Most identity theft victims will never know how it happened. The results of the “the analysis of information remaining on disks offered for sale on the second-had market” study might provide some insight, if not comfort.

To put it briefly, what this international study found was that 2 out of 3 second-hand computers are sold with data remaining on their hard drives. As is that weren’t alarming enough, that’s a significant decline from last year’s finding that 45 of all computers examined were wiped clean before being sold. (more…)

Bookmark It

Hide Sites

Joe Wurzelbacher initially shied away from the glare of celebrity, but soon his name was in all the major newspapers and on the lips of every TV broadcaster. Now most Americans know him better as “Joe the Plumber” and he seems to welcome the spotlight.

The problem with fame, though, is that soon people want to know even more about you. That must have been the motivation behind all the illegal searches of Joe’s Ohio state government records.

The Ohio State Highway Patrol is conducting an investigation into illegal searches involving Wurzelbacher’s records with the Cuyahoga County Child Support Enforcement Agency, the Ohio Department of Jobs and Family Services and the Ohio Bureau of Motor Vehicles. (more…)

Bookmark It

Hide Sites

A 15-year-old student at Shenendehowa Central School (NY) has been charged with three felonies after he accessed a database containing the personal information of 250 past and present transportation employees’ personal information including their Social Security numbers.

The hacker (obviously a bright kid) sent an e-mail reading “Look what I have” and signed “A Student” to the school principal, and was identified within a couple hours. (Well, maybe not that bright.) (more…)

Bookmark It

Hide Sites

There have been two more data breaches in the past week that give more evidence of how vulnerable we all are to identity theft. In both cases, personal information was posted on public websites.

October 13: One thousand former students at Southwest Mississippi Community College were affected by a data breach. Their names, addresses, and in some cases, Social Security numbers were inadvertently posted on the Internet.

October 15: The City of Indianapolis posted the personal information of 3,300 people on their new website. The names, dates of birth and Social Security numbers of people who were charged with minor offenses in 2006 and in 2007 were part of a spreadsheet that was accidentally posted on the Internet. (more…)

Bookmark It

Hide Sites

A new law in Nevada forces businesses to encrypt customer data that could result in identity theft. Big national companies and small business owners, like hairdressers and deli operators, can no longer send and receive personal or financial information via email or Internet without encrypting or password protecting the data.

The law makes the business owners legally liable if unprotected electronic data results in identity theft or data breaches. Unlimited civil penalties will be applicable for non-compliance that results in a security breach. If the information has been protected in compliance with the new law, damages will be capped at $1,000. That amount might not sound like much, but it will be applied to each customer, and for each occurrence. (more…)

Bookmark It

Hide Sites

Blue Cross Blue Shield is the oldest and largest health insurance company in the country, providing health insurance to every one in three Americans. They identify themselves as “a federation of 39 independent, community-based, locally owned companies.” Unfortunately, they aren’t doing a great job of securing their customers’ personal information.

The most recent of nine Blue Cross Blue Shield data breaches occurred September 30 in Louisiana when an email was sent out to brokers. The names, addresses, phone numbers and Social Security numbers of 1,700 customers were exposed when an attachment was inadvertently sent out with the email.

Compared to other recent data breaches that left millions of Americans vulnerable to identity theft, this data breach is small. But since February 2006 Blue Cross Blue Shield has suffered eight other information losses that have affected a total of more than 900,000 of their customers. (more…)

Bookmark It

Hide Sites

You can blame data breaches on the hackers all you want, but a new survey places the blame squarely on the organizations storing your data. Only half of the companies who admitted to having data breaches notified police or other authorities. Only 40% bothered to tell their customers.

Logica, and IT security firm, surveyed 300 corporate and governmental organizations. Fewer than one in three of the companies surveyed provide staff trainings on information technology security. Another alarming discovery is that 57% of respondents said they have “no idea” what the consequences would be if they did have a data breach. (more…)

Bookmark It

Hide Sites

State Farm Insurance announced this week that one of their employees help himself to customers’ names, addresses, Social Security numbers, driver’s license numbers, and maybe even their financial account numbers. The information was then used to open credit card accounts.

This latest data breach brings the number of records exposed to data breaches to more than 244 million since 2005 when the Privacy Right Clearinghouse began tracking them. In many instances the government or corporate agencies involved can’t determine how many records were lost or stolen, so the total number of records is assumed to be much higher. (more…)

Bookmark It

Hide Sites

This Labor Day week has been a busy one for identity thieves. Stolen laptops, personal and financial information posted to websites, and credit card readers contributed to the many data breaches that occurred in the last week of August and the first week of September.

If you eat at McDonalds, are a student, a retired police officer or firefighter, or use MasterCard, you may be among those whose information was compromised this week. If so, you may be a likely candidate for identity theft. (more…)

Bookmark It

Hide Sites

Personal and financial information belonging to at least 1 million bank and credit card customers has been sold on eBay for a lousy $65.

Here’s how it happened: A former employee of Mail Source—a subsidiary of Graphic Data—took a computer from a secure area, and sold it on eBay without first wiping the hard drive clean.

Graphic Data is a data processing company that stores digital images of other companies’ documents.

On the computer was very sensitive personal and financial information of clients from American Express, Royal Bank of Scotland and NatWest. Applications for credit, existing account data and balance transfer applications were on the computer.

The information included names, addresses, phone numbers, dates of birth, credit card and bank account numbers, passwords, income information, mothers’ maiden names and signatures. (more…)

Bookmark It

Hide Sites