CIMIP - Center for Identity Management and Information Protection

March 2010 News Archive



March 31, 2010


JC Penney tried to block publication of data breach



IDG News Service - Retailer JC Penney fought to keep its name secret during court proceedings related to the largest breach of credit card data on record, according to documents unsealed on Monday. ...read full article

Hacker Finds a Way to Exploit PDF Files, Without Vulnerability



A security researcher has managed to create a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities. ...read full article

Facebook Revealed Private Email Addresses Last Night



A brief rift in the Facebook privacy shield has been healed, but not before dozens of people documented it. For about 30 minutes late Tuesday, private email addresses were revealed—and then, just as suddenly, they were hidden again. ...read full article

Online Thieves Take $205,000 Bite Out of Missouri Dental Practice



Organized computer criminals yanked more than $200,000 out of the online bank accounts of a Missouri dental practice this month, in yet another attack that exposes the financial risks that small- to mid-sized organizations face when banking online. ...read full article

Moscow Bombings, TJX Hacker Spur Black Hat Campaigns



Spammers and malware writers have wasted no time in taking advantage of Monday's bombings in Moscow, opening up a campaign on Twitter to point users to malicious sites. ...read full article

Millions in China have no antivirus software, survey shows



IDG News Service - The massive number of Chinese Internet users running no antivirus software increased last year, a survey showed, even though online security risks continued to multiply in the country. ...read full article

San Francisco Says $1 Million Is Missing From Its Accounts



SAN FRANCISCO (CN) - San Francisco claims that $1 million it set aside for low-income homeowners for lead abatement and other rehabilitation was pilfered by a company that had managed city escrow accounts since 1990. ...read full article

McDonald's Settles Case Over Posting of Nude Photos



Court records indicate that McDonald's Corp. (NYSE: MCD) and a franchisee have settled a $3 million lawsuit in which a customer said nude photos of his wife were copied from a cell phone he left in a McDonald's restaurant. ...read full article

Law Firm Aided African Scam, Investors Say



CLEVELAND (CN) - Investors claim a law firm helped a woman bilk them for more than $1 million in an African boondoggle that promised them a $14.5 million inheritance from Burkina Faso - if they paid certain "fees" first. Nine people and two corporations say they handed over the money because two attorneys in the Cleveland branch of Baker & Hostetler backed up Willia Burton's story about the inheritance. ...read full article

Google: Malware targets Vietnamese activists



IDG News Service - Google says that politically motivated malware has been used to spy on Vietnamese computer users and attack activist blogs over the past several months. ...read full article

Receiver Tracks Down $78M Ponzi Scheme



PHILADELPHIA (CN) - The receiver for a $78 million Ponzi scheme filed six federal complaints this week to recoup money from "winning investors" who got payouts before Joseph Forte's scam collapsed. Like Bernie Madoff, Forte, who was sentenced to 15 years in prison, never reported a losing quarter no matter how the market performed. ...read full article

Sophos reveals defense for search engine hack attacks



Security firm Sophos has published research on the automated tools used by search engine optimisation (SEO) hackers and how companies can protect themselves. ...read full article

Warwickshire County Council breaches Data Protection Act



Warwickshire County Council has landed in hot water with the Information Commissioner's Office (ICO) after the theft of two computers and the loss of a memory stick containing personal data. ...read full article


March 30, 2010


Bank Employee Finds Skimmer On ATM


Device Used To 'Skim' Customer Information


A Bank of America employee from Palm Coast said he was using the ATM at the Bank of America located on Clyde Morris Boulevard in Daytona Beach when he immediately noticed the skimming device. ...read full article

Calif. Woman Convicted of Stealing Identity to Get Breast Implants



Yvonne Jean Pampellonne was sentenced Monday in Westminster for using a fraudulent line of credit to obtain $12,000 in cosmetic surgery, including breast implants and liposuction. ...read full article


March 29, 2010


Company says 3.3M student loan records stolen



Data on 3.3 million borrowers was stolen from a nonprofit company that helps with student loan financing. ...read full article

Microsoft defends Windows 7 security after Pwn2Own hacks



Just days after a pair of researchers outwitted major Windows 7 defenses to exploit Internet Explorer (IE) and Firefox, Microsoft said the measures aren't meant to "prevent every attack forever." ...read full article

Thousands of stolen bank account numbers seized in Ontario



Police have seized thousands of bank account numbers stolen by an identity theft ring and charged six people with 80 criminal offences. ...read full article

Customers warned of counterfeits at computer fairs



Counterfeit electronics could be harming the technology industry by lowering consumer satisfaction and confidence in a brand, the Australian Customs and Border Protection service has warned. ...read full article

iPhone and IE8 hacked in Pwn2Own contest



Hackers successfully exploited a handful of zero-day vulnerabilities, Wednesday, quickly cracking a flaw in the popular Apple iPhone. Zero-day vulnerabilities in Apple Safari 4, Mozilla Firefox and Internet Explorer 8 were also exploited by the security researchers during TippingPoint's Pwn2Own contest at the 2010 CanSecWest Applied Security Conference. ...read full article

Phishing email scams man out of R24 000



A businessman has been scammed of R24 000 after he responded to an Absa Bank phishing email that seemed so authentic it appeared to refer to Internet banking problems he had reported to his bank. ...read full article

N.Y. agent arrested for allegedly collecting $5,000 in fake applications



A self-employed insurance agent from New York was recently arrested, accused of collecting $5,000 in advance sales commissions through fake applications. ...read full article

Identity Theft Ring Defrauds Hospital Patients



Seven Chicago area women are being held in connection with an identity theft scam that affected hundreds of people from across the country, many of whose information was stolen from medical records at Northwestern Medical Faculty Foundation. ...read full article

Medical identity theft growing, and at no small price



Sierra Morgan was billed $12,000 on her health care credit card in November for liposuction, a procedure she never requested or received. ...read full article

Trojan poses as Adobe update utility



Miscreants have begun creating malware that overwrites software update applications from Adobe and others. ...read full article


March 26, 2010


Gonzalez gets 20 years for TJX credit card scam


Prosecutors called theft 'unparalleled'


IDG News Service - BOSTON -- As his parents and sister silently wept, hacker mastermind Albert Gonzalez was sentenced Thursday in U.S. District Court to two concurrent 20-year stints in prison for his role in what prosecutors called the "unparalleled" theft of millions of credit and debit card numbers from major U.S. retailers. ...read full article

Suspected Twitter infiltrator: 'I'm a nice hacker'



PARIS – He's unemployed and isn't much of a computer expert. The Frenchman accused of infiltrating Twitter and peeping at the accounts of President Barack Obama and singers Britney Spears and Lily Allen says he wanted to reveal just how vulnerable online data systems are to break-ins - and he says he didn't mean any harm. ...read full article

HSBC Database Breach Highlights Lack Of Accountability For IT Super Users


IT specialist had abused his database privileges to steal records of approximately 24,000 HSBC clients


As new details continue to emerge this month about an initially undetected large-scale database pilfering by a former IT worker at HSBC, security experts hope it will highlight one of the most glaring weaknesses in many a financial institution's database protection scheme: poor accountability for IT super users. ...read full article

Most users don't change password often enough, report says



Security firm Symantec on Friday released survey results that showed about 63 percent of consumers don't change their passwords often enough, 45 percent just use a few passwords alternately for all accounts, and some 10 percent don't even change their passwords at all. ...read full article

Cloud security weaknesses prompt call for global data protection law



European leaders have called for a worldwide agreement on data protection to address the data security weaknesses of cloud computing. ...read full article

State Says 'Dream Scholars' is a Nightmare



MINNEAPOLIS (CN) - The Minnesota attorney general says a California company called Dream Scholars preys upon parents by falsely claiming that it provides college scholarships to underprivileged kids, and that their children showed interest in its SAT and ACT preparation materials. But the Dream Scholars Foundation has never handed out any scholarship money, and it automatically enrolls victims in a "free" online program, then charges them $55 a month, the state says. ...read full article

Millions of e-mail users still respond to spam, survey reveals



Despite more than 80% of e-mail users being aware of bots, tens of millions respond to spam in ways that could leave them vulnerable to a malware, a worldwide online survey has revealed. ...read full article

Europe seeks more privacy against terror searches



The European Commission has agreed a new mandate for negotiating the transfer of details of private banking transactions to the US, in a move designed to fight terrorism. ...read full article

Police set high-tech honeytraps for burglars



Police are to spent £2m to set up high-tech "honeytraps" to catch burglars and vehicle thieves, the Home Office says. ...read full article


March 25, 2010


U.S. Faces Cyber Security Gap Without Training, Education



As discussions about the federal approach to cyber security continue to percolate across the highest levels of government, one of the most important steps policymakers can take is to nourish the education and training of a new crop of security experts, a senior administration official said here at the FOSE government IT show. ...read full article

Security Breach In Some Union First National Bank Accounts



Some Union First Market Bank customers are upset after learning their private account information is accessible to other customers. ...read full article

Brazil tops global spam rankings



Brazil, India, Vietnam, USA and Russia head the ranking of countries from which most spam was sent during the first two months of the year, according to a study by Panda Security. ...read full article

U.S. electrical grid probed but not yet attacked, says paper



Evidence suggests that "unknown foreign entities" have probed computer networks controlling the U.S. electrical grid, which would become a target during a cyber attack, according to a paper from the Center for Strategic and International Studies. ...read full article

Obama's Twitter account hacker arrested



French police have arrested a hacker who sabotaged the account of US President Barack Obama in one of his attacks on the wildly popular micro-blogging site Twitter. ...read full article

Cybersecurity Bill Passes Senate Committee



A crucial piece of cybersecurity legislation is one step closer to becoming law after being approved during a Commerce, Science & Transportation Committee hearing Wednesday. ...read full article

Woman gets 3 years for credit-card thefts at park



A Wyncote woman was sentenced yesterday to three years in prison in connection with credit-card thefts from people visiting Valley Forge National Historical Park and other public recreational spaces in 2006, the U.S. Attorney's Office said. ...read full article

Haddonfield students arrested in computer hacking



Several Haddonfield Memorial High School students are under police investigation on accusations they hacked into the school's computer system. ...read full article

Fraud ring targeted 5 local credit unions — 21 arrested, 21 wanted



Authorities are searching for an Orlando woman whom they say led a fraud and identity theft ring that stole more than $200,000 from Central Florida credit union members over a three-year period, according to the Florida Department of Law Enforcement. ...read full article

Gonzalez Lawyers, Judges Debate Data Breach Costs



When two Boston-based federal judges sentence Albert Gonzalez Thursday (March 25) and Friday (March 26) for a rash of retail cyber-break-ins that he confessed to orchestrating, the exact sentence may be academic ...read full article

Cyber Attacks Reported By 100% Of Executives


A study conducted by the Ponemon Institute and sponsored by IBM shows growing recognition among C-titles executives of the importance of data protection.


