Privacy
& Information Security News at The Click Of Your
Mouse
Home Contact Us News PT in the News Services Speeches Identity Theft
Privacy & Information
Security News
Change seeks to
protect privacy of phone logs - One
Granbury
firm accused of selling cell phone records - A
Denver firm part of
federal inquiry -
Nixon
seeks injunction against Web business - Attorney General Jay Nixon
requested a court order Tuesday to stop a Web business and its owners from
selling confidential information of cell phone customers. Nixon said in a
statement that the defendants, Completeskiptrace.com,
are violating consumer protection laws by misrepresenting that it is legal for
them to obtain, possess and sell the information…An undercover investigator
from Nixon's office initiated an online transaction with Completeskiptrace
to purchase the account number of his own private cell phone and received the
information Feb. 14, according to a release. Named as a
defendants in the lawsuit filed Tuesday in Cole County Circuit Court are Get A Grip
Consulting Inc. and its principal owner, Rob Schroader,
of
Alltel
Investigates Files Emptied Into Dumpster - Christopher Smith wants answer
on how his cell phone records were found in a Dumpster behind an Alltel store
in
Data thief gets eight
years - Scott Levine, 46, was sentenced by a federal judge in Little
Rock, Ark., after being found guilty of breaking into Acxiom's servers and
downloading gigabytes of data in what the U.S. Justice Department calls one of
the largest data heists to date. Acxiom, based in Little Rock, says it operates the world's
largest repository of consumer data, and counts major banks, credit card
companies and the U.S. government among its customers…This is not the first
prosecution to arise out of poor security practices on Acxiom's file transfer
protocol server (FTP). An
FBI widens
probe of debit-card theft - The FBI has expanded its investigation into a debit
card fraud that has mostly affected 200,000 consumers in the Western United
States, saying that the case might be linked to other debit card thefts around
the country…One company that has acknowledged a security breach is the
CDT Says Privacy
Laws Lag Far Behind Data Harvest Tech - The widening gap between technology
harvesting sensitive personal data and the laws designed to prevent misuse of
that data needs to be filled, according to the Center for Democracy &
Technology. The center called for more stringent regulations Wednesday, citing
government attempts to retrieve millions of cell phone records, its use of cell
phones to track suspects, as well as privacy issues raised by Web-based e-mail
and spyware that logs keystrokes. "The capacity of Internet Technology to
collect and store data increases every day, as does the volume of personal
information we willingly surrender as we take advantage of new services,"
CDT Policy Director Jim Dempsey said in a prepared statement. "Meanwhile,
the laws that are supposed to prevent the government from unfairly accessing
personal information haven't changed in two decades."
War
in the Information Age - In a 24/7 world, the
EPIC Letter to Ethics
Board Concerning Attorneys' Use of Pretexting - In the course of
investigating pretexting, it has become increasingly clear that attorneys are
major consumers of pretexting services. In this letter, we request that
appropriate action be taken to ensure that attorneys in your state are not
employing investigators or other companies to engage in pretexting or other
fraud. We believe that pretexting is incompatible with
U.S. House of
Representatives Commerce Committee Identifies Private Phone Record Brokers;
Demands Data, Trade Practices - House Energy and Commerce Committee
investigators have identified people behind 22 Web pages that may offer
criminals, stalkers and any other paying customer the detailed records of a
person's private telephone calls. Energy and Commerce Committee Chairman Joe
Barton, R-Texas; the committee's ranking member, U.S. Rep. John Dingell, D-Mich.; Oversight and Investigations Subcommittee Chairman
Ed Whitfield, R-Ky.; and the subcommittee's ranking
member, U.S. Rep. Bart Stupak, D-Mich., today sent
letters demanding that the companies provide information about the cottage
industry…In today's letters, Barton and the three other lawmakers wrote,
"It is very disconcerting that certain online data broker companies are
exploiting consumers' personal records and selling the information to whomever
pays for the records. With the exception of the legitimate activities of law
enforcement authorities, who in any event have legal means for acquiring such
information, we struggle to find any ethical justification for marketing this
data."
Do
You Know Where Your Identity Is? - Not all identity theft involves
financial losses: According to the FTC, the most common non-financial form of
fraud takes place when the thief uses the victim's name and identifying
information when caught committing a crime or otherwise stopped by law
enforcement officials.
Skype
could force end to wiretapping calls - Even as the
Lawyer
Indicted in PI Inquiry - Reaching for the first time into the upper ranks
of
FTC to hold hearings on high-tech
security - The Federal Trade Commission will host hearings this fall
on emerging technologies being exploited by Internet spies and identity
thieves.
FCC Eyes Tighter
Consumer Data Privacy - Capitol Hill shock over commercial online
infringement of customer calling records and confidentiality reached another
stage late last week as the Federal Communications Commission opened a Notice
of Proposed Rulemaking (NPRM) examining the need for tougher privacy measures.
The four-member commission last Friday unanimously approved an NPRM directly
responding to a Summer 2005 petition sought by the Electronic Privacy
Information Center (EPIC) regarding Internet brokering of personal information.
EPIC’s filing began a now-growing exposé on the
brokering of call details obtained from telecom carriers and the need for
enhanced security safeguards. The FCC is now seeking comment on “whether”
additional security measures can prevent unauthorized disclosure of sensitive
customer information held by telecom companies.
Nigerian
national sentenced in ChoicePoint ID theft case - A Nigerian national who
pleaded guilty to identity theft charges related to information stolen from
consumer data collector ChoicePoint Inc. was sentenced Friday to 10 years in
prison and ordered to pay $6.5 million in restitution…The charges spanned a
period of more than two years beginning in January 2002. Prosecutors alleged
that a fake business called "Pacific Collections" used a
Do you
know where your child's SSN is? – If your child’s social security number
had a secret life, would you know? Probably not. The only way to really know is
to dig through the data, and you can’t. But the
Man threatens to attack
Olympic computers - A would-be hacker was being investigated by police
Monday after threatening to attack the internal computer network of the
Bank of America pulls some
Visa cards - Bank of America Corp. has withdrawn an undetermined number of
Visa cards because of concerns about a security breach with a merchant, a
company spokeswoman said Friday…The Charlotte-based bank declined to reveal the
number of cards that were withdrawn or the location of the customers.
FBI
makes connections in data breach case - A data security breach that has
spurred at least two large banks to cancel thousands of customer debit cards
appears to be connected to an older ongoing investigation in Sacramento, the
FBI said Friday. Scores of Bank of
Bill
would force Web sites to delete personal info - A bill just announced in
Congress would require every Web site operator to delete information about
visitors, including e-mail addresses, if the data is no longer required for a
"legitimate" business purpose. The proposal, introduced Wednesday by
Rep. Ed Markey, seeks to import European-style privacy regulations by imposing
a broad data-deletion requirement. It would apply to every
Cell phones used to track
where you go - Advances in mobile phone tracking technology are turning
British firms into cyber sleuths as they keep a virtual eye on their staff,
vehicles and stock.
E-mail scam artist posing
as Fidelity manager - The e-mail claims to be from a financially savvy
Fidelity Investments fund manager who has "secretly extracted" money
from the world's largest fund management firm and will pass it along to you for
a small fee. Hear any alarm bells ringing? Boston-based Fidelity Investments is
working with authorities to find the author of a mass e-mail sent to computers
around the world that claims to be written by a Fidelity fund manager.
