CIMIP - Center for Identity Management and Information Protection

June 2010 News Archive

June 30, 2010

New York hospital loses data on 130,000 via FedEx

New York's Lincoln Medical and Mental Health Center is notifying patients that their personal information may have been compromised after seven CDs full of unencrypted data were FedExed by a hospital contractor and then lost in transit. full article

Confidential cemetery papers found dumped

Residents are fuming after a cardboard box overflowing with personal information, including credit card numbers, was found outside a Hamilton cemetery yesterday. full article

UMaine students who sought mental health services' data compromised

The University of Maine police department is investigating a data breach of which has lead to the exposure of personal and medical information of almost 5,000 students between the summer of 2002 and this past week. full article

Laptop with personal data of 24,000 people is stolen

Training company A4e said the data was held on a personal computer of an employee which was stolen in "an opportunistic domestic burglary". full article

Social Security numbers, federal tax numbers released in error by Sparta Board of Education

A local activist’s recent public records request resulted in some extra information — namely, some personal Social Security numbers, and some federal tax identification numbers. full article

Officials investigate potential information breach

Some personal information from a computer science and engineering class at Cal State San Bernardino may have been disclosed. full article

FTC Cracks Down On Online Payment Scam

At the request of the Federal Trade Commission, a federal court has halted an online scam that used identity theft to place more than $10 million in bogus charges on consumers' credit and debit cards, pending a trial. full article

RHS Computer Security Breach

The following is a letter from Ridgefield High School Principal Jeff Jaslow and Superintendent Deborah Low, dated June 21, that was dispersed in the high school's PTSA e-blast on Monday evening. full article

Elderly couple lose $512,000 to scammers

An elderly Australian couple that had already lost over $440,000 to overseas scammers reportedly ignored warnings by police and lost another $60,000, according to a new report. full article

Whirlpool DDoS attacks to be reported to police

Site down for second consecutive day.

Australian broadband forum Whirlpool was today hit with a distributed denial of service attack, the second day in a row the popular site was attacked. full article

Latest Email Attacks Prey on People's Familiarity With the Web

Email security companies and their customers continue to battle the weakest link in email security as the latest email attacks prey on people's trust in popular brands. These new attacks have the look and feel of trusted brands, increasing the likelihood that recipients will respond. full article

Is Cyberstalking Becoming a Serious Threat?

In the last few weeks, Christina DesMarais has lived in a state of fear. full article

Scammers Exploit the FTC’s Good Name, Promise Phony Sweepstakes Prizes

Someone who claims to work for the Federal Trade Commission calls to inform you that you have won a lottery or sweepstakes. To receive the prize, all you have to do is pay the taxes and insurance. The caller asks you to wire money or send a check for an amount between $1,000 and $10,000. What should you do? Don’t send money or account information, and immediately report the incident to the real Federal Trade Commission (FTC). full article

Whistleblower’s complaint leads to Medicare fraud charges in Georgia

A whistleblower’s accusations led federal prosecutors to issue a civil False Claims Act complaint against an Augusta, Ga.-based Medicare provider and its former owner, alleging they submitted fraudulent claims for more than $690,000. full article

Government seeks input on cyber security plan

In the murky world of the Internet, how do you ever really know who you're talking to, who you're buying from or if your bank can actually tell it's you when you log in to pay a bill? full article

Guard busted in $365k ID-theft scheme

A Georgetown-area security guard was charged in connection with a "a highly sophisticated" identification theft and fraud ring that ripped off more than 200 victims to pay for other people's bills, according to the U.S. Attorney's Office for the District of Columbia. full article

Task Force: Valet Busted in Credit Card Skimming Scam

Southern California has long been ground zero for credit card skimmers and identity theft hackers. full article

Boyfriend of missing Arizona woman held as police seek more clues

(CNN) -- The boyfriend of a missing Arizona woman is being held without bond on fraud and other charges while police seek additional information into his girlfriend's disappearance, Chandler police said Tuesday. full article

Destination Hotels card-processing system hacked

IDG News Service - Hackers have broken into the payment processing system of Destination Hotels & Resorts, a high-end chain best known for its resort hotels in destinations such as Vail, Colorado; Lake Tahoe, California; and Maui, Hawaii. full article

June 29, 2010

Supremes Strike Part of Sarbanes-Oxley Law

(CN) The Supreme Court on Monday struck down a challenge to the corporate reform law known as the 2002 Sarbanes-Oxley law, finding unconstitutional the way members of an accounting oversight board could be removed. The 2002 law was enacted to prevent fraud after accounting scandals at Enron were exposed. full article

EU agrees to share banking data with US

The European Union has reached an agreement with the US to continue sharing European bank data to help fight terrorism, after initially rejecting a proposal to extend information sharing because of privacy concerns. full article

Supreme Court's SOX decision may be non-event for IT

Unless Congress creates 2.0 version of Sarbanes-Oxley, analysts say it should be be compliance as usual

Computerworld - The U.S. Supreme Court's decision Monday on the Sarbanes-Oxley Act is unlikely to affect the jobs of IT managers, who have already spent bundles of money on software and staff time to ensure compliance with this 2002 law. full article

Ten Alleged Secret Agents Arrested in the United States

Multi-year FBI Investigation Uncovers Network in the United States Tasked with Recruiting Sources and Collecting Information for Russia

Eight individuals were arrested Sunday for allegedly carrying out long-term, "deep-cover" assignments in the United States on behalf of the Russian Federation, the Justice Department announced today. Two additional defendants were also arrested Sunday for allegedly participating in the same Russian intelligence program within the United States. full article

Social networks leak your information, study says

Think only your social network knows your location? Well, think again

Computerworld - Do you want everyone to know where you are? Well, your favorite social networking sites might be spilling the beans about your location. full article

72-Year-Old Man Gets 9 Years

SAN DIEGO (CN) - A 72-year-old man who lives in the wealthiest enclave in the nation was sentenced on Monday to 9 years in prison for defrauding investors of $25 million. Richard M. Hersch of Rancho Santa Fe promised 2% to 6% weekly returns from his company, All States ATM, which allegedly kept ATM machines on the "back side" of horse-racing tracks - where the public could not see or use them. full article

SEC Freezes Assets in $106M Ponzi Case

CHICAGO (CN) - The SEC on Monday froze the assets of a Virgin Islands-based man and charged him with running a $106 million Ponzi scam. Daniel Spitzer, of St. Thomas, claimed his many businesses never lost money and that one year they paid returns of 184.15 percent. But actually, the SEC says, he dished out $72 million as Ponzi payments and spent a lot on himself, including $900,000 in cash at the Wynn Las Vegas Casino. full article

Biased State DMV Destroys Naturalization Papers and Other ID, Class Claims

NASHVILLE (CN) - In a federal class action, a naturalized citizen claims the Tennessee DMV confiscated and defaced her naturalization documents when she tried to get a driver's license, because of her ethnicity. Diana Mata Cuellar wants the Tennessee Department of Safety and Hamblen County DMV enjoined from subjecting other people to this. full article

WellPoint Security Breach Put At Risk Information For 470,000 Nationwide, Including 5,600 In Connecticut

An online security breach put at risk the personal, financial and medical information of 470,000 WellPoint customers nationwide, including 5,600 in Connecticut, customers are learning this week in notification letters from the company. full article

ACLU sues state over police raid on Ketchikan clinic

ANCHORAGE, Alaska -- The American Civil Liberties Union of Alaska says there's no excuse for the state to violate medical-records privacy laws. The group filed a lawsuit against the state Monday, claiming it ordered a recent police raid of the A Woman's Place clinic in Ketchikan. full article

Hacker Croll Convicted For Infiltrating Obama's Twitter Account

PARIS — A court in central France has convicted a young Frenchman accused of infiltrating Twitter and peeping at the account of President Barack Obama, and given him a five-month suspended prison sentence. full article

Elaborate Identity theft scheme targets a million consumers

A federal court has halted an elaborate international scheme that used identity theft to place more than $10 million in bogus charges on consumers’ credit and debit cards, pending a trial. full article

NY Attorney General sends more mortgage-related warning letters

NEW YORK (AP) - More than 30 companies that promise help for at-risk homeowners have been added to the growing list of firms getting letters from New York attorney general's office over illegal and deceptive practices. full article

Reliance on passwords is biggest security threat, says hacking expert

Passwords are fundamentally insecure and represent the biggest security threat facing organisations, says Jason Hart, senior vice-president for Europe at security firm Cryptocard. full article

$2.8 million grant for cybersecurity training initiative at MVCC

UTICA, N.Y. - Mohawk Valley Community College will receive a $2,778,237 Community-Based Job Training Grant from the U.S. Department of Labor (USDOL) to implement the Upstate New York Cybersecurity Training Initiative that will provide training for 2,090 people through a partnership of 5 colleges and local adult education providers, according to Congressman Michael Arcuri. full article

