facility in Plymouth, has been arrested on charges of identity theft and damage to the prison’s computer network, according to the Department of Justice.

Janosko allegedly found a way to manipulate research computers so that he and other inmates could access files that contained the names, birth dates, phone numbers and Social Security numbers of more than 1,000 current and former prison employees, the DOJ reports. (Full text at blastmagazine.com)

After working over 23 years for the Department of Corrections, this does not surprise me at all. Inmates are given way to many liberties while incarcerated.

Thursday, October 30, 2008

Protecting Your Children From Identity Theft

Protecting Your Children From Identity Theft

NEW YORK (CBS) ― There are a number of school programs teaching children about the importance of money, but consumer advocates say kids need to learn about protecting themselves from the growing crime of identity theft.

Zach Friesen is looking at a promising future that was almost derailed by a crime he didn't commit. His identity was stolen back when he was just 7 and he didn't find out until he applied for a job and college loans.

...Experts say more than 400,000 children have their identities stolen each year. ..

(Full text at wcbstv.com)

Here is a video titled Stolen Futures produced by IRTC.

FBI sting busts 56 for buying, selling stolen credit card data

FBI sting busts 56 for buying, selling stolen credit card data

Fifty-six people have been arrested for their unknowing association with an FBI-run online forum that traded stolen credit card information, authorities revealed on Thursday.

At its height, the DarkMarket forum counted 2,500 people as registered members, the FBI said in a statement. Authorities estimate the sting helped save $70 million in victim losses.
(Full text at www.scmagazineus.com)

Kudos to the FBI for the excellent job.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com