Foreign Internet
services selling U.S. phone records - Foreign-registered Internet
services are selling
Web Sites Hawking
Phone Records Shut Down - Following a wave of negative publicity and
pressure from the government, several Web sites that peddled people's private
phone records are calling it quits. [Calling it
quits? Most likely not—more like going underground to continue to service their
corporate and attorney clients. But fewer online avenues to phone records is a
good thing!]
Imprisoned
Hollywood P.I. has Chicago ties - A former
Pellicano and 6 Others Are Indicted - In a
sweeping indictment that reads like an unfinished Hollywood screenplay, onetime
private investigator Anthony Pellicano and six others
were accused Monday of conspiring to wiretap, blackmail and intimidate dozens
of celebrities and business executives, including actor Sylvester Stallone,
comic Garry Shandling and real estate developer
Robert McGuire. The 110-count federal indictment outlines a complicated web of
payoffs to police, high-tech eavesdropping and other skulduggery.
Prosecutors allege that Pellicano scoured
confidential communications and law enforcement databases for scandalous
details that would scare off lawsuits or provide his clients with the upper
hand in courtroom battles…Nearly a dozen people — among them actors Stallone
and Keith Carradine, film producer Vincent Bo Zenga and former Los Angeles Times reporter Anita Busch —
were allegedly the victims of wiretaps conducted by Pellicano
and the others between August 2000 and November 2002, the indictment
alleges…Additionally, authorities cited nearly 100 other instances in which Pellicano and Arneson allegedly
accessed confidential law enforcement records, including the FBI's National
Crime Information Center database, to gain information about targets including Shandling, former "Saturday Night Live" star
Kevin Nealon, McGuire and dozens of others. According
to the indictment, Pellicano paid Arneson
at least $189,000 between 1997 and 2002. Turner, authorities allege, was paid
at least $36,000 from 1997 to 2002 to provide Pellicano
with confidential telephone information about dozens of people. Another SBC
employee, Teresa Wright, provided confidential and proprietary information on
telephone company subscribers, according to the
Madigan to cell
companies: Let's talk - Attorney General Lisa Madigan and her counterparts
in other states have sent joint letters to heads of the nation's five largest
cell phone companies seeking conference calls to discuss how the companies are
protecting against theft of customers' phone records…"In addition to
focusing on the activities of the numerous data brokers who obtain telephone
cell records and other private information, we also would like to discuss what
the keepers of our residents' private information are doing to keep the
information secure," the letter said.
Her ATM Card, But
Her Impostor's Picture - For years, Margaret Harrison believed she
had an impostor. There were signs her Social Security number was living a
double life. Four years ago, an unemployment office in
Who surfs
for cell records? Lawyers - The sale of cellphone
records over the Internet-a hot topic that recently spurred litigation,
legislation and a federal investigation-has more than a few lawyers nervous.
Attorneys are among the top customers of the controversial Web sites, according
to private investigators, privacy advocates and Web site operators who sell the
phone records. "Let's put it this way, the legal profession is keeping it
alive," said Rob Douglas, a former private eye turned security consultant
who has helped the Federal Trade Commission (FTC) investigate and prosecute
online operators that sell phone records. "I've investigated them with the
federal government and in private lawsuits . . . and in every single case, the
overwhelming majority of users of these companies are attorneys," Douglas
said…Given all the controversy surrounding the sale of cellphone
records, attorneys were reluctant to comment on the subject. Of the more than a
dozen divorce, business and criminal defense attorneys contacted for this
story, none said they used the tactic. Most wouldn't even talk about the
subject. One lawyer said, "Good luck finding anyone to admit to it."…
"Are cellphone records private? We probably all
assumed that they were, but the answer is probably to the contrary. We probably
have some privacy interest but it's not protected by common law or
statute," said Harold J. Krent, dean of the
Chicago-Kent College of Law. Krent noted that given
the vagueness of the law, attorneys who obtain cellphone
records via the Internet are not doing anything illegal or unethical.
Congress
quizzes phone records brokers - Leaders from the U.S. House of
Representatives' Energy and Commerce Committee, which convened a hearing
Wednesday on the topic, sent letters with the queries to the director of
Florida-based First Source Information Specialists, which manages
Locatecell.com and Celltolls.com, among others, and to the director of
Texas-based PDJ Services, which manages the site Phonebust.com. Legislators
estimated this week that a total of at least 40 such operations exist. The
letters are the latest step in the government's attempts to investigate reports
that such companies have been engaging in "pretexting"--that is,
impersonating others--or bribing cell phone and landline providers to glean
sensitive customer information and then selling those records online. Members
of the House and the U.S. Senate have already introduced proposals aimed at making such practices a crime, with prison time a possible
sentence…The committee's requests included detailed company records, such as
revenue and a list of services provided, information about the methods the
companies use to acquire their information, records related to law enforcement
requests for data, and "an explanation of whether any effort is made to
obtain consent from consumers before selling their account data or to notify
them after their records have been procured or sold." The companies have
until Feb. 17 to respond. The committee noted in its press release that it
"has the power to subpoena records and testimony when it encounters
uncooperative witnesses."
FCC subpoenas 30
phone record dealers -
The Federal Communications Commission has subpoenaed more than 30 information
brokers to learn how they obtain customers' calling records from
telephone companies, according to testimony Wednesday before Congress. In a
hearing before the House Energy and Commerce Committee, the heads of the FCC
and the Federal Trade Commission endorsed making the sale of phone records
illegal. Earlier this week, the FCC issued citations against LocateCell.com and
DataFind.org for failing to respond fully to subpoenas issued Nov. 9. The FCC
warned those companies they could face stiff fines if they don't comply. The
FCC contacted the Justice Department to enforce the subpoenas, FCC Chairman
Kevin J. Martin testified. "In addition, we subsequently served another
approximately 30 data broker companies with subpoenas and are currently waiting
for their response," he said…The FTC came under fire at Wednesday's
hearing for going after information brokers who buy and sell customers' financial
information but failing to address phone record theft as vigorously. "The
FTC's known about it [the sale of phone records] since 1998, and they have not
brought a single case when it comes to phone records," testified Rob
Douglas, an information security consultant.
Lisa Madigan to
testify before Congress on cell phone records - Illinois Attorney
General Lisa Madigan plans to testify before Congress today that any federal
legislation to crack down on phone record burglars should not block the efforts
of Illinois and other states to target them, too…Rob Douglas, a privacy
consultant, will testify that telephone record burglary is part of a larger
problem that includes the theft of utility bills, cable and satellite TV bills
and other customer information that can be used to track down individuals. Cell
tower location information, pager records and GPS tracking devices also are for
sale on the Internet, he cautioned. "These records in the wrong hands have
caused severe harm" including murder,
US
FCC Proposes Fines On AT&T, Alltel Over Privacy -
Sprint
Nextel sues over sale of call records - On Monday, the mobile
operator filed a suit in Dade County, Fla., against All Star Investigations
(ASI), a company believed to own and operate Web sites including OnlinePI.com, AllStarInvestigations.com, DetectivesUSA.com, MiamiProtection.com and PrivateDetectivesUSA.com. Sprint
claims that these sites have fraudulently obtained and sold private billing
records of its customers. This is the second lawsuit Sprint has filed against a
company it said is selling customer cell phone records online. On Friday, it
filed a lawsuit against First Source Information Specialists, parent company of
Locatecell.com, Datafind.org and others. In both suits, Sprint is asking the
court to impose both temporary and permanent injunctions against these
companies. "The schemes perpetrated by these online data brokers are intolerable,
and our intent is to put an end to these practices," Kent Nakamura, vice
president for telecom management and chief privacy officer for Sprint Nextel,
said in a statement. "These online data brokers attempt to manipulate our
customer service resources and detract from service provided to legitimate
customers."… Sprint's lawsuits are the latest in a series of legal actions
by cell phone carriers. Cingular Wireless, Verizon Wireless and T-Mobile have
also filed lawsuits against companies that own Web sites selling customer
information. T-Mobile and Cingular have each won temporary
restraining orders against First Source Information Specialists.