June 28, 2010

Local Man, Woman Accused Of Aggravated ID Theft

A federal grand jury indicts a local man and a local woman on aggravated identity-theft charges Thursday. full article

ATMs vulnerable to hackers

A security expert has identified flaws in the design of some automated teller machines that make them vulnerable to hackers, who could make the ubiquitous cash dispensers spit out their cash holdings. full article

FBI Investigating Possible DSHS Hacker

The FBI is investigating whether a hacker broke into the state’s confidential cancer registry, possibly holding personal information and medical records hostage. full article

Spammers still hot for Michael Jackson

One year after his death, pop star Michael Jackson is still being used as a target for spammers. full article

Not even FBI was able to decrypt files of Daniel Dantas

The FBI failed to break the encryption code of hard drives seized by federal police at the apartment of banker Daniel Dantas, in Rio de Janeiro, during Operation Satyagraha. The operation began in July 2008. According to a report published on Friday (25) by the newspaper Folha de S. Paulo, after a year of unsuccessful attempts, the U.S. federal police returned the equipment to Brazil in April. full article

Tax Appraiser's Web site hacked

Those seeking information from the Highlands County Tax Appraiser's Web site may have been unable to access data for the last week due to a hacker. full article

Puerto Ricans targeted in massive ID theft schemes

Born in a U.S. territory where he has lived all his life, Jose Marrero Rivera didn't know his name and social security number were racking up thousands of dollars in unpaid charges in Chicago and Miami. full article

Sharp Hospitals Try Palm-Scanning ID System

Sharp hospitals across San Diego County are using a new way to identify its patients which is much more accurate than fingerprints. full article

Man ordered to repay $3M in Calif employment fraud

A former Marysville resident has been sentenced to prison and ordered to pay back $3 million in fraudulently obtained unemployment compensation. full article

FTC Says Scammers Stole Millions, Using Virtual Companies

The U.S. Federal Trade Commission has disrupted a long-running online scam that allowed offshore fraudsters to steal millions of dollars from U.S. consumers -- often by taking just pennies at a time. full article

June 25, 2010

Senate committee approves controversial cybersecurity bill

IDG News Service - A U.S. Senate committee has approved a wide-ranging cybersecurity bill that some critics have suggested would give the U.S. president the authority to shut down parts of the Internet during a cyberattack. full article

Spain uses stolen HSBC data for tax probe

Herve Falciani stole account data for around 79,000 clients three years ago and fled to France while under investigation before eventually handing it over to authorities. full article

Millions of student loan borrowers' personal info compromised

A suspect is under arrest, as investigators piece together clues in the theft of social security numbers belonging to millions of student loan customers. full article

Accused Hacker Who Balked at 2-Year Prison Deal Now Faces Decades

An alleged hacker who declined a 2-year plea deal is facing decades behind bars after federal authorities Thursday added multiple charges, including possession and distribution of child pornography. full article

IG: Pilots, Your Private Information Is At Risk

A Transportation Department inspector general (IG) report dated June 18 found "serious security lapses" in systems that the FAA uses to store pilots' personal information, including medical data. full article

Twitter Settles FTC Charges That It Failed to Protect User Data

Under consent decree terms, Twitter must establish an information security program, which will be assessed by a third party every other year for 10 years full article

In 4 Key Rulings, Supreme Court Limits Fraud Statutes' Reach

On the civil side, justices ruled that securities fraud class actions involving foreign investors or firms cannot be filed in U.S. courts unless shares were bought or sold within the U.S. full article

1½ Years, $15M Fine for Brocade's Ex-CEO

SAN FRANCISCO (CN) - The former CEO of Brocade Communications was sentenced on Thursday to 18 months in prison and fined $15 million for backdating stock options. A federal jury convicted Gregory Reyes of securities fraud, lying to accountants and keeping false books and records. Reyes was ordered to surrender on Sept. 10. full article

SEC Pulls Plug on Securities Cold Callers

(CN) - Top officers in the Advanced Technology Group sold $14.7 million in unregistered securities through "nationwide cold-calling campaigns," the SEC claims in Manhattan Federal Court. It sued ATG, formerly known as Oxford Global and FX3000, its founder and CEO Alexander Stelmak, and its president Abelis Raskas. full article

Nigerian man gets 40 months for immigration marriage scam

A Nigerian man has been sentenced to three years and four months in federal prison after falsely claiming on immigration documents and a marriage certificate that he had wedded an American woman — who actually didn't know him at all. full article

Feds: Hacker accused of Biden threat targeted Pawlenty, Klobuchar

Authorities added child pornography charges Thursday to allegations against a Blaine man accused of pilfering a neighbor's identity and e-mailing a death threat to Vice President Joe Biden. full article

University Hospital to rectify data breach

Offers year of credit monitoring

About 13,000 people will be getting notices from University Hospital of a potential breach in privacy because of a missing data tape, even if it appears unlikely that it was actually taken or that anyone could use the data, an official said Thursday. full article

Carder forum hack reveals information that can be used to track down members

It's every forum for itself in the cut-throat market of carder forums, and a security breach affecting one of them means more market share for the rest. It is, therefore, highly likely that this latest hack into the forum was perpetrated by or at the behest of some of its competitors. full article

June 24, 2010

Personal data accessed on Blue Cross website

More than 200,000 Anthem Blue Cross customers this week received letters informing them that their personal information might have been accessed during a security breach of the company's Web site. full article

Glenville personal data exposed

The town did not protect sensitive personal information when it used employee Social Security numbers on unsecured time sheets and unnecessarily kept credit card information of those who paid traffic fines, according to a state comptroller's audit released Tuesday. full article

Scotland Yard cuffs teens for role in cybercrime forum

Two teenagers have been arrested for their alleged involvement in the world's largest English-language cybercrime forum. full article

OYS: Business says it accidentally trashed customers' personal information

The loud hum of a giant shredder, filling the warehouse of Augusta Data Storage, is the sound of safety. full article

Dozens of credit card numbers stolen from Driskill guests

The credit card numbers of dozens of recent guests at the downtown Driskill Hotel were stolen after thieves hacked into the accounting network for the hotel’s management company, officials said. full article

'Prolific' credit card fraudster handed jail term full article

FBI warns on denial-of-service phone scam

The TDoS attacks use automated dialling programs and multiple accounts to overwhelm victims' mobile phones and land lines with thousands of calls. full article

Physician Group a Victim of Server Theft

Executives at a Nevada physician group are investigating how many patients were affected when a server was stolen June 11 from an administrative office in Reno, Nev. full article

Twitter Settles Charges that it Failed to Protect Consumers' Personal Information; Company Will Establish Independently Audited Information Security Program

Social networking service Twitter has agreed to settle Federal Trade Commission charges that it deceived consumers and put their privacy at risk by failing to safeguard their personal information, marking the 30th case the FTC has brought targeting faulty data security, and the agency’s first such case against a social networking service. full article

Six charged in Edmonton identity theft ring

Six people have been charged with operating a forgery ring that has stolen hundreds of identities. full article

How to Practice Safe Online Banking

Online banking is a double-edged sword for small businesses: It's easy and convenient, and yet it makes them vulnerable targets for cybercriminals. There are a lot of small businesses out there, and they don't all have the big budgets for IT resources or a large staff. full article

Prisoners, scammers profit on home-buyer tax credit

The Internal Revenue Service doled out more than $27 million in fraudulent claims for the home buyers' tax credit on returns for 2008, including claims by prisoners serving life sentences and people who purchased their home before the credit was in effect, a Treasury Department report said Wednesday. full article

Top court sides with ex-Enron CEO Skilling

The Supreme Court has sided with former Enron CEO Jeffrey Skilling in limiting the use of a federal fraud law that has been a favorite of white-collar crime prosecutors. full article

Nantucket Man Arrested and Charged with Operating International Online “Phishing” Scheme to Steal Income Tax Refunds

Mikalai Mardakhayeu, a Belarusian national residing in Nantucket, Mass., was arrested Wednesday night and charged for his alleged participation in an international online "phishing" scheme to steal income tax refunds intended for U.S. taxpayers around the country, announced Assistant Attorney General Lanny A. Breuer of the Criminal Division and U.S. Attorney Carmen M. Ortiz for the District of Massachusetts. full article

June 23, 2010

University to notify students and faculty regarding unsecure database

College of Education students and faculty members whose names were found in an unsecure database last month are being notified this week that some of their information may have been accessible to the public. full article

National Guard laptop stolen from car, sensitive personal information at risk

A federal laptop belonging to the Oregon National Guard has been reported stolen from a Guard member's vehicle, and may contain sensitive personal information concerning military service members. National Guard information technology personnel and Portland Police are investigating the theft. The Guard member was using the computer to conduct work from home. full article

Data breaches affect patients in 3 states

More than a million Florida residents lost personal information in one of several security breaches reported in recent weeks. full article

