CIMIP - Center for Identity Management and Information Protection

June 2012 News Archive



June 29, 2012


Scammers Improve National Lottery Commission Scam, Experts Find



Experts have found a new variant of the classic National Lottery Commission scam and, as it turns out, those who send them have put some effort into making them more legitimate-looking. ...read full article

Texas Cancer Center Alerts Patients to Personal Data Theft -- Almost Two Months Later



A University of Texas cancer center today began notifying almost 30,000 patients that their personal data was stolen after someone swiped an unencypted laptop from a physician's home almost two months ago. ...read full article

Dutch government unprepared for SSL hack, report says


Government bodies depend too much on IT departments when it comes to the acquisition of SSL-certificates, says Safety Board


IDG News Service - The Dutch government was unprepared to handle an SSL hack that caused the its communication infrastructure to be vulnerable for months, the Dutch Safety Board said in a report on Thursday. Because the government was unable to replace the certificates immediately, citizen and company data was left unsecured, the board said. ...read full article

U.S. and Canada Announce the Release of the Beyond the Border: Statement of Privacy Principles



WASHINGTON—The United States and Canada today announced they are delivering on key commitments under the U.S.-Canada Beyond the Border Action Plan by releasing a joint Statement of Privacy Principles. These principles reflect the commitment of the United States and Canada to protecting privacy, and underscore the importance of information sharing to the security of both nations. ...read full article

FBI Takedown Won't Curb Card Fraud


The Real Problem is Malware and Outdated Payments Tech


In the wake of what federal authorities have called the biggest international carding-crime takedown in history, industry experts say the bust, while positive, won't have any long-term impact on card fraud. ...read full article

'Evil' hacker gets two and a half years in the slammer


cyber crime motivated by ego and unemployment


Australia’s most notorious country town, truck driving, cyber criminal David ‘Evil’ Cecil has been handed a two-and-a-half year prison sentence after being arrested nearly a year ago. ...read full article

Automated robbery: how card skimmers (still) steal millions from banks


Skimming costs less than ever, but a new generation of credit cards might stop it.


In January 2011, a pair of Bulgarian-born Canadians named Nikolai Ivanov and Dimitar Stamatov took a road trip from their home in Quebec to New York City. Their five-day visit to Manhattan’s East Village and Astor Place wasn’t your typical tourist trek, though; instead of Statue of Liberty souvenirs, the pair collected the card data and personal identification numbers for over 1,100 ATM cards. Ivanov and Stamatov were "skimmers." ...read full article

Witness in Identity Theft and Tax Trial Sentenced in Alabama to 15 Months in Prison for Perjury and Lying to a Federal Agent



Nacretia Lewis was sentenced today to 15 months in federal prison for perjury and lying to a federal agent, the Justice Department and Internal Revenue Service (IRS) announced. She was also ordered to serve one year of supervised release following her release from prison. ...read full article

Colton police make arrest in identity theft case



COLTON - police reported the arrest of a suspect in an identity theft case after officers reportedly discovered evidence at a residence. ...read full article

Congress Probes Tax Prep Fraud and Identity Theft



The House Judiciary Committee’s Crime Subcommittee held a hearing Thursday on the growing problem of identity theft and income tax preparation fraud. ...read full article

Teens take risk of identity theft when they order fake IDs from China



A fake driver's license made in China works as well as the real thing. ...read full article

4 face healthcare fraud, identity theft charges



McALLEN — Four people tied to a defunct Pharr durable medical equipment supplier face charges in a 22-count indictment that they tallied millions in fraudulent bills paid for medical equipment that on some occasions was supposedly delivered to patients who were dead. ...read full article

Two Norwalk realtors slammed with 102 Felony Counts of Grand Theft, Identity Theft



Two Norwalk real estate agents have been arrested on 102-felony counts of grand theft and criminal fraud on Thursday afternoon. ...read full article

Scholarly woman pleads not guilty to stalking ex, identity theft



This Stanford graduate might have been better off at a school of higher yearning. ...read full article


June 28, 2012


Medical identity theft: Not just a financial problem



The Experian/Ponemon study on medical identity theft, released on June 26, found that half of the 757 interviewed victims knew the person who used their medical identity. In fact some had allowed the second person to use their medical insurance card for treatment, healthcare products or pharmaceuticals without realizing the consequences. This might account for the 45 percent of respondents that actually paid the healthcare provider or insurer for services obtained by the thief. ...read full article

Identity Theft Suspect Nabbed $40K: Police


26-year-old Christopher Polley was charged with multiple counts Source: Identity Theft Suspect Nabbed $40K: Police