...read full article

Medical identity theft poses new risks



With all the privacy laws and safeguards in place, you'd think your medical records are safe from ID thieves. A new report shows some of those protection could actually be putting you at risk. ...read full article

Drug dealing, Medicaid fraud case nets 15 guilty pleas in New Jersey



Fifteen defendants have pleaded guilty for their roles in a black-market prescription narcotic drug ring that involved Medicaid being billed for phony doctor visits and medicines never dispensed. ...read full article

Columbia man sentenced for mortgage fraud



Acting United States Attorney Kevin F. McDonald stated that Randal Antoine, age 36, of Columbia, was sentenced today in federal court to serve eight years in federal prison for a mortgage fraud scheme. Antoine pled guilty last November to wire fraud and illegally using Social Security numbers in connection with the scheme. United States District Judge Cameron McGowan Currie imposed the sentence. ...read full article

Police: Woman with hundreds of IDs said she needed them to 'buy groceries'



A 27-year-old woman is facing 12 identity theft counts as prosecutors allege she was caught with hundreds of names and credit card numbers. ...read full article


March 24, 2010


Students to face cyberbullying charges



A California appeals court has ruled that several Los Angeles high school students who made derogatory and threatening comments on a fellow student's Web site can be charged with hate crimes and defamation. ...read full article

Cyber Attack on U.S. Firms, Google Traced to China



The cyber attack on Google and other U.S. companies was part of a suspected Chinese government operation launched last year that used human intelligence techniques and high-technology to steal corporate secrets, U.S. government and private-sector cybersecurity specialists told The Washington Times. ...read full article

Man Pleads Guilty to Stealing Identities in Fraud Scheme



Robert Leroy Maxwell, 45, has pleaded guilty to identity theft and other charges in a fraud scheme that cost banks and businesses in Kansas City, Kan., Olathe and elsewhere a total of more than $30,000. ...read full article

2 charged in H&R Block identity theft case



After Highland, Ind., police pulled over a driver for suspicion of driving under the influence, one officer noticed a female passenger nervously fidgeting in the back seat. ...read full article

Senate bill seeks crack down on cybercrime havens



Foreign countries that turn a blind eye to cybercrime would lose US financial assistance and resources under a bill introduced Tuesday in the Senate. ...read full article

Your health, tax, and search data siphoned



Google, Yahoo, Microsoft's Bing, and other leading websites are leaking medical histories, family income, search queries, and massive amounts of other sensitive data that can be intercepted even when encrypted, computer scientists revealed in a new research paper. ...read full article

Gillibrand: Cybercrime Costs NY Businesses Approximately $4.6 Billion Each Year



As New York businesses lose approximately $4.6 billion as a result of cyberattacks and with a growing threat of cybercrime internationally, U.S. Senators Kirsten Gillibrand (D-NY) and Orrin Hatch (R-UT) today introduced the International Cybercrime Reporting and Cooperation Act – new bipartisan legislation that would enhance America’s cooperation with other countries to combat cybercrime and keep America safe. ...read full article

WiFi Hotspots Leading to More Cybercrime



The spread of open wireless networks in cities is making it easier for cybercriminals. ...read full article

Canada unprepared for massive cyber-attack: Expert



Canada is woefully unprepared for a massive cyber-attack that is within reach of any run-of-the-mill hacker and could cripple the business of the nation, warns a leading security expert. ...read full article

OCR Needs Consent To Reveal Health Data Breach Violators



Some industry experts are questioning the Office for Civil Rights' policy of not posting the names of entities that report health data breaches affecting 500 or more individuals without written consent from the entity, HealthLeaders Media reports. ...read full article

FOUR CHARGED IN IDENTITY THEFT MORTGAGE FRAUD SCHEME



Jeffrey H. Sloman, United States Attorney for the Southern District of Florida, Michael K. Fithen, Special Agent in Charge, U.S. Secret Service, John V. Gillies, Special Agent in Charge, Federal Bureau of Investigation, Miami Field Office, and James K. Loftus, Director, Miami-Dade Police Department, announced today that, on March 18, 2010, a federal grand jury returned a four count indictment charging Marcos Salazar, Elaine Power, Carlos Gonzalez, and Alvaro Zambrana with a mortgage fraud scheme, using the stolen identification information of another individual, which resulted in the approval and disbursement of two mortgages from JPMorgan Chase Bank, totaling approximately $610,000. Defendants Salazar, Gonzalez, and Zambrana were arrested and made their initial appearances in federal court today. Defendant Power remains at large. ...read full article

Bail set at $1.5 million in Indian ‘Romeo’ theft case



Bail has been set at $1.5 million for an Indian man who authorities say romanced fellow countrywomen he met online and then stole from them to fund a jet-setting lifestyle. ...read full article

Zurich Insurance loses 600k records on backup tape



Zurich Insurance has promised to improve its information security after losing personal financial information on 46,000 British clients through careless handling of unencrypted backup tapes. ...read full article

UK warns of Israel travel amid passport scandal



British citizens who travel to Israel should be aware that their passport details could be captured for "improper uses," Britain's Foreign Office warned Tuesday. ...read full article

Deal reached in Whitlock fraud case



Colorado Attorney General John Suthers announced a settlement with Donald Sterling Whitlock that secured full restitution for the victims of his identity theft and commercial-lending scheme. ...read full article

Proposed US law would single out cybercrime havens



A bill introduced in the U.S. Senate Tuesday would compel the White House to identify international cybercrime havens and establish plans for cleaning them up. ...read full article

Internet Explorer vulnerable to hackers, warn experts



Criminals are stepping up their attacks leveraging an unpatched flaw in Microsoft's Internet Explorer browser, using it to install fake antivirus products and malicious back doors on victim's computers. ...read full article

Beware of lucky-draw scam via text message



MOBILE-PHONE users, beware. Police warned yesterday of a text-message scam to get people to pay an 'administrative fee' or a 'tax' for a cash prize that they had supposedly won in a lucky draw. ...read full article

U.S. said to be eyeing cybersecurity ambassador role


Goal is to have U.N. representative for cybersecurity policies, says Wall Street Journal


...read full article

Law enforcement lobbies hard for ICANN changes



U.S. and U.K. law enforcement officials are trying to marshal support for changes that would make it more difficult for criminals to register domain names under false details. ...read full article

FBI lists Top 10 posts in cybercriminal operations


Cybercrime organizations often run like corporations, staffed by experts in specific jobs


...read full article

Lawmakers Eyeing National ID Card



Lawmakers are proposing a national identification card — what they’re calling “high-tech, fraud-proof Social Security cards” — that would be required for all employees in the United States. ...read full article

FBI’s Chabinsky outlines the Bureau’s uphill battle against cyber-crime



The “bad guys” perpetrating cyber-crimes around the world are taking their activities deeper underground, typically are becoming specialists in one specific aspect of their trade, and are making so much money they are giving up their day jobs. ...read full article

eBay Teams With FBI to Fight Retail Theft



The alliance, which also includes the National Retail Federation, aims to attack the billions of dollars in retail theft that occurs each year by limiting what can be fenced online. ...read full article

FBI Underboss Outlines Anatomy of a Cyber Gang



As cyber criminals grow ever more sophisticated and organized, law enforcement agencies have had to step up their game to keep pace. One of the top men at the FBI shares what the bureau is doing to combat cyber crime. ...read full article

Prosecutors Seek 25 Years for Hannaford, BJ’s Hacker



Prosecutors are seeking 25 years in prison for the computer hacker who breached the security of retailers including Hannaford Bros. and BJ’s Wholesale Club, according to a sentencing memorandum filed in U.S. District Court here. ...read full article


March 23, 2010


Federal Judge Orders $4.7 Million in Restitution in Telemarketing Case



Chalk up a win for the Federal Trade Commission now that U.S. District Judge Donetta W. Ambrose of the Western District of Pennsylvania has shut down a telemarketing operation run by an East Pittsburgh firm and ordered more than $4.7 million in restitution to consumers. ...read full article

FBI Fights Cybercrime in E. Europe


The FBI is embedding agents in Estonia and Ukraine to help local authorities crack international cybercrime cases.


Computerworld — Hoping to catch cybercrooks, the FBI has begun embedding agents with law enforcement agencies in Estonia, Ukraine and the Netherlands. ...read full article

Symantec names riskiest U.S. cities for cyber crime



Seattle is most dangerous when it comes to cyber crime, while Boston, Washington D.C., San Francisco, and Raleigh, N.C., round out the top five ...read full article

Former iSoft financial controller admits providing false auditing information



The Accountancy and Actuarial Disciplinary Board has disciplined Ian Storey, a former iSoft financial controller, for falsifying auditing information. ...read full article

Class Claims Ameriprise Presided Over Ponzi



OMAHA (CN) - Securities America, a subsidiary of Ameriprise Financial, ran a $700 million Ponzi scheme in promissory notes, investors say in a federal class action. The class claims Securities America ignored repeated warnings from its advisers to disclose the truth, and claimed that providing risk information to its own brokers and investors would "be a bad thing." ...read full article

Over 120 000 Sanoma User Credentials Stolen



Not exactly a startup news per se, but a healthy reminder to all those working with user credentials in their online services. One of the largest, if not the largest, online identity thefts has just occured in Finland. ...read full article

Compensation should be paid for personal data loss, says report



Compensation should be paid to anyone whose personal details are lost by the Government or a private company, according to a report backed by the information watchdog. ...read full article

Hacked personal data originating from China



Have you ever wondered why you get so many unwanted spam text messages and e-mails? The answer might be found in China. ...read full article

Organized Crooks Hit NJ Town, Ark. Utility



An Arkansas public water utility and a New Jersey town are the latest victims of an organized cyber crime gang that is stealing tens of millions of dollars from small to mid-sized organizations via online bank theft. ...read full article

State Agency ID Theft May Affect 11,000



On Monday, Office of Policy Management Secretary Robert Genuario announced that as many as 11,000 people may be affected by identity theft at the state agency. ...read full article

Police seize computers in ACIC investigation



Arkansas State Police have served two search warrants and seized computers and other items from the home and office of a local bail bondsman, apparently in relation to its investigation of the alleged misuse of police passwords to illegally obtain private information on local residents ...read full article

Patient Billed for Phony Liposuction as Medical ID Theft Rises



Sierra Morgan was billed $12,000 on her health-care credit card in November for liposuction, a procedure she never requested or had. ...read full article