Four arrested in credit card scam

Four people are in jail for manufacturing credit cards using stolen information, said Caddo Sheriff Steve Prator. full article

Calif man accused of extortion through hacking

A hacker took over more than 100 computers and used them to extort sexually explicit videos from women and teenage girls by threatening to release their personal data, federal prosecutors charged Tuesday. full article

Google's Street View faces multi-state US probe

US state Connecticut will lead a multi-state investigation into Google's collection of wi-fi data. full article

How cybercrooks could cash in on your Facebook data

The gargantuan amount of high-quality user data on Facebook is causing everyone--from marketers to hackers--to salivate like dogs gazing at a steak. They all want a piece of you. full article

Warning issued over fake bank calls

The Thurston County Sheriff’s Office warns people to be on the lookout for fraudulent automated bank calls on cell phones that try to get bank customers’ debit card and personal identification numbers for identity theft. full article

Many Android apps pose privacy threat, says security vendor

As many as 20% of applications on Android Market let third parties access private or sensitive information, according to a report from security vendor SMobile Systems. full article

Hackers Aren't Only Threat to Privacy

Sophisticated hackers aren't the only ones gaining access to sensitive data on the Internet. A large amount of personal information is being left exposed or poorly protected by companies and governments. full article

UK chip and pin fraudster gang jailed

A gang of UK chip and pin fraudsters have been jailed for a nationwide scam that netted £725,000 in nine months. full article

Two London teenagers arrested in cybercrime investigation

The Metropolitan Police's Police Central e-Crime Unit (PCeU) has arrested two teenagers in an international cybercrime investigation. full article

Phony Immigration Agents Charged

SAN DIEGO (CN) - Federal prosecutors charged a man and woman with bilking immigrants of more than $100,000 through their bogus California Legal Services company of Pico Rivera. Armando Garcia and Elizabeth Alcocer claimed to be immigration officers and immigration attorneys, and took money to submit fraudulent federal applications, according to the 16-count indictment. full article

SEC Settles $28M Ponzi Complaint

MIAMI (CN) - Trade-LLC and its two managing members suckered investors in a $28 million Ponzi scheme, the SEC claims. Philip W. Milton and William Center persuaded three private investment clubs to hand over the money with promises of 8 percent monthly returns, according to the settled federal complaint. full article

June 22, 2010

UK: Credit card fraudster hits 35,000 motorists in petrol station scam

A computer wizard branded 'the most prolific chip and pin fraudster in the UK' was jailed yesterday for four years. full article

Spokeo Website Collects Personal Information

The internet has made a lot of things easier. Shopping, paying bills and communicating with friends can now be done at work, on your laptop, even on your phone. But all that convenience comes at a cost. full article

ESG: Average cost of medical breach between $30 and $150 per file

Many large healthcare organizations have recently paid heavy fines for security breaches that allowed the unauthorized viewing of patient data. According to Network World, the Enterprise Strategy Group reports each compromised medical file costs a healthcare organization between $30 and $150. full article

UK: Kent Police lose confidential data

Kent Police has been found in breach of the Data Protection Act, after confidential data was stolen from a police car sitting outside an officer's house. full article

Connecticut AG Investigating Google WiFi Incident

Connecticut Attorney General Richard Blumenthal said on Monday that his office will helm an investigation into the unauthorized collection of wireless network traffic by Google's Street View cars on behalf of an undisclosed number of states. full article

11 Nigerians and 3 local women held over love scam

Impersonating as good-looking Englishmen, 11 Nigerians had courted 111 single women here through Internet social networking sites before cheating them of their money to retrieve "special gifts" from Britain. full article

John Menard comments on attempted identity theft

John Menard praises his bank and with good reason. It prevented someone from stealing almost half a million dollars from him. full article

Months later, census still a source of concern

Little-known fact: Census 2010 workers are making follow-up calls as the project winds down, but some folks worry that it could be a ploy to steal personal information. full article

Pirates harness technology for scams

Exhibs, digital cinema service providers and 3D TV manufacturers aren't the only ones profiting from the technological revolution that is transforming the entertainment industry. full article

Peter Hoss: Beware Nigerian Web scams

Some readers may have received e-mails purportedly originating in Nigeria notifying recipients that money is being held for them in a blocked bank account. full article

YOU May Be Your Company's Biggest Security Threat

Anytime you're doing business on the road without security in place, you're open for business, but for the wrong customers. You wouldn't take your customers' money and let it hang out of your pockets for anyone to grab would you? By leaving data access points open to hackers, you're essentially doing just that. full article

June 21, 2010

Rogue tax workers snooped on ex-spouses, family members

Dozens of workers at Canada’s tax agency have been caught snooping on their ex-spouses, mothers-in-law, creditors and others by reading confidential tax files. full article

Organized Crime Has Globalized and Turned into a Security Threat

"Organized crime has globalized and turned into one of the world's foremost economic and armed powers," said Antonio Maria Costa, Executive Director of the United Nations Office on Drugs and Crime (UNODC) at the launch of a new UNODC report on The Globalization of Crime: A Transnational Organized Crime Threat Assessment. full article

Google's Wi-Fi snoop nabbed passwords and emails

The Wi-Fi traffic collected by Google's world-roving Street View cars included passwords and email, according to a report citing a preliminary study from the French data protection authority. full article

Stay of Execution

The FTC is delaying the implementation of its new "red-flag rules" until December 31, giving businesses more time to figure out the rules, which are meant to avert identity theft. full article

Sexual predator treatment squeezes budgets

Just off the highway leading to this woodsy Minnesota town, more than 400 men live behind tall fences topped with razor wire. They spend their days shuffling between meals, group therapy sessions and activities such as painting state park signs. full article

Fraudulent Telephone Calls Allowing Fraudsters Access to Consumer Financial and Brokerage Accounts

The FBI Newark Division released a warning to consumers concerning a new scheme using telecommunications denial-of-service (TDoS) attacks. full article

Card fraud case has ensnared hundreds

A popular Little Rock restaurant was the target of financial fraud that has tripped up “hundreds” of people around Central Arkansas, the Little Rock Police Department said Friday. full article

Police nab criminals on Facebook

Police have jumped on the social networking bandwagon to gather intelligence from local communities and help catch criminals. full article

Loopholes in Sex Offender Laws Exposed

Senator Charles Schumer introduced a bill that could close loopholes in current federal laws that give sex offenders easy access to children. full article

June 18, 2010

Internet Fraud Alert service to help rescue stolen account credentials

Microsoft, eBay, PayPal, Citizens Bank and several US regulators, consumer organisations and security groups have set up an online fraud alert service. full article

Confidential personal information stolen from Kent Police

The Information Commissioner's Office (ICO) has found Kent Police in breach of the Data Protection Act. full article


Hundreds Arrested in Mortgage Fraud Sweep

From industry insiders to straw buyers, nearly 500 people have been arrested in a nationwide mortgage fraud takedown that reflects the coordinated efforts of law enforcement to address the growing problem of crime in the housing industry. full article

Court: Search that found child porn OK

RICHMOND, Va. — The search of a Virginia Army private's MP3 player that revealed child pornography was constitutional because searches on military bases don't require probable cause, a three-judge panel of the Fourth U.S. Circuit Court of Appeals ruled Thursday. full article

Roundup Accuses 14 of Mortgage Fraud

LOS ANGELES (CN) - Federal and state officials on Thursday arrested 13 of 14 people charged with raking in $35 million in fraudulent mortgage schemes. The Ventura County residents could face up to life in prison if convicted of all charges; the 14th defendant is believed to be out of the country. full article

38 Charged With Mortgage Fraud Across USA

MANHATTAN (CN) - Federal prosecutors on Thursday charged 38 people with defrauding hundreds of homeowners and lenders across the nation. The eight indictments claim the defendants defrauded lenders of $29 million and victimized more than 240 homebuyers. Defendants include three lawyers, seven mortgage brokers, three real estate agents, and two loan officers. full article

Boiler Room Took $25 Million, SEC Says

(CN) - Operating from boiler rooms in Thailand and Costa Rica, a Florida man bilked people of $25 million by selling bogus shares in Texas oil wells, the SEC claims in Lubbock Federal Court. Justin Solomon, of Deerfield Beach, also sold shares in the nonexistent Caribbean Stock Exchange, the SEC says. full article

Ponzi at IBM, Tech Investor Says

PHILADELPHIA (CN) - Four IBM vice presidents orchestrated a 5-year-long Ponzi scheme, demanding money from investors even after canceling the related development project, according to a federal RICO complaint. Devon IT claims the vice presidents, who worked in IBM's hardware division, the Systems and Technology Group, used part of Devon's $12 million investment to inflate the division's earnings and fund projects with other business partners. full article

Microsoft, eBay, Citizens Bank launch online fraud alert service

IDG News Service - Microsoft, eBay and Citizens Bank have launched a new Internet fraud alert service designed to allow them to better share information about compromised accounts with each other in an effort to better fight online fraud. full article