Senate and House Schedule
Hearings On Cell Phone Privacy Scandal - The House and the Senate
will each hold separate hearings next month on the ever-burgeoning
consumer-privacy scandal regarding the disclosure and sale of
telecommunications records. The Senate Commerce consumer-affairs subcommittee
hearing is scheduled for Feb. 8. The House Commerce Committee will hold its
hearing Wednesday…"The commercial sale of consumers' personal phone
records is unthinkable. Americans should not have to fear that using their own
phone will jeopardize their personal privacy and make them even more vulnerable
to identity theft. It is going to take a cooperative effort from the Federal
Trade Commission, the Federal Communications Commission and industry to ensure
that these unsavory practices cease and this hearing will help us determine how
to make that happen quickly and effectively," said Sen. Daniel Inouye
(D-Hawaii), ranking member of the Senate Commerce Committee.
Texas
Probes Cell Phone Calling Record Sales - Two more states are cracking down
on the sale of cell phone calling records.
Sprint
Sues Vendor, Claims Privacy Violations - Sprint Nextel Friday said that it
has sued a company that it claims uses "illegal and deceptive
practices" to obtain information about its cellular subscribers…"1st
Source Information Specialists continues to display egregious disregard for
privacy, and previous industry-driven actions do not appear to have deterred
their illegal activities," Kent Nakamura, Sprint Nextel's chief privacy
officer, said in a statement. "We can assure our customers that we will
make every effort to put these services out of business."
How
phone records are stolen - There was no mistaking that this story
had hit the fan after my interview with security consultant Rob Douglas was
interrupted by another call on his second line from the office of U.S. Sen.
Bill Nelson (D-Fla.). (I don't mind noting that
Phone record
revelation – [citing my interview in the previous post above] The methods being used by companies selling phone records
were revealed this week in an interview with a security consultant outlining
the process. As anticipated, social engineering plays a large role -- the
records are simply requested from the provider under the pretext that the
caller is the owner of the records, hence the term "pretexting". In
order to obtain the information necessary to pull off a convincing imitation,
details about the person are often needed. This is where the phone record
companies turn to public data providers such as ChoicePoint and LexisNexis for
enough information to build a profile on the individual, according to a Network World article. This affiliation with legitimate data
providers was not expected by many, and explains some of the ease and
proficiency with which records are obtained. Another method mentioned was
directly buying the information from insiders at phone companies -- with
contacts being actively recruited via websites.
Privacy
at risk with logs for sale - ``Companies value customer service over
security,'' said Rob Douglas, chief executive of PrivacyToday.com and a
security expert who has testified before Congress about the issue. ``The
emphasis in training is always on satisfaction of the customer, push more
products and move the calls as quickly as possible.'' The pressure on customer
service representatives can be so intense, Douglas said, that even a
password-protected account can be vulnerable…``This is impersonation,'' said
Joe Farren, director of governmental affairs for
CTIA, formerly known as the Cellular Telecommunications and Internet
Association, a trade lobby. ``These companies are engaged in an illegal
activity. They're profiting from it, and they need to be prosecuted.'' Farren said it's nearly impossible to stop scammers, who
often come armed with personal information to support their ruse. ``If a
customer service representative is contacted with a name, a social security
number and a phone number, how are they to know it's not you?''…Part of the
problem is that consumers have no idea whether their records have or have not
been requested. The Mercury News editor whose records were purchased has still
not been contacted by his carrier, Verizon Wireless. Why don't companies notify
people when their records have been accessed? ``I don't have an answer for
you,'' said Barbara Carl, a spokeswoman for Verizon Wireless. ``I really don't
know,'' said Farren, the trade group representative.
T-Mobile spokesperson Julie Smith said the company would not grant any
interviews on the subject. ``The nefarious thing is that the consumer doesn't
know what's happening,'' said
ID theft again tops list
of FTC complaints - For
the sixth year in a row, identity theft tops the annual list of consumer
complaints collected by Federal Trade Commission.
Telcos on Privacy Hot Seat - A U.S. congressman
has opened a new front in the investigation of domestic surveillance by President
Bush’s administration by sending letters to most of the country’s major
telecommunications, cable, and Internet communications firms seeking
eavesdropping information. The request for surveillance information puts the
communications firms squarely on the hot seat as issues of customer privacy,
national security, and the privacy guidelines under which the firms operate are
being addressed by legal scholars and critics of the administration. Michigan
Representative John Conyers, the ranking Democrat on the House Judiciary
Committee, sent the letter to 20 companies, including AT&T, Verizon, Comcast, Time Warner, Cingular, T-Mobile, Microsoft, Yahoo, Google, and EarthLink. The letter dated Saturday asked the
companies’ leadership whether they have “allowed the federal government to
eavesdrop on customer communications” through their facilities or whether or
not they have turned over customer records “when not compelled to do so by
law.”
Frist Calls For Criminalizing Fraudulent Disclosure of Cell
Phone Records - US Senate Majority Leader Bill Frist,
R-Tenn., is working with Senate Commerce Committee
Chairman Ted Stevens, R-AK, on legislation which will criminalize the practice
of fraudulently obtaining and selling cell phone records over the Internet.
Sen. Frist and Chairman Stevens began discussing the
need for legislation after investigating reports that consumers' cellular phone
records are being fraudulently obtained from wireless carriers and in some
cases sold over the Internet: “The practice of fraudulently obtaining a
customer's cell phone records and selling them over the Internet is wrong and
must be stopped," Sen. Frist said.
"Consumers have a right to expect that this information will be kept
private, with very limited exceptions." "If employees within the
wireless companies are improperly disclosing or selling this information, they
must be punished," he continued. "If someone impersonates a customer
or a law enforcement official for the purpose of obtaining phone records and
then profiting from them, we must ensure that they are prosecuted. And anyone
selling phone records that they know were obtained under false pretenses must
face consequences." "I intend to work with Senator Stevens, the
Chairman of the Senate Commerce Committee, on legislation to address these
disturbing reports in the coming days," Sen. Frist
said.
Nelson
Bill To Protect Cell Records - Appearing in
House Lawmakers
Press FCC for Phone-Co. Certifications - House lawmakers are asking the
Federal Communications Commission to turn over annual-certification records
from the largest wireless and landline phone companies amid concerns about the
sale of personal phone records. The lawmakers, including House Energy and
Commerce Committee Chairman Joe Barton, R-Texas, are seeking information on the
internal procedures used by each company to protect the confidentiality of consumer
information. The request comes amid widening concerns about the privacy of
personal phone records, which allegedly have been available on the Internet
through private data brokers…The House lawmakers also pressed the FCC for
details about when it would determine whether to act on a petition filed last
August by the Electronic Privacy Information Center, an advocacy group, about
rules to better safeguard consumer phone records.
