Tuesday, March 30, 2010

Longer Term Effects of ID Theft

The story below may be a great example of how identity theft can occur at any time from some unlikely sources. A person takes out a student loan and gives their personal information out. An incident like this happens and they get the obligatory "credit monitoring" service. Yet several years later they find that they have been victimized in a dozen non-credit types of crimes. They find that mysteriously their medical insurance policy is waivered due to multiple false claims made. They discover that dozens of small retail accounts have been opened purchases were made and never paid. Now they are being hounded by credit recover agencies or attorneys trying to collect on bad debt. During a routine traffic stop they find warrants have been issued because their ID was used with police after multiple traffic violations. They are arrested. Credit monitoring alone cannot help those victims. Everyone needs to be aware of the outcome of millions of ID theft cases each year that are not directly related to the credit bureaus or banks and credit cards. These far-reaching effects are much more serious and very complex issues to deal with. An ID theft victims needs the help of professionals who will advocate for them, and even represent them in righting corrupt personal file entries throughout the system.

Personal Information of 3.3 Million Stolen
A student loan firm is providing credit monitoring and protection services to some 3.3 million people affected by a data breach, the Washington Post reports. A spokesman for Educational Credit Management (ECMC), a nonprofit student loan guaranty agency headquartered in Minnesota, said portable media containing personally identifiable information was stolen in an "old-fashioned theft" from company headquarters. The stolen information included names, addresses, birth dates and Social Security numbers, but no banking information, an ECMC press release said.

Wednesday, March 10, 2010

Office Awareness Training

When I speak with business owners about the dangers of data breaches within the office, I often have to point out the issue of copy machines. Copiers can record thousands of documents on the internal hard drive. As mentioned in the article below it is very simple to capture the contents of the drive on a laptop in just a couple of minutes. This also applies to the copy machines in office supply businesses and copy shops. As most private businesses lease their copiers it is incumbent on the rental company to erase hard drives before removing the machine from the client's office. They need to be reformatted to insure the data is erased.

"When you protect the information on others you are protecting them, when someone else does it they are protecting you."

Copy Machines Pose Privacy Risks
Boston's WBZ-TV reports on a privacy threat looming in homes and offices: copy machines. Security expert John Juntunen demonstrated how easily accessible a copy machine's stored data can be, connecting his laptop to a copier and downloading a child support document and one woman's IRA application containing her address, Social Security number and date of birth. Another hard drive produced contact information for Caroline Kennedy. Though companies are supposed to wipe used hard drives clean before selling a machine, that isn't always executed, the report states. "I think it's an issue that's going to have major ramifications," says security expert Sean O'Leary.

Tuesday, March 9, 2010

Lifelock Settles with the FTC

For all of those who have purchased a Lifelock product without reading the contract here ya go.

Federal Trade Commission Chairman Jon Leibowitz and Illinois Attorney General Lisa Madigan announced a settlement today that requires LifeLock, Inc., to pay a total of $12 million to settle charges that its claims of providing comprehensive identity theft protection were false. According to the FTC, LifeLock did offer some protection against specific types of ID theft, but the company's practice had no effect on the most common form: the misuse of existing credit card and bank accounts. "While LifeLock promised consumers complete protection against all types of identity theft, in truth, the protection it actually provided left enough holes that you could drive a truck through it," Leibowitz said.

I have many clients who had a Lifelock plan until I explained to them what they are not getting in the bargain. Please read the fine print before you buy!

Friday, March 5, 2010

What, Medical Identity Theft?

A little over three years ago I was speaking with a good friend and author on identity theft. He had predicted that medical identity theft would soon be the new frontier of identity theft. He had been soundly rejected by the press and some so called experts. They put down his theory as soundly as if he had purported that the world was flat after all. In fact John Gardner was exactly right. Read the article below to see just how pervasive medical identity theft and fraud has become.

A new survey from the Ponemon Institute shows that nearly six percent of American adults have been victims of medical identity theft, with an average cost per victim of $20,160. The cost comes from the efforts victims face to sort out what happened with concerned parties such as doctors, hospitals, insurance companies and credit agencies, the San Francisco Chronicle reports. "The National Study on Medical Identity Theft" is based on findings from 156,000 people who agreed to discuss the general topic of identity theft, with 5.8 percent confirming they had been the targets of medical ID theft. Based on those statistics, the study estimates that 1.42 million adults in the U.S. may have experienced the theft of their medical identification information
.

Tuesday, March 2, 2010

The Cost of Data Theft

The pice to Fix Data Theft: $7 Million and Counting
The theft of 57 unencrypted hard drives from BlueCross-BlueShield of Tennessee has given thieves access to personal data on upwards of 500,000 customers and is costing millions to fix, PCWorld reports. The drives contained recordings of more than one million customer support calls as well as 300,000 screen shots, which in some cases included names, birthdates and Social Security numbers. BlueCross is now auditing its security practices, the report states. The process of investigating the breach and notifying customers has cost more than $7 million so far. According to Michael Spinney of the Ponemon Institute, while the average data breach costs $6.75 million, the company could be paying much more due to the complexity of the breach.

FTC to Appeal Red Flags Exemption for Attorney Firms

FTC Set to Appeal the Red Flags Rule Exemption for Attorneys and Law Firms

On February 25, 2010, the Federal Trade Commission filed a notice that it is appealing the D.C. District Court’s December 28, 2009 judgment in favor of the American Bar Association in American Bar Association v. FTC. The District Court’s summary judgment held that the FTC’s Identity Theft Red Flags Rule (“Red Flags Rule” or the “Rule”) does not apply to attorneys or law firms. The Rule implements Sections 114 and 315 of the Fair and Accurate Credit Transactions Act. In relevant part, the Rule requires creditors and financial institutions that offer or maintain certain accounts to implement an identity theft prevention program. The program must be designed to detect, prevent and mitigate the risk of identity theft. Prior to the district court’s decision, the FTC had taken the position in publications and numerous panels that attorneys and law firms meet the Rule’s definition of “creditor” because they allow clients to pay for legal services after the services are rendered.

View the FTC’s notice of appeal notice last week stating its intention to appeal the court's judgment notice
http://www.huntonprivacyblog.com/uploads/file/ABA_v__FTC_Notice_of_Appeal.pdf

Wednesday, February 24, 2010

Iowa Victims Fear Identity Theft

Thousands of Iowa residents fear they could become victims of identity theft after the state's Racing and Gaming Commission licensing database was hacked during routine Internet maintenance last month, the Des Moines Register reports. The FBI is investigating the breach of the database, which includes the names, addresses, dates of birth and Social Security numbers of 80,000 current and former casino and racetrack employees. Experts say those whose information was compromised have every reason to be concerned. Citing examples of financial and medical identity fraud, California-based attorney Mari Frank said, "the sky is the limit as to what could happen...

Can anyone think of a reason to NOT have identity theft protection and restoration services when this sort of thing can and does happen almost daily? There is only one such service that provides complete restoration for all types of identity theft issues. The one I am proud to represent.