CIMIP - Center for Identity Management and Information Protection

June 2012 News Archive

June 29, 2012

Scammers Improve National Lottery Commission Scam, Experts Find

Experts have found a new variant of the classic National Lottery Commission scam and, as it turns out, those who send them have put some effort into making them more legitimate-looking. full article

Texas Cancer Center Alerts Patients to Personal Data Theft -- Almost Two Months Later

A University of Texas cancer center today began notifying almost 30,000 patients that their personal data was stolen after someone swiped an unencypted laptop from a physician's home almost two months ago. full article

Dutch government unprepared for SSL hack, report says

Government bodies depend too much on IT departments when it comes to the acquisition of SSL-certificates, says Safety Board

IDG News Service - The Dutch government was unprepared to handle an SSL hack that caused the its communication infrastructure to be vulnerable for months, the Dutch Safety Board said in a report on Thursday. Because the government was unable to replace the certificates immediately, citizen and company data was left unsecured, the board said. full article

U.S. and Canada Announce the Release of the Beyond the Border: Statement of Privacy Principles

WASHINGTON—The United States and Canada today announced they are delivering on key commitments under the U.S.-Canada Beyond the Border Action Plan by releasing a joint Statement of Privacy Principles. These principles reflect the commitment of the United States and Canada to protecting privacy, and underscore the importance of information sharing to the security of both nations. full article

FBI Takedown Won't Curb Card Fraud

The Real Problem is Malware and Outdated Payments Tech

In the wake of what federal authorities have called the biggest international carding-crime takedown in history, industry experts say the bust, while positive, won't have any long-term impact on card fraud. full article

'Evil' hacker gets two and a half years in the slammer

cyber crime motivated by ego and unemployment

Australia’s most notorious country town, truck driving, cyber criminal David ‘Evil’ Cecil has been handed a two-and-a-half year prison sentence after being arrested nearly a year ago. full article

Automated robbery: how card skimmers (still) steal millions from banks

Skimming costs less than ever, but a new generation of credit cards might stop it.

In January 2011, a pair of Bulgarian-born Canadians named Nikolai Ivanov and Dimitar Stamatov took a road trip from their home in Quebec to New York City. Their five-day visit to Manhattan’s East Village and Astor Place wasn’t your typical tourist trek, though; instead of Statue of Liberty souvenirs, the pair collected the card data and personal identification numbers for over 1,100 ATM cards. Ivanov and Stamatov were "skimmers." full article

Witness in Identity Theft and Tax Trial Sentenced in Alabama to 15 Months in Prison for Perjury and Lying to a Federal Agent

Nacretia Lewis was sentenced today to 15 months in federal prison for perjury and lying to a federal agent, the Justice Department and Internal Revenue Service (IRS) announced. She was also ordered to serve one year of supervised release following her release from prison. full article

Colton police make arrest in identity theft case

COLTON - police reported the arrest of a suspect in an identity theft case after officers reportedly discovered evidence at a residence. full article

Congress Probes Tax Prep Fraud and Identity Theft

The House Judiciary Committee’s Crime Subcommittee held a hearing Thursday on the growing problem of identity theft and income tax preparation fraud. full article

Teens take risk of identity theft when they order fake IDs from China

A fake driver's license made in China works as well as the real thing. full article

4 face healthcare fraud, identity theft charges

McALLEN — Four people tied to a defunct Pharr durable medical equipment supplier face charges in a 22-count indictment that they tallied millions in fraudulent bills paid for medical equipment that on some occasions was supposedly delivered to patients who were dead. full article

Two Norwalk realtors slammed with 102 Felony Counts of Grand Theft, Identity Theft

Two Norwalk real estate agents have been arrested on 102-felony counts of grand theft and criminal fraud on Thursday afternoon. full article

Scholarly woman pleads not guilty to stalking ex, identity theft

This Stanford graduate might have been better off at a school of higher yearning. full article

June 28, 2012

Medical identity theft: Not just a financial problem

The Experian/Ponemon study on medical identity theft, released on June 26, found that half of the 757 interviewed victims knew the person who used their medical identity. In fact some had allowed the second person to use their medical insurance card for treatment, healthcare products or pharmaceuticals without realizing the consequences. This might account for the 45 percent of respondents that actually paid the healthcare provider or insurer for services obtained by the thief. full article

Identity Theft Suspect Nabbed $40K: Police

26-year-old Christopher Polley was charged with multiple counts Source: Identity Theft Suspect Nabbed $40K: Police

Police arrested a 26-year-old man on Wednesday morning for allegedly stealing $40,000 from members of a local fitness club. full article

Identity Theft Suspect Arrested

On June 26, 2012, detectives from the San Diego Police Department Economic Crimes Unit initiated a search warrant at 1632 Monmouth Drive, in the Pacific Beach area. While at the residence, detectives contacted and arrested Christopher Polley, 26, for two counts of identity theft, possession of a controlled substance, possession of over ten personal profiles and theft-related charges. During the execution of the search warrant, numerous items and membership applications from the Wave House Athletic Club were discovered linking Polley to the crimes. full article

Cyber thieves trapped by FBI sting

On June 26 the U.S. Justice Department released documents from “Operation Card Shop,” a two-year international cybercrime investigation and sting. It resulted in the arrest of 26 people including one from the San Diego area. Among other crimes the cyber thieves are accused of trafficking more than 411,000 stolen credit and debit card accounts. full article

Darby Woman Charged With Conspiracy, Identify Theft Following Tax Scam Dating Back To 2009

DARBY, Pa. (CBS) - A Darby woman is charged with selling the identities of children in a tax scam that stretched back to 2009. That’s the finding of a federal grand jury, in what’s called a ‘superseding indictment.’ full article

FTC Takes On Wyndham For Security Lapses

Lawsuit alleges deceptive practice in privacy policy following three breaches in two years

In another sign that it is cracking down heavily on businesses that put consumer privacy at risk by failing to protect their sensitive data, the Federal Trade Commission (FTC) launched a lawsuit against hospitality company Wyndham Worldwide. The FTC accuses Wyndham of deceptive practices in the claims it made in its privacy, using three different breaches Wyndham suffered in the course of two years as evidence of failure to live up to promises to protect customer information. full article

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks

The Zemra DDoS Bot is currently sold in various forums for about 100 € and detected by Symantec as Backdoor.Zemra. Zemra first appeared on underground forums in May 2012. full article

London Olympics-Themed Spam: Prize Notifications, Awards and Visa Lotteries

As the London 2012 Olympics approach the numbers of spam messages and malicious operations launched by cybercriminals grow. Experts have come across at least three new scam versions that currently make the rounds. full article

The Tale of an Accused Hacker

What a Suspect in a Fraud Scheme Told an Undercover Cop

Jarand Moen Romtveit thought John Leo Jr. was the site administrator of a carding forum when the accused 25-year-old hacker from Norway shared his computer screen with the FBI undercover agent last Feb. 9 to demonstrate a program he claimed to have developed to decrypt databases. full article

Assange's Asylum In The Balance, Researcher Warns Ecuador's Deliberations Are Vulnerable To Online Snooping

With Wikileaks founder Julian Assange anxiously awaiting word from the government of Ecuador on his request for political asylum, a security researcher warns that the country's Ministry of Foreign Affairs, which is handling the Assange asylum request, is using a video conferencing system that is vulnerable to online snooping. full article

New Zealand judge rules Megaupload search warrants were illegal

New Zealand police violated the law by allowing the FBI to send copies of seized data to the U.S.