June 17, 2010

iPad hacker arrested on multiple drug charges after FBI search

Once bragged he was on acid while delivering a security conference presentation

Computerworld - One of the hackers in the group that snatched more than 100,000 iPad owner e-mail addresses from AT&T's servers was arrested Tuesday on felony drug charges after the FBI searched his Arkansas home. full article

Spammers gear up for Father’s Day

Global spam exploiting Father's Day is increasing rapidly in the run up to the 20 June celebration in 52 countries, according to the Symantec Response team. full article

Hackers put sexual content on Tory Twitter

A hacker has posted sexually explicit comments on the Twitter, Facebook and blog accounts of Tory Member of Parliament Therese Coffey. full article

New cyber security threats facing the public sector

The US government is investing heavily in cyber security after the recent attacks on Google pushed the issue of targeted internet security breaches up the agenda. full article

FBI Says Woman Ran $45M Ponzi Scam

MANHATTAN (CN) - A New Jersey woman was arrested today and charged with running a $45 million real estate Ponzi scam, federal prosecutors said. Antoinette "Dina" Hodgson, 58, of Montclair, allegedly skimmed "tens of millions of dollars" from investors, spent "hundreds of thousands" of it in casinos in Atlantic City and Las Vegas, threw $700,000 into a Dunkin Donuts franchise, and gave "tens of thousands" to friends and family. full article

Data Breaches Persist In Health Care

In September 2009, the Obama administration’s Health Information Technology for Economic and Clinical Health (HITECH) Act went into effect, requiring hospitals and other health care organization to beef up client data protections. Despite this, a recent study found that health care data is still hemorrhaging from peer to peer networks. full article

NY ID Thieves Ripped Off Soldiers in Iraq, Afghanistan: Cops

More than 20 soldiers from Fort Hood are among 200 of victims ripped off by an identity theft ring in New York, law enforcement officials said. full article

Police Arrest 178 in U.S.-Europe Raid on Credit Card ‘Cloning Labs’

Police have arrested 178 people in Europe and the United States suspected of cloning credit and debit cards in an international scam worth over 20 million euro ($24.52 million), according to a report from Reuters and authorities in Spain. full article

Massive keylogger cache posted to

Details for thousands of accounts, from Facebook to PayPal, have surfaced over the weekend on The details, which come from keylogging software, appear to have been dumped automatically to the site based on observations from BitDefender, who tipped The Tech Herald off to their existence on Friday. full article

Authorities Indict 26 In Connection With City ID Theft Ring

The New York City Police Department has arrested 26 people, mostly natives of Nigeria, who were allegedly in the business of stealing identities and stole at least $5 million. They allegedly affected more than 200 soldiers, including many of whom were unaware of what was happening, since they were serving overseas. full article

Interior loses CD with personal data for 7,500 federal employees

A compact disc that contains personally identifiable information for about 7,500 federal employees has been reported lost by the Interior Department’s shared services center. full article

Treasurer's site exposes taxpayers' information to hackers

Franklin County property owners paying taxes online before Monday's deadline might have innocently allowed thieves trolling cyberspace to snag checking-account or credit-card numbers. full article

The Tie Between ID Theft & Illegal Immigration

Valley identity theft expert said there’s a strong correlation between high rates of ID theft and the numbers of illegal immigrants in a state. full article

Judge says alleged hacker can't use Internet, orders computers removed from his home

U.S. District Judge Donovan Frank was in a quandary: In an age where computers are everywhere and even cell phones have Internet access, how do you keep a man accused of hacking into his neighbors' e-mails away from computers? full article

FBI Issues 2009 Mortgage Fraud Report

According to the Federal Bureau of Investigation’s 2009 Mortgage Fraud Report, released today, mortgage fraud suspicious activity reports referred to law enforcement increased 5 percent to 67,190 during fiscal year (FY) 2009. The total dollar loss attributed to mortgage fraud is unknown. It’s estimated that $14 billion in fraudulent loans originated in 2009. full article

June 16, 2010

Civilian arrested at military base with possible explosives

(CNN) -- Military police at Fort Gordon, near Augusta, Georgia, have arrested a civilian for impersonating a soldier after "possible grenades" were found in his vehicle on base, a base spokesman said early Wednesday. full article

Two ID'd in Florida air base incident

MacDill Air Force Base, Florida (CNN) -- The names of two people who tried Monday to enter MacDill Air Force Base with unauthorized weapons were released by officials Tuesday. full article

AT&T-iPad security breach may be worse than first thought

Researchers looking into the security of GSM phone networks are suggesting that the recent breach, which saw tens of thousands of e-mail addresses and ICC-IDs inadvertently disclosed by AT&T, could have far more significant implications than a bit of extra spam: attackers can use the information to learn the names and phone numbers of the leaked users, and can even track their position. full article

AT&T hit by another data breach

Within days of researchers from Goatse Security finding a flaw in AT&T's website that exposed the e-mail addresses of over 100,000 iPad users, AT&T account information is being leaked. full article

Facebook not doing enough to prevent clickjacking attacks, say users

Clickjacking worms are becoming an increasing problem on Facebook, and most people believe the firm is not doing enough to combat the problem, a poll by security firm Sophos has revealed. full article

FTC Tries to Shut Down Robocaller

(CN) - The Federal Trade Commission claims Asia Pacific Telecom, Repo B.V. and SBN Peripherals made "tens of millions" of misleading telemarketing calls through a robocaller. A single phone number the companies used in 2009 caused nearly 14,000 Do Not Call complaints to the FTC. The company owners and operators, Johan Hendrik Smit Duyzentkunst and his wife, live in California, the FTC says. full article

SEC Suspends Former McKesson General Counsel

A former general counsel for McKesson HBOC Inc. (now McKesson Corp.) has been stripped (pdf) of his right to practice before the Securities and Exchange Commission for five years as part of a civil settlement resolving charges that he participated in financial reporting fraud. full article

420,000 scam emails sent every hour

More than 420,000 scam emails are sent every hour in the UK according to a report by CPP which estimates that Brits were targeted by 3.7 billion phishing emails in the last 12 months alone. A quarter of us admit to falling victim to e-fraudsters, with the average victim losing over GBP285 each. full article

June 15, 2010

Police arrest 178 in global credit card scam

Police have arrested 178 people in Europe and the United States suspected of cloning credit cards in an international scam worth over 20 million euros ($24.52 million), Spanish police said on Tuesday. full article


Authorities in Middle Township are investigating how documents from Municipal Hall containing personal information like social security numbers, landed in a public dumpster. The information, which was handed over to officials, could've easily landed in the wrong hands. full article

Three people arrested in internet fraud operation

SUSPECTED fraudsters are believed to have stolen the identities of scores of people across Devon in a huge scamming operation. full article

Hackers zoom in on Twitter accounts

Next time you are unable to log on to your twitter account and a message pops up asking you to reset your password, beware! It may be one of the new wave of spam emails that try to deceive subscribers into clicking on a password reset instruction and expose computer systems to worm attacks. full article

Chico-based credit union victimized in identity theft 'phishing' scam

An identity theft "phishing" scam discovered this morning was set up to appear to come from Chico-based Star Community Credit Union and seemed to target people whose cellular service is provided by AT&T. full article

Calif. Hospitals Hit With Stiff Data Security Fines

Five California hospitals were fined a total of $675,000 last week for failing to secure patient data, a development that signals a change in how state and federal governments are starting to hold companies and organizations accountable for their data security practices. full article

N.Y. handyman accused of improperly accepting workers’ comp. benefits

A Red Hook, N.Y., handyman is accused of misrepresenting his work status in order to collect more than $20,000 in workers’ compensation benefits. full article

Pickpocket ring nabbed in Louisville

Most of them grew up together in public housing complexes in Louisville, and they started out as a strictly local organization, picking pockets in restaurants and at the Kentucky Derby. full article

Hacker charged with threatening US VP using neighbour's PC

A hacker tried to frame his neighbour by tapping into his Wi-Fi and sending threatening emails to US vice president Joe Biden, according to search warrant affidavits unsealed last week. full article

CardersMarket hacking kingpin jailed for 13 years

Prolific malicious hacker Max Ray Vision was jailed for 13 years over a series of massive credit card scams that cost US banks an estimated $86 million. full article

Idaho crackdown on ID theft yields arrests, guilty pleas

Several identity-theft suspects were in Treasure Valley courts last week, the U.S. Attorney's Office for Idaho reports. full article

June 14, 2010


The California Department of Public Health (CDPH) announced today that five California hospitals have been assessed administrative penalties and fines totaling $675,000 after a determination that the facilities failed to prevent unauthorized access to confidential patient medical information. full article

Belgian Royal Family, Hey?