Tips to avoid seven tax scams



Have you ever been contacted by someone claiming to know a secret that will help you significantly reduce your tax bill or avoid paying taxes altogether? Have you ever received an e-mail from the IRS asking for personal information? ...read full article

Social Security Numbers Stolen From Furnace Rebate Applicants



Police are investigating the theft of personal information — including Social Security numbers, names and addresses — from as many as 11,000 people who had applied for furnace rebate programs with the state. ...read full article

IRS Cybersecurity Flaws Put Taxpayers At Risk



As the IRS deadline for filing 2009 personal income taxes nears, the Government Accountability Office has released a report that calls into question the security of the information U.S. taxpayers are sending to the agency. ...read full article

Critical Firefox bug fixed one month after disclosure



Just days before the start of a hacking contest set to target Web browser vulnerabilities, Mozilla has patched its flagship Firefox browser. ...read full article

The FBI is Now Following You–On Twitter



If you’re a wanted criminal, choose your Farmville neighbors wisely. Instead of peeking over a picket fence at the strawberry patch belonging to the mysterious red-head who just friended you on Facebook, you could be looking through steel bars straight at the FBI agent that caught you ...read full article

Russia arrests WorldPay hackers after FBI plea



Three men accused of being involved an audacious attack on US ATM machines in 2008 have been arrested by the feared Russian Security Service (FSB) in an event that is being interpreted as marking a sea change in Russian policy towards cybercrime. ...read full article

Cyber criminals targeting World Cup fans: Internet security firm



An Internet security firm has revealed that football fans across the world are being targeted by cyber criminals in the run-up to the World Cup, which gets under way in South Africa on June 11, with a wave of spam e-mails, fake offers and attempts to steal banking details. ...read full article

Gates: Pentagon investigating alleged private spy network



US Defence Secretary Robert Gates today said he had potential concerns about an alleged spying network of contractors in Afghanistan and Pakistan run by a Pentagon official, but that he still lacked information about the reported operation. ...read full article

Secret Service Paid TJX Hacker $75,000 a Year



Convicted TJX hacker Albert Gonzalez earned $75,000 a year working undercover for the U.S. Secret Service, informing on bank card thieves before he was arrested in 2008 for running his own multimillion-dollar card-hacking operation. ...read full article

Police to seek int'l support in Gumblar computer virus probe



TOKYO — Police said Tuesday they will seek cooperation from authorities in five European countries in investigations into cases suspected to involve the Gumblar computer virus or variants, in which websites run by Japanese companies have been altered to redirect users to harmful sites. ...read full article

ISV: Internet filter threatens national security



The Federal Government’s proposed ISP-level filtering may have “unintended consequences” on Australia’s national security, local software player, Ey3, claims. ...read full article


March 22, 2010


Moscow gets tough on cybercrime as ID theft escalates



Russia has quietly arrested several suspects in one of the world's biggest cyberbank thefts, raising hopes of a previously unseen level of official co-operation in a country that has been a haven for criminals. ...read full article

Airport Worker Accused Of "Skimming" Credit Cards



An Orlando International Airport parking garage worker is accused of using a credit card-scanning device to skim money from customers. ...read full article

Firm denies hacking, stock manipulation charges



A Cyprus-based company accused of manipulating stocks on U.S. exchanges via compromised trading accounts denied the allegations on Friday, placing blame on "Russian swindlers." ...read full article

Who's the Boss in Cloud Land?



But the concept raises numerous questions about security, compliance and responsibility. "We vendors haven't done a good enough job for you. We've hyped our technology and not delivered. If we're going to build security solutions, they must be more usable," said Phil Dunkelberger, president and CEO of PGP Corp. ...read full article

Victorinox offers hackers £100,000 challenge



Swiss Army Knife maker Victorinox is asking the best of Britain's hackers to try and beat the biometric security built into its latest USB Flash drive-fitted penknife. ...read full article

Germany warns surfers against Firefox



German's official cyber-security response team is advising surfers not to use Firefox pending the release of a patch to defend against a critical unpatched vulnerability. ...read full article

Personal Finance: As ID theft grows, be on guard online



Sitting at the computer to pay your bills, go shopping or do your banking is common. It's quick, convenient and oh-so-green. ...read full article

New ID Theft Threat: Facebook Cloning



It could be happening to you right now, you could be cloned on Facebook. This isn't a form of flattery, instead it's a means to steal your identity. ...read full article

Report 1.8 Billion Cyber Attacks Per Month



You read that right. While the US government sits high on its perch, snipers are taking aim 60 million times a day. The Senate Security Operations Center alone receives 13.9 million of those attempts per day. ...read full article

The Norton Top 10 Riskiest Online Cities Report Reveals Who’s Most Vulnerable to Cybercrime



Cybercrime, a threat that affects one in five online shoppers* and cost Americans $560 million in 2009 due to online fraud**, may hit closer to home than many realize. Norton from Symantec (Nasdaq: SYMC) teamed up with independent research firm Sperling’s BestPlaces to find and expose the nation’s top 10 cities most vulnerable to cybercrime. ...read full article

Burlington is Canada’s riskiest online city, study says



Burlington, Ont., is the riskiest city in Canada when it comes to cybercrime, according to a study commissioned by Norton from Symantec, a company that sells online security software. ...read full article

Beware of tax scams, IRS says


If you get a Facebook message, Twitter tweet or unexpected e-mail that purports to be from the IRS, don't trust it -- and don't give out personal information.


...read full article

Illinois man remains in jail in check fraud case



An Illinois man was arrested in a Roseville-area motel in connection with what is believed to be a multistate payroll check and credit card fraud ring that victimized local banks and businesses, police said Saturday in a news release. ...read full article

As health data goes digital, security risks grow



Over the next four years, the amount of personal medical information online will increase exponentially, opening up new avenues for hackers to expose personal data that, unlike financial information, can result in a permanent violation of privacy. ...read full article


March 19, 2010


For cyberwarriors, murky terrain



By early 2008, top U.S. military officials had become convinced that extremists planning attacks on American forces in Iraq were making use of a Web site set up by the Saudi government and the CIA to uncover terrorist plots in the kingdom. ...read full article

Former National City Bank debit accounts hacked



PNC Financial Services Group Inc. said Thursday it is investigating a breach of accounts affecting former National City Bank customers and their debit-card accounts. ...read full article

20 Banking Breaches So Far in 2010



There have been 171 reported data breaches so far in 2010, and 20 of these involve financial services companies. ...read full article

Dumped documents lead to internal investigation



Albany Police have launched an internal investigation after sensitive city documents were found near an alley garbage can. ...read full article

Town of Poughkeepsie recovers $378,470 stolen by hackers



Town of Poughkeepsie officials Thursday night announced the town has recovered more than $378,000 in town funds alleged to have been stolen by cyber thieves. ...read full article

New victims sought in ID theft probe



Sheriff's detectives investigating an identity theft case involving a Valencia laboratory publicized the crime Wednesday in the hope of finding other victims and suspects. ...read full article

Virgin Mobile fined for pushing mobile spam



Virgin Mobile has been fined for sending spam messages to Australian mobile users who'd already opted out of receiving promotions. ...read full article

Vodafone Spain admits 3,000 smartphones shipped with Mariposa



Vodafone Spain has accepted that 3,000 customers were potentially exposed to malware after Mariposa botnet agents strayed onto the HTC Magic smartphone. ...read full article

Doctor, attorney among 19 charged in ‘Operation Big Fish’ auto fraud



Numerous defendants, including a chiropractor and an attorney, are accused of defrauding more than 19 insurers out of $549,000 through a staged auto accident ring in California dubbed “Operation Big Fish” by prosecutors. ...read full article

FBI suspends IT overhaul



The FBI has put the brakes on key aspects of its massive computer overhaul project, at a cost of up to $30 million in overruns, to deal with design changes and technical problems, the New York Times reported. ...read full article

Have agencies scrubbed the Conficker worm from their systems?



A company that has been tracking the scanning activity of the prolific Conficker worm says that traffic from infected government systems has dropped off significantly in recent months, which could indicate a successful effort to remediate infections. ...read full article

Identity theft up by 20%



Information services group Experian said it handled more than 5,000 cases where people had had their identities stolen during the year, nearly a fifth more than in 2008. ...read full article

Internet-related crime rose 110% in 2009



Victims of investment scams, phony work-from-home offers and fraudulent companies offering access to stimulus money reported a record number of financial losses in 2009. ...read full article

FBI Says Cybercrime Skyrocketing


A new report from the FBI says the rate of cybercrime incidents is growing rapidly at a cost of hundreds of millions of dollars a year.


The latest data from the FBI's Internet Crime Complaint Center (IC3) confirms what online banks, security software vendors and Internet users have been complaining about for years: cybercrime is skyrocketing and costing people millions of dollars with no end in sight. ...read full article

Spammers not affected by arrests



Bangalore: Even after series of arrest, net access cutoffs and by infiltrating command systems, spamming is still seen as a lucrative job for cyber criminals. There are four such networks which have been blocked completely but this has not inconvenienced hi-tech criminals who found other routes to send spam, say experts, according to BBC. ...read full article

UK ahead of EU in cyber attack defences



The UK needs to work more closely with Nato to fend off cyber attacks on critical national infrastructure from Russia and China, but is otherwise “reasonably well-placed" to cope with such incursions. ...read full article

'Cyber attack brought down national election website'



Arolen S.A., a firm contracted by private telecommunications company UNE to provide technical services for the recent congressional elections, blamed a cyber attack for downing the national elections webpage of the National Registry. ...read full article

New Cybersecurity Act Eliminates Internet Kill Switch



In a rewritten version of the cybersecurity bill, President Obama no longer has a kill switch for the Internet. ...read full article


March 18, 2010


States give inmates access to personal data of others



WASHINGTON — Prisons in eight states let convicts work in jobs that give them access to Social Security numbers and other personal information for the public, despite years of warnings that the practice should end, a federal audit finds. ...read full article

Hacker Disables More Than 100 Cars Remotely



More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments. ...read full article

Facebook to Pay $9.5 Million on Privacy Claims



(CN) - A federal judge in San Jose approved a $9.5 million consumer class action settlement against Facebook, stemming from its Beacon advertising program that the class claimed violated peoples' privacy. The controversial program launched in November 2007 allowed Facebook members to view their friends' purchases at Internet retailers like Zappos, Overstock.com, Blockbuster and Hotwire. ...read full article

1 in 4 kids have tried hacking



Despite 78% agreeing that it is wrong, 1 in 4 of UK’s children have tried their hand at hacking into others’ Facebook accounts mostly by surreptitiously using the victims passwords. And it’s not just the boys – 47% admitting guilt are girls. ...read full article