Online
Phone Data Brokers Stonewall FCC - Agency orders brokers to provide
information about source of phone data they are selling over Internet. The
Federal Communications Commission (FCC) cited Friday two online data brokers
dealing in private telephone records for failing to comply with FCC subpoenas
seeking documents and information. The FCC wants to know where the brokers
obtained the data since the Telecommunications Act of 1996 prohibits phone
companies from using or disclosing proprietary customer information without the
customer's approval…The FCC citations name 1st Source Information Specialists
and Data Find Solutions, two companies already being sued by Cingular Wireless
for allegedly selling phone records. Cingular Wireless claims 1st Source currently
owns and operates several Websites that advertise the sale of phone records,
including LocateCell.com…The FCC issued subpoenas to the two companies in
November, demanding, "call detail and other customer proprietary network
information that [LocateCell and Datafind]
may be obtaining from telecommunications providers."…According to the FCC,
Data Find solutions has not responded to any of the questions while 1st
Solutions only provided partial information. If the two companies have not
produced the information sought by the FCC by the end of this week, each will
be subject to fines not to exceed $11,000 per day.
Cell
Phone 'Pretexting' Makes Privacy a Thing of the Past; It's Way Too Easy - and
Often Not Even Criminal - to Gain Access to Calling Records - Using a
deceptive method called "pretexting," people who run Web sites
dedicated to the practice can use a person's name, address and just the last
four digits of their Social Security numbers - information that's widely
available - to get their victim's cell phone calling records. In some cases,
cell phone company employees were selling the information on their own…There's
more than just invasion of privacy involved here. Criminals can buy police
officers' records, identifying members of their families and tipsters. Business
competitors can spy out people's contacts and gain valuable intelligence on
future operations. Bank records can be accessed and accounts drained. Finally,
people who want to just make trouble can do it to their hearts' content.
State
Sues South Florida Co. For Selling Cell Phone Records - Attorney General
Charlie Crist sued a
Broker
sued for getting, selling phone records - Illinois has become the first
state to sue an information broker for obtaining cell phone records and selling
them on the Internet, according to a spokeswoman for Attorney General Lisa
Madigan. The lawsuit accuses Florida-based 1st Source Information Specialists
Inc. and its directors, Kenneth W. Gorman and Steven Schwartz, of using fraud
to persuade telephone companies to release phone calling lists, said Melissa Merz, a spokeswoman for Madigan.
Nixon
files suit over Web sales of cell phone records - Missouri Attorney General
Jay Nixon accuses two companies of obtaining cell-phone records illegally and
selling them on the Internet. Nixon filed suit today against First Data
Solutions of Knoxville, and its owner; and First Source Information Specialists
of Tamarac, Florida, along with two of its officers. Nixon says the companies
operate Web sites where for 110 dollars, anyone can type in a cell-phone number
and get records of calls made from that phone -- including the time, duration
and recipient's number.
Verizon
Wireless Continues Campaign Against Data Theft - Verizon Wireless, owner
and operator of the nation's most reliable network, today stepped up its campaign
to protect wireless customers' privacy by filing a lawsuit seeking an
injunction against the owners of locatecell.com -- Data Find Solutions, First
Source Information Specialists and related companies -- and other affiliated
Web sites to prohibit them from obtaining cell phone customer calling or
billing information under false pretenses. Verizon Wireless claims these
companies have fraudulently attempted to obtain customer records by calling
Verizon Wireless customer service centers posing as Verizon Wireless employees
needing access to confidential customer information.
It's Time
for Congress to Prohibit and Criminally Punish the Sale of our Cell Phone
Records "Pretexting" for Phone Numbers is a Serious Privacy Violation
– [FindLaw – Commentary] For around $100, an online
"people locator" or "information broker" company can get
you unauthorized access to almost anyone's cell phone records. All you need to
provide to the company is a credit card, and the person's cell phone number.
Recently, a blogger claimed to have obtained the cell
phone records of General Wesley Clark. The
Cell call lists
reveal your location - Imagine you're living in a shelter for
battered women. And the address is secret. Or, you're a government informant
hiding in witness protection. Does it worry you that someone could pay Internet
brokers to find your location -- within 500 to 1,000 feet -- based on your cell
phone calls? The
Devious
Tactic Snags Phone Data - Online information brokers pried thousands of
private cell-phone records from Verizon Wireless by posing as speech-impaired
customers and company employees, court documents show…According to the suit,
online cell-phone record vendors placed hundreds of thousands of calls to
Verizon customer service requesting customer account information while posing
as Verizon employees from the company's "special needs group," a
nonexistent department. The caller would claim to be making the request on
behalf of a voice-impaired customer who was unable to request the records
himself. If the service representative asked to speak with the customer
directly, the caller would impersonate a voice-impaired customer, using a
mechanical device to distort his voice and make it impossible for the service
representative to understand him -- a variant of a widely used
social-engineering technique known as the "mumble attack." Rob Douglas,
a private investigator turned privacy activist, says federal authorities have
known about the sale of private phone records since at least 1998 but have done
little to address the problem. In the absence of federal action, phone
companies have been resorting to civil lawsuits to prevent sellers from
obtaining and selling records. "I would put (the sale of) cell-phone
records No. 3 as the most invasive after banking and medical records, and the
most fraught for harm," says Douglas, who operates PrivacyToday.com.
"This stuff has life-or-death consequences and severe investigative
consequences for law enforcement."
Sites
That Round Up Call Logs Offer Phone Records For A Price – [PDF – see page
33] …customers can put up a minor road block for pretexters
themselves by asking their phone company to set a PIN code for their account
instead of using their Social Security number. Robert Douglas in Steamboat Springs,
Colo., a former private investigator who has testified on Capitol Hill about
pretexting, notes that this is not a very good defense - customer service
representatives can often be browbeaten into giving up personal information
even if its protected by a PIN and password. Neither will it help, of course,
if an employee is on the take.
T-Mobile seeks halt to
cell phone record sales - T-Mobile, the No. 4 U.S. wireless carrier, said
Monday it asked a Washington state court to prevent companies from allegedly
using fraudulent means to obtain and sell T-Mobile customer call records.
FCC says it's looking into
sale of phone records - Federal regulators are investigating whether
telephone companies are doing enough to keep customers' records from falling
into the hands of unscrupulous online data brokers.
Indictment of
Massive Identity Theft Ring Revealed - The prosecutor says Todd Eversen and and J.C. Flores led
an identity theft ring with four accomplices, dating back to 2004. They made
counterfeit checks and fake ID's and victimized
hundreds of people with more than 25-thousand checks. Thirty-seven acts are
cited in the federal indictment…It's not only individuals swiping your
identity, organized crime is in on the act. Tim Fuhrman, F.B.I.: "Domestic
terrorist groups, white supremacist prison gangs. We've seen that all of them
engage in this kind of activity to finance what they're doing."
Colombia dismantles false passport
ring -
Pleas
heat up Hollywood detective probe - After months of behind-the-scenes
maneuvering, a federal probe into the alleged illegal wiretapping activities of
private investigator to the stars Anthony Pellicano
appears to be ready for its close-up. Prosecutors revealed recently that Pellicano's former girlfriend and a veteran police officer
pleaded guilty to charges in connection with the investigation…Former Beverly
Hills police Officer Craig Stevens, 45, of Oak Park admitted that Pellicano paid him for confidential information he obtained
from law enforcement databases, prosecutors said…Stevens, the former Beverly
Hills police officer, reportedly is cooperating with prosecutors. The charges
against him state that he checked police databases for information about Adam
Sender, a New York financier and art collector, and members of the family of
Hollywood producer Aaron Russo.