MANHATTAN (CN) - Guy Albert de Chimay stole $6 million from clients of Chimay Capital Management by claiming ties with Belgium's royal family, the SEC claims in Federal Court. full article

Rothstein's Top Assistant Pleads Guilty, Describes Her Role in Ponzi Scheme

Villegas pleads guilty to one count of money laundering

Debra Villegas, Ponzi scheme convict Scott Rothstein's top assistant, said Friday that her boss told her he was tied in with the Mafia and mobsters would kill him if she didn't forge fake settlement agreements in his $1.2 billion scheme. full article

Jury Convicts Two New York Importers in One of the Largest Counterfeit Goods Prosecutions in U.S. History

Chong Lam, 52, and Siu Yung Chan, aka Joyce Chan, 42, both of New York, were convicted yesterday for their participation in one of the largest counterfeit luxury goods operations in the United States, announced Assistant Attorney General Lanny A. Breuer of the Criminal Division, U.S. Attorney Neil H. MacBride for the Eastern District of Virginia and Assistant Secretary John Morton of the U.S. Immigration and Customs Enforcement (ICE). full article

Tech Insight: Working With Law Enforcement After A Breach

FBI-hosted event offers tips on how to interface with the feds, law enforcement

Working with law enforcement in the aftermath of a data breach doesn't have to be scary and one-sided. full article

iPad e-mail hackers defend attack as 'ethical'

Computerworld - The hackers who harvested an estimated 114,000 Apple iPad 3G owner e-mail addresses defended their actions Friday as "ethical" and said they did nothing illegal. full article

Two Maryland Men Convicted in Mortgage Fraud Scheme

Used Straw Purchasers and the Stolen Identifiers of Four Other Individuals to Purchase Six Baltimore Properties; Five Went Quickly Into Default

BALTIMORE—A federal jury has convicted Dema Daiga, age 28, of College Park, Maryland, and Olu Campbell, formerly known as Oluseun Oshosanya, age 29, of Laurel, Maryland, of numerous counts of wire fraud arising from a scheme to defraud a mortgage lending company in connection with six Baltimore properties. Daiga was also convicted of two counts of aggravated identity theft in connection with the scheme. The verdict was returned late yesterday. full article

Sacramento, Folsom, Placer County detectives find credit card skimmers at gas stations

After an investigation has led to the discovery of three identical credit card skimming machines inside gasoline pumps in Placer County, Sacramento and Folsom, authorities are now looking for the people who may have used the machines to collect personal identification information. full article

FDA wants safety, accuracy data on consumer genetic tests

The recent mixup that resulted in the genomic testing company 23andMe sending test results to the wrong people may end up being the least of its worries. full article

Cyber espionage threatens global security (Part 1)

Teenage hackers cracking government and corporate networks for the sheer thrill of breaking into reputedly impenetrable firewalls once made compelling headlines. full article

The World Cup Is Expected to Bring Boost in Credit Card Fraud

Hundreds of thousands of football fans are flocking to South Africa for the World Cup, which begins 11 June. But for banks, the world's biggest sporting event won't just offer thrilling goals and hard-fought games. It also brings major worries about credit card fraud. full article

World Cup IT Security Follows Swiss Rules

Mahindra Satyam, the soccer tournament's official IT services provider, is responsible for safeguarding 160,000 users, the distribution of 3 million tickets, and 40 terabytes of data. full article

In ‘phishing’ scams, your friends get lost

A stolen bag. Lost cash. A missing passport. full article

Failed cyberattack launched against South Korea

Two South Korean government websites were struck by the second cyberattack in a week, but suffered no major damage, the government said Saturday. full article

Adult Web sites lure cybercrime victims

Porn surfers are likely to have out-of-date software that can be exploited, making those users an attractive target for cybecriminals, according to a study. full article

Spammers lose their creative edge

Spammers are now perhaps becoming more desperate and less creative in their attempts to trick email users into opening their messages. A blank email subject line was the most favoured tactic used in May, closely followed by the rather desperate ‘Please Read’ heading, Symantec’s June State of Spam and Phishing report has highlighted. full article

Survey: Travelers lackadaisical about identity theft

Despite the fact that identity fraud is one of the fastest-growing crimes in the U.S., more than half of Northern New England residents have little or no concern about it happening to them while traveling or visiting retail locations this summer, according to a new survey by AAA Northern New England. full article

Malicious Twitter Spam Making Rounds on Internet

Security researchers at the ThreatSeeker Network of Websense Security Labs are warning users of a latest malicious spam message targeting Twitter users. full article

June 11, 2010

FBI to investigate AT&T iPad data breach

The Federal Bureau of Investigation has confirmed that it will be examining the circumstances surrounding a security breach of AT&T's network that exposed the email addresses of an estimated 114,000 Apple iPad owners. full article

City publishes private info on FOIA website

The city of Springfield put documents online that contained such sensitive information as people’s Social Security numbers, driver’s license numbers, home and work telephone numbers -- even a bank account number and the name of someone who called the state anonymously to report suspected child abuse. full article

Woman pleads guilty to stealing Durham city workers' identities

A Durham woman was sentenced Thursday to prison after pleading guilty to using the personal information of city employees to obtain credit cards and purchase items online and by phone. full article

Cashier at Bellmore Payless Store Accused of Identity Theft

A Long Island shoe store employee is accused of stealing security information from customers' credit cards and making duplicate cards.

At least 40 Dixie Cafe customers impacted by hackers

Executives with the Dixie Cafe say they just discovered the breach this week, hitting two locations in Little Rock and Hot Springs. full article

Everett man who stole IDs of 70 people is sentenced

An Everett man was sentenced to 40 months in prison Wednesday on federal bank-fraud and identity-theft charges that involved fraudulent use of the identities of about 70 people. full article

SB hospital fined $325,000 for breach of patient records

Community Hospital of San Bernardino has been fined a total of $325,000 for breaches of more than 200 patient records by two employees in 2009. full article

S. Korean gov’t website hit by cyber attacks

South Korea's intelligence service is investigating a major cyber attack on the main government website by hackers traced to China, officials said Thursday. full article

Grid Protection and Cybersecurity

The House of Representatives yesterday passed the “Grid Reliability and Infrastructure Defense Act” which is intended to bolster that national electric grid against terrorist attacks, cyber threats, electromagnetic pulse weapons and solar storms. full article

Lax Password Protection Invites Hackers

Security companies reveal that computer users are doing a woeful job of password-protecting their data, leaving accounts vulnerable to hackers. But the dilemma facing security-conscious computer users is that while you want to use as tough a password as possible, you don't want it to be so obscure that you forget it a minute after you create it. full article

Guilty plea by young hacker

An Adelaide man has pleaded guilty to infecting thousands of computers with a virus designed to grab bank account details. full article

June 10, 2010

Apple's Worst Security Breach: 114,000 iPad Owners Exposed

Apple has suffered another embarrassment. A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians. They—and every other buyer of the cellular-enabled tablet—could be vulnerable to spam marketing and malicious hacking. full article

Olympus apologises after shipping malware-laced cameras in Japan

Olympus has apologised after it distributed a digital camera in Japan that came with added malware on its internal memory card. full article

Mass Web attack hits Wall Street Journal, Jerusalem Post

IDG News Service - Internet users have been hit by a widespread Web attack that has compromised thousands of Web sites, including Web pages belonging to the Wall Street Journal and the Jerusalem Post. full article

'Brute force' script snatched iPad e-mail addresses

'No hack, no infiltration, no breach,' say security experts, just sloppy AT&T software

Computerworld - The harvesting of over 100,000 iPad 3G owners' e-mail addresses was not a hack or a classic data breach, but a brute-force attack of a minor feature AT&T offered to Apple customers, experts said Wednesday. full article

Execs Convicted of Securities Fraud

(CN) - A federal jury in Manhattan on Tuesday convicted the former CEO and CFO of the Duane Reade pharmacy chain of securities fraud. Former CEO Anthony Cuti and former CFO William Tennant conspired to inflate company income through "fraudulent real estate transactions" with third-party brokers from November 2000 to June 2005, prosecutors said. full article

$11 Million Latin American Ponzi Alleged

(CN) - Investors say a Latin American corporation took them for $11 million in a Ponzi scheme, and charged exorbitant commissions on futures trading along the way. The 18 plaintiffs claim that Alaron Trading Corp. charged them "$42 per round turn contract, almost three times the going rate, and shared the grossly inflated commission charges" with a Guatemalan company. full article

FTC Urges Consumers to Watch Out for Scams Related to Gulf Oil Spill

As the nation follows news of the oil spill in the Gulf of Mexico, so do scammers. The Federal Trade Commission issued an alert urging consumers and businesses to watch out for con artists trying to take advantage of the oil spill in the gulf and to report their experiences to federal and state authorities. full article

Vietnam Accused of Cyber Attacking Bloggers

The Vietnamese government is being accused of conducting cyber attacks to bring down the websites of independent bloggers, as well as arresting some of the dissidents. full article