Windows XP: No IE9 for you


Microsoft becomes first major browser maker to drop support for world's most popular OS


Computerworld - Microsoft's new browser, Internet Explorer 9 (IE9), will not run on Windows XP, now or when the software eventually ships, the company confirmed Tuesday. ...read full article

Flaw In Microsoft's Hypervisor Lets Attackers Bypass DEP, ASLR


Virtual PC hypervisor bug and proof-of-concept revealed by Core Security Technologies -- but Microsoft says it's not technically a vulnerability


Core Security Technologies has discovered a flaw in Microsoft's Virtual PC hypervisor that can be used by an attacker to cheat built-in, advanced security features in Windows. ...read full article

Malware found on another HTC Magic smartphone


Second occurrence of malware on SD card shipped with the Android-based smartphone shows it could be a bigger problem with quality assurance


Traces of the now defunct Mariposa botnet has been found on another HTC Magic from Vodafone in Spain, security company Panda wrote in a blog post on Wednesday. ...read full article

Student information part of security breach



According to Liz Latt and Beth Fortune in Public Affairs, a professor's desktop computer, containing the names and social security numbers of 7,174 current and former students, was stolen some time during the weekend of Feb. 6. ...read full article

Madoff Computer Programmers Charged



MANHATTAN (CN) - Two computer programmers who worked for Bernie Madoff were charged on Wednesday with conspiracy and falsifying records, federal prosecutors said. Jerome O'Hara and George Perez are charged with maintaining programs that generated bogus records that fooled the SEC. ...read full article

Child porn blocked by new 'fingerprint' system



Organisations are being offered an unusual new anti-child porn system that can identify and block real, individual images by comparing them to one of the world's largest databases of such pictures. ...read full article

New Password-Stealing Virus Targets Facebook


Virus Attempts to Steal Banking Passwords, Other Sensitive Information


BOSTON (Reuters) - Hackers have flooded the Internet with virus-tainted spam that targets Facebook's estimated 400 million users in an effort to steal banking passwords and gather other sensitive information. ...read full article

ACMA alleges Virgin Mobile spamming



The Australian Communications and Media Authority (ACMA)has accepted an enforceable undertaking from Virgin Mobile related to breaches of the Spam Act. ...read full article

Security organisation gives IE9 warning



SANS Institute says security professionals and hackers both to profit from 'kicking the tyres' on IE9 ...read full article

Estonia Defense Minister: Cyberattacks Will Grow



Three years after a widespread cyberattack temporarily shut down the Estonian economy, Estonia's defense minister said such incidents will only continue to grow. ...read full article

Cybersecurity needs global rules: British lawmakers



(Reuters) - Europe's online security would best be served by developing global cyber regulation, ending current "ad hoc" international efforts, British lawmakers said on Wednesday, echoing industry calls for worldwide rules. ...read full article

U of C warns patients after computer virus hits medical records



CALGARY - Thousands of patients at a University of Calgary clinic are being warned their personal health information could have been compromised after viruses infected a medical computer. ...read full article

Madoff Beaten in Prison


Ponzi Schemer Was Assaulted by Another Inmate in December; Officials Deny Incident


Bernard Madoff, who is serving a 150-year sentence in North Carolina for running a fraud scheme that cost investors billions of dollars, was physically assaulted by another inmate in December, according to three people familiar with the matter. ...read full article

'Jihad Jane' suspect pleads not guilty



Philadelphia, Pennsylvania (CNN) -- The American woman who authorities say called herself "Jihad Jane" pleaded not guilty Thursday to charges that she tried to help terrorists and kill someone in another country. ...read full article


March 17, 2010


State agency’s internal data breached



MIAMI — A Florida Department of Law Enforcement analyst has been suspended for allegedly using critical law-enforcement databases to look up private information about her co-workers, their families and even at least one private citizen. ...read full article

IRS, DOJ use social media sites to track deadbeats, criminal activity


Documents offer peek at use of social networking sites in investigations


Computerworld - Advocacy group the Electronic Frontier Foundation has obtained documents showing how law enforcement agencies and the Internal Revenue Service are gathering information from social networking sites for their investigations. ...read full article

Fake PIN pad units in US chain store



As soon as we got used to the idea that we have to be very careful when using ATMs because they might be "skimming" devices attached onto them, we have to rearrange our way of thinking because it appears that no card terminal is safe. ...read full article

Felon Ran $200 Million Ponzi, Victims Say



REDDING, Calif. (CN) - Eighteen investment LLCs say they were taken for more than $200 million by a recidivist felon who'd already served prison time for a $5 million gold swindle. James Koenig and his cohorts face 79 criminal charges in California after swindling 1,000 investors for $200 million, allegedly to invest in tax-sheltered senior housing centers across the nation. ...read full article

$100 Million Ponzi Alleged; Leaders Vanish



MANHATTAN (CN) - A Colombian couple took $100 million from hundreds of investors in a Ponzi scam through their Florida-based company, FIT International Group, and when they were nailed for it, claimed to be distributing their remaining $12,690.74 "for the 'benefit' of creditors," a RICO class action claims in Federal Court. ...read full article

Trucking the Money Away ...



MINNEAPOLIS (CN) - Transporta, supposedly a trucking company, was just a vehicle for a $6 million Ponzi scheme, a lender claims in Hennepin County Court. The company and its Denver and/or South Carolina-based owner, Michael Casazza claimed to have government contracts, but "Transporta LLC was not a real trucking company and had no government contracts," according to the complaint. ...read full article

Scotts Valley couple suspected in three-county ID theft case



SANTA CRUZ — A simple theft report spun out into a spiderweb of illegal activity and led to the arrest of two career criminals suspected of stealing mail to forge checks and steal people's identities, the Sheriff's Office reported. ...read full article

Judicial Services Officer Charged with Identity Theft



Richland County (WLTX) -- Richland County deputies have arrested and terminated a Judicial Services Officer accused of identity theft. ...read full article

New Internet browser threat sneaks by traditional defenses


Internet browser threat 'DNS rebinding' alters nothing and is impossible to trace, researchers say


An undetectable browser exploit that bares corporate networks to attackers tops the list of the most potentially effective new attacks that have been devised by researchers seeking vulnerabilities to take advantage of, according to a study by White Hat Security. ...read full article

Iran hacks opposition Web sites, arrests cyber activists


Iranian government say sites were affiliated with US espionage networks


Iran's Islamic Revolutionary Guards Corps hacked into 29 Web sites affiliated with U.S. espionage networks, Iran's semi-official Fars News Agency reported on Sunday. ...read full article

SEC: Stocks boosted via hijacked accounts



A U.S. federal judge has agreed to freeze the assets of a company being accused of manipulating the stocks of 38 companies listed on the Nasdaq and New York Stock Exchange via compromised trading accounts, the U.S. Securities and Exchange Commission said Tuesday. ...read full article

News of Corey Haim's funeral lead to fake AV



Corey Haim's death is old news by now, but fans of the prematurely deceased teen idol are still on the lookout for information concerning his death. ...read full article

Caterers 'had access to patient files'



CATERING staff were able to access confidential patient information held on a €60m HSE record system which is being rolled out across the country. ...read full article

Caterers 'had access to patient files'



CATERING staff were able to access confidential patient information held on a €60m HSE record system which is being rolled out across the country. ...read full article

Fundraiser who vanished says he has new event



A Maryland man who vanished in January 2009 with thousands of dollars that he raised for a presidential inaugural ball for veterans that never happened — leaving sponsors, entertainers and ticketholders in the lurch — is back. ...read full article


March 16, 2010


Tax mix-up riles woman



Darlene Clifford is concerned about her financial privacy after she received someone else's RRSP tax receipt. ...read full article

'Customer data from Vodafone, Unitymedia was stolen - report'



Customer data of Vodafone Germany and German cable network operator Unitymedia have been sold on the black market by dubious call centres, according to German magazine Capital citing from the investigation files of the state prosecutor's office in Bonn. ...read full article

Arrest leads to large cache of stolen credit cards, driver's licences, computers



City police found a stash of stolen credit cards, driver’s licences, debit cards and computers when they arrested a man wanted on 141 warrants last Friday. ...read full article

Wrong T4s accidentally mailed to former staffers of MPs



OTTAWA — The House of Commons has launched an internal probe in the wake of an "administrative error" that resulted in hundreds of personal income tax forms mailed to the wrong addresses, Canwest News Service has learned. ...read full article

Anti-virus suites still can't block Google China attack



The vast majority of consumer anti-virus products are still failing to block the Operation Aurora exploits used in the high profile attack against Google and other blue-chip firms last December, according to independent tests. ...read full article

Crooks plant fake payment card terminals at multiple stores



Crooks planted bogus payment card processing terminals at multiple locations operated by the Hancock Fabrics chain store that allowed for the theft of sensitive financial data from customers, the company warned. ...read full article

Facebook users warned over stalk-my-profile scam



A bogus application that lures Facebook users by falsely offering to show who has been viewing their profile has been exposed as a scam. ...read full article

Police: Ledyard woman took USD49,000 in iPhone scam



If you want a cautionary tale about doing business with a company you don't know anything about, consider the story of a California businessman - I'll leave his name out of it - who ordered a batch of Apple iPhones last August from a liquidator who gave an address here in Ledyard. ...read full article

Curious Employee Foils Corporate Credit Card Fraud Scam



Molly treasurer at XYZ Corp. in Miami, opened an e-mail from a former colleague who no longer worked for the organization. The e-mail read: “Hi Molly, there should be a refund of $716 on my old corporate Visa card from the IP Conference. I paid for, but did not attend, the conference and did not turn in the charge to XYZ for reimbursement. Can you have Visa issue a refund check to me? Thanks very much for your help.” ...read full article

Delta: Phishing emails sent to customers



Delta Airlines issued a warning to its customers Monday warning about fraudulent emails sent out within the last 24 hours. ...read full article

Bacteria Trail Betrays Identity Of Computer Users


Raising new privacy concerns, research shows that the DNA signatures of bacteria transferred to objects by human touch can be used for identification.


...read full article

Feds arrest their first bank bailout fraud suspect



Federal authorities on Monday charged the former chief executive of a New York bank with being the first suspect to try and rip off taxpayer funds from the Troubled Asset Relief Program. ...read full article

As Family Mourns Toddler's Death, Thieves Steal Her Identity


Someone saw the drowning death of a 21-month-old child as a chance to cash in.