Gonzales
Echoes Defense of Wiretaps - Attorney General Alberto R. Gonzales argued
yesterday that the requirements of a secret intelligence court are too
cumbersome for rapid pursuit of suspected terrorists, repeating the
administration's position that warrantless
wiretapping authorized by President Bush does not violate the Constitution or
federal law.
Patriot
Act Talks Hit Roadblock On Privacy Issue - Efforts to resolve House and
Senate differences over a revised USA Patriot Act have reached a stalemate, a
key committee chairman said yesterday. That means the current version of the
law is likely to remain in place through next month or longer unless Senate
Democrats and a handful of Republicans drop their demands for greater privacy
safeguards in a proposed renewal, the chairman said…The main disagreements center
on provisions that allow FBI agents to obtain records on terrorism suspects,
who have very limited options for challenging such searches. Specter has said
the law allows adequate "judicial review" of proposed searches. But
Sununu and his allies say the law makes it virtually impossible for targeted
people to prevail, even if they have no ties to terrorism.
Iris
Scanning For New Jersey Grade School - When a
parent arrives to pick up their child at one of three grade schools in the
Freehold Borough School District, they'll need to look into a camera that will
take a digital image of their iris. That photo will establish positive
identification to gain entrance into the school.
Yahoo,
MS: No personal data surrendered - Yahoo and Microsoft say they did not
turn over any private information to the government when they complied with a
subpoena.
State Issues
Identity Theft Alert - The Ohio Department of Commerce's Division of
Unclaimed Funds issued an identity theft alert to
Financial gain driving Web
breaches, IBM says - Internet attacks are increasingly being motivated by
financial gain, with organized crime supplanting thrill-seekers as the main computer
security threat, IBM said Sunday.
Online attacks common for
U.S. firms, FBI says - Nearly nine out of 10
Calling
Records Sales Face New Scrutiny - Phone companies and federal lawmakers are
demanding it be halted. The Federal Communications Commission is launching an
investigation. The business of buying and selling private phone calling records
is suddenly under considerable scrutiny. The Internet, it turns out, has taken
something old - a tool for monitoring cheating spouses or conniving business
associates - and made it new again…Case in point: In 1998, Los Angeles' police
department had a serious security problem. Suspected mobsters obtained home
phone numbers and addresses of detectives. In an apparent attempt at
intimidation, one mobster showed up at a police officer's home while he was at
work, gave his name to the officer's wife and walked away. The LAPD eventually
determined that the officers' personal data came from a
Can We Stop The
Sale Of Phone Records? - Security Consultant Rob Douglas, who runs
PrivacyToday.com, helped the Federal Trade Commission run a sting against data
thieves in 2000. At the time, he found 1,000 Web sites claiming to sell such
information; a similar number still advertise stolen data, he said. Part
of the reason, Douglas says, is a lack of clarity about the illegality of the
practice of calling up a company and pretending to be someone else for the
purpose of obtaining information -- called pretexting, or calling under a false
pretext. Federal law does explicitly make pretext calling to obtain financial
records illegal. But the legal question is a bit more murky for data such as
cell phone records. It might be identity theft; it might be an unfair and
deceptive trade practice, and thereby run afoul of the Federal Trade Commission
Act. But to end the discussion, and to cut off the legal running room the data
thieves claim,
University researchers
launch anti-spyware site - A corporate-backed Web site being launched by
researchers from Harvard and
20-year-old hacker rented out
attack network - A 20-year-old hacker admitted Monday to
surreptitiously seizing control of hundreds of thousands of Internet-connected
computers, using the zombie network to serve pop-up ads and renting it to
people who mounted attacks on Web sites and sent out spam.
Terrorists
On Tap – [Wall Street Journal Op-ed] In a speech
last week, Al Gore took another swing at the National Security Agency's
electronic surveillance program, which monitors international communications
when one party is affiliated with terrorists. Specifically, Mr. Gore argued
that George Bush "has been breaking the law repeatedly and
persistently," and that such actions might constitute an impeachable
offense. The question he raises is whether the president illegally bypassed the
Foreign Intelligence Surveillance Act (FISA). But the real issue is national
security: FISA is as adept at detecting--and, thus, preventing--a terrorist
attack as a horse-and-buggy is at getting us from
EPIC West: IL
Lawmakers to Introduce Pretexting Ban -
Feds to banks: Put
security policies in writing - Even if federal law doesn't
explicitly say so, all companies that handle personal information for their
customers should have written security policies, a computer security attorney
said Tuesday. This is a must read for all businesses!
Four
indicted in bank fraud scheme - Baltimore residents Barry Elijah
Davis, Benjamin Steven Davis and Binica Nicole Brooks
used and maintained a laptop computer at Towson resident's Kendena
Aisha Lee's home at which police found more than $15 million in counterfeit
business checks, according to Maryland's U.S. Attorney Rod J. Rosenstein.
Actual losses of more than $500,000 resulted from the deposit and cashing of
the phoney checks, Rosenstein said. The indictment
alleges that beginning in January 2004 to the present, Barry Davis, 37,
Benjamin Davis, 38, and Brooks, 27, produced counterfeit business checks using
templates with real business account numbers obtained by paying people for
copies of their paychecks. They allegedly recruited "account
holders," including students from
Identities
of Resort Customers Stolen - As reported by Reuters: "The
identities of more than 50,000 customers of major Bahamas resort Atlantis have
been exposed to possible identity fraud following the theft of personal
information from the hotel, the owners said…Information stolen included names,
addresses, credit card details, social security numbers, drivers license
numbers and bank account data, the filing said. The information appears to have
gone missing from the hotel's computer database and was the work of either an
insider or outside hacker.
Woman
Sentenced For Identity Theft - Lisa Lucas, 31, of
Is That a Bull's-Eye
On Your Wallet? - Identity thieves are expected to steal more than $1
trillion. Cybercriminals are making so much
money—more than the illegal drug trade last year, according to the
Annoy someone
online--two years in jail? – Declan McCullagh
Commentary--Annoying someone via the Internet is now a federal crime.
Security
Fix - Brian Krebs on Computer and Internet Security - Two supposed
anti-spyware companies that used misleading ads to frighten consumers into
purchasing software to eliminate non-existent threats have settled deceptive trade practice
charges brought by the Federal Trade Commission (FTC). The civil
lawsuits targeted the makers of the "SpywareAssassin"
and "Spykiller" software titles. According
to the FTC's
complaint, Spyware Assassin and its many "affiliate"
marketers used Web sites and e-mail, banner and pop-up ads to drive users to
its site, which offered free spyware scans. The scans invariably told consumers
their computers were infested with spyware, whether they actually were or not.
Consumers who freaked out and paid the $30 for the software were no better off
after having done so, the FTC said, because the "protection" software
was a worthless pile of garbage.
The
freedom to blog - Los Angeles Times Editorial – After Microsoft shut down a
popular Chinese-language blog recently, a barrage of anti-Microsoft messages
began zinging around the blogosphere in
EPIC
West: Federal Law Now Prohibits SSN on
Driver's Licenses - Here's an interesting nugget that the privacy advocates
missed--in passing the Intelligence Reform and Terrorism Prevention Act of
2004, Congress prohibited the publication of Social Security Numbers on
driver's licenses. It's about time!