Nassau County Woman Arrested for Counterfeit Check Scam

A local woman has been arrested for taking part in an international check fraud scheme, police said. full article

FTC Urges Consumers to Watch Out for Scams Related to Gulf Oil Spill

As the nation follows news of the oil spill in the Gulf of Mexico, so do scammers. The Federal Trade Commission issued an alert urging consumers and businesses to watch out for con artists trying to take advantage of the oil spill in the gulf and to report their experiences to federal and state authorities. full article

Court Puts Brakes on Company That Deceptively Pitched “Extended” Auto Warranties

At the Federal Trade Commission’s request, a federal court has halted a Florida-based telemarketing operation that the FTC alleged was deceptively promoting so-called “extended auto warranties” to consumers nationwide. full article

Identity theft, not viruses, is threat for smartphones

As more people switch from traditional cell phones to smartphones, worries have increased that users will fall prey to the same virus and malware problems that can plague personal computers. full article

Amish Man Is Charged With Multiple Sex Crimes

An Amish man from Curryville could face up to 32 years in prison for sexual-based crimes he allegedly perpetrated with at least five underage girls. full article

June 9, 2010

Revenge of (fired) nerd

Never sack the tech guy -- he knows your IP address. That's the lesson a Manhattan hospital learned the hard way after a disgruntled computer geek was busted for allegedly hacking into its internal computer network, including patient information and test results. full article

Cyberattacks still top security priority

USIS released a study that identified key issues facing government and industry security personnel and identified a key issue in terms of security vendor structure and organization. USIS surveyed more than 250 government and industry leaders in the safety, security, and law enforcement market. full article

Content providers phishing for demographic data via logins

There has been a steady flow of academic studies into the insecurity of the username/password authentication system (a number of which we've covered at Ars) that suggest it's doomed to failure: humans have a limited memory capacity for unique strings of random characters, which is precisely what most experts recommend as a secure password. A pair of academic researchers from Cambridge have analyzed the use of passwords by many prominent online sites, and found that many sites require passwords as a sort of security theater, requiring them in contexts that are superfluous and failing to do their part to secure the information on their end. The end result, they argue, is a tragedy of the commons, with the commons being the finite memory of the average user. full article

FTC examines privacy risks of copier hard drives

The FTC is looking into the issue of sensitive documents stored on photocopier hard drives, which could be a treasure trove for identity thieves

The U.S. Federal Trade Commission is urging the photocopier industry to address privacy risks arising from the fact that digital copiers store thousands of documents on their internal hard drives. full article

Province ponders revealing privacy breaches after leak to Teamsters union

The Saskatchewan Party government said Tuesday it will consider the mandatory disclosure of privacy breaches by government agencies after some recent high-profile incidents. full article

Cn: College officials suspended in ID-theft probe

TWO college officials in central China's Hubei Province have been suspended from their jobs during a probe into an identification theft from a female student. full article

India to check all Chinese telecoms equipment for spyware

India is appointing auditors to check that all telecoms equipment imported from China is free of software designed to monitor data transmissions. full article

Data Protection Act is out of kilter with EU law, warns privacy lawyer

The single most important change required in UK data protection regulation is to bring the law into line with European legislation, says Stewart Room, partner at law firm Field Fisher Waterhouse. full article

Mansfield, Texas, Man Pleads Guilty to Commodities Fraud Involving Foreign Currency Trading Ponzi Scheme

WASHINGTON - Ray M. White, 51, pleaded guilty today before U.S. Magistrate Judge Paul D. Stickney in Dallas to a criminal information charging him with one count of commodities fraud, announced Assistant Attorney General Lanny A. Breuer of the Criminal Division and U.S. Attorney James T. Jacks of the Northern District of Texas. full article

Security breach exposes Tufts alumni records

Thousands of Tufts University alumni have received letters over the past few days warning about a computer security breach that may have left their social security numbers and other personal information exposed. full article

Ex-LA Social Worker Charged In $1M Tax Return Scam

A former Los Angeles County social services worker has been charged with filing bogus tax returns using indigent clients' identities to obtain $1 million in tax refunds. full article

Canada targets immigration scams

Canada is considering laws to crack down on crooked "immigration consultants" who defraud unsuspecting immigrants of thousands of dollars, officials say. full article

Strathclyde Police WebSite Shut Down: Possible Hacking Attack

Last night, Strathclyde Police closed its website following a potential virus attack by Chinese hackers. full article

Man swipes police website to complain about speed cameras

A Tennessee man found the perfect revenge after he was given a speeding ticket - he bought the local police department's website, and used it to complain. full article

Dozens of Coloradoans Charged in Biggest Ever Insurance Fraud Scam

In worst and biggest crime pattern, around dozens of fraudsters were charged in highly organised insurance scam . In latest update according to Colorado Attorney General John Suthers confirmed that his office has obtained an indictment from the Statewide Grand Jury against these insurance scammers. full article

$217,000 'Skimmed' From ATMs

"Cloned" debit cards have been used to steal more than $200,000 from Long Island banks between April and the end of May, police said. full article

June 8, 2010

Obama's 'tele-town hall' targets scams against the elderly

Washington (CNN) -- President Obama hosts a "tele-town hall" meeting at a senior center in Maryland on Tuesday that is timed to coincide with the first mailing of rebate checks to elderly Americans. full article

Sensitive Medical Paperwork Dumped In Church Lot

Thousands of patient records, surgery information, Social Security numbers and bank information were found dumped behind a Nashville Church. full article


David B. Fein, United States Attorney for the District of Connecticut, announced that LUIS MELENDEZ, also known as “Ramiro Morales-Cruz,” 33, of New Haven, pleaded guilty today before Senior United States District Judge Alfred V. Covello in Hartford to one count of access device fraud and one count of aggravated identity theft stemming from a $780,000 credit card fraud scheme. full article

Massive Data Theft Leads to Hackers, Businessman


Consumer data gathered by e-commerce company Digital River was somehow hacked and stolen and ended up with a 20-year-old New York man who aimed to sell the data to the highest bidder. The man says he has consumer-tracking information from a dozen different companies, including names, e-mail addresses, web sites, and user ID numbers full article

NATO Warns May Strike Cyber Attackers

NATO is considering the use of military force against enemies who launch cyber attacks on its member states, The Sunday Times reported. full article

Insurance Firm Says It Isn't Liable To Pay Claim In $3.3 Million University Of Utah Data Breach

Lawyers and security professional are watching for a court ruling on what could be a precedent-setting case involving insurance payments following a major data breach. full article

15-year-old caught in Richmond with hundreds of skimmed credit cards

A 15-year-old boy was arrested last month at a Richmond gas station for connection to a credit card skimming operation. full article

6 Accused In Student Loan Scam Ring

Six Sacramento residents are accused of scamming the federal government out of hundreds of thousands of dollars in college financial aid. full article

BofA Call Center Worker Pleads Guilty to Data Theft

A Bank of America call center employee has pleaded guilty to charges that he stole sensitive client information and then tried to sell it for cash. full article

Appeals court absolves firm that exposed man's SSN

A man whose social security number and other personal data were exposed by a company that processed his job application has no legal claims because no actual damage resulted from the privacy breach, a federal appeals court has ruled. full article

Cyberattack at PSU exposes thousands of Social Security numbers

For the third time in six months, a cyberattack at Penn State University exposed thousands of Social Security numbers to identity theft, officials confirmed yesterday. full article

Fraudsters out to score some new victims with soccer scam

The 2010 FIFA World Cup is less than a month away and scammers are trying their best to take advantage of consumers. full article

N.Y. insurance agent sentenced to prison for $14 million fraud scheme

A New York City-based insurance agent was sentenced June 7 in New Jersey to three years in prison for attempting to defraud two insurance companies in a life insurance scheme. full article

Alleged auto-crash scheme bilked insurers for $460,700

A Colorado grand jury indicted 12 people it says were involved in an insurance-fraud scheme involving staged auto accidents in the Denver area and fraudulent claims totaling $460,700. full article

Va. couple sentenced for student loan scam

A Virginia couple has been sentenced for a student loan scam that defrauded lending institutions in Colorado, Massachusetts, Florida and New York. full article

Financial abuses of deadbeat parents

For parents who've wrecked their own credit rating, cashing in on junior's clean financial history is increasingly tempting. full article

6 detained in Phoenix in ID theft case

Six people suspected of ID theft and forgery were detained at Phoenix Sky Harbor International Airport on Friday morning. full article

Dillard hoops impostor Montimere, friend indicted in Texas

Guerdwich Montimere, the 22-year-old Dillard graduate who posed as teen Jerry Joseph and became a Permian High basketball standout, was indicted Monday on six felony counts that stem from a false birth certificate and a sexual relationship he reportedly had with an underage girl. full article

June 7, 2010

AG arrests sex offender for using dead brother's identity

State officials caught a wanted fugitive in McKinney who had been using his deceased brother's identity for over five years. full article