...read full article

State Police warns of phone calls from bogus “census takers”



Citizens of Wayne County are reminded that they should NOT under any circumstances give their personal identification such as Social Security Numbers, Date of Birth, Bank Account information, or schedule of when they will be home to any persons calling them in an unsolicited manner, said Cpl. Danny Martin, Pa. State Police- Honesdale. ...read full article


March 15, 2010


Cyber Attack Dents Body Shop



A recent cyber attack on an auto body shop resulted in the theft of more than $200,000. ...read full article

IRGC's Cyber Department Hacks 29 US-Backed Websites



The Islamic Revolution Guards Corps (IRGC) on Sunday announced that its cyber teams have hacked 29 websites affiliated with the US espionage network. ...read full article

IT contractors convicted of UK casino hack scam



A pair of UK hackers who used false betting slips in a bid to con casinos into paying out on bogus gambles were undone by greed and a schoolboy maths error, a court heard. ...read full article

IPL makes netizens easy bait to cyber criminals



New Delhi: With big-ticket sporting events like the football world cup and Commonwealth Games round the corner, Indians are more vulnerable to cyber crimes such as phishing and malware, says security protection software firm Symantec. ...read full article

Phishing attack at University of Michigan



The University of Michigan has become the target of a new type of sophisticated and malicious email attack on university email accounts. ...read full article

Cybercrime losses double in 2009



Losses from cybercrime and online scams more than doubled in 2009 to $559 million as Internet criminals used more sophisticated techniques, an FBI-led task force said on Friday. ...read full article

Royal Bank of Scotland raiders' huge £6m haul in just 12 hours



COMPUTER hackers linked to the Russian mafia robbed Royal Bank of Scotland customers of £6million in 12 hours. ...read full article

St. Louis police say computer was attacked



24 people may have had their personal information compromised following the cyber attack of one computer in the St. Louis Metropolitan Police Department, authorities said. ...read full article

New reports of data breaches


Thousands are left at risk in Mass.


A number of companies, including Boston insurance giant John Hancock Financial Services, have in recent months reported stolen laptops and other breaches of data security, potentially exposing personal information about thousands of Massachusetts residents. ...read full article

Man pleaded guilty to identity theft



A former Independent Health employee has begun a prison sentence of one and a third to four years for identity theft. ...read full article

TD Bank worker charged with fraud



A former switchboard operator for TD Bank in Mount Laurel provided customer information to accomplices who withdrew more than $200,000 from victims' accounts, federal authorities say. ...read full article

Sex offender caught after 33 years on the lam



A sex offender has been arrested after 33 years on the run, according to reports. ...read full article

State leads investigation of sheriff's deputy alleged to have taken reports, data



A Lake County Sheriff's deputy is the subject of an ongoing investigation involving the alleged theft of documents and massive amounts of protected data, surveillance of fellow deputies and allegations that he posted an investigative report on the Internet because of political motivations. ...read full article

S.Korea to probe huge online data leak



South Korea said Friday it would launch a probe into security systems of major retailer Shinsegae and 24 other companies after private data on some 20 million customers was leaked. ...read full article

Federal indictment alleges doctors aided in $1 million health fraud



Two Illinois doctors and a billing employee were indicted on federal health care fraud charges, accused of submitting false claims of more than $1 million to obtain payments from insurers for services never provided and for inflating claims for work they did perform. ...read full article


March 12, 2010


Database state breached 11 times



Home Secretary Alan Johnson has given Parliament some details on the most recent breaches of the various identity databases held by his ministry. ...read full article

TJX Hacking Conspirator Gets 4 Years



Humza Zaman, a co-conspirator in the hack of TJX and other companies, was sentenced Thursday in Boston to 46 months in prison and fined $75,000 for his role in the conspiracy. The sentence matches what prosecutors were seeking. ...read full article

Monoprice.com Shuttered After Fraud Complaints



Audio visual cabling giant monoprice.com shut down its Web site – possibly for the next couple of weeks – while it investigates the possible compromise of its customer credit and debit card information. ...read full article

Computer stolen from bank contained customer information



THEFT, WILSON MILLS ROAD: On March 1, a financial advisor at US Bank, 5154 Wilson Mills, reported a laptop missing from his desk. ...read full article

Ex-TSA worker allegedly sabotaged computer containing terrorist data



A former Transport Security Administration analyst has been indicted with trying to sabotage a computer that contained a database for screening potential terrorists who may be trying to fly in the US. ...read full article

Bank phishing profits up by 14 per cent



Online banking losses rose last year by 14%, according to the UK Cards Association, although overall losses card fraud fell. ...read full article

Rise in online fraud highlights computer security needs



Individuals need to step up their computer security efforts as online fraudsters increasingly target home users rather than larger corporations, it has been claimed. ...read full article

Sarah Palin testifying against hacker



Former Alaska Gov. Sarah Palin will testify in person next month against a college student who hacked into her e-mail account during the presidential campaign, Palin’s lawyer confirmed to POLITICO. ...read full article

India, Mexico, Brazil have most Mariposa bots



An analysis of the dismantled Mariposa botnet has revealed that it consisted of 13 million infected PCs spanning 190 countries and 31,901 cities worldwide, according to anti-virus vendor Panda Security. ...read full article

Koobface worm can double command and control servers in 48 hours



The Koobface worm, which targets social networking sites, can double the number of command and control (C&C) servers in 48 hours, says security firm Kaspersky Lab. ...read full article

USB stick blamed for DHB's virus shut-down



A USB stick inserted in a carpark booth computer at Waikato Hospital has been blamed for bringing down the district health board's computer network in December last year. ...read full article

Turkey examines PKK hacker ring



Turkish police rounded up more than 20 suspects in 13 provinces on allegations of computer hacking and ties to the outlawed Kurdistan Workers' Party. ...read full article

McAfee inadvertently speeds creation of Metaploit IE exploit pack



A security researcher has credited McAfee for helping him to develop exploit code that cracks open an unpatched flaw in older versions of Internet Explorer. ...read full article

Safari update cages numerous security bugs



Apple published an update of its Safari browser on Thursday that plugs 16 security vulnerabilities. ...read full article

SSD tools crack passwords 100 times faster



Password-cracking tools optimised to work with SSDs have achieved speeds up to 100 times quicker than previously possible. ...read full article

Drummond Group in EHR testing for the "long term"



Officials at Drummond Group, Inc., announced on the company's blog that after a "thorough review" of the recent notice of proposed rule making, it will apply this year to become an Office of the National Coordinator-Authorized Testing and Certification Body (ONC-ATCB). ...read full article

Vodafone HTC Smartphone Ships With Malware



Researchers at antivirus software vendor Panda Security are used to finding malicious code in every nook and cranny of the Internet. But this week they stumbled across something even more concerning: a colleague's new Vodafone HTC Magic smartphone was shipped with a motley assortment of malware samples, including the potent Mariposa botnet. ...read full article

Medical records found in drive-thru trash can



When a fast food worker found three folders with private information on three different people, he decided to call KENS 5. We tracked down the three men who were none too happy to find their personal information compromised. ...read full article

Financial ID theft on rise



Protecting your personal information requires more than keeping your credit card safe as savvy thieves now target businesses and organizations that have access to personal data. ...read full article

Utah State Legislature ID Law



New legislation is being introduced in the Utah State Legislature that supporters say would help protect children from identity theft. Utah Attorney General Mark Shurtleff is pushing the bill aimed at protecting the identity of Utah state children. ...read full article

Medical Records the Latest Target for ID Thieves



Health insurance is becoming a new target for identity thieves. ...read full article

SEC halts alleged Ponzi scheme targeting Ill., Calif. retirees



The U.S. Securities and Exchange Commission received an emergency court order to shut down an alleged Ponzi scheme targeting retirees in California and Illinois it says took in $20 million with only $900,000 currently in the possession of the alleged perpetrators. ...read full article

Owner of Club Kalua Arrested for Allegedly Running $2 Million Queens Mortgage Scheme



Queens County, the new hotbed of white collar crime and prosecutions, is the home of another alleged fraudulent scheme being prosecuted by the Queens County District Attorney's Office. According to a Queens County District Attorney's Office press release, Roger Arias, Martina Duran (a.k.a. Gladys Arroyo), Aldo Bussi, Ramon Gaston, and Percy Randall are alleged to have taken part in a $2 million Mortgage Fraud and Identity Theft scheme. ...read full article

ZeuS botnet code keeps getting better for criminals



New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC. ...read full article

Security industry faces attacks it cannot stop


Analysis: Today's security products not much help for advanced persistent threat attacks


...read full article

Tighter security coming for .org names



The Public Interest Registry will add an extra layer of security known as DNS Security Extensions (DNSSEC) to the .org domain in June -- a move that will protect millions of non-profit organizations and their donors from hacking attacks known as cache poisoning. ...read full article


March 11, 2010


Man charged with faking medals goes to court



HUNTSVILLE, Ala. — A 26-year-old man accused of wearing military medals he didn't earn is due in federal court in Huntsville on Thursday for arraignment. ...read full article

HSBC: Data Theft Incident Broader Than First Thought



HSBC said Thursday about 15,000 accounts of its Swiss private banking unit were compromised after an employee allegedly stole data, some of which ended up in the hands of French tax authorities. ...read full article

Former TSA analyst charged with computer tampering



IDG News Service - A U.S. Transportation Security Administration analyst has been indicted for allegedly tampering with databases used by the TSA to identify possible terrorists who may be trying to fly in the U.S. ...read full article

$20 Million Ponzi in L.A., SEC Says



LOS ANGELES (CN) - The SEC obtained an emergency order to stop a $20 million Ponzi scam that invited suckers to meetings at country clubs and banquet halls, then promised 11 percent returns on "Turkish Eurobonds," federal prosecutors say. The SEC says Francois Durmaz and Robert Pribilski preyed on retirees through USA Retirement Management Services, with offices in Irvine, Los Angeles, and Oakbrook Terrace, Ill. ...read full article

FTC Releases Agenda for Final Roundtable on Consumer Privacy



The Federal Trade Commission has released the agenda for its final roundtable on consumer privacy issues scheduled for March 17, 2010, at the FTC Conference Center, 601 New Jersey Ave,. NW Washington DC, 20001. The Roundtable is the last of three public events designed to explore the privacy challenges that are posed by technology and business practices that collect and use consumer data. The agenda, http://www.ftc.gov/bcp/workshops/privacyroundtables/index.shtm includes a panel addressing Internet architecture and privacy issues, panels focusing on health and other sensitive consumer information, and a concluding panel to discuss lessons that have been learned from all three roundtables and possible ways forward. ...read full article

Thrivent Financial Suffers Breach Of Security



A Great Lakes-based insurer says it has suffered a security breach that may have compromised sensitive client data. ...read full article

Six newly revealed breaches on HHS site



It seems that using the new HHS/OCR web site will be even more difficult to use than I anticipated, as they are sorting breach reports by the date of breach, not date that the incident was added to their site, so I have to review the entire list to see what’s been added instead of just looking for what’s new at the top of the list. ...read full article

