« August 2006 | Archives Home | October 2006 »

Blog / September 2006

Personal data on 2,100 VCU students shows up on Google

Sep 1, 2006 by Tom Fragala

Someone at the school accidently put personal information including SSN in the wrong folder on a web server. Google slurped them up and the info was online for over 8 months! TimesDispatch.com reports: Human error caused the names, Social Security...

Sep 1, 2006 by Tom Fragala

Your tax dollars are primed and ready. The credit reporting agencies now are drooling, waiting for the next huge data breach anywhere within the government. When it happens—ka-ching. FCW has more. Three firms received blanket purchase agreements Aug. 14 to...

Sep 1, 2006 by Tom Fragala

A laptop was stolen from a City of Chicago contractor with sensitive personnel information. There is a simple way, using the Internet, to lock down the data on and track these laptops after they are stolen. This needs to be...

Sep 2, 2006 by Tom Fragala

The Observer reports on a scandal that looks like it might really explode. Leading British and American companies face being dragged into an emerging fraud scandal at a call centre company in India.V-Angels, a Delhi-based outsourcing company that handles customer...

Sep 3, 2006 by Tom Fragala

This one, I can hardly believe. Did you know that if you call the Oregon state DMV, the person you speak with there might be a convicted felon? And they would have access to your sensitive personal information (DMV data...

Sep 4, 2006 by Tom Fragala

Beware of no-limit credit cards. Despite the prestige and flexibility these cards offer, it’s possible the cards could result in a lower credit score. It seems odd, but someone who has the track record and wealth to qualify for such...

Sep 5, 2006 by Tom Fragala

The AARP released a staudy called Into the Breach: Security Breaches and Identity Theft. I don’t have time to analyze it in depth right now. However, I did note that 29% of breaches (1/1/05 – 5/26/06) were the result of...

Sep 6, 2006 by Tom Fragala

The Transportation Security Administration suffers a data breach. No point in noting the irony. USAToday has the story. The Transportation Security Administration is warning 1,195 of its former employees that a contractor may have mailed their Social Security numbers and birth dates to...

Sep 7, 2006 by Tom Fragala

Associated Press via MSN: Chase Card Services says it's notifying more than two and a-half (m) million Circuit City credit card holders that computer tapes containing their personal information were mistakenly thrown in the trash.The company says it thinks the...

Sep 7, 2006 by Tom Fragala

The FTC accounced this today: Social networking Web site operators Xanga.com, Inc. and its principals, Marc Ginsburg and John Hiler, will pay a $1 million civil penalty for allegedly violating the Children’s Online Privacy Protection Act (COPPA) and its implementing...

Sep 8, 2006 by Tom Fragala

I’ll assume you are aware of what is going on over in the Hewlett-Packard board room. I won’t opine on it directly. But I will add this. Pretexting is not identity theft. Pre-texting is a method, a means to gather...

Sep 8, 2006 by Tom Fragala

A Florida National Guard laptop was stolen from a car. Florida Today reports: The Florida National Guard was conducting a security review Thursday after a laptop computer assigned to one of its soldiers was stolen in a car burglary.No classified...

Sep 8, 2006 by Tom Fragala

This laptop was stolen from from the branch itself. Let me guess, it wasn’t locked down. So a $20 lock would have prevented this. Someone in security or IT should be fired. ottawasun.com has more: Hundreds of banking customers have been told...

Sep 8, 2006 by Tom Fragala

I wrote a post about this in April of 2004 on my first identity theft blog, scamsafe.com. You can find the pretext article here....

Sep 9, 2006 by Tom Fragala

Second Life is an online 3-D virtual world entirely built and owned by its residents via the Internet. Linden Labs issued this Second Life Security Bulletin: Linden Lab reported today that it is notifying its community of a database breach, which...

Sep 9, 2006 by Tom Fragala

A story in the St. Paul Pioneer Press. A pair of computers containing the personal information — in some cases Social Security numbers — of thousands of University of Minnesota students was stolen from a campus office. Now officials are...

Sep 9, 2006 by Tom Fragala

Jarrod Hunt of Version2 Web Development, Textlinkbrokers, and 360 Enterprises is stealing my content, in clear violation of U.S. federal copyright law. He’s responsible for a splog located at charliesidentitytheftblog.com (no I won’t link to it). He steals my blog...

Sep 10, 2006 by Tom Fragala

This isn’t exciting news. I thought it worth noting for those in the industry. CNET News.com reports… American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International announced Thursday the creation of an organization to develop and maintain security...

Sep 10, 2006 by Tom Fragala

This is a beaut. A prisoner runs an ID theft fraud ring on the inside. ConsumerAffairs.com has more. An inmate at the Hiawatha Correctional Facility in Kinross, Michigan, was sentenced to 5 to 20 years in the Chippewa County Circuit Court by 50th...

Sep 10, 2006 by Tom Fragala

Not sure I am surprised, but we should know how vulnerable we are—because so much of our sensitive data is spread around. ConsumerAffairs has got this story. A report issued by the Government Accountability Office (GAO) reveals that privacy breaches...

Sep 11, 2006 by Tom Fragala

Here we have a case of reverse dumpster diving. The employees, smartly, jumped in the dumpter to pull out their sensitive HR files which had their SSNs. This is a perfect example of what I tell people every chance I...

Sep 11, 2006 by Tom Fragala

Internet Crime Complaint Center (IC3) issued an alert today. There are millions of phishing emails sent every day. This one is notable because the scammers thought it would be effective to pose as the FBI. The FBI has been alerted...

Sep 12, 2006 by Tom Fragala

Over 14,000 phishing websites were detected in July. And this represents over 154 “brands” (Paypal, banks, credit unions, etc.). Got this from Computerworld. The number of phishing sites -- or fraudulent Web sites try to fool people into handing over...