IDG News Service - Warrants used to seize external hard drives, laptops and phones from Megaupload founder Kim Dotcom's mansion in January are illegal, a New Zealand High Court judge ruled on Thursday. full article

June 27, 2012

24 arrested in international online 'carding' crackdown

Operation called the largest coordinated action against operations that traffic in stolen credit card, financial information

Computerworld - A total of 24 people from 13 countries, including 11 from the United States, were arrested on Tuesday on charges related to the theft and misuse of credit card data, bank account information and other financial data. full article

Fallen Soldier’s Picture Used In Scam

An Oregon father was angered to find an image of his son, a fallen soldier, had been posted on Craigslist as part of a scam to collect money for a fictitious wounded soldier. full article

New Fraud Ring 'Operation High Roller' Targets the Rich

A recent fraud ring through which attackers raided high-value bank accounts, nicknamed Operation High Roller (.PDF), employed attacks that were quick, required no human interaction and have already affected several tiers of credit unions, regional banks and large global banks, over the last several months. full article

Analysis of Leaked eHarmony Passwords: 10,000 of Them Full of “Love”

Trustwave researchers have analyzed the 1.5 million passwords leaked by hackers after compromising eHarmony’s database. The results are in and they’re certainly interesting. full article

FTC Sues Hotel Chain for Card Breaches

Banks Should be Concerned About Card Fraud, Phishing

The Federal Trade Commission has filed a suit against the hotel chain Wyndham Worldwide Corp. and three of its subsidiaries in connection with three security breaches that exposed stored card details for nearly 670,000 accounts. full article

LulzSec duo plead guilty to DDoS against CIA

Two members of the computer hacking group LulzSec pleaded guilty to launching distributed denial-of-service (DDoS) attacks against the Serious Organised Crime Agency (SOCA) in the United Kingdom and the Central Intelligence Agency (CIA) in the United States. full article

New Forensics Method May Nab Insider Thieves

Black Hat presentation features a new methodology that has already produced real-world results

One of the biggest challenges of forensics investigations into insider theft is that the markers computer forensics investigators use to detect most attacks are typically not present in insider cases where an employee or other authorized user has legitimate access to sensitive data. Next month at Black Hat USA in Las Vegas, a presenter will bring forward a new methodology that compares normal file access patterns against patterns present when files are copied to detect when insiders have copied data inappropriately. full article

RSA SecurIDs Get Cracked In 13 Minutes

Major corporations, government agencies, and small businesses all hand out RSA SecurID fob keychains to employees so that they can log in to their systems for security reasons and If you’re used to seeing a device like this on a daily basis, you probably assume that it’s a vital security measure to keep your employer’s networks and data secure. A team of computer scientists beg to differ, however, because they’ve cracked the encryption it uses wide open. full article

Anonymous turns ire on Japan after anti-piracy law passes

Key sites get a good DDoS-ing

It was only a matter of time – hacktivist group Anonymous has taken aim at the web sites of political parties and government departments in Japan in retaliation for a tough new anti-piracy bill passed last week. full article

The 'great airline ticket giveaway' that just won't go away

The letter warned the recipient that she still hadn't responded to that great offer from "US Airlines" of two free airline tickets, and time was running out. Call the toll-free number now! it urged. full article

Warning: Burglars read the obituaries, too

Losing a loved one is painful enough. Imagine the horror of coming home from the funeral to find your home burglarized. full article

June 26, 2012

More people aware of medical identity theft but do little to protect themselves from it

COSTA MESA, Calif., June 26, 2012 /PRNewswire via COMTEX/ -- Medical identity theft is a crime of opportunity that can strike close to home. In fact, according to the Ponemon Institute®'s "Third Annual National Study on Medical Identity Theft(1)," commissioned by Experian's ProtectMyID®, half of all survey respondents indicate that they know the person responsible for stealing their identity. Further, more respondents (increased by 5 percent from 2011), reported they actually permitted family members to use their personal identification to obtain medical services including treatment, healthcare products or pharmaceuticals. full article

Towards Employment warns clients of data breach, possible identity theft

CLEVELAND, Ohio -- Towards Employment, a Cleveland non-profit agency that has helped more than 100,000 low-income residents and ex-convicts find jobs over the past 36 years, is warning its clients that they are at risk for identity theft. full article

Identity thieves target disabled woman while she was at hospital

MUKILTEO, Wash. — Everett police have broken up what they say was a major identity theft ring that victimized at least 64 people, including a disabled Mukilteo woman whose home was burglarized while she was at the hospital. full article

Identity Theft Suspect Behind Bars in Bulloch County

An investigation into a case of identity and check fraud started with a traffic stop in May. full article

California attorneys at risk of identity fraud

When a person uses the identity of an attorney to defraud the public, more than one person is hurt. The consumer loses money and the real attorney, whose name was used, faces a possible reputational issue. That is what happened to at least 13 attorneys so far this year. full article

Sacramento deputy pleads no contest to drug, identity theft charges

A Sacramento County sheriff's deputy has pleaded no contest to felony drug possession and identity theft charges after she befriended an elderly victim and refilled his prescription drugs without his knowledge, according to authorities. full article

Credit card 'cloning' is a growing form of identity theft

Lexington, Kentucky, financial crimes detective Gene Haynes swiped a credit card through an innocuous black card reader known as a "skimmer." Less than a second later, two lines of illuminating text showed up in a Microsoft Word document on his computer screen. The mishmash of numbers and symbols was the visual representation of all the information stored on the card's magnetic strip. full article

June 25, 2012

Colorado Mother and Daughter Charged in Online Dating Scam With Fake Military Members

A mother and daughter in Colorado were indicted for their role in a "Nigerian internet romance scam" in which associates in Nigeria posed as members of the U.S. Armed Forces and stole over $1 million from 374 victims. full article

Scammers Assume Identities of California Lawyers Using Online Information

As many as 111 California lawyers may have fallen victim to identity thieves in the past decade, according to the state bar. full article

Financial Crimes: Credit card 'cloning' is a growing form of identity theft

Lexington financial crimes detective Gene Haynes swiped a credit card through an innocuous black card reader known as a "skimmer." Less than a second later, two lines of illuminating text showed up in a Microsoft Word document on his computer screen. full article

Three charged with identity theft, other felonies following traffic stop

Three people were charged Thursday with buying and receiving stolen property and other felonies a day after a California Highway Patrol officer stopped their vehicle and arrested them on Highway 29 near Highway 221. full article

Smartphone And Tablet Users At Risk Of Identity Theft

Los Angeles, California – Nearly half of the cell phone users in the United States now use a smartphone for their mobile communications. Portable tablets with Internet connectivity are also becoming more and more popular. While smartphones and tablets have many outstanding features, they can also put users at increased risk of identity theft. full article

Sewickley woman charged with ID theft

A Sewickley woman was indicted last week by a federal grand jury in Pittsburgh on a charge of identity theft, the office of U.S. Attorney David J. Hickton said in a statement. full article

Iowan must pay triple damages in check forgeries

KEOSAUQUA, Iowa — A southeast Iowa man convicted of forging checks totaling more than $20,000 has been ordered to pay the victim more than $60,500. full article

ID theft in Richland on the rise

RICHLAND – It’s a crime that's nearly impossible to stop, and it keeps happening here in the Tri-Cities. Richland police say identity theft is on the rise and it's growing exponentially and KEPR uncovered why it's so difficult for police to stop these thieves. full article

Goukasian Found Guilty of Identity Theft

Man found guilty of skimming tens of thousands of credit cards

After deliberating for three hours, a jury has found Aleksandr Goukasian guilty on all charges. full article

Fraud and identity theft suspects arrested near Terrell

Terrell, Texas- The Kaufman County Sheriff's Office released information today about a call their deputies handles on June 21, 2012 at 10:30 a.m. The deputies responded to a suspicious person call at a storage facility in the 3800 block of Highway 80, just outside the Terrell city limits. full article

Thieves disguise wireless camera to swipe ATM PINs

Cameras disguised as speakers on ATMs were used to rip off 800 victims at a cost of $112,478 to JPMorgan Chase, the U.S. Attorney's Office said. full article