Reader exploit prompts Adobe update alert



Malicious PDF downloads a Trojan backdoor onto systems that have not implemented the patch issued only three weeks ago ...read full article

Citibank apologizes after exposing 600,000 Social Security numbers



Read any good envelopes lately? If you did and you have criminal intent, you might have just won the identity-theft lottery. ...read full article

EU Parliament rejects secretive ACTA in vote for openness



Computerworld UK - The European Union's Parliament has approved a common resolution that calls for openness over the Anti-Counterfeiting Trade Agreement (ACTA), voting 663-to-13 vote that ACTA contradicts agreed EU laws on counterfeiting and piracy online. ...read full article

Pennsylvania's Web security officer leaves post a week after talking about PennDOT hacking incident



Last week, Pennsylvania’s chief information security officer Robert Maley was at an information security conference in San Francisco talking about a hacking incident involving PennDOT’s computers. This week, Maley is gone. ...read full article


March 10, 2010


LifeLock Will Pay $12 Million to Settle Charges by the FTC and 35 States That Identity Theft Prevention and Data Security Claims Were False



LifeLock, Inc. has agreed to pay $11 million to the Federal Trade Commission and $1 million to a group of 35 state attorneys general to settle charges that the company used false claims to promote its identity theft protection services, which it widely advertised by displaying the CEO’s Social Security number on the side of a truck.. ...read full article

VA investigating security breach of veterans' medical data



The Veterans Affairs Department's inspector general has launched a criminal investigation into a physician assistant's alleged downloading of veterans' clinical data at its Atlanta medical center, sources have told Nextgov. ...read full article

Breaches Affecting 500 or More Individuals



As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. The following breaches have been reported to the Secretary. ...read full article

Breach hits hundreds of employees



A data breach involving unauthorized access to paper records of Brown employees and their family members occurred in December, and Brown officials were notified of the breach Jan. 5, said David Sherry, chief information security officer. ...read full article

UTMB sends more letters to possible ID theft victims



One month after mailing letters to 1,200 patients whose confidential information may have been stolen in 2009, the University of Texas Medical Branch at Galveston this week sent 1,200 letters to other patients whose financial data could have been breached by the same person. ...read full article

Perceived Security vs. Real Vulnerability: Is Your Data at Risk?



Combining the benefits of automated governed and managed file transfer in one centralized, highly secure platform allows organizations the flexibility to implement more modern, efficient file transfer processes, easily add new partners, and speed up the delivery of new business services to customers. ...read full article

UK plastic fraud losses fall for first time in 3 years


Online banking losses up though


...read full article

Twitter adds filter to cut phishing lines



Twitter has tightened up security procedures in order to curtail phishing attacks against users of the micro-blogging service, which have become rampant over recent weeks. ...read full article

Suburban woman accused of using net to recruit terrorists


Feds cuff JihadJane




Fears of increased identity fraud as bankruptcy goes online



The introduction of a new online system for bankruptcy petitions has raised concerns that fraudsters may use the system for criminal activity. ...read full article

Cybersecurity program has serious defects, GAO says



Implementing the Comprehensive National Cybersecurity Initiative, a broad program intended to protect the nation’s cyber infrastructure, has been hampered by a lack of coordination and transparency, according to the Government Accountability Office. ...read full article

Phony Web Site Targets Madoff Victims, Claims $1.3B Discovered In Hideout



Victims of Bernard Madoff's Ponzi scheme are being warned of another possible scam – a suspicious Web site claiming $1.3 billion has been recovered from a Madoff hideout in Malaysia and asking investors to submit personal information to obtain their share of the money. ...read full article

Woman admits to stealing her young daughter's identitity



Misti Cope, 31, was accused of defaulting on $1,200 in payments to Duke Energy in May 2007 on an account in her then-4-year-old daughter’s name, Hamilton County court records show. ...read full article

Those seeking license renewal driven to frustration



For Charlotte Cooper, getting a renewed Florida driver's license has been a challenge to her patience as well as her pocketbook. ...read full article


March 9, 2010


Prosecutors charge trio in identity theft ring that netted $2 million



Prosecutors charged a trio of suspected identity thieves each with nearly two dozen criminal charges Monday for allegedly taking $2 million by using credit card skimming technology at gas pumps. ...read full article

Missing Hard Drive Risks ID Of 35,000 Ark. Soldiers



The Arkansas National Guard now said 35,000 current and former soldiers are at risk of identity theft because of a missing computer hard drive. ...read full article

IRS warns of e-mail scam



The Internal Revenue Service warns taxpayers that e-mail scams are circulating that fraudulently use the IRS name or logo as a lure. ...read full article

Cybercrimes expand to global brands



While financial institutions still top the phishing radar, cybercriminals are now moving beyond to top brands, with one of the recent victims being a hardware manufacturer, according to the latest Anti-Phishing Work Group report. ...read full article

Seagate identity thieves nabbed for murder



Swiping Irina Malezhik and Viktor Alekseyev’s identities wasn’t enough. Dimitry and Julia Yakovlev had to take their lives as well, federal prosecutors announced last week when they filed murder and fraud charges against the Sea Gate couple. ...read full article

Medical Identity Theft: How to Protect Yourself


Victims Say Credit Reputations Ruined by Medical Identity Thieves


...read full article

The dark side of digital ‘love’


Sometimes, the click of a mouse can be a hurtful tool in the wrong hands


...read full article

Sophisticated Minnesota fraud ring has global tentacles


Investigators say members steal ID, credit card and ATM data from banks and trash cans.


...read full article

Brother, can you spare an identity?



A South Philadelphia man pleaded guilty in federal court yesterday to stealing his brother's identity in connection with a scheme to fleece the Veterans Administration for free medical benefits at a methadone clinic. ...read full article

High School Reunion Ruin: Classmates.com Sued Over Opt-Out Privacy Setting Change



Two members of networking site Classmates.com have sued the service for allegedly violating their privacy by revising the service to make members' information more accessible to the Web at large. ...read full article

Opera confirms critical browser bug



Opera Software yesterday confirmed a critical vulnerability in its Windows desktop browser, and said it is working on a patch. ...read full article

FDIC: Hackers took more than $120M in three months



Ongoing computer scams targeting small businesses cost U.S. companies $25 million in the third quarter of 2009, according to the U.S. Federal Deposit Insurance Corporation. ...read full article

Police: Man Eyed in 2nd Calif. Teen Murder



A registered sex offender charged with murdering a teen girl last month is a focus of the investigation into the death of a 14-year-old girl whose remains were found more than a year after she disappeared near her school, police said Monday. ...read full article


March 8, 2010


IT scurries to meet e-health records deadline


Health care providers must start EHR projects before the feds finish writing the rules


Computerworld - U.S. hospitals and physicians have four years to deploy comprehensive electronic health records (EHR) systems if they hope to snag some of the billions of dollars the federal government has earmarked to reimburse them for the work. ...read full article

USB battery charger installs Trojan



The software that shows to which extent the battery is charged through the Energizer DUO USB recharger comes bundled up with a Trojan, says US CERT. ...read full article

Is chasing cybercrooks worth it?



(CNN) -- This week's arrests of three men in connection with one of the world's largest computer-virus networks may seem like great news -- perhaps even a sign authorities are starting to win the war against cyberthieves. ...read full article

Thailand approves credit card hacker's extradition to US



IDG News Service - A Thai court has approved the extradition to the U.S. of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the U.S. ...read full article

Zuckerberg hacked into journalists' email?



The renowned Facebook co-founder has been accused three years ago of stealing the source code and the business plan for the social network from some Harvard colleagues and for sabotaging their efforts by delaying the development of their site so that Facebook could be the first one to see the light. ...read full article

Phishers Targeting More Online Brands



The latest survey by the Anti Phishing Working Group shows that organized phishing syndicates are working all the angles to get their hands on the most valuable data. ...read full article

Spear phishing aimed at high-value targets increases



Spear phishing aimed at high-value targets increases. The Anti-Phishing Working Group (APWG) released its Q4, 2009 Phishing Activity Trends Report, which reveals that eCrime syndicates are expanding the base of brands they exploit for online fraud far beyond major financial institutions and online merchants, with the number of hijacked brands reaching a record 356 in October, up nearly 4.4 percent from the previous record of 341 in August 2009. ...read full article

Police get Webcam pictures in school spy case



Two IT employees at Pennsylvania's Lower Merion School District have been put on administrative leave, and pictures taken from Webcams on school-issued computers have been turned over to the local police department, according to the attorney of one of the employees now on leave. ...read full article

Shands notifies 12,500 patients that data at risk



Shands HealthCare has notified about 12,500 patients that a laptop containing their medical information was stolen in January. ...read full article

UWMC patient financial information compromised



In early February, an employee of the National Collection Office (NCO) Financial Systems Inc., a debt-collection agency that UW Medicine contracts with, violated security and compromised at least 50 confirmed contacts, and as many as 80 more are being investigated. ...read full article

Argos exposes customers' credit-card numbers in emails



High street retailer Argos has compromised its customers' security by sending their credit-card details - including the vital security code - in unencrypted emails. ...read full article

UT Southwestern alerts patients of possible identity theft



The University of Texas Southwestern Medical Center is advising 12,000 patients to guard against fraud after a former employee was found in possession of a limited amount of patient billing data. ...read full article

Westin hotel in LA reports possible data breach



IDG News Service - People who stayed at the Westin Bonaventure Hotel & Suites in Los Angeles last year and used their credit or debit card to eat there should keep a close eye on their bank statements. ...read full article

Internet hit by wave of ransom malware



Criminals re-used an attack from 2008 to hit the Internet with a huge wave of ransomware in recent weeks, a security company has reported. ...read full article

US citizen a key player in alleged Italian telecom fraud



IDG News Service - An apparently well-connected Soviet-born U.S. citizen has emerged as a key player in a massive Italian telecom fraud, according to court documents and published reports. ...read full article

Feds indict couple again in theft, sale of patients' data



Last year, they were charged with running a racket to pilfer patient records from Jackson Memorial Hospital to sell to lawyers for personal-injury claims. ...read full article

Biometric answer to ID fraud has limits: expert



(Reuters) - The advent of the electronic frontier will limit the kind of identity fraud perpetrated by the killers of a Hamas commander in Dubai but will not eradicate the practice entirely, a border security expert says. ...read full article

Fake drug peddlers hijack academic websites



Legal sites are often compromised and used as a stepping stone through which the user is taken to a malicious site. ...read full article