Have you been
wiretapped? - Bob Sullivan's The Red Tape Chronicles – How worried are
Americans that the federal government might listen in on their phone calls, or
read their e-mails? I posted the following comment to
Sullivan’s piece: “I was twice appointed by
EPIC West:
Pretexting Isn't Lying, According to Bestpeoplesearch.com - On CNBC's On
the Money [last Thursday], Robert Douglas of PrivacyToday and Larry Slade, an
attorney for Bestpeoplesearch.com squared off on how private investigators and
online data brokers obtain and sell telephone records. EPIC has filed a
complaint against the operators of Bestpeoplesearch,
alleging that their practices are unfair and deceptive under the Federal Trade
Commission Act, because the company is facilitating the sale of individuals'
private telephone records.
Time to
do number on firms that sell cell phone records - Chicago Sun-Times Editorial
- Nowhere is information more powerful than when it is personal and in the
hands of the wrong people. So it is with a collective sigh of relief that we
note the rapid response of state government officials to a problem that could
negatively affect private citizens as well as law enforcement.
Sale
of phone files targeted - Illinois officials say they want to stop
companies from selling private telephone records without the consent of
consumers, and they want to know how brokers got those records in the first
place.
Phone record
brokers targeted - The
Your phone
records are for sale - The Chicago Police Department is warning officers
their cell phone records are available to anyone -- for a price. Dozens of
online services are selling lists of cell phone calls, raising security
concerns among law enforcement and privacy experts.
Illegal
workers create ID crisis - In
Waking Up to
Recurring ID Nightmares - As members of Congress continue to dither over
legislation concerning data security, the data broker industry, consumers'
rights and identity theft - nearly a full year after the ChoicePoint debacle
first woke Americans to the problem - perhaps they should meet Raymond Lorenzo.
EPIC West:
Public Records A Source for Identity Theft Crimes - I hate to say "we
told you so," but...When a government decides to pour personal information
into the public record, criminals are going to use these records to commit
fraud and identity theft.
Judge Closes Probate, Divorce
Files - The chief judge of one of
Judges and Justice
Dept. Meet Over Eavesdropping Program - The Justice Department held an
unusual closed-door briefing Monday for judges on a secret foreign-intelligence
court in response to concerns about President Bush's decision to allow domestic
eavesdropping without warrants. A number of judges from around the country who
serve on the Foreign Intelligence Surveillance Court, which issues
eavesdropping warrants in terror cases, flew to Washington to hear the
administration's defense of the legality and use of the program, officials
said.
A Real
Surveillance Scandal - Wall Street Journal Editorial - Eternal vigilance,
it's been rightly said, is the price of liberty. But Americans are not well
served by politicians in
Indian States
Monitoring Cybercafe Users - The southern Indian
state of Kerala will join two other states in requiring cybercafes
to record the names and addresses of their customers in an effort to combat
online fraud, virus attacks and terrorism, an official said Tuesday.
Arkansas
man stole identities from sex offender registry to fund gambling
- An
Democrats
to attack Bush on privacy issue - Democrats reportedly are
looking to turn U.S. President Bush's authorization of warrantless
spying on terror suspects to political advantage. Democratic leaders expect the
issue to be a key factor during the Supreme Court confirmation hearings of
federal Judge Samuel A. Alito Jr. as privacy rights
-- the political code phrase for abortion rights -- has already become a major
issue, The
N.J.
residents gain new safeguards against identity theft - The
new year brought new protections against identity
theft for
H&R Block blunder
exposes consumer data - Some consumers may be dismayed to
find their Social Security numbers printed on unsolicited packages from H&R
Block, the result of a recent labeling blunder at the company. [8:42 MT]
Windows flaw spawns
dozens of attacks - The attacks so far have been
wide-ranging, the experts said, citing everything from an MSN Messenger worm to
spam that attempts to lure people to click on malicious Web sites. [8:40 MT]
China cracking down on
cell phone fraud, spam - The much-talked-about move is mainly
aimed at users of prepaid cell phone accounts, which can be opened easily by
anyone with cash and a handset. These accounts have no monthly fee, but instead
are "charged up" using prepaid cards and used until the credit runs
out. [8:39
MT]
Europe passes tough new
data retention laws - The directive will require Internet
service providers and phone companies to keep data on every electronic message
sent and phone call made for between six months and two years… the data
retention has been criticized as a threat to the personal privacy of European
citizens. [8:36 MT]
Document security myths
busted - According to Gartner and IDC research, more than
1.8 trillion business documents and 2.4 trillion e-mails are created annually. Twenty-five
to 30 percent of all e-mails contain document attachments, which are riddled
with business and technical risks that threaten privacy, compliance and
security. At the root of the problem are a series of assumptions, oversights
and myths about the nature of documents (and in fact, all content) in the
electronic world, many of which span beyond government and into daily corporate
life. [8:33
MT]
Government Web sites
follow visitors' movements - From the Air Force to the
Treasury Department, government agencies are using either "Web bugs"
or permanent cookies to monitor their visitors' behavior, even though federal
law restricts the practice. [8:30 MT]
Many
Meth Users Turn to Identity Theft
- Stealing mail. Digging through trash. Days spent in front of a computer
trying to unlock financial information. All to score methamphetamine. [8:28 MT]
Report
Faults TSA Security Contracting - Transportation Security
Administration officials rushing to hire airport passenger screeners after
Sept. 11, 2001, may have violated contracting regulations by failing to track
spending while telling a contractor to "do whatever was necessary" to
meet congressional deadlines, according to a new government report. [8:24 MT]
Secret
Surveillance May Have Occurred Before Authorization - Even
before the White House formally authorized a secret program to spy on U.S.
citizens without obtaining warrants, such eavesdropping was occurring and some
of the information was being shared with the FBI, declassified correspondence
and interviews with congressional and intelligence officials indicate. [8:09 MT]
Alito Likely to Be Grilled More Than Roberts
- Supreme Court nominee Samuel A. Alito Jr. will face
a more intensive Senate grilling next week than Chief Justice John G. Roberts
Jr. experienced last year because of concerns over secret surveillance of
Americans and Alito's lengthy record of conservative
rulings, several lawmakers and interest groups said yesterday. [8:06 MT]
Justices
Order Padilla Terror Case Moved to Civilian Court - The
U.S. Supreme Court allowed federal prosecutors yesterday to take over the case
of "enemy combatant" Jose Padilla so he could face criminal terrorism
charges, overruling a lower court and ending an unusual battle between the
executive and judicial branches. [8:04 MT]
Surveillance
Court Is Seeking Answers - The members of a secret federal
court that oversees government surveillance in espionage and terrorism cases
are scheduled to receive a classified briefing Monday from top Justice
Department and intelligence officials about a controversial warrantless-eavesdropping
program, according to sources familiar with the arrangements. Several judges on
the
Cheney
Cites Justifications For Domestic Eavesdropping – Vice President Cheney said yesterday that the
Sept. 11, 2001, terrorist attacks might have been prevented if the Bush
administration had had the power to secretly monitor conversations involving
two of the hijackers without court orders. [7:53 MT]
Marriott
Discloses Missing Data Files – Yesterday afternoon I received
a call from Mike Rosenwald at the
Accused serial rapist recaptured in
Florida – Now here’s a beaut. “Reynaldo E. Rapalo, 34, is accused of
terrorizing the city’s Little Havana and a nearby neighborhood called
Shenandoah in 2002 and 2003…The so-called Shenandoah rapist was the target of a
massive manhunt following attacks on girls and women ages 11 to 79. Police say Rapalo, who was arrested in September 2003, was linked to
the rapes by DNA evidence. In addition to the alleged sexual assaults, he is
also accused of attacking four other women and girls. During the original
search for the rapist, more than 120 men, most of them Hispanic, were stopped
by Miami police and asked to volunteer DNA samples, a tactic that was denounced
by civil rights activists…The rapist terrified women and the parents of young
girls across the Little Havana area. Three were young girls who were attacked
in the span of four weeks. An 11-year-old was raped as she arrived home from
school.” Now look – I’m not in favor of stopping folks on the street and
asking them to submit to DNA testing – but here’s the kicker: “Rapalo had been
living in
"Free Flow of Information" Evangelists Preaching the
Virtues of Reticence – OK OK.
That title left me confused as well. But Chris Hoofnagle over at EPIC West
operates a great blog and this piece is worth a gander. Citing a recent LA
Times article, Chris dissects the behind the scenes machinations by banks (and
arguably other data holders) in the battle over data breach notification
legislation. Chris is one of the nation’s leaders in following these issues and
is a straight-shooter. Add his blog to your daily reading!!
Data
Brokers Press for U.S. Law – This is the piece by Joseph Menn at the LA Times that Chris Hoofnagle references in the
above post from his blog. It is a very good review of the strategies involved
in the data breach notification legislation pending in Congress.
Fraud
Alleged at Red Cross Call Centers – Uh oh! “Nearly 50 people have been indicted in connection with a scheme that
bilked hundreds of thousands of dollars from a Red Cross program to put cash
into the hands of Hurricane Katrina victims, according to federal authorities.
Seventeen of the accused worked at the Red Cross claim center in
Hope
and Toil at India's Call Centers – Speaking of call centers. I wonder how
many Americans realize how much of their personal information is being bandied
about overseas. And I wonder how the majority of Americans feel about it. My
wager? Most Americans would be appalled! While the story deals mostly with
issues of culture in India, here are a few snippets that, it seems to me, tell
another part of the story: “Donning
headsets and fake American names, they placed and fielded phone calls to and
from the United States, collecting bills, selling products and raising credit
limits…In India, call centers are part of a burgeoning industry known as
"business process outsourcing," or BPO -- a new world created by a
rush of foreign investment as Western companies outsource functions such as
customer care and billing services…Companies such as Convergys now employ more
than 5,000 in India to perform "back-office" functions. This suburb
south of
Indictment by text message
– OK. I don’t know about you, but I’m thinking I wouldn’t sign up for this
service. According to Reuters, “South Koreans may look at their mobile
phones with some trepidation in the new year because prosecutors will start
telling people they have been indicted via text messages, an official said on
Monday.” Now the first thing I’m wondering is, what ring tone do you
dedicate to an incoming indictment? Maybe the theme to Dragnet?? But here’s the
catch. It seems “[p]eople
will receive a text message of a legal notice only after they apply for the
service…” OK. So now I’m thinking if you’re stupid enough to sign up for
indictments by text message you deserve to be indicted. I’m also wondering –
should this come to the ol’ USofA – what the framers
would have to say about due process by text message.
Tape with data on
2 million people recovered – OK. So
what else is new? Actually there is one
thing new in this story. The fact that the missing tape was recovered sets this
case apart from the myriad of cases where he tap goes missing and is never
recovered. But how did it go missing in the first place? What information
security procedures were in place? Congress seems asleep at the switch when it
comes to assisting us in protecting what is, after all, our own customer
information. Check out Bob Sullivan’s
take on Congress dropping the ball on legislation this year over at The Red Tape
Chronicles at MSNBC.com.
The lowest scam –
Speaking of Bob Sullivan and MSNBC.com, check out this story about a young man
fighting for his life against leukemia while at the same time fighting to
regain his identity from the identity thief who worked at the hospital that was
treating him. In addition to the Dateline
news piece, check out Sullivan’s blog on the issue of Hospital ID Theft at The
Red Tape Chronicles. As for me, I
have two questions. Why does it take a seriously ill man doing his own
detective work combined with an investigative news team embarrassing the police
before the authorities will do anything? Abd why
hasn’t the ID thief’s knees met the fat part of a fast moving baseball bat?
President
Acknowledges Approving Secretive Eavesdropping - President Bush today
acknowledged that he had secretly authorized the National Security Agency to
eavesdrop on international communications of Americans and other domestic
residents with known links to al Qaeda.
Text:
President Bush's Weekly Radio Address – Patriot Act/NSA Eavesdropping - As
president, I took an oath to defend the Constitution, and I have no greater responsibility
than to protect our people, our freedom, and our way of life…In the weeks
following the terrorist attacks on our nation, I authorized the National
Security Agency, consistent with U.S. law and the Constitution, to intercept
the international communications of people with known links to al-Qaida and related terrorist organizations. Before we
intercept these communications, the government must have information that
establishes a clear link to these terrorist networks. This is a highly
classified program that is crucial to our national security. Its purpose is to
detect and prevent terrorist attacks against the
Renewal
of Patriot Act Is Blocked in Senate - Efforts to renew the
Bush
Lets U.S. Spy on Callers Without Courts - Months after the Sept. 11
attacks, President Bush secretly authorized the National Security Agency to
eavesdrop on Americans and others inside the United States to search for
evidence of terrorist activity without the court-approved warrants ordinarily
required for domestic spying, according to government officials. Under a
presidential order signed in 2002, the intelligence agency has monitored the
international telephone calls and international e-mail messages of hundreds,
perhaps thousands, of people inside the United States without warrants over the
past three years in an effort to track possible "dirty numbers" linked
to Al Qaeda, the officials said. The agency, they said, still seeks warrants to
monitor entirely domestic communications.
In
the Blink of an Eye, You've Paid – Almost faster than you can say
"Will that be debit or credit?" the next generation of electronic
payment options is taking hold in stores across the country. Forget standing in
line, swiping your card at the cash register, waiting tedious seconds for your
purchase to be approved and then signing the receipt, while people behind you
make restless rustling noises. Who has time for all that? These technologies
allow you to flash a card in front of a scanner, or touch a fingertip to a
screen - and without so much as a ka-ching, the item
is bought, your account is charged and you're outta
there. Often without even a receipt.
I Still Know Who
You Called Last Month – It’s actually obscene what you
can find out about people on the Internet.
Childern's Health Council data stolen
- A backup tape that contained the Social Security numbers, birth dates and
detailed psychiatric and other health information for thousands of current and
former clients of the Children's Health Council in Palo Alto was stolen just
after Labor Day, the non-profit agency confirmed Sunday. Payroll information on
about 700 current or former employees and credit card and other financial
information from parents of clients also was on the tape, which disappeared
from a locked room a day or two after the holiday weekend…The theft, affecting
an estimated 5,000 to 6,000 clients, is the latest in a number of high-profile
cases this year that have raised the specter of identity theft.
Stolen
Berkeley Laptop Recovered, 100,000 Identities Erased - A laptop stolen in March
from offices at the University of California, Berkeley contained identities of
nearly 100,000 students has been recovered, the school announced this week, but
it's still unsure if the information was accessed or used.