ID theft suspect arrested, brought to court

A suspect allegedly responsible for a slew of identity thefts in Sterling faced a hearing on advisement Wednesday in Logan County District Court. full article

June 22, 2012

Woman pleads guilty to aiding ID theft ring

A 43-year-old St. Paul woman, who was a former employee of the Minnesota Board of Psychology, pleaded guilty Thursday, June 21, to aiding an identity theft ring by stealing clients' personal information. full article

Man's identity theft alert lands brother in jail, Corpus Christi police said

CORPUS CHRISTI — A 33-year-old man may pay more than he expected after applying for jewelry credit with his brother’s information Wednesday, police said. full article

Wisconsin experiment suggests voter identity theft

Some states require state-issued picture identification to register to vote and to vote, while other states accept unsubstantial documentation such as utility bills, lease agreements, birth certificates, and other documents that can be faked. A vote cast by a surrogate using the identity of another person is identity theft. full article

Couple sentenced for Idaho bank fraud, identity theft scheme

A federal judge has sentenced two people convicted for running a bank fraud and identity theft scheme in northern Idaho. full article

Iran targeted by 'massive cyberattack,' official claims

Iranian state television says the country's nuclear facilities are the target of a cyberattack

IDG News Service - Iran's intelligence minister has accused the U.S., the U.K. and Israel of planning a "massive cyberattack" against his country after talks this week over Iran's nuclear program failed to reach an agreement, Iranian state TV reported on Thursday. full article

Twitter Denies Hacktivists Behind Severe Outage

Twitter officials say it was a "cascading bug" and not the handiwork of hacktivists that brought down the microblogging site today in two separate outages. full article

Trojan.Milicenso - Printer Trojan cause massive printing

A Trojan that sends printers crazy, making them print pages of garbled nonsense until all the paper has been used up, has seen a spike in activity.Symantec detected the Trojan.Milicenso across various countries, but the worst hit regions were the US and India followed by regions in South America and Europe, including the UK. full article

Fake BancorpSouth Emails Lure Users to Blackhole Exploit Kit

BancorpSouth customers are advised to be on the lookout for suspicious emails that purport to originate from the financial institution. full article

The Intersection Between Cyberespionage And Cybercrime

Chinese cyberspies and traditional cybercriminals are relying on some of the same malware tools -- and some cyberspies even appear to be moonlighting

Traditional cybercriminals increasingly are using the same hacking tools that cyberespionage attackers employ in order to maintain a stealthy foothold inside a victim organization so they can maximize their spoils and profits. full article

June 21, 2012

Industrial Espionage: Chinese Malware Steals Tens of Thousands of AutoCAD Files

A worm written in AutoLISP, identified as ACAD/Medre.A, has caught the attention of ESET researchers after it attempted to steal tens of thousands of AutoCAD files from companies in Peru and a few neighboring countries. full article iOS flaw could have allowed Facebook, Twitter account hijacking

ow-patched vulnerability that could have let attackers to hijack the Facebook and Twitter accounts of its customers

IDG News Service - Facial recognition start-up patched a vulnerability in its KLINK iOS app that could have allowed attackers to hijack the Facebook and Twitter accounts of its users, according to Ashkan Soltani, the independent security researcher who claims to have found the flaw. full article

6 Biggest Breaches Of 2012 So Far

Now that we're just about at the halfway point of the year, it is just as good of a time as any to take stock of the data breach environment and start gathering lessons from others' missteps. full article

FDA: Software Failures Responsible for 24% Of All Medical Device Recalls

Software failures were behind 24 percent of all the medical device recalls in 2011, according to data from the U.S. Food and Drug Administration, which said it is gearing up its labs to spend more time analyzing the quality and security of software-based medical instruments and equipment. full article

Lessons From Fraud Settlement

Experts Analyze Implications of ACH Fraud Case Outcome

The out-of-court settlement reached in a dispute between Village View Escrow Inc. and California-based Professional Business Bank shows it's getting more difficult for banks to avoid liability, even when commercial customers' lax security controls make them vulnerable to fraud, experts say (see Settlement Reached in ACH Fraud Case). full article

ID theft scam reported by bank

Officials with The Citizens Bank of Philadelphia are warning its customers this week about ongoing reports of attempted identity thefts. full article

Dedham flower shop closed; owner charged with larceny and identity theft

DEDHAM — Dedham Police arrested an Oakdale shop owner and subsequently shut his business down. full article

Identity Thief Gets 4 Years in Club Fed

Four years and six months doesn’t seem like a particularly severe sentence for a thief in Washington state who stole 15 people’s identities, including four police officers, created fake driver’s licenses, washed checks, and used “mules” to steal sensitive documents, make purchases with stolen credit, and sell the merchandise. The thief’s attorneys described him as a “38-year-old drug addict who has had medical and mental setbacks and was living in a motel.” I don’t know what his mental setbacks are, but all the meth he was doing may have been a contributing factor. full article

New La. law: Sex offenders must list status on Facebook, other social media

(CNN) -- A new Louisiana law requires sex offenders and child predators to state their criminal status on their Facebook or other social networking page, with the law's author saying the bill is the first of its kind in the nation. full article

June 20, 2012

Several sentenced in ID theft, IRS fraud; Orange Park man the leader

A 33-year-old used car salesman from Orange Park and several cohorts were sentenced in federal court this week including millions in restitution for fraud. full article

Feds charge Kings County nurse in identity theft scheme

Jaishree Arbuckle-Pierre accused of selling Social Security numbers of nearly 60 employees

The feds have charged a nurse with stealing the Social Security numbers of nearly 60 employees of Kings County Hospital in an identity theft scheme, the Daily News has learned. full article

Crackdown on ATM “Skimming” and Identity Theft

SAN FRANCISCO -- Attorney General Kamala D. Harris today announced the outcomes of two cases investigated by her office’s eCrime Unit in which defendants “skimmed” credit card information of Chase Bank customers across the state. full article

Former Police Chief Accused of Wire Fraud and Identity Theft Appears in Court

COVINGTON—A former northern Kentucky police chief, arrested Friday on wire fraud and identity theft charges, will appear in court today for a detention hearing. full article

Freeze your credit to fight off ID theft

Larry Skidmore, a 67-year-old Air National Guard retiree - after 26 years in uniform - lost his wallet May 21 while bicycling in his Jenks housing addition. Noticing it missing on returning home, he peddled back along his route, but it was gone. full article

Disguises add new twist in identity theft cases

Stealing an identity isn't always as simple as snatching a purse or pilfering a credit card. Sometimes, it requires a disguise. full article

U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say

Flame was developed at least five years ago as part of a classified effort code-named Olympic Games, according to officials familiar with U.S. cyber-operations and experts who have scrutinized its code. The U.S.-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions. full article

Hackers Leak Data from AmeriCash Advance After Company Refuses to Pay Up

A hacker collective called Rex Mundi has leaked a large file that contains information they have stolen from the systems of AmeriCash Advance, a company that provides payday loans and cash advances. full article

Syrian Dissidents Hit By Another Wave of Targeted Attacks

One of the attackers who has been targeting Syrian anti-government activists with malware and surveillance tools has returned and upped the ante with the use of the BlackShades RAT, a remote-access tool that gives him the ability to spy on victims machines through keylogging and screenshots. full article

LinkedIn hit with lawsuit over massive data breach

A lawsuit seeking class-action status said the company failed to implement 'industry standard' security measures

IDG News Service - LinkedIn has been hit with a potential class-action lawsuit alleging it failed to meet "industry standard" security practices in connection with a massive data breach earlier this month, according to court documents. full article investigates after customers discover security breach

He was trying to clarify a line on his credit card bill, but ended up accessing scores of strangers’ personal information. full article