Sep 13, 2006 by Tom Fragala

There was a break-in that resulted in stolen computers including a laptop. Apparently effects over 2,000 customers. Social security numbers and driver’s license numbers were involved. Read more at wfrv.com. American Family Insurance is warning customers to be wary of...

Sep 14, 2006 by Tom Fragala

Nikon puts customer credit cards on web site. I “shutter” to think of the consquences (sorry, couldn’t resist). AP Wire reported this story. Personal information on more than 3,200 subscribers of a magazine published by Nikon Inc. was available on...

Sep 14, 2006 by Tom Fragala

Even though we all know what identity theft is, I thought I’d revisit some important definitions including federal law. Federal Trade Commission (ftc.gov):"Identity theft occurs when someone uses your personal information without your permission to commit fraud or other crimes."...

Sep 19, 2006 by Tom Fragala

Life sucks right now for Life is Good. Stolen credit cards can do that to you. Boston Globe has more....

Sep 21, 2006 by Tom Fragala

A Wired blog called 27B Stroke 6 points to this. A security expert got his hands on the user’s manual for an ATM machine and was able to punch in some codes, turn on “operator” mode, entered some default passwords...

Sep 22, 2006 by Tom Fragala

Nearly eight months after regulators trumpeted a settlement with ChoicePoint Inc. over a data breach, the government has not paid any money to victims from a $5 million fund that was to be set up as part of the agreement....

Sep 22, 2006 by Tom Fragala

Interesting. The Director of Marketing for TrustedID, Lomit Patel, is posting spam comments on my website/blog. There are two: here and here. According to TrustedID's web site, "Lomit leads all of TrustedID's direct marketing efforts and has 12 years of...

Sep 24, 2006 by Tom Fragala

Have you heard? The Department of Commerce says that 1,137 of their laptops have been lost or stolen since 2001, with 249 of them containing some degree of personal data. 672 of them belonged to the U.S. Census Bureau (part...

Sep 25, 2006 by Tom Fragala

Tom Zeller, Jr., writes in the NY Times today Less than two years into the great cultural awakening to the vulnerability of personal data, companies and institutions of every shape and size — like the data broker ChoicePoint, the credit card...

Sep 26, 2006 by Tom Fragala

Apparently the laptop of a General Electric employee was stolen from a hotel room. The laptop has names and SSN on thousands of employees. WTEN-Albany has the (brief) story. ...

Sep 26, 2006 by Tom Fragala

Research into the source of data breaches has found that "…lost or stolen laptops were the main source of data breaches, rather than good old-fashioned hacking." Another data point that’s perhaps surprising: Datafrom New York state suggests that financial institutions have...

Sep 26, 2006 by Tom Fragala

New York Gov. Pataki signed three measures into law today. These bills establish the Consumer Communication Records Privacy Act, place limits on the use and disclosure of Social Security account numbers, and further clarify and define what is considered a...

Sep 28, 2006 by Tom Fragala

Brian Krebs put together a super article on his Security Fix WaPo blog. It goes deeper and in more nuanced directions than most fluff identity theft pieces. These are a few points that jumped out at me. 1. Having your...

Sep 28, 2006 by Tom Fragala

There is a new type of company that you might not be aware of. These companies are called business contact marketplaces. It is very different from the data brokers than maintain and sell your personal information. They are unabashedly proud...

Sep 30, 2006 by Tom Fragala

Updated below... Shame on the FDIC. I was tooling around their web site when I stumbled across a page that helps you determine the amount of your FDIC insurance (it may be more than the typical $100,000). I was stunned...

Sep 30, 2006 by Tom Fragala

What protections do you have when fraud is committed using your ATM-Debit card? Will Visa and Mastercard's zero-liability always apply? (Since it is a debit card, it has Visa or Mastercard logo so it can be used like a credit...

Sign up for myTruston®

Blog / September 2006

Sep 1, 2006 by Tom Fragala

Sep 1, 2006 by Tom Fragala

Sep 1, 2006 by Tom Fragala

Sep 2, 2006 by Tom Fragala

Sep 3, 2006 by Tom Fragala

Sep 4, 2006 by Tom Fragala

Sep 5, 2006 by Tom Fragala

Sep 6, 2006 by Tom Fragala

Sep 7, 2006 by Tom Fragala

Sep 7, 2006 by Tom Fragala

Sep 8, 2006 by Tom Fragala

Sep 8, 2006 by Tom Fragala

Sep 8, 2006 by Tom Fragala

Sep 8, 2006 by Tom Fragala

Sep 9, 2006 by Tom Fragala

Sep 9, 2006 by Tom Fragala

Sep 9, 2006 by Tom Fragala

Sep 10, 2006 by Tom Fragala

Sep 10, 2006 by Tom Fragala

Sep 10, 2006 by Tom Fragala

Sep 11, 2006 by Tom Fragala

Sep 11, 2006 by Tom Fragala

Sep 12, 2006 by Tom Fragala

Sep 13, 2006 by Tom Fragala

Sep 14, 2006 by Tom Fragala

Sep 14, 2006 by Tom Fragala

Sep 19, 2006 by Tom Fragala

Sep 21, 2006 by Tom Fragala

Sep 22, 2006 by Tom Fragala

Sep 22, 2006 by Tom Fragala

Sep 24, 2006 by Tom Fragala

Sep 25, 2006 by Tom Fragala

Sep 26, 2006 by Tom Fragala

Sep 26, 2006 by Tom Fragala

Sep 26, 2006 by Tom Fragala

Sep 28, 2006 by Tom Fragala

Sep 28, 2006 by Tom Fragala

Sep 30, 2006 by Tom Fragala

Sep 30, 2006 by Tom Fragala