Hackers of Passport Office website held

Local police here have arrested a seven-member gang in Hyderabad for allegedly hacking the website of the Regional Passport Office. full article

Credit card fraudsters take aim at World Cup

Jean-Pierre arrived on his South African holiday, withdrew some money from a cash machine, and hours later received a call from his bank to say that 300 euros had suddenly been charged to him. full article

Card-skimmer raid on Salisbury Commonwealth Bank ATM

THE second ATM skimming device dicovered in less than a week may be the work of the same offenders, police say. full article

Medical practice in Wales loses unsecured USB drive with data on 8,000 people

The Information Commissioner’s Office has found Lampeter Medical Practice to be in reach of the Data Protection Act after it reported an unsecured USB drive getting lost in the post. full article

ID theft can create 'evil twin'

Regina Huerta has never worked in Wisconsin, California, Utah, Iowa, Missouri or Arkansas. Her Social Security number says otherwise. full article

AvMed Breach Tops 1 Million

A data breach at AvMed Health Plans that previously was thought to have affected 360,000 current and former members now totals 1.22 million, the Miami-based insurer has announced. full article

One in ten web users putting personal info at risk

One in ten Internet users browses the web without sufficient safety thereby putting their personal information at risk, a new study has revealed. full article

'Scareware' ads proliferate across Internet

Court records show to the penny how much software company Innovative Marketing banked by getting computer users to pay for fake anti-virus programs: $163,167,539.95. full article

Adobe warns over unpatched PDF peril

Hackers are exploiting critical, unpatched vulnerabilities in Adobe Reader, Acrobat and Flash Player. full article

Hack on e-commerce co. exposes records for 200,000

E-commerce company Digital River exposed data belonging to almost 200,000 individuals after hackers executed a “highly unusual search command” against its secured servers, according to a news report. full article

HIPAA violation leads to jail time

Huping Zhou, a licensed cardiothoracic surgeon in China who was working at the UCLA School of Medicine as a researcher in 2003, was sentenced in late April to four months in jail after pleading guilty to charges related to looking at patient medical records he was not authorized to view. full article

ID theft threat largely ignored: survey

Most Australian's aren't protecting themselves against identity theft even though more than half those surveyed had lost a wallet or other personal information over the past three years, according to a debt data firm. full article

R.I. Superior Court judge sentences Cook for multiple crimes

A Superior Court judge sentenced James E. Cook Friday to what amounts to life plus seven years for the 22 crimes from first-degree sexual assault to identity theft and drug possession to bestiality he was convicted of in March. full article

Boyfriend draws interest in woman's disappearance

Chandler police say the boyfriend of a missing woman is a "person of interest" in her disappearance after investigators found him to be in possession of her vehicle and credit cards. full article

Disney worker admits stealing resort guests' credit card numbers

Guests of two Walt Disney World resorts got an unpleasant surprise when their credit-card numbers were stolen and used to buy tens of thousands of dollars worth of goods they did not authorize, federal court document show. full article

Calif. woman gets 7 years in Miss. ID fraud

A California woman was sentenced today in federal court in Jackson to seven years in prison for identity theft and related fraud. full article

FTC examines privacy risks of copier hard drives

The U.S. Federal Trade Commission is urging the photocopier industry to address privacy risks arising from the fact that digital copiers store thousands of documents on their internal hard drives. full article

Authorities: ID theft ring paid for woman's 'tummy tuck'

A South Side woman, along with her mother and brother, allegedly ran an identity theft ring using victims' credit cards and debit cards to buy furniture and get the woman a "tummy tuck" surgical procedure, according to police and prosecutors. full article

June 4, 2010

Law Firms Warned About Found Package Hoax

Several law firms have been victimized by a con artist claiming to have found a package addressed to them from the New York State Insurance Fund, the state warned Wednesday. full article

860,000 more Armed members may have had IDs stolen

An additional 860,000 Avmed members than originally thought may have had their identity data compromised when thieves stole two company laptops in December, officials said Thursday. full article

Visa launches one-time passcode cards in Europe

IDG News Service - Visa has launched a payment card in Europe that contains a keypad and an eight-character display for showing a one-time passcode, an additional defense against potentially fraudulent Internet transactions. full article

E-mail data leaks a worry for most IT professionals

Most IT professionals are concerned about the safety of data sent via e-mail, a survey has revealed. full article

New Bill Would Make it Easier to Prosecute Identity Theft

A new bill introduced by Rep. Bob Goodlatte (R-VA) would give law enforcement greater latitude when prosecuting identity theft cases. full article

Florida AvMed customers' personal information stolen

The personal information of nearly 1.2 million Floridians who are members of AvMed Health Plans, including their Social Security numbers, were stolen last December, the Florida attorney general said Thursday. full article

Cybersecurity moving up on Congress' to-do list, staffer says

Momentum is growing on Capitol Hill for passage of cybersecurity legislation that would update the Federal Information Security Management Act (FISMA) and set policy for protecting the nation’s critical infrastructure, a Senate staffer said today. full article

DIA anti-spam unit launches scam-alert web page

The Department of Internal Affairs’ Anti-Spam Compliance Unit has developed a Reported Scams web page to notify the public about 'real-time' scam threats. full article

USA tops China as source of malicious servers

America has replaced China as the top source of corrupted servers being surreptitiously used by cybercriminals to dish out malicious programs, according to first-quarter findings from Kaspersky Lab. full article

10 Bizarre-but-True Ways Your Home Is Susceptible to Hackers

Reality is scarier than fiction -- especially when it comes to what hackers can do. In many bizarre-but-true ways, your home is wide open to hacker attacks. Right now. full article

Trio Charged In Skim Scam

A federal grand jury in Connecticut indicted three Queens residents on charges related to alleged participation in an ATM “skimming” scheme. full article

Md. insurance brokers, firms allegedly stole $216,000 from N.J. city

Three insurance brokers from Maryland and their two companies face criminal charges for allegedly conspiring to steal $216,495 from a New Jersey city by collecting payments for a non-existent wellness program for city employees. full article

Murda Grove Boys: 15 alleged members, associates indicted in Miami Gardens-based gang

Their nicknames include Sugie, E Bone and Boobie. They call their gang the "Murda Grove Boys." And they pack ammunition, drugs and stolen identities, authorities say. full article

June 3, 2010

University of Louisville kidney patient data was available to public

A University of Louisville database of 708 names that included social security numbers and dialysis details was available on the Internet without password protection for nearly 1 ½ years, university officials said Wednesday . full article

Privacy Breaches May Expose More Social Security Data At Penn State

As many as 25,572 Social Security numbers once stored on Penn State computer systems may have been exposed during security breaches in recent weeks, the university reported Wednesday. full article

Medical records found in DMV's dumpster

Who dumped medical records, containing confidential patient information, at the DMV? full article

Aetna Documents Found On Side Of Road

A cabinet full of documents with sensitive information was found sitting on the side of the road. Now, Aetna has some questions to answer. full article

Spyware hidden in Mac software and apps, says security firm

Intego, makers of security and privacy apps for the Mac, warned on Tuesday that some Mac software include a new piece of invasive spyware. Macworld has obtained a preliminary list of the applications with the spyware. full article

Data loss forces council to shape up

West Berkshire Council has taken remedial action after a USB memory stick was lost that contained sensitive information on children and young people. full article

FTC cracks down on spyware seller

IDG News Service - The U.S. Federal Trade Commission has reached a settlement with Florida spyware vendor CyberSpy Software, two years after suing the company for selling "100 percent undetectable" keylogging software. full article

Facebook 'likejacking' attacks continue with flesh appeal

Network World - Facebook users are falling for yet another clickjacking scam that fools them into "liking" a page. This one lure victims with the message "Paramore n-a-k-ed photo leaked," which claims to point to a Web site containing a naked photo of Hayley Williams, lead singer in the rock band Paramore. full article

Ex-call center operator pleads guilty to bank fraud

A former bank call center operator pleaded guilty today to stealing customer information and trying to sell it. full article

After buggy patch, criminals exploit Windows 2000 flaw

IDG News Service - Online criminals are scanning the Internet and attacking Windows 2000 machines that haven't had a recent Windows Media Service patch installed, Symantec said Wednesday. full article

Stolen Laptop Breach Affects 61,000

The theft of an unencrypted laptop from an employee's car resulted in a breach affecting more than 61,000 patients at Cincinnati Children's Hospital Medical Center. full article

Plea deals offered in alleged debit card thefts in Green Bay

Plea deals appear to be in the works for two women accused of preying on intoxicated men in Green Bay to steal money from their checking accounts. full article

Most wanted man taken by US marshalls

A most-wanted fugitive has been captured in California. full article

Disney Employee Caught Stealing From Guests

ORANGE COUNTY, Fla. -- A Disney employee is off the job after being charged with stealing from tourists. Investigators say the woman would help visitors check in to Disney's Saratoga Springs and Old Key West resorts, but guests had no idea she was using a device to steal their credit card information. full article