Researcher Explains Why Scammers Say They Are from Nigeria

Nigerian scams, or 419 scams (419 is the number of a section in Nigeria’s criminal code), are encountered almost daily by most internauts and we can safely argue that by now a large percentage of users are able to identify and avoid them. full article

June 19, 2012

Phony bill payment scheme poses identity-theft risk

AKRON - FirstEnergy Corp., parent company of Met-Ed, is warning customers of its 10 electric distribution companies to be wary of bogus claims that President Obama will help pay utility bills for residential customers through a special federal program. full article

Fla. man gets prison for sealing Pa. soldier's ID

PITTSBURGH -- A Florida man has been sentenced to one year in federal prison for stealing the identity of a western Pennsylvania soldier while the soldier was serving in Iraq. full article

Internet Search Engines Surpass E-Mail in Online Scam Threats

Conducting an everyday search using internet search engines poses more threat for web surfers than e-mail accounts, according to an analysis conducted by Blue Coat Security Lab. With e-mail users smartening up to phishing scams, thieves are now searching for new ways to take money, spread viruses and implement online identity theft. full article

Online credit card complaint database to debut

WASHINGTON (CNNMoney) -- A new online database devoted to cataloging consumer complaints against credit card companies launched Tuesday. full article

LinkedIn Victims Do Not Connect With Legitimate Notifications

The company sent an important e-mail notification with special coding (DKIM) and addressed the recipient by name. It also didn't include any links in the actual message. And yet LinkedIn did not connect with some 250,000 of its users, who flagged the legitimate alert as spam. full article

When Will End Users Stop Being Fooled By Online Scams?

Despite millions of dollars in security tools and hours of awareness training, many organizations still find themselves breached by phishing and old-school social engineering attacks. Is there a way to build a better, smarter user? full article

Trust fined £225k for leaving patient files in abandoned hospital

Is there a secret NHS sweep on who can blow most data?

Belfast Health and Social Care Trust has been fined £225,000 by the Information Commissioner's Office for leaving patient and staff files in an abandoned hospital. full article

CyberZeist Claims to Have Gained Access to Hundreds of Federal Accounts

CyberZeist, the hacker who has recently left the UGNazi collective, has leaked a few hundred login credentials that he allegedly obtained by launching a spear phishing attack on US federal employees. full article

Data in possible credit card breach appears to be old

The data, linked to from Pastebin, includes, names, addresses and emails

IDG News Service - A batch of names, addresses, emails and phone numbers of credit card customers around the world released on Monday indicates a breach of a payment processor, but the data appears old. full article

Cybercriminals Upgrade Banking Malware to Include Automatic Transfer Systems

As if ZeuS and SpyEye haven’t been causing enough damage on their own, security researchers from Trend Micro have found that more recently cybercriminals have begun using Automatic Transfer Systems (ATS) to enhance the information-stealing capabilities of their pieces of malware. full article

June 18, 2012

BYOD exposes the perils of cloud storage

Computerworld - The dangers of using consumer cloud storage systems became clearer earlier this month, when a hacker claimed that he accessed presidential candidate Mitt Romney's Dropbox storage and email accounts using an easily cracked password. full article

Pennsylvania Man Indicted For Hack of Department of Energy Network

A Pennsylvania man was arrested yesterday after a Massachusetts grand jury issued a four-count indictment alleging that he hacked into computer networks belonging to the U.S. Department of Energy (DoE) and the University of Massachusetts and tried to sell access to a DoE supercomputer for $50,000 to an undercover FBI agent. full article

Six in Tokyo slammer after Android smut scam

Malware was distributed through adult site

Six men including three IT executives have been arrested in Tokyo in connection with an Android malware scam which netted them over 20 million yen (£160,740). full article

Indictment: Former chief took $115k from police department

HIGHLAND HEIGHTS, KY (FOX19)- A former police chief who is facing charges for stealing money from his police department will be released from jail on Monday. full article

Police seek suspect in Elections NB laptop theft

The Fredericton Police Force is asking for the public's help in identifying a suspect in the theft of two Elections New Brunswick laptops. full article

Internet security company Omniquad warns about DVLA Email Phishing Scam – Identity Theft Warning

Omniquad is issuing a warning about emails that appear to come from the DVLA, threatening that people will need to retake their driving license unless they update their details, including credit card details with CVV number, within two weeks full article

Ex-Employee Charged with ID Theft on Bank Accounts

Police said one of the accounts used belonged to the woman's deceased relative.

A former Commerce Bank employee was charged May 31 with two counts of identity theft. full article

Crack down on SLO County identity theft rings

The San Luis Obispo County operators of two high-tech bank scam operations that ripped off hundreds of Chase Bank customers over the last three years are winding their way through the court system as the result of a crackdown by Attorney General Kamala Harris’ newly created eCrime Unit, according to a press release. full article

Five charged with ID theft

Five men were charged Friday with multiple counts of identity theft after they allegedly used re-encoded credit cards to buy and resell gas for profit, police said. full article

Scammers indicted for identity theft and real estate fraud

According to a FBI press release three Southern California men have been indicted for identity theft and running real estate scams. The men were arrested on June 14 after a grand jury decision to proceed with prosecution. full article

3 Indicted In $10M Short Sale, Identity Theft Scams

LOS ANGELES (CBS) — Federal authorities say three Southern California men have been indicted for allegedly running a scam involving short sales that caused more than $10 million in losses. full article

Cromwell man charged with identity theft

CROMWELL – A 38-year-old Cromwell man has been arrested and charged with looting an elderly woman’s bank account to pay his everyday personal bills. full article

Alleged International Credit Card Trafficker “Badb” Extradited from France to the United States

WASHINGTON – Vladislav Anatolievich Horohorin, aka “BadB” of Moscow, an alleged international credit card trafficker thought to be one of the most prolific sellers of stolen credit card data, has been extradited from France to the United States to face criminal charges filed in the District of Columbia and in the Northern District of Georgia. full article

Man charged with workplace ID theft

A Naperville man faces trial for allegedly stealing the identities of nine people from his workplace in Downers Grove, and then using some of their credit and bank debit card accounts to pay his bills and buy luxury items, including jewelry and tickets to concerts and sporting events. full article

Oahu entrepreneur becomes identity theft victim

If you haven't filed your taxes yet, someone else may have beaten you to the punch. full article

Text Messages Can Lead to Identity Theft

Jefferson City, Mo. –Attorney General Chris Koster today warned Missourians about recent activity by identity thieves to steal information by offering fake prizes like Walmart or Costco gift cards. full article

June 15, 2012

Banks: Hackers more aggressive in attacking customer accounts

Network World - A survey of large financial institutions shows they faced more attacks by hackers to take over customer banking accounts last year than in the two previous years, and about a third of these attacks succeeded. full article

Pennsylvania Man Arrested on Computer Hacking Charges

WASHINGTON – Charges were unsealed this morning against a Pennsylvania man, alleging that he hacked into computer networks in Massachusetts and around the country and then sold unauthorized access to those networks. full article

Software Update Site For Hospital Respirators Found Riddled With Malware

UPDATE: A Web site used to distribute software updates for a wide range medical equipment, including ventilators has been blocked by Google after it was found to be riddled with malware and serving up attacks. The U.S. Department of Homeland Security is looking into the compromise, Threatpost has learned. full article

Panetta: Urgency Needed to Defend Against Cyber Attacks

The increasing threat of cyber attacks against the nation’s computer networks requires a commensurate growth in resources dedicated to protecting them, Defense Secretary Leon E. Panetta told Congress. full article

ATM Skimmer Gets Jail Time

Bank Fraud Scheme Targeted 500 Accounts

A woman who pleaded guilty to conspiracy to commit bank fraud for her role in a New England ATM skimmingcase that targeted more than 500 bank accounts has been sentenced to 45 months in prison (see ATM Skimmer Pleads Guilty). full article