Security and Privacy? Forget About It



Securing the United States' digital infrastructure against foreign and domestic cyberattacks could mean less privacy for Internet users. Security experts are debating just how far the government should be allowed to snoop -- or whether private enterprises, not government agencies, should be the ones doing the snooping in the first place. ...read full article

Paypal freezes Cryptome



eBay Inc has suspended Cryptome's PayPal account, confiscating donations made to the site in the past two weeks. New York architect John Young has refunded around $5,300 to donors. ...read full article

Four Indicted in $25 Million Scheme Defrauding and Hacking Ticketmaster, Tickets.com, and Other Ticket Vendors



Three men who used fraud, deceit, and computer hacking to make more than $25 million by acquiring and reselling more than 1.5 million of the most coveted tickets to concerts, sporting events, and live entertainment throughout the United States surrendered to federal authorities this morning after being charged in an Indictment, U.S. Attorney Paul J. Fishman announced. ...read full article

E-Verify misses half of illegal workers, can't detect fraud, research company says



The system that Congress and the Obama administration want employers to use to help curb illegal immigration is failing to catch more than half of the unauthorized workers it checks, a research company has found. ...read full article

S. Florida couple accused of stealing, selling patient info — again



Last year, they were charged with running a racket to pilfer patient records from Jackson Memorial Hospital to sell to lawyers for personal-injury claims. ...read full article

FBI Warns Brewing Cyberwar May Have Same Impact as 'Well-Placed Bomb'



NATO and America's European allies are sounding the alarm over what they say are increased cyber attacks originating from China that are targeting key government and intelligence computers. ...read full article

Rai$ing the dead in Medicaid 'rip-offs'



Paging Dr. Frankenstein. A massive state audit claims that health-care providers billed Medicaid for services provided to 287 dead patients. ...read full article


March 5, 2010


FBI embeds cyber-investigators in Ukraine, Estonia



IDG News Service - Hoping to catch cybercrooks, the FBI has begun embedding agents with law enforcement agencies in Estonia, the Ukraine and the Netherlands. ...read full article

Class Says Internet Dating Site Loots Their Address Books



LOS ANGELES (CN) - Internet dating site WooMe.com loots email address books and uses them to solicit new members with viral email that makes it appear the messages come from friends, according to a federal class action. The class claims that Irvine-based WooMe promises it will not use their personal email information, but uses licensed software to copy their "entire email address book ... to send its solicitation emails to all the users' contacts who are not WooMe subscribers." ...read full article

Cloud security, cyber war loom over RSA Conference


Trusting corporate data to the cloud is a risk to be dealt with, experts say


SAN FRANSISCO -- Cloud security loomed over the RSA Conference this week as a major concern of business, but worry about the threat of cyber war was also strong, with officials from the White House and FBI weighing in to encourage private participation in government efforts to defend information and communications networks. ...read full article

FBI Director: Hackers have corrupted valuable data


Robert Mueller called the attacks a threat to the nation's security


IDG News Service - Hackers breaking into businesses and government agencies with targeted attacks have not only stolen intellectual property, in some cases they have corrupted data too, the head of the U.S. Federal Bureau of Investigation said Thursday. ...read full article

Miami Couple Accused of $135 Million Ponzi Scheme


Business owners allegedly targeted investors at charitable and religious gatherings and at social functions in their home, according to the SEC


The Securities and Exchange Commission on Wednesday charged a prominent Miami-based business leader and his wife with fraud, alleging they conducted a $135 million Ponzi scheme involving real estate investments from hundreds of elderly Cuban-American investors living in South Florida. ...read full article

Purcell lawyers in complaint over data breach


Lawyers for the ex-boss of Glasgow City Council say claims in a newspaper relating to his health were leaked by former colleagues.


The complaint relates to reports in The Scotsman newspaper, which claimed Mr Purcell's in-house team of advisers were about to reveal the reasons behind his sudden departure as head of Scotland's largest local authority. ...read full article

How Koobface has evolved to stay a step ahead



The Koobface worm is a case study of how swiftly cybercriminals react to emerging trends. Koobface first appeared in the fall of 2008 just as social networks were getting hot. Its creators initially sent Facebook users friendly messages asking them to click on a link to see a video. ...read full article

Cyber Threats Pit Privacy Versus Security



Security experts are torn between just how far the government and the private sector should go to protect critical data from cyber criminals without violating individual rights. ...read full article

ICO urges data protection



A report urging organisations to put a value on personal information and invest in privacy protection was released by the Information Commissioner's Office this week. ...read full article

Prosecutors: ID theft case takes deadly turn



New York (CNN) -- An identity theft case involving a Brooklyn couple has taken a more serious turn, according to federal prosecutors. ...read full article


March 4, 2010


DoD to reduce use of Social Security numbers



The Defense Department is preparing to launch a military wide effort to reduce the use of Social Security numbers to lower the chances of identity theft for military and civilian workers and contractors. ...read full article

Tracing attack source key to cybersecurity strategy, Chertoff says


Former DHS chief talks of difficulties in creating a national deterrence plan


Computerworld - SAN FRANCISCO -- The difficult task of identifying the true sources of cyber attacks remains one of the biggest challenges in the development of a national cybersecurity strategy, former Department of Homeland Security Secretary Michael Chertoff told Computerworld in an interview at the RSA Security conference here today. ...read full article

Maine Bill Would Restrict Birth, Marriage Records



AUGUSTA, Maine (AP) ? Maine lawmakers heard arguments Wednesday for a bill that would restrict the release of birth and marriage records as a way to combat fraud and identity theft. ...read full article

Israeli raid called off after Facebook slip



JERUSALEM — The Israeli military says a planned raid on a West Bank village was called off after an Israeli soldier disclosed its details online. ...read full article

Tweet this: Social network security is risky business


Panel discussions at RSA focus on a more social attack vector


Computerworld - SAN FRANCISCO -- Businesses are still trying to figure out what to make of social networking. The knee-jerk impulse at some companies is to ban its use because it's insecure and seen as unproductive, while at others it's viewed as, in fact, the way a lot of people now get work done. ...read full article

Credit Repair Scammers Settle FTC Charges



A credit repair company that falsely claimed it would help boost consumers’ credit ratings will settle Federal Trade Commission charges filed last year as part of “Operation Clean Sweep,” a federal-state crackdown on credit repair scams. ...read full article

New BlackEnergy Trojan Targeting Russian, Ukrainian Banks


Botnet lets attackers steal online banking credentials and DDoS Russian and Ukrainian banks


SAN FRANCISCO -- RSA Conference 2010 -- Russian hackers have written a more sophisticated version of the infamous BlackEnergy Trojan associated with the 2008 cyberattacks against Georgia that now targets Russian and Ukrainian online banking customers. ...read full article

Financial Services Firms Ripe for Data Attacks


Study finds porous data protection policies and technologies are putting millions of customers -- and their assets -- at risk.


Sloppy operating practices across the financial services sector leave firms vulnerable to breaches that could expose sensitive data or put customers' and employees' privacy at risk, according to a new study from the Ponemon Institute. ...read full article

Feds weigh expansion of Internet monitoring



SAN FRANCISCO--Homeland Security and the National Security Agency may be taking a closer look at Internet communications in the future. ...read full article

RSA authentication weakness discovered



The most common digital security technique used to protect both media copyright and Internet communications has a major weakness, University of Michigan computer scientists have discovered. ...read full article

Monster botnet held 800,000 people's details


Fourth zombie admin could be in South America


The Mariposa botnet had the power to dwarf Georgia and Estonia cyberattacks if it had been used to launch denial of service attacks, say Spanish police. ...read full article

eBay scammer gets four years



The leader of a UK-based gang who made millions selling counterfeit luxury golf kit and other knock-off goods through auction site eBay has been jailed for four years. ...read full article

Data mining


Doctors ease into electronic records; barriers to braodband expansion; and the decade's biggest data losses


Physician offices have increased their use of electronic health records by 9.7 percent in the past year, according to a survey by research firm SK&A. In the United States, 36.1 percent of medical offices now use EHRs, compared with 32.9 percent a year ago. ...read full article

Hacking human gullibility with social penetration



Security penetration testers Mike Bailey and Mike Murray rely plenty on attacks that exploit weaknesses in websites and servers, but their approach is better summed up by the famous phrase "There's a sucker born every minute". ...read full article


March 3, 2010


RSA 2010: identity management key to cloud security, says Microsoft’s Scott Charney



Identity is important on the internet, but this is amplified in the cloud, says Scott Charney, corporate vice-president of Microsoft's Trustworthy Computing Group. ...read full article

Medical identity theft strikes 5.8% of U.S. adults



Network World - Identity thieves are not only interested in tapping financial resources, but are also after your medical identification data and services. ...read full article

Nonprofit Says it Was Scammed for $2M



(CN) - An Ohio-based Ponzi scammer used his businesses, Money Market Alternative and Hybrid Money Market Management, to bilk a Swedish nonprofit of nearly $2 million, the Vasa Order of America claims in Cuyahoga County Court, Cleveland. The Akron Beacon-Journal reported that previous lawsuits accused lead defendant Enrique Villalba of taking as much as $18 million in the Ponzi scam. ...read full article

Spanish police take down massive Mariposa botnet



IDG News Service - Spanish authorities have arrested three men in an operation that has crushed a major botnet network of infected computers. ...read full article

Ponemon Study: Voice Calls May Be At Risk


83 percent of companies do not train users on the dangers of using cell phones in high risk areas, survey says


SAN FRANCSICO -- RSA Conference 2010 -- A survey released today by the Ponemon Institute suggests that large and medium businesses are putting themselves at risk of cell phone voice call interception. ...read full article

Microsoft exec suggests Internet tax to pay for cyber security


Charney equates infected PCs with infected people, and suggests the equivalent of quarantines to stop malware from spreading


How will we ever get a leg up on hackers who are infecting computers worldwide? Microsoft's security chief laid out several suggestions Tuesday, including a possible Internet usage tax to pay for the inspection and quarantine of machines. Today most hacked PCs run Microsoft's Windows operating system, and the company has invested millions in trying to fight the problem. ...read full article

Man swallows flash drive, charged with obstruction



Think of the worst thing you have ever swallowed. Haggis, perhaps? Maybe pig's ear? Arguments you have swallowed don't count. You see, I want to get you into the appropriate mood for the story of Florin Necula. Necula seems to have gotten himself into a bothersome situation with the upstanding members of our Secret Service. ...read full article

Debt Collectors Will Pay More Than $1 Million to Settle FTC Charges


Claimed Debts Were Owed Despite Consumers’ Disputes


A nationwide debt collector has agreed to pay a civil fine of more than $1 million to settle Federal Trade Commission charges that it violated federal law by inaccurately reporting credit information and pressing consumers to pay debts they often did not owe. ...read full article

White House Offers Glimpse of Cybersecurity Program



The White House yesterday released a newly declassified description of the Comprehensive National Cybersecurity Initiative (CNCI), a highly classified program that is intended to protect U.S. government computer networks against intrusion and disruption. ...read full article

'Shoulder surfing' latest way identity thieves target you



TEMPE, AZ -- You could be a victim of identity theft and never know it. ...read full article

File-Sharing Software Potential Threat to Health Privacy



The personal health and financial information stored in thousands of North American home computers may be vulnerable to theft through file-sharing software, according to a research study published online in the Journal of the American Medical Informatics Association. ...read full article

ER worker accused of stealing dying man’s credit cards



This is not the first time we’ve heard about hospital workers stealing dying patients’ credit cards or information, but it is nonetheless distressing. Candice Ferrette reports on a case at Westchester Medical Center in NY, where a patient care technician in the emergency room has been accused of stealing credit cards from a dying plane crash victim and then going on a high-end spending spree. The theft was not the first incident in which the technician was involved, it seems. He was also accused of stealing a credit card from another emergency room patient in October. ...read full article

Lawsuit filed against Elgin clinic over P2P breach



Officials from a local medical clinic remained silent Monday about claims they allowed sensitive information on AIDS patients to be leaked. ...read full article

Woman charged with stealing patients' identities



Detectives have arrested a West Palm Beach-area woman, accusing her of stealing personal information of diabetes patients. ...read full article

Zombie tactics threaten to poison honeypots



Innovations in botnet technology threaten the usefulness of honeypots, one of the main ways to study how bot herders control networks of zombie PCs. ...read full article

BMA branch opposes fast rollout of summary e-records



A branch of the British Medical Association has issued a statement supporting the concerns of doctors who are reluctant to allow patient records to be uploaded to a central database as part of the £12.7bn NHS IT scheme NPfIT. ...read full article


March 2, 2010


Data theft creates notification nightmare for BlueCross



IDG News Service - A break-in one evening last October at a shopping mall in Chattanooga, Tennessee, is proving expensive for BlueCross BlueShield of Tennessee. ...read full article

Four indicted for $25M online ticket fraud scheme


Wiseguy Tickets allegedly hacks its way to Springsteen, Rose Bowl, Broadway tickets


Computerworld - Four men have been indicted for illegally buying and reselling tickets to major concerts, a Rose Bowl game and tapings of the television show Dancing with the Stars. ...read full article

Microsoft: Don't Press F1 Key in Windows XP



Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE). ...read full article

Court rules anti-terror data storage illegal



In a victory for privacy advocates, Germany’s highest court on Tuesday knocked down an anti-terrorism law that allows authorities to store all phone and internet records of private citizens. ...read full article

Former Bank Vice President Sentenced for Fraudulently Transferring Money from Clients’ Accounts


Made 21 Fraudulent Wire Transfers in Seven Months Totaling $226,000


BALTIMORE, MD—U.S. District Judge J. Frederick Motz sentenced Andrew Rosenfeld, age 39, of Ellicott City, Maryland, today to one year and a day followed by five years of supervised release for conspiracy to commit bank fraud. Judge Motz also ordered that Rosenfeld pay restitution of $226,000. ...read full article

Spam disguised as spam notification



In their constant battle against anti-spam filters, spammers have recently started to camouflage their messages as spam quarantine notifications. ...read full article

Botnets cause surge in February spam



Spam now accounts for close to 90 percent of all e-mail worldwide due to a surge in February, according to Symantec. ...read full article

PS3 console errors fixed, leap year bug to blame



Reports are still scattered, but after testing our own PS3, it appears the global 8001050F error that left most non-Slim PS3 consoles essentially unplayable seems to be fixed. We're guessing this issue was corrected on the server side of things, as there was no update or download required; our console just worked. ...read full article

Top 7 threats to cloud computing



The Cloud Security Alliance and HP have presented today new research findings that detail the potential threats linked to the use of cloud services. ...read full article

Industrialized Cyberattacks Infect Educational Servers Worldwide


Imperva report warns that hackers have become industrialized and represent an exponentially increased threat to individuals, organizations and government


REDWOOD SHORES, CALIF., "March 1, 2010" Imperva, the data security leader, today released a new report warning that hackers have become industrialized and represent an exponentially increased threat to individuals, organizations and Government. Imperva's report says the emerging industrialization of hacking parallels the way in which the 19th century revolution advanced methods and accelerated assembly from single to mass production. The result is that today's cybercrime industry has transformed and automated itself to improve efficiency, scalability and profitability. ...read full article

One quarter of Germans fine with microchip skin implant



It sounds like something from a creepy science-fiction film, but a poll published on Monday showed one in four Germans would be happy to have a microchip implanted in their body if they derived concrete benefits from it. ...read full article

Chelsea King's Disappearance: Who Is Watching California's Sex Offenders?


Investigators Searching California Coastline After Finding Piece of King's Clothing


Chelsea King's family is holding out dwindling hope that their bright-eyed daughter will one day return home, but the growing link between the missing San Diego-area teenager and a known child molester has raised questions about why he was allowed on the street. ...read full article

Lockheed seeks to predict cybersecurity threats



GAITHERSBURG, Maryland (Reuters) - Lockheed Martin Corp, the No. 1 information technology provider to the U.S. government, is working hard to better predict and protect against increasingly sophisticated and stealthy cyber attacks. ...read full article

Medical Files Left in Recycle Bins



A visit to the doctor’s office is supposed to make you feel better, from a sore throat to wheezing and coughing. But some patients are now feeling sick to their stomachs after FOX 5 uncovered a serious threat to their privacy. ...read full article

Old Brit Faces Long Term for Fraud



LOS ANGELES (CN) - A 65-year-old British man faces up to 170 years in federal prison for bilking investors of $7.3 million and spending the money on a high-priced home and a Land Rover. A jury took just 20 minutes to find him guilty after a 2-week trial, the U.S. Attorney's Office said. ...read full article

Police: Little Falls woman stole identity



LITTLE FALLS — A Little Falls woman was charged with stealing someone’s identity in connection with theft allegations, according to city police. ...read full article

Police: Fake bridal show signs up thousands


Authorities say around 6,000 people and vendors signed up for the scam


BOSTON - Scammers set up a Web site advertising a fake bridal show billed as the "biggest and most extravagant" and used it to steal from thousands of brides-to-be and their vendors, who were lured by chances to win "fabulous gifts and prizes," police and FBI experts said Monday. ...read full article

Ethical considerations in P2P research



Michael Zimmer has recently raised ethical questions about research utilizing publicly available information from sites such as Facebook and Twitter. Similarly, ethical questions have also been raised by a group of researchers who investigated exposure of personal financial information and personal health information on peer-to-peer or file-sharing networks. ...read full article


March 1, 2010


More than 100 companies targeted by Google hackers



IDG News Service - The hackers who broke into Google two months ago have gone after more than 100 companies, according to an estimate by security vendor Isec Partners. ...read full article

Student Fined $27,750 for Sharing 37 Songs



(CN) - The 5th Circuit ordered a college student to pay $27,750 for illegally sharing 37 copyrighted songs on a peer-to-peer file-sharing network. The court rejected the former high-school cheerleader's claim that she was "too young and too naïve" to understand that CD copyrights applied to downloaded music. ...read full article

58 percent of software vulnerable to security breaches



Veracode released a "State of Software Security" report detailing vulnerabilities found in software that large organizations rely on for business critical processes, which finds that more than half of the nearly 1,600 internally developed, open source, outsourced, and commercial applications analyzed when first submitted contained vulnerabilities similar to those exploited in the recent cyber attacks on Google, the U.S. Department of Defense, and others. ...read full article

Microsoft to target other botnets with legal weapon


Acknowledges it's too soon to judge its fight against Waledac bots


Computerworld - Microsoft has several other botnets in its crosshairs, and believes it can use the same legal tactic against them that it deployed last week to strike at the Waledac botnet's command-and-control centers. ...read full article

Kate Middleton set for £10,000 privacy victory



KATE MIDDLETON, the girlfriend of Prince William, is set to win a controversial claim for alleged invasion of her privacy. ...read full article

Beware of fake Security Essentials software



Microsoft has warned users to be wary of sites promoting fake versions of its free Security Essentials anti-malware software. ...read full article

DarkMarket credit card fraudster jailed for five years



The man who set up DarkMarket, an online supermarket for credit card fraudsters, has been jailed for almost five years. ...read full article

FTC to Appeal Ruling in 'Red Flags' Case



The Federal Trade Commission will appeal a ruling from October that stripped the agency of its authority to enforce new anti-fraud rules against lawyers. ...read full article

Payment Processing CEO Banned from the Business; Company Illegally Debited Millions from Consumers’ Bank Accounts



The chief executive officer of a payment processing company will be banned from the business as part of a settlement resolving Federal Trade Commission charges that the company illegally debited millions of dollars in bogus charges from consumers’ bank accounts. ...read full article

Hacker posts risque First Direct tweet



First Direct's Twitter account has been hacked by a spammer who used it to post a link to an adult sex site. ...read full article

Cyber warriors gather as online battles rage



US national security leaders and top cyber warriors from around the world are gathering here to plot defenses against criminals and spies that increasingly plague the Internet. ...read full article

To Catch a Thief on Facebook



Khayree Billingslea, 19, a freshman at Arizona State University, was given an unpleasant surprise when police showed up at his honors dorm room, handcuffed him and escorted him out of the building. ...read full article

Britney Spears’ Attorneys Worried About Personal Leaks



Britney Spears’ conservatorship attorneys, Geraldine Wyle and Jeryll Cohen, are worried that personal and medical information will leak out into the media unless it’s put under legal lock and key – and have taken steps to do just that. ...read full article

4 more healthcare breaches from 2009



Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009. Some of the breaches described in the notifications were reported in the media at the time, but I spotted a number of previously unknown breaches from the healthcare sector or reports that either update us or provide additional information that may be of interest. ...read full article

Talking Bots with Japan’s ‘Cyber Clean Center’



I’ve grown fascinated over the years with various efforts by Internet service providers to crack down on the menace from botnets, large groupings of hacked PCs that computer criminals remotely control for a variety of purposes, from spamming to hosting malicious software and attacking others online. Indeed, botnets problem have become such a global menace that entire countries are now developing anti-botnet programs in collaboration with domestic ISPs. ...read full article


 

Contact Information

Center for Identity Management and
Information Protection
Dr. Donald Rebovich,
Executive Director
315.792.3231
drebovich@utica.edu
Utica College
1600 Burrstone Road
Utica, NY 13502