Police arrested a 26-year-old man on Wednesday morning for allegedly stealing $40,000 from members of a local fitness club. ...read full article

Identity Theft Suspect Arrested



On June 26, 2012, detectives from the San Diego Police Department Economic Crimes Unit initiated a search warrant at 1632 Monmouth Drive, in the Pacific Beach area. While at the residence, detectives contacted and arrested Christopher Polley, 26, for two counts of identity theft, possession of a controlled substance, possession of over ten personal profiles and theft-related charges. During the execution of the search warrant, numerous items and membership applications from the Wave House Athletic Club were discovered linking Polley to the crimes. ...read full article

Cyber thieves trapped by FBI sting



On June 26 the U.S. Justice Department released documents from “Operation Card Shop,” a two-year international cybercrime investigation and sting. It resulted in the arrest of 26 people including one from the San Diego area. Among other crimes the cyber thieves are accused of trafficking more than 411,000 stolen credit and debit card accounts. ...read full article

Darby Woman Charged With Conspiracy, Identify Theft Following Tax Scam Dating Back To 2009



DARBY, Pa. (CBS) - A Darby woman is charged with selling the identities of children in a tax scam that stretched back to 2009. That’s the finding of a federal grand jury, in what’s called a ‘superseding indictment.’ ...read full article

FTC Takes On Wyndham For Security Lapses


Lawsuit alleges deceptive practice in privacy policy following three breaches in two years


In another sign that it is cracking down heavily on businesses that put consumer privacy at risk by failing to protect their sensitive data, the Federal Trade Commission (FTC) launched a lawsuit against hospitality company Wyndham Worldwide. The FTC accuses Wyndham of deceptive practices in the claims it made in its privacy, using three different breaches Wyndham suffered in the course of two years as evidence of failure to live up to promises to protect customer information. ...read full article

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks



The Zemra DDoS Bot is currently sold in various forums for about 100 € and detected by Symantec as Backdoor.Zemra. Zemra first appeared on underground forums in May 2012. ...read full article

London Olympics-Themed Spam: Prize Notifications, Awards and Visa Lotteries



As the London 2012 Olympics approach the numbers of spam messages and malicious operations launched by cybercriminals grow. Experts have come across at least three new scam versions that currently make the rounds. ...read full article

The Tale of an Accused Hacker


What a Suspect in a Fraud Scheme Told an Undercover Cop


Jarand Moen Romtveit thought John Leo Jr. was the site administrator of a carding forum when the accused 25-year-old hacker from Norway shared his computer screen with the FBI undercover agent last Feb. 9 to demonstrate a program he claimed to have developed to decrypt databases. ...read full article

Assange's Asylum In The Balance, Researcher Warns Ecuador's Deliberations Are Vulnerable To Online Snooping



With Wikileaks founder Julian Assange anxiously awaiting word from the government of Ecuador on his request for political asylum, a security researcher warns that the country's Ministry of Foreign Affairs, which is handling the Assange asylum request, is using a video conferencing system that is vulnerable to online snooping. ...read full article

New Zealand judge rules Megaupload search warrants were illegal


New Zealand police violated the law by allowing the FBI to send copies of seized data to the U.S.


IDG News Service - Warrants used to seize external hard drives, laptops and phones from Megaupload founder Kim Dotcom's mansion in January are illegal, a New Zealand High Court judge ruled on Thursday. ...read full article


June 27, 2012


24 arrested in international online 'carding' crackdown


Operation called the largest coordinated action against operations that traffic in stolen credit card, financial information


Computerworld - A total of 24 people from 13 countries, including 11 from the United States, were arrested on Tuesday on charges related to the theft and misuse of credit card data, bank account information and other financial data. ...read full article

Fallen Soldier’s Picture Used In Scam



An Oregon father was angered to find an image of his son, a fallen soldier, had been posted on Craigslist as part of a scam to collect money for a fictitious wounded soldier. ...read full article

New Fraud Ring 'Operation High Roller' Targets the Rich



A recent fraud ring through which attackers raided high-value bank accounts, nicknamed Operation High Roller (.PDF), employed attacks that were quick, required no human interaction and have already affected several tiers of credit unions, regional banks and large global banks, over the last several months. ...read full article

Analysis of Leaked eHarmony Passwords: 10,000 of Them Full of “Love”



Trustwave researchers have analyzed the 1.5 million passwords leaked by hackers after compromising eHarmony’s database. The results are in and they’re certainly interesting. ...read full article

FTC Sues Hotel Chain for Card Breaches


Banks Should be Concerned About Card Fraud, Phishing


The Federal Trade Commission has filed a suit against the hotel chain Wyndham Worldwide Corp. and three of its subsidiaries in connection with three security breaches that exposed stored card details for nearly 670,000 accounts. ...read full article

LulzSec duo plead guilty to DDoS against CIA



Two members of the computer hacking group LulzSec pleaded guilty to launching distributed denial-of-service (DDoS) attacks against the Serious Organised Crime Agency (SOCA) in the United Kingdom and the Central Intelligence Agency (CIA) in the United States. ...read full article

New Forensics Method May Nab Insider Thieves


Black Hat presentation features a new methodology that has already produced real-world results


One of the biggest challenges of forensics investigations into insider theft is that the markers computer forensics investigators use to detect most attacks are typically not present in insider cases where an employee or other authorized user has legitimate access to sensitive data. Next month at Black Hat USA in Las Vegas, a presenter will bring forward a new methodology that compares normal file access patterns against patterns present when files are copied to detect when insiders have copied data inappropriately. ...read full article

RSA SecurIDs Get Cracked In 13 Minutes



Major corporations, government agencies, and small businesses all hand out RSA SecurID fob keychains to employees so that they can log in to their systems for security reasons and If you’re used to seeing a device like this on a daily basis, you probably assume that it’s a vital security measure to keep your employer’s networks and data secure. A team of computer scientists beg to differ, however, because they’ve cracked the encryption it uses wide open. ...read full article

Anonymous turns ire on Japan after anti-piracy law passes


Key sites get a good DDoS-ing


It was only a matter of time – hacktivist group Anonymous has taken aim at the web sites of political parties and government departments in Japan in retaliation for a tough new anti-piracy bill passed last week. ...read full article

The 'great airline ticket giveaway' that just won't go away



The letter warned the recipient that she still hadn't responded to that great offer from "US Airlines" of two free airline tickets, and time was running out. Call the toll-free number now! it urged. ...read full article

Warning: Burglars read the obituaries, too



Losing a loved one is painful enough. Imagine the horror of coming home from the funeral to find your home burglarized. ...read full article


June 26, 2012


More people aware of medical identity theft but do little to protect themselves from it



COSTA MESA, Calif., June 26, 2012 /PRNewswire via COMTEX/ -- Medical identity theft is a crime of opportunity that can strike close to home. In fact, according to the Ponemon Institute®'s "Third Annual National Study on Medical Identity Theft(1)," commissioned by Experian's ProtectMyID®, half of all survey respondents indicate that they know the person responsible for stealing their identity. Further, more respondents (increased by 5 percent from 2011), reported they actually permitted family members to use their personal identification to obtain medical services including treatment, healthcare products or pharmaceuticals. ...read full article

Towards Employment warns clients of data breach, possible identity theft



CLEVELAND, Ohio -- Towards Employment, a Cleveland non-profit agency that has helped more than 100,000 low-income residents and ex-convicts find jobs over the past 36 years, is warning its clients that they are at risk for identity theft. ...read full article

Identity thieves target disabled woman while she was at hospital



MUKILTEO, Wash. — Everett police have broken up what they say was a major identity theft ring that victimized at least 64 people, including a disabled Mukilteo woman whose home was burglarized while she was at the hospital. ...read full article

Identity Theft Suspect Behind Bars in Bulloch County



An investigation into a case of identity and check fraud started with a traffic stop in May. ...read full article

California attorneys at risk of identity fraud



When a person uses the identity of an attorney to defraud the public, more than one person is hurt. The consumer loses money and the real attorney, whose name was used, faces a possible reputational issue. That is what happened to at least 13 attorneys so far this year. ...read full article

Sacramento deputy pleads no contest to drug, identity theft charges



A Sacramento County sheriff's deputy has pleaded no contest to felony drug possession and identity theft charges after she befriended an elderly victim and refilled his prescription drugs without his knowledge, according to authorities. ...read full article

Credit card 'cloning' is a growing form of identity theft



Lexington, Kentucky, financial crimes detective Gene Haynes swiped a credit card through an innocuous black card reader known as a "skimmer." Less than a second later, two lines of illuminating text showed up in a Microsoft Word document on his computer screen. The mishmash of numbers and symbols was the visual representation of all the information stored on the card's magnetic strip. ...read full article


June 25, 2012


Colorado Mother and Daughter Charged in Online Dating Scam With Fake Military Members



A mother and daughter in Colorado were indicted for their role in a "Nigerian internet romance scam" in which associates in Nigeria posed as members of the U.S. Armed Forces and stole over $1 million from 374 victims. ...read full article

Scammers Assume Identities of California Lawyers Using Online Information



As many as 111 California lawyers may have fallen victim to identity thieves in the past decade, according to the state bar. ...read full article

Financial Crimes: Credit card 'cloning' is a growing form of identity theft



Lexington financial crimes detective Gene Haynes swiped a credit card through an innocuous black card reader known as a "skimmer." Less than a second later, two lines of illuminating text showed up in a Microsoft Word document on his computer screen. ...read full article

Three charged with identity theft, other felonies following traffic stop



Three people were charged Thursday with buying and receiving stolen property and other felonies a day after a California Highway Patrol officer stopped their vehicle and arrested them on Highway 29 near Highway 221. ...read full article

Smartphone And Tablet Users At Risk Of Identity Theft



Los Angeles, California – Nearly half of the cell phone users in the United States now use a smartphone for their mobile communications. Portable tablets with Internet connectivity are also becoming more and more popular. While smartphones and tablets have many outstanding features, they can also put users at increased risk of identity theft. ...read full article

Sewickley woman charged with ID theft



A Sewickley woman was indicted last week by a federal grand jury in Pittsburgh on a charge of identity theft, the office of U.S. Attorney David J. Hickton said in a statement. ...read full article

Iowan must pay triple damages in check forgeries



KEOSAUQUA, Iowa — A southeast Iowa man convicted of forging checks totaling more than $20,000 has been ordered to pay the victim more than $60,500. ...read full article

ID theft in Richland on the rise



RICHLAND – It’s a crime that's nearly impossible to stop, and it keeps happening here in the Tri-Cities. Richland police say identity theft is on the rise and it's growing exponentially and KEPR uncovered why it's so difficult for police to stop these thieves. ...read full article

Goukasian Found Guilty of Identity Theft


Man found guilty of skimming tens of thousands of credit cards


After deliberating for three hours, a jury has found Aleksandr Goukasian guilty on all charges. ...read full article

Fraud and identity theft suspects arrested near Terrell



Terrell, Texas- The Kaufman County Sheriff's Office released information today about a call their deputies handles on June 21, 2012 at 10:30 a.m. The deputies responded to a suspicious person call at a storage facility in the 3800 block of Highway 80, just outside the Terrell city limits. ...read full article

Thieves disguise wireless camera to swipe ATM PINs



Cameras disguised as speakers on ATMs were used to rip off 800 victims at a cost of $112,478 to JPMorgan Chase, the U.S. Attorney's Office said. ...read full article

ID theft suspect arrested, brought to court



A suspect allegedly responsible for a slew of identity thefts in Sterling faced a hearing on advisement Wednesday in Logan County District Court. ...read full article


June 22, 2012


Woman pleads guilty to aiding ID theft ring



A 43-year-old St. Paul woman, who was a former employee of the Minnesota Board of Psychology, pleaded guilty Thursday, June 21, to aiding an identity theft ring by stealing clients' personal information. ...read full article

Man's identity theft alert lands brother in jail, Corpus Christi police said



CORPUS CHRISTI — A 33-year-old man may pay more than he expected after applying for jewelry credit with his brother’s information Wednesday, police said. ...read full article

Wisconsin experiment suggests voter identity theft



Some states require state-issued picture identification to register to vote and to vote, while other states accept unsubstantial documentation such as utility bills, lease agreements, birth certificates, and other documents that can be faked. A vote cast by a surrogate using the identity of another person is identity theft. ...read full article

Couple sentenced for Idaho bank fraud, identity theft scheme



A federal judge has sentenced two people convicted for running a bank fraud and identity theft scheme in northern Idaho. ...read full article

Iran targeted by 'massive cyberattack,' official claims


Iranian state television says the country's nuclear facilities are the target of a cyberattack


IDG News Service - Iran's intelligence minister has accused the U.S., the U.K. and Israel of planning a "massive cyberattack" against his country after talks this week over Iran's nuclear program failed to reach an agreement, Iranian state TV reported on Thursday. ...read full article

Twitter Denies Hacktivists Behind Severe Outage



Twitter officials say it was a "cascading bug" and not the handiwork of hacktivists that brought down the microblogging site today in two separate outages. ...read full article

Trojan.Milicenso - Printer Trojan cause massive printing



A Trojan that sends printers crazy, making them print pages of garbled nonsense until all the paper has been used up, has seen a spike in activity.Symantec detected the Trojan.Milicenso across various countries, but the worst hit regions were the US and India followed by regions in South America and Europe, including the UK. ...read full article

Fake BancorpSouth Emails Lure Users to Blackhole Exploit Kit



BancorpSouth customers are advised to be on the lookout for suspicious emails that purport to originate from the financial institution. ...read full article

The Intersection Between Cyberespionage And Cybercrime


Chinese cyberspies and traditional cybercriminals are relying on some of the same malware tools -- and some cyberspies even appear to be moonlighting


Traditional cybercriminals increasingly are using the same hacking tools that cyberespionage attackers employ in order to maintain a stealthy foothold inside a victim organization so they can maximize their spoils and profits. ...read full article


June 21, 2012


Industrial Espionage: Chinese Malware Steals Tens of Thousands of AutoCAD Files



A worm written in AutoLISP, identified as ACAD/Medre.A, has caught the attention of ESET researchers after it attempted to steal tens of thousands of AutoCAD files from companies in Peru and a few neighboring countries. ...read full article

Face.com iOS flaw could have allowed Facebook, Twitter account hijacking


ow-patched Face.com vulnerability that could have let attackers to hijack the Facebook and Twitter accounts of its customers


IDG News Service - Facial recognition start-up Face.com patched a vulnerability in its KLINK iOS app that could have allowed attackers to hijack the Facebook and Twitter accounts of its users, according to Ashkan Soltani, the independent security researcher who claims to have found the flaw. ...read full article

6 Biggest Breaches Of 2012 So Far



Now that we're just about at the halfway point of the year, it is just as good of a time as any to take stock of the data breach environment and start gathering lessons from others' missteps. ...read full article

FDA: Software Failures Responsible for 24% Of All Medical Device Recalls



Software failures were behind 24 percent of all the medical device recalls in 2011, according to data from the U.S. Food and Drug Administration, which said it is gearing up its labs to spend more time analyzing the quality and security of software-based medical instruments and equipment. ...read full article

Lessons From Fraud Settlement


Experts Analyze Implications of ACH Fraud Case Outcome


The out-of-court settlement reached in a dispute between Village View Escrow Inc. and California-based Professional Business Bank shows it's getting more difficult for banks to avoid liability, even when commercial customers' lax security controls make them vulnerable to fraud, experts say (see Settlement Reached in ACH Fraud Case). ...read full article

ID theft scam reported by bank



Officials with The Citizens Bank of Philadelphia are warning its customers this week about ongoing reports of attempted identity thefts. ...read full article

Dedham flower shop closed; owner charged with larceny and identity theft



DEDHAM — Dedham Police arrested an Oakdale shop owner and subsequently shut his business down. ...read full article

Identity Thief Gets 4 Years in Club Fed



Four years and six months doesn’t seem like a particularly severe sentence for a thief in Washington state who stole 15 people’s identities, including four police officers, created fake driver’s licenses, washed checks, and used “mules” to steal sensitive documents, make purchases with stolen credit, and sell the merchandise. The thief’s attorneys described him as a “38-year-old drug addict who has had medical and mental setbacks and was living in a motel.” I don’t know what his mental setbacks are, but all the meth he was doing may have been a contributing factor. ...read full article

New La. law: Sex offenders must list status on Facebook, other social media



(CNN) -- A new Louisiana law requires sex offenders and child predators to state their criminal status on their Facebook or other social networking page, with the law's author saying the bill is the first of its kind in the nation. ...read full article


June 20, 2012


Several sentenced in ID theft, IRS fraud; Orange Park man the leader



A 33-year-old used car salesman from Orange Park and several cohorts were sentenced in federal court this week including millions in restitution for fraud. ...read full article

Feds charge Kings County nurse in identity theft scheme


Jaishree Arbuckle-Pierre accused of selling Social Security numbers of nearly 60 employees


The feds have charged a nurse with stealing the Social Security numbers of nearly 60 employees of Kings County Hospital in an identity theft scheme, the Daily News has learned. ...read full article

Crackdown on ATM “Skimming” and Identity Theft



SAN FRANCISCO -- Attorney General Kamala D. Harris today announced the outcomes of two cases investigated by her office’s eCrime Unit in which defendants “skimmed” credit card information of Chase Bank customers across the state. ...read full article

Former Police Chief Accused of Wire Fraud and Identity Theft Appears in Court



COVINGTON—A former northern Kentucky police chief, arrested Friday on wire fraud and identity theft charges, will appear in court today for a detention hearing. ...read full article

Freeze your credit to fight off ID theft



Larry Skidmore, a 67-year