The Wikiboat and Anonymous have leaked files after hack

The Wikiboat and Anonymous have attacked the website and have leaked some files of the website. full article

German police searched homes of more than 100 alleged cyber-attackers of anonymous action

Frankfurt ( hf ) - On Tuesday, officials of the Federal Criminal Police Office conducted 106 raids nationwide. The raid is part of the investigation into a hacker attack last year. On 17 December had called the cyber-collective Anonymous to a distributed denial of service attack (DDoS) on the side of the GEMA. The aim was to put the lame website. full article

New Grad Looking For a Job? Pentagon Contractors Post Openings For Black-Hat Hackers

Mikko Hypponen enjoys his position as the chief research officer at the Helsinki-based security firm F-Secure. He has no intention of leaving. But lately, he’s been spending a lot of time looking at job openings. full article

Miley Cyrus Tumblr Tape Scam Leads to Shady Video Player

Experts have come across a Tumblr post that advertises an adult tape featuring Miley Cyrus. The goal of this scheme is to convince unsuspecting users to install a shady-looking video player. full article

Tax Return Identity Theft Hotline announced

If you think someone used your identity to file a fraudulent tax return and snatch your refund, call the new Tax Return Identity Theft Hotline. full article

June 14, 2012

One in 10 Children Are Victims of Identity Theft, Report Finds

(NEW YORK) -- Children are increasingly becoming the preferred target of identity thieves, authorities say. full article

Troy woman charged in ID theft of 800 people

Federal agents recently arrested a Troy woman on felony charges for allegedly stealing the identities of 800 people while working at an area hospital as part of a government tax fraud scheme. full article

Scam Text Messages Could Lead To Identity Theft

Jefferson City, Mo. (KMOX)– Beware of scam text messages that could affect cell phones with malware and make personal information accessible to thieves. full article

Woodbury man accused for third time of identity theft

For the third time in little more than a year, a Woodbury man has been charged with stealing someone's identity. full article

Ham Lake woman pleads guilty to bank fraud, identity theft

A 25-year-old Ham Lake woman pleaded guilty June 6 in U.S. District Court in St. Paul to two felony charges for her role in a large-scale identity theft ring. full article

LinkedIn bolsters security while some users ignore breach

After LinkedIn sent out millions of emails urging users to update their account information following last week's data breach that resulted in some 6.5 million compromised passwords, many of the messages were mistakenly designated as spam. full article

LulzSec Reborn aims to keep hacking movement alive

Real danger from federal officials who 'continue to pooh-pooh' cybercrime, police investigator says

CSO — About three months ago, following the arrests of five members of an Anonymous spinoff hacker group, an FBI official declared: "We're chopping off the head of LulzSec." full article

Expect A Surge In Breaches Following MySQL Vulnerability

Vulnerability is so easily attacked and so prevalent that we're bound for a bump in database exposures

An unusual password vulnerability that makes hundreds of thousands of MySQL and MariaDB databases vulnerable to simple brute-force attacks is likely to soon start a ripple effect of increased data breach activity online, security experts predict. full article

FTC Bares Teeth, Levies $800k Fine Against Data Brokerage Firm

In a first-of-its-kind ruling, the Federal Trade Commission (FTC) told data brokerage firm Spokeo it has until tomorrow to hand over $800,000 to the Treasurer of the United States. full article

Alleged Lulzsec member, Ryan Cleary, indicted in U.S.

Cleary, already charged in the U.K., is accused of attacking Sony Pictures and Fox Entertainment

IDG News Service - A U.S. federal grand jury has indicted Ryan Cleary, a British citizen, accusing him of orchestrating a hacking rampage last year that victimized Sony Pictures Entertainment, Fox Entertainment Group and others. full article

Comcast Refuses to Hand Over the Identities of Suspected Pirates

Comcast has asked an Illinois District Court to quash subpoenas obtained by copyright holders that want to learn the identities of individuals who allegedly download their materials from BitTorrent websites. full article

June 13, 2012

Oregon Woman Gets $2.1M Fraudulent Tax Refund on Debit Card

Oregon's Attorney General's office says a woman will be charged today with obtaining a fraudulent $2.1 million tax refund on a debit card, the biggest fraud refund case in the state's history. full article

Girlfriend gets 8 years for hiding 'Whitey' Bulger

(CNN) -- The girlfriend of James "Whitey" Bulger was sentenced to eight years in federal prison Tuesday for identity fraud and helping the reputed mob boss avoid capture for 16 years. full article

2 Russians accused of ID theft for smartphone buys

BATON ROUGE, LA -- Two Russian women living in New York state used fake IDs to get dozens of $500 iPhones for about $200 each in Texas, Tennessee, Arkansas and Oklahoma by taking out long-term contracts under other people's names. full article

IRS warns taxpayers of scam

Rolla, Mo. — The Internal Revenue Service (IRS) is warning taxpayers to be cautious of a new, email-based phishing scam that targets Department of Defense military members, retirees and civilian employees. full article

Leader of Staten Island ID theft ring gets 2 to 6 years in prison

STATEN ISLAND, N.Y. -- A Bulls Head man was a ringleader in a Staten Island-based gang that stole as much as $5 million from borough residents and others, including soldiers who were deployed in Afghanistan and Iraq while they were being ripped off. full article

Merchant information may have been stolen from Global Payments

Hackers had access to servers hosting personal information of merchant applicants, Global Payments said

IDG News Service - Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments. full article

The Importance Of Interviews In Insider Investigations

Exit interviews speed up investigations, prove intent, and cover your legal bases

Whether it is an exit interview upon termination or resignation, or just a simple question-and-answer session during an investigation, employee interviews are critical to handling insider incidents, IT forensics experts say. full article

Attacks Targeting US Defense Contractors and Universities Tied to China

Researchers have identified an ongoing series of attacks, possibly emanating from China, that are targeting a number of high-profile organizations, including SCADA security companies, universities and defense contractors. The attacks are using highly customized malicious files to entice targeted users into opening them and starting the compromise. full article

James Bond-style malware targets firm that secures industrial systems

Malicious e-mail tries to siphon data related to US critical infrastructure.

To get a sense of just how advanced some malware-based espionage campaigns have become, consider one recently perpetrated against Digital Bond, a security consultancy that specializes in safeguarding computer systems used to control dams, gasoline refineries, and other critical infrastructure against attack. full article

Study: Few Aware of Risk of Medical ID Theft

Nationwide Insurance consumer survey shows need to educate, take precautions to protect your credit and your health

COLUMBUS, Ohio, Jun 13, 2012 (BUSINESS WIRE) -- While it's the fastest-growing type of identity theft, a new Nationwide Insurance survey reveals few people know what medical identity theft is or how devastating it can be to your credit and your health. full article

June 12, 2012

Dutch Citizen Charged With Fraud, Identity Theft in Hacking Case

A 21-year-old Dutch citizen has been charged with allegedly selling credit card numbers collected from Boeing's employee credit union and stealing card numbers from other illegal online data markets. full article

ID thefts paid for cell scam

Federal agents: Two women had 81 cellphones, 27 IDs

Two Russian nationals took a road trip through four Southern states, using other people’s identification to purchase discounted smartphones under long-term wireless contracts, federal officials alleged Monday in Baton Rouge. full article

Va man sentenced to more than 6 years in federal prison for identity, benefits theft

NORFOLK, Va. — A Norfolk man has been sentenced to more than six years in prison for using another man's identity to obtain federal government benefits. full article

Robbery Victim Now Fighting Identity Theft

Local man survives ATM armed robbery, says he's a victim again

SPARTANBURG, S.C. -- Struggling to recover, a local man survived an armed robbery at a bank ATM, and now he says he's a victim again. This time he's fighting to pay his bills and prove his identity. full article

LinkedIn Claims Vulnerable Passwords Have Been Disabled

Business social network LinkedIn issued more information and advice to its users over the weekend, in the wake of a massive cyber attack in which 6.5 million passwords were stolen. full article

Six-Member Identity Theft Ring Sentenced in UK

Ringleader Jason Place was sentenced to six years and nine months in prison.

Six men were recently sentenced at the UK's Southwark Crown Court for their involvement in the "design, production and sale of fake identities and the management of online forums where clients were coached in how to commit fraud," according to London's Metropolitan Police Service. full article

LifeLock General Counsel Confronts Challenges By Going Big

After Clarissa Cerda accepted the general counsel position at LifeLock, Inc., she did something a little unusual: she attacked the company’s biggest problems by teaming up with her boss. The Phoenix-based identity theft protection company was facing 14 class-action suits, and a competitor lawsuit, on top of an ongoing government inquiry. There were times when Cerda, already a veteran GC, joked with the company’s chief executive that she didn’t know if she’d been hired just in the nick of time or a day too late. full article

Identity thieves reach into local accounts

Approximately 15 million U.S. residents have their identities used fraudulently each year with financial losses totaling about $50 billion, according to the Bureau of Justice statistics. The bureau's data suggests about 7 percent of all adults have their identities misused with each instance resulting in about $3,500 in losses and Greene County residents have fallen victim to identity theft as well full article

Tumblr Users Should Beware of Cookie Thieves

Two researchers say they've found a security hole in Tumblr, one of the most popular sites on the Internet, that could steal users' authentication cookies to break into their accounts. full article

'Conclusive' Link Found Between Stuxnet And Flame

Researchers say Flame predates Stuxnet and shares some source code with first-generation version of Stuxnet

A new twist in the mystery that is Stuxnet/Duqu/Flame: Researchers now say Flame came first and has direct ties to Stuxnet, the targeted attack reportedly launched by the U.S. and Israel against an Iranian nuclear facility. full article

Building a Culture That Values Privacy

A Three-Step Approach to Managing Change

A successful effort to build a corporate culture that values privacy should be built on ideas that come from the rank-and-file staff in all departments, not just upper management, says Jan Hillier, a specialist in managing change. full article

Emails from “” Fool Users into Visiting Malware-Serving Sites

We’ve recently reported that Amazon has started warning its customers after they’ve identified a large number of malicious emails that relied on the company’s name and reputation. Today, GFI experts provide a sample email that’s making the rounds, attempting to lure users onto compromised websites. full article

Passwords pillaged from League of Legends wand-strokers

Euro gamers' very private jewels sniffed by hackers

Passwords, email addresses, dates of birth and other sensitive data have been plundered from the player databases of fantasy strategy game League of Legends. full article

June 11, 2012

Multimillion-pound cyberfraud gang jailed for selling identity theft kits

Confidential Access's 'platinum' products cost £5,500 and came complete with instructions on how to defraud companies

Members of a gang who provided fake identities and documents to thousands of customers have been jailed following a two-and-a-half-year investigation into their multimillion-pound operation. full article

Two Suspects Arrested On Charges Of ID Theft

A man and a woman were arrested Thursday on charges of identity theft and other theft charges after allegedly stealing a purse from a worker at a Hermiston doctor's office. full article

ID-theft victim regrets error

FARMINGTON — If Kelsey Ross had put a lock on her Social Security number after a burglary in November, she could have been in the market to buy a house this summer. full article

UK cops hunt for thousands who bought identity fraud 'packages' online

LONDON -- An extensive search is underway in the UK for thousands of individuals who used an online service that helped people commit identity theft and mortgage fraud. full article

2 men sentenced for ID theft, to be deported

Two men have been sentenced to federal prison terms for conspiracy to commit identity theft and sale of fraudulent Social Security cards. full article

Trappe Man Struck By Identity Theft

A 60-year-old Trappe man was victimized by identity theft last month, Pennsylvania State Police said Friday. full article

Another Case of Identity Theft in Westlake

A Wakefield Lane couple is dealing with the mess that identity theft creates. full article

Police: Woman arrested near Walmart had fake I.D.

Two women were arrested Friday night near the Walmart in American Canyon, one for alleged possession of stolen property and one on suspicion of identity theft, police said. full article

Police: Man impersonated physician on phone to pharmacy

NEW HARTFORD, N.Y. (WKTV) - New Hartford Police arrested a Utica man after he allegedly called a pharmacy, impersonating a local physician, to prescribe and obtain medicine. full article

Survey Shows 85 Percent of Small Business Owners Convinced a Data Breach Unlikely

If a newly released survey is any indication, publicized data breaches aren't enough to prompt small businesses to better protect their customer or employee data. full article

June 8, 2012

“t0pp8uzz” and “GM” Sentenced to Jail for Running Fraud Website

Jay Moore, known by his online moniker as t0pp8uzz, and his accomplice Damian Horne, aka GM, have been sentenced to jail after investigators accused them of running a fraud website worth an estimate of £26.9 million ($41 million or 33.2 million EUR). full article

UK court requires Facebook to hand over troll identities

In the first case of its kind in the United Kingdom, a woman has won the approval of courts to force social networking giant to reveal the identities of cyberbullies who allegedly incited a hate campaign against her. full article

How Charles Dickens helped crack your LinkedIn password

Researchers are using words from classic novels to crack the LinkedIn password hashes

IDG News Service - Kevin Young, a computer security expert who studies passwords, is nearly at a loss for words. Literally. full article

Report: North Korea Accused Of DDoS Attack On South Korean Airport

North Korean agents have been linked to a malware attack on a South Korea's Incheon International Airport, according to a report from the JoongAng Daily, a South Korean paper. full article

FTC Highlights P-to-P Network Risks

2 Settlements in Cases That Exposed Data on 100,000

The Federal Trade Commission has reached settlement agreements with a debt collector and an automobile dealership charged with exposing sensitive consumer information on peer-to-peer file-sharing networks. full article

Flame: Developed by Expert Cryptographers, Comes with “Suicide” Switch

There are a couple of new reports about the now-infamous Flame that we thought of sharing with our readers. One group of researchers has stated that the malware may have been developed by world-class experts, while Symantec has revealed that the threat comes with a “suicide” functionality. full article Confirms They Were Hacked, Change Your Passwords Now

After this week’s LinkedIn fiasco, it appears the latest tech giant to fall to bored hackers is Music-streaming website is the latest organisation to urge its users to change their passwords immediately. full article

Mobile devices bring cloud storage -- and security risks -- to work

Corporate policies alone won't address the use of cloud storage services by employees

Computerworld - Dropbox made headlines this week when was the first to report that an unnamed hacker broke into Mitt Romney's hotmail account with the same password used for a Dropbox account also associated with the GOP presidential candidate. full article

Cybercrime 'much bigger than al Qaeda'

Security experts confirm concern outlined by DHS Secretary in recent speech

June 07, 2012 — CSO — It is unlikely that Americans will ever again see commercial jets crashing into skyscrapers, piloted by terrorists. But Department of Homeland Security (DHS) Secretary Janet Napolitano believes that malicious computer code generated by groups like al Qaeda are just as big a threat to the security and stability of the nation. full article

Suspect in ID theft case sentenced

The final suspect in custody following a federal investigation into an identity theft ring that allegedly served the Hattiesburg and Laurel area was sentenced to five years in prison. full article

Man gets prison for posing as SEAL in ID theft case

A former sailor who posed as a SEAL chief to persuade other sailors to turn over their personal information was sentenced Wednesday to a little more than seven years in prison for bilking a credit union out of nearly $182,000. full article

Ham Lake woman pleads guilty to bank fraud, identity theft

A 25-year-old Ham Lake woman pleaded guilty June 6 in U.S. District Court in St. Paul to two felony charges for her role in a large-scale identity theft ring. full article

Scarsdale Police Arrest Two On ID Theft, Grand Larceny Charges

SPD arrested a Mount Vernon woman and Bronx man yesterday

Scarsdale Police detectives have had a busy week. SPD arrested a Bronx man and a Mount Vernon woman yesterday on charges of identity theft and grand larceny, after the two attempted to fraudulently withdraw money from a Chase Bank in Scarsdale. full article

Arrests made in thefts from online bank accounts

Fourteen people were indicted in an alleged cyber bank fraud scheme that took money from the accounts of Bank of America customers

Stealing victims’ identities was the first step toward pilfering from their online banking accounts, according to a cyber bank fraud indictment announced Thursday. full article

Son Turns in Feasterville Dad for Identity Theft

A Lower Southampton man is facing identity theft charges following his son telling police that he was using a stolen identity to avoid legal problems in Virginia. full article

Richmond woman charged with Social Security fraud, identity theft

A Richmond woman was indicted Thursday on charges of using another person's Social Security number, adding to charges she already faces, including tax evasion and bank fraud. full article

ID theft sting nabs state employee

ALBANY - An employee of the New York State Office of Children and Family Services is accused of selling personal information to an outside person. full article

Police flush ID theft scheme

BRANDON -- Deputies have made two arrests in what they said is a stolen identities scheme that wound its way from South Florida to Hillsborough County. full article

June 7, 2012

Phantom Debt Collectors From India Harass Americans, Demand Money

Hundreds of thousands of cash-strapped Americans have been targeted by abusive debt collectors operating out of overseas call centers suspected of links to organized crime in India, law enforcement officials told ABC News. full article

Microsoft's reaction to Flame shows seriousness of 'Holy Grail' hack

Company's fast, sweeping response proves how critical it considers Windows Update

Computerworld - The exploit of Microsoft's Windows Update system by the sophisticated Flame cyber espionage malware was a "significant" event in the history of Windows hacking, experts said today. full article

Like LinkedIn, eHarmony is hacked; 1.5 million passwords stolen

EHarmony, the popular online dating site, was the target of a password hacking attack that resulted in 1.5 million stolen passwords, most of which have been cracked. full article

LinkedIn Confirms Password Breach

Nearly 6.5 Million May Have Been Compromised

LinkedIn has confirmed that a breach of its network compromised passwords connected to accounts. While LinkedIn has not yet confirmed how many passwords were affected, some reports estimate nearly 6.5 million could have been compromised. full article

Survey Shows Consumers Still Openly Risking ID Theft

A new survey conducted by a credit card comparison Web site indicates consumers continue to be lax when it comes to guarding against identity theft. full article

CloudFlare Details How AT&T Systems Were Bypassed by Hackers

A few days ago we reported that CloudFlare representatives reached the conclusion that UGNazi hackers managed to breach their systems by first compromising AT&T. Today, the company’s CEO Matthew Prince has returned with additional details. full article

Siemens Enhances Security In Post-Stuxnet SCADA World

Firewall, VPN features now embedded in some products as Siemens gradually beefs up its security strategy

Stuxnet was not only bad news for Iran, but also for Siemens, whose process control systems were targeted in the attack that disrupted a nuclear facility in Iran. Since then, Siemens has quietly made several security moves in the wake of Stuxnet's discovery two years ago -- most recently, new industrial control products that come with built-in security features. full article

June 6, 2012

6.5 Million Alleged LinkedIn Password Hashes Dumped Online

A 271-megabyte file containing hashes was published on a Russian forum a couple of days ago. The data allegedly represents encrypted passwords that belong to LinkedIn customers.

According to a Norwegian publication,, a total of 6.5 million LinkedIn password hashes are in the file. full article

Indian ISPs targeted in Anonymous censorship protest

Their websites have been attacked as blocks on some file-sharing sites continue

IDG News Service - The websites of Indian government-run communications company Mahanagar Telephone Nigam and the Internet Service Providers Association of India faced DDoS (distributed denial of service) attacks from Anonymous on Wednesday as some Internet service providers continue to block file-sharing websites following a court order. full article

Hacker Says He Accessed Pair Of Presidential Hopeful Romney's Online Accounts

Breach suggests Mitt Romney--or his aides--used same password across multiple Web services full article

Google starts warning users of state-sponsored computer attacks

Users targeted by government-involved campaigns may see advisory banners

Google unveiled a service that automatically displays a warning to users who may be the target of state-sponsored phishing or malware attacks. full article

Identity theft victim fights to clear his name after deadly crash

FORT WORTH, TX - A Texas man is trying to clear his name after his identity was stolen. full article

Two indicted for ID theft, tax fraud

Edwin Bonannee, Sabrina Balkman-Bradwell are accused

A 32-year-old Hollywood man is one of two people indicted for identity theft in a tax fraud scheme, according to U.S Attorney Wifredo A. Ferrer. full article

Suspect sentenced in identity theft case

Only one suspect remains to be sentenced following the arrest of 10 in a federal investigation of an identity theft ring in Laurel last year. full article

Woodbury man accused of stealing co-worker's identity

Washington County prosecutors allege a Woodbury man convicted last year of identity theft was back at it again this year.

Washington County prosecutors allege a Woodbury man convicted last year of identity theft was back at it again this year. full article

Bronx man arrested after stealing Darien identities

A FedEx driver's vigilance helped Darien Police arrest a Bronx man who tried to buy nearly $7,000 worth of computers after stealing identities from at least two Darien residents. full article

Urbana woman charged with aggravated ID theft

URBANA — An Urbana woman who allegedly stole the identity of an elderly Champaign County Nursing Home resident to pay two bills has been charged with aggravated financial identity theft. full article

Empowering the IRS in Combating Identity Theft

The National Taxpayer Advocate, Nina Olsen says the main reason people go to her office is to seek help because their identities have been stolen. Identity theft is a growing crime that results in stolen tax refunds and fraudulent tax claims. In response, the IRS has taken steps to curb the menace. Out of the approximately 100 million tax returns the IRS processes each year, the agency has detected 940,000 fraudulent tax returns in 2010 and avoided paying out $6.5 billion to suspected identity thieves. full article

ID Theft in Backyard of Texas Attorney General

LAREDO, Texas (CN) - An identity thief who used her position in the Texas Attorney General's Office to claim other people's tax refunds will serve 2 1/2 years prison. full article

Anonymous Again Crusading Against Child Pornography

Members of the hactivist collective Anonymous resurfaced this week with a new campaign to expose suspected pedophiles on Twitter and get the site and its users to help root out other accounts linked to child pornography. full article

New Bern man pleads guilty to ID theft scheme

Raleigh, N.C. — A New Bern man pleaded guilty Monday to stealing the identities of dozens of people and filing fraudulent tax returns in their names to obtain refunds, authorities said. full article

June 5, 2012

Financial Documents Found In Bank Trash Bin

Oildale Woman Victim Of Identity Theft

OILDALE, Calif. -- A family contacted 23 ABC after they said a local bank did not shred documents appropriately and that led to identity theft. full article

Commission candidate faced ID theft charge in 2008

Linda K. Armstrong, a candidate for the Shawnee County Commission, said Monday that her having received diversion on an identity theft charge filed in 2008 “is a moot point, because it’s not a conviction.” full article

Police: Man working in Cinnaminson using woman's identity

CINNAMINSON — A man from Cherry Hill who is an undocumented immigrant was working in the township by using a woman’s identity, police said Friday. full article

Police search for man who stole $10,000 in Carlisle area identity theft case

A suspect in an identity theft stole nearly $10,000 from a Carlisle man in May, according to state police at Carlisle. full article

Police say woman used fake ID at Sears store in Meriden

MERIDEN — A Bronx woman faces charges after police say she tried to purchase $2,200 worth of merchandise from the Sears store at Westfield Meriden mall using stolen information. full article

Manteca man sentenced for ID theft and fraud

SACRAMENTO - A Manteca man found guilty of defrauding more than 50 individuals, banks and financial institutions by using victims' personal information to obtain credit cards and make phony driver's licenses was sentenced in Sacramento federal court. full article

Stockton Man Sentenced to Nearly 5 Years for Identity Theft

(Source: FBI) - SACRAMENTO, CA—Michael Garcia, 39, of Stockton, was sentenced today by United States District Judge Morrison C. England Jr. to 57 months in prison for fraud in connection with computers and in connection with an access device, United States Attorney Benjamin B. Wagner announced. full article

Dominican national used personal ID of dead man for decade, feds say

A Dominican national who has been living in Winter Springs was sentenced to 30 months in federal prison Friday for aggravated identity theft and making a false statement on a passport application. full article

Plea agreement filed in identity theft case

A sentencing date has been set for a Linden woman accused of using another woman’s identity to establish utility and credit card accounts. full article

Restaurant Chain Reports Card Breach

Method of Attack, Which Affected 43 Sites, Is Unclear

Penn Station Inc. has confirmed that 43 of its 235 U.S. restaurants may have been affected by a payments breach that exposed credit and debit details. full article

State of California Site Hacked, Sensitive Data Leaked

After breaching the State of Rhode Island website yesterday, today The Unknowns return with another target from the same category. This time the victim is the California Department of Forestry and Fire Protection, a subdomain hosted on full article

SwaggSec claims China Telecom data breach

Hacktivists not happy with China 'screwin with the Pentagon'

Hacktivist group SwaggSec is claiming the scalps of China Telecom and Warner Brothers after apparently taking advantage of poor security to infiltrate their networks and steal a sizeable booty of sensitive data. full article

Famed 'credit zombie' resurrected, with lessons for anyone with a SSN

Judy Rivers isn't dead after all. And, as anyone who's had a maddening run-in with the nation's credit system would agree, her "resurrection" is miraculous. full article

June 4, 2012

Experian Data Breach Resolution and Ponemon Institute study indicates consumer confusion following a data breach

New survey reveals 72 percent of respondents were disappointed in the way they were notified of a data breach

COSTA MESA, Calif., June 4, 2012 /PRNewswire via COMTEX/ -- A business's ability to protect personal information and communicate the circumstances of a data breach can impact customer loyalty and an organization's trustworthiness and reputation, according to a recent study by Experian Data Breach Resolution and the Ponemon Institute. In fact, according to more than 700 survey respondents, 72 percent of people who received notification of a data breach were dissatisfied with the communication and often felt the need for more information. full article

Bend Man Charged With Theft From Elderly Victim

BEND, Ore. -- A 56-year-old Bend man was arrested Friday on more than 100 theft, ID theft and fraud charges, accused of stealing over $180,000 from an 83-year-old Bend resident over the past six months, police said Saturday. full article

BHPD Chief Alleged Victim of Identity Theft

David Snowden's personal information was allegedly stolen in an effort to shut off the electricity at his home

Beverly Hills Police Department Chief David Snowden is one of the alleged victims named in the case against Steven Grant Almeida, who pleaded not guilty Friday to charges that he stole the identities of people in the local justice system and used their personal identifying information to try to shut off the electricity at their homes. full article

Federal blunders enable ID theft

TAMPA -- Thousands of names, Social Security numbers and birth dates accidentally are released to the public every year by the U.S. government. full article

Offices need to lock up IDs to prevent theft

With South Florida leading the nation in identity theft, companies especially need to safeguard employees' and clients' personal information from being taken by dishonest co-workers. full article

Utah CTO steps down following data breach

Computerworld - The executive director of Utah's Department of Technology Services has resigned over a data breach that exposed the Social Security numbers and other personal data of about 280,000 Medicaid recipients. full article

Thrift Savings Plan Notifies Customers of Breach 10 Months After the Incident

Data breaches have become more and more common in the past few years and if most companies are capable of handling the effects of such incidents, there are some that appear to be failing at the task. Such is the case of the Thrift Savings Plan (TSP), which alerted customers only 10 months after hackers gained unauthorized access to their systems. full article

Five Sentenced for Their Roles in Stolen Identity Refund Fraud Scheme

Fahim Suleiman and Muuad Salem were sentenced to prison today by U.S. District Court Judge James S. Gwin in connection with their roles as co-conspirators in a scheme to defraud the United States by obtaining false and fraudulent U.S. Treasury tax refund checks, the Justice Department and Internal Revenue Service (IRS) announced. According to documents filed with the court, the two participated in a conspiracy with others to file false United States income tax returns using personal identifying information, including names and Social Security numbers, of deceased taxpayers in order to obtain false tax refund checks that were subsequently sold and negotiated. Suleiman was sentenced to 64 months in prison, including a 24 month mandatory minimum sentence for aggravated identity theft. Salem was sentenced to 27 months in prison. full article

Companies See Business In 'Doxing' The Adversary

It's not a malware problem -- it's an adversary problem: More security firms are focusing on the people behind the keyboards in order to stymie attacks full article

Microsoft certificate used to sign Flame malware, issues warning

Summary: Microsoft has issued a security advisory warning and a high-priority update after parts of the Flame malware were signed with Microsoft-issued certificates. full article

Small banking Trojan poses major risk

Security researchers have discovered a tiny, but highly capable banking Trojan. full article

'Spy' contacted defense firms / Police plan to investigate, question those courted by diplomat

A Chinese diplomat allegedly engaged in espionage contacted officials at several defense companies while he was in Japan, according to investigative sources. full article

'SwaggSec' claims hack of China Telecom, Warner Bros.

The alleged data haul includes internal documents and administrator login credentials

IDG News Service - A hacking group is claiming to have breached the networks of Warner Bros. and China Telecom, releasing documents and publishing login credentials. full article

Malicious PowerPoint Presentations Exploit Flash Vulnerability to Drop Backdoor

It’s not uncommon for internauts to come across shady-looking emails that bear .exe, .zip, or .pdf files which hide some sort of malicious plot. However, it’s rather unusual to find a Microsoft PowerPoint presentation that embeds a Flash file which hides an exploit. full article

June 1, 2012

IRS Aims High to Crack Down on Identity Theft

The IRS is ramping up its efforts to crack down on personal identity thefts involving illegally procured tax return information. full article

Four Arrested in Federal Identity Theft Investigation

(Source: Richmond County Daily Journal, Rockingham, N.C. (MCT) — Four people have pleaded guilty in connection to identity theft charges after a joint federal investigation by the United States Secret Service and the Richmond County Sheriff’s Office. full article

Fort Bragg police: Two boys posing as officers in ID theft scam

Ukiah Daily Journal -- Two teenaged boys are possibly going door-to-door in Fort Bragg posing as police officers who are investigating identity theft to get personal information, according to the Fort Bragg Police Department. full article

Philly Woman Charged with Credit Card, Identity Theft in Toms River

A Philadelphia woman is charged with credit card theft and identity theft, in incidents within Monmouth and Ocean counties, police said. full article

Hackers Not Attracted to Small Businesses? False

Small business owners may think the size of their company precludes them from being targets of identity theft, not realizing they are more at risk than the larger companies. full article

Tenafly man sentenced for role in bank fraud ring

A Tenafly man, described as an essential cog in a scheme to build up credit scores for a Bergen County identity theft and bank fraud ring that catered to Koreans, was sentenced Thursday to two years in federal prison. full article


Contact Information

Center for Identity Management and
Information Protection
Dr. Donald Rebovich,
Executive Director
Utica College
1600 Burrstone Road
Utica, NY 13502