Pair accused of buying pot with senator's credit card surrender

SACRAMENTO, CA - The couple who investigators said used a Virginia state senator's American Express card to buy marijuana at a Sacramento dispensary have surrendered. full article

June 2, 2010

3 charged with stealing identity of soldiers

RHINELANDER, Wis. — Three people have been charged with forging checks in the names of Wisconsin service members killed in Iraq. full article

World Cup spam volumes soar

Spam relating to the FIFA 2010 World Cup has soared by about 27% according to security firm, Symantec. full article

Oregon Says 'Veterans' Charity Is a Scam

SALEM, Ore. (CN) - Oregon claims the founder of a company who promised to spend "every penny" of the $500,000 he raised to help veterans gave a telemarketer 80 percent of the money, and spent most of the rest of it on meals, travel and personal expenses. The state claims the founder of Veterans of Oregon and Members of the Community - a veteran himself - spent "nothing or only token amounts on the programs described in its solicitations." full article

States Struggle To Control Sex Offender Costs

Nationwide, more than 700,000 convicted sex offenders have registered their whereabouts with local police. Every state has a sex offender registry of some kind. full article

West Berkshire Council found in breach of Data Protection Act

The Information Commissioner's Office (ICO) has found the West Berkshire Council in breach of the Data Protection Act (DPA). full article

Millions of internet users risk attack with ageing IE6 browser

Microsoft's Internet Explorer 6 browser is still used by more than 25% of internet users, even though it attracts cyber attackers because it lacks up-to-date security features, a study has revealed. full article

Roanoke City Schools sold computers with employees personal information

We're learning more tonight about the revelation on Tuesday that the Roanoke City School system sold computers with employees personal information still on them. full article

Credit Union Demands $42 Million, Claims Fannie Mae Bought 'Stolen' Mortgages

NEWARK (CN) - Fannie Mae refuses to return $42 million worth of "stolen" mortgages to Suffolk Federal Credit Union, the credit union claims in Federal Court. The credit union, which says its members are "predominantly blue collar workers from Suffolk County, New York ... including firefighters, police officers, emergency medical technicians, social services workers, and other low to middle income employees," claims Fannie Mae had its head in the sand when it bought the stolen mortgages, and now refuses to return them. full article

Feds: Man's global Ponzi scheme 'massive,' mocking

A Canadian national who the U.S. government says swindled $70 million from 40,000 investors on six continents carried out the same kind of Ponzi scheme the one-time bank robber mocked on his website, federal investigators allege. full article

Cyberattacks: Top threat to U.S. power grid

Cyber attacks, pandemics and electromagnetic disturbances are the three top "high impact" risks to the U.S. and Canadian power-generation grids, according to a report from the North American Electric Reliability Corp. (NERC) full article

Five Indicted in Californian City ACH Fraud Case

Five individuals who played money mule roles in an operation involving the theft of $450,000 from a bank account belonging to the City of Carson, CA, have been indicted. A computer trojan was used to infect the laptop of the city treasurer in order to steal the information necessary to carry out this attack. full article

Counterfeiting laboratory discovered in Ireland

In a joint operation, Europol and the Garda Police have arrested four men as part of a major investigation into one of the most sophisticated money counterfeiting set-ups uncovered in Europe to date. full article

Facebook Users Hit with Clickjacking Worm

A worm that uses clickjacking to spread is squirming its way around Facebook. The worm has already affected hundreds of thousands of users, according to security experts at Sophos. full article

Spyware Seller Settles FTC Charges; Order Bars Marketing of Keylogger Software for Illegal Uses

The Federal Trade Commission has put the brakes on the business practices of an operation that was selling spyware and showing customers how to remotely install it on other people’s computers without their knowledge or consent. full article

Lawyer May Have Kept ID Theft Charges From Current Firm

Attorney Robert N. Wilkey's employer was surprised to learn Friday that the associate it had hired from the plaintiffs boutique located a few floors up had been charged by Upper Saucon Township police with identity theft less than a week earlier. full article

Computer engineer charged with stealing from AOL

Gregory Tomlinson, a computer software engineer, in connection with his unauthorized access and duplication of certain computer software files owned by his employer, AOL, Inc. Tomlinson was charged in a 35-count indictment with grand larceny, unlawful duplication of computer related materials, computer tampering, and computer trespass. full article

More than 3000 Australians targeted in online scams from Ghana, Nigeria

More than 3000 Australians have been targeted by online fraudsters since January 2010, but victims feel embarrassed to speak about it. full article

Fake Houston doctor pleads guilty to health care fraud

A Houston man who falsely claimed a doctorate in psychology but who'd purchased a degree online pleaded guilty today to receiving nearly $1 million from Medicare and Medicaid for phony behavioral counseling. full article

'Anti-grooming' software that detects paedophiles on the net created

Scientists have developed "anti-grooming" software, which can detect whether kids may be chatting with an adult posing as a child or a teenager on the Internet. full article

Student loan scams flourish

A college freshman. A group of prison inmates. An elderly grandmother. full article

SMEs at Risk of Corporate ID Fraud

More than a fifth of small companies are leaving themselves exposed to corporate identity theft due to lax security procedures, financial insurance firm CPP has warned. full article

Spyware Seller Settles FTC Charges; Order Bars Marketing of Keylogger Software for Illegal Uses

The Federal Trade Commission has put the brakes on the business practices of an operation that was selling spyware and showing customers how to remotely install it on other people’s computers without their knowledge or consent. full article

Identity management and the law

In the area of identity management there has been significant work related to the technical exchange of identity information and the actual authentication processes. There has not, however, been a focused look at the legal issues, particularly those that would hold parties responsible for not properly identifying and authenticating users or customers. full article

Google Ordered to Turn Over Private Wi-Fi Data

PORTLAND, Ore. (CN) - A federal judge has ordered Google to hand over copies of its hard drives in a class action accusing the search giant of collecting private wireless data while gathering information for Google Street View. full article

June 1, 2010

Sex Offender Law Can't Be Applied Retroactively

(CN) - The Supreme Court on Tuesday refused to retroactively apply a 2006 law that makes it a crime for sex offenders to cross state lines and knowingly fail to register or update a registration. full article

44 million stolen gaming credentials found

Symantec says it has unearthed a server hosting the credentials of 44 million stolen gaming accounts -- and one of the most surprising aspects of it is that the accounts were being validated by a Trojan distributed to compromised computers. full article

Border searches of laptops may go off-site

A federal court in Michigan ruled that if a laptop search could not be performed at the U.S. border, the government has the right to seize and transport the computer to a secondary inspection facility, as long as there is reasonable suspicion. full article

FTC Extends Enforcement Deadline for Identity Theft Red Flags Rule

At the request of several Members of Congress, the Federal Trade Commission is further delaying enforcement of the “Red Flags” Rule through December 31, 2010, while Congress considers legislation that would affect the scope of entities covered by the Rule. Today’s announcement and the release of an Enforcement Policy Statement do not affect other federal agencies’ enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance. full article

Federal Suit Attacks Constitutionality of N.J. Money-Laundering Statute

Two criminal defense lawyers are asking a federal court to declare unconstitutional New Jersey's money-laundering law, which they say uniquely criminalizes the mere possession of U.S. currency. full article

CEO of firm that made $100 million selling 'scareware' was a fugitive

IDG News Service - The CEO of a company accused of making more than $100 million selling harmful "scareware" antivirus products was already a fugitive from U.S. authorities, following his arrest in 2008 on criminal counterfeiting charges. full article

UK internet users need to be more vigilant as online fraud hits £3.5bn, says VeriSign

Criminals need only three pieces of personal information to steal someone's digital identity to commit fraud, security services firm VeriSign has warned. full article

Mandatory reporting of security breaches on the way

Ireland’s Data Protection Commissioner has unveiled a new draft Code of Practice that sets out the reporting obligations of organisations in the event of a security breach and how they go about protecting private data. full article

Mac spyware infiltrates popular download sites

A spyware application that surreptitiously scans chat logs and hard drives of unsuspecting Mac users has found its way onto three of the more popular download sites, security researchers said Tuesday. full article

5 charged in $450,000 e-banking malware swindle

Federal prosecutors have filed charges against five people accused of trying to swipe more than $450,000 from a California city using stolen login credentials associated with its bank account. full article

Probe after bank details of firms sent by email to rivals

BANK details relating to a "significant" number of companies who do business with Tralee Town Council have been sent to rival suppliers by email. full article


Old Scams, New Wineskins

A few decades ago, mass marketing fraud—the kind that exploits mass communication techniques like bulk mail or telemarketing—was relatively low-tech and mostly a regional crime problem targeting victims nearby. full article


Contact Information

Center for Identity Management and
Information Protection
Dr. Donald Rebovich,
Executive Director
Utica College
1600 Burrstone Road
Utica, NY 13502