Consumers
Insist Financial Institutions Remain Vigilant in Protecting Their Privacy: EDS
Survey - The survey indicates 30 percent of consumers would close all
accounts and move their business to another financial institution if their
personal information was compromised and a further 10 percent would close some
of their accounts and use another bank. In addition, 55 percent would
discontinue banking until they felt the crisis was resolved.
U.K.
Billionaire Green Victim Of ID Fraud - The
charlatans and swindlers have targeted the little man for years: Identity theft
via credit card fraud became an IT industry boom in itself. Yet hoaxers have
now realized there are bigger phish to fry, in the
form of corporate identity theft. According to a British newspaper report,
billionaire entrepreneur Philip Green
has apparently run afoul of such trouble. A property company Green reportedly
runs with his mother was targeted by thieves, who charged cars, computers and
cell phones to Green's tab.
Now, Every
Keystroke Can Betray You - Bank customers know to shield their ATM
passwords from prying eyes. But with the rise of online banking, computer users
may not realize electronic snoops might be peeking over their shoulder every
time they type. In a twist on online fraud, hackers and identity thieves are
infecting computers with increasingly sophisticated programs that record bank
passwords and other key financial data and send them to crooks over the
Internet.
Florida
cop misused data, ChoicePoint claims - A Miami-Dade
police officer allegedly peeked at thousands of private consumer records in
what database giant ChoicePoint described as illegal use of its information.
The company also announced three other incidents of improper access, two
involving private investigators…Privacy rights advocate Chris Hoofnagle of the
Theft Of Verizon
Wireless Customer Records Halted - Verizon Wireless says that it has
secured a court order to halt a Tennessee-based company's illegal practice of
obtaining and selling confidential telephone records of Verizon Wireless
customers. Earlier this summer, Verizon Wireless sued Source Resources seeking
among other things an injunction barring Source Resources from acquiring,
possessing or selling confidential Verizon Wireless customer account
information without a valid court order or the customer's express consent.
Superior Court Judge Harriet Derman ordered a
permanent injunction against Source Resources Tuesday as part of a settlement
between Verizon Wireless and the company. Source Resources also agreed to
cooperate with Verizon Wireless by surrendering records of its transactions and
information about how it previously obtained customer records. "Accessing
a person's personal telephone records without a valid court order or the
customer's permission is illegal," said Steven Zipperstein,
General Counsel and Vice President of Legal and External Affairs at Verizon
Wireless. "Verizon Wireless will protect our customers against these kinds
of assaults on their privacy, and we will use every weapon in our legal arsenal
to shut down identity-theft operations.”
Cyber cons, not vandals,
now behind viruses - Computer hackers seeking financial gain rather than
thrills or notoriety are increasingly flooding the Internet with malicious
software code, according to a semi-annual report issued on Sunday.
Identity
Theft Hitting Home - Americans are more than seven times as likely to be a
victim of identity theft or fraud than to lose a vehicle to a thief, according
to the Insurance Information Institute and the Federal Trade Commission.
Click-clack of keyboard
could be security risk - Forget about watching, Big Brother may be
listening. Sounds from typing on computer keyboards are distinctive enough to
be decoded, allowing security breaches caused by "acoustic snooping,"
Dutch
to Create Cradle-To-Grave Database - The Dutch government will begin
tracking every citizen from cradle to grave in a single database, opening a
personal electronic dossier for every child at birth with health and family
data, and eventually adding school and police records.
Identity
Theft Up 50 Percent In New Hampshire - The number of identity theft victims
in
Medicare,
Defense cards boon to ID theft - While the U.S. Federal Trade Commission
tries to combat identify theft, several federal agencies continue to use Social
Security numbers.
Crave privacy?
New tech knocks out digital cameras - Researchers at the Georgia Institute
of Technology have come up with an inexpensive way to prevent digital cameras
and digital video cameras from capturing that secret shot.
Microsoft
acquires ID management company Alacris -
Microsoft on Monday announced that it has acquired ID management partner Alacris in a move to bolster its security efforts.
Don't trust
security to techies alone, Gartner says - Businesses should no longer let
techies dictate how a company secures itself, analyst firm Gartner said this
week.
Companies urged
to move beyond passwords - Companies are "fiddling while
Katrina victims face identity crisis - Katrina washed away their homes, their personal belongings,
and their livelihoods. It may have washed away their identities,
too. Scattered to all corners of the
Are Your
Cell Phone Records for Sale Online? - You can see who
you've been talking to on your cell phone by taking a quick glance at your
monthly bill. What's disturbing is anyone with online access can pay to find
out some of that exact same information. Online credit card scams and
fraudulent e-mail spam that seek personal financial information have raised
awareness of the threat of identity theft. But now privacy groups and security
concerns are also raising the alarm about so-called online "information
brokers" — Web sites that will obtain and sell personal information to
anyone willing to pay…online information brokers
are using a mix of old and new illicit tricks to get at supposedly protected
phone call data. "In some instances, they have contacts on the inside they
can bribe," says Rob Douglas, a former private investigator of 20 years.
"But a majority of instances … almost exclusively, they are using
'pretexting.'" Pretexting, says
Privacy
Group Urges FCC to Guard Phone Data - A privacy group
wants the government to force telephone companies to better protect their
customers' private data -- including records of calls made and received -- from
being bought and sold on the Internet. In a petition scheduled to be filed
today, the
Electronic Privacy Information Center
- EPIC Petitions FCC to Protect Customers' Info. [Contains links to the FTC and FCC complaints filed by EPIC
that are referenced in the above two articles]
Deluged with credit card
mail? Help is coming - Starting in August, banks that mail pre-screened credit
card applications to consumers must include a prominent notice advising
consumers how to get off their mailing list. The new Federal Trade Commission
regulations, mandated by the 2003 Fair and Accurate Credit Transaction Act,
took effect Aug. 1. Starting immediately, each mailing must include a notice in
bold type on page 1 listing the phone number and Web site that allows consumers
to cut off credit card solicitations. Consumers who call 1-888-5OPTOUT or visit
www.optoutprescreen.com can
“opt out” of most mailings…Using either the telephone or the Web site,
consumers must provide their Social Security Number and other personal
information to get on the opt-out list. Since many consumers have been
instructed never to hand over that number to anyone on the telephone or the
Internet, it’s possible many consumers abandon the process half-way,
Probe of online
investigation firms sought - A privacy rights advocacy group has asked the
Federal Trade Commission to investigate whether Web sites advertising
investigative services capable of digging up personal information such as phone
call records are violating federal laws…"We've asked the FTC to begin an industrywide investigation into these practices,"
Chris Hoofnagle, senior counsel at the group's San Francisco office, said
Friday…Hoofnagle said EPIC also plans to file
complaints with state attorneys general, state regulators of private
investigators and attorney bar association ethical committees, because it
believes law firms are among the most frequent clients of the online investigation
firms.
Online Data Gets Personal: Cell Phone Records for Sale - Fueled by the ease of online commerce, snoops are on the trail of other personal information, too. One of the hottest markets: records of phone calls, especially from cell phones…"Information security by carriers to protect customer records is practically nonexistent and is routinely defeated," said Robert Douglas, a former private investigator and now a privacy consultant who has tracked the issue for several years.
Home Contact Us News PT in the News Services Speeches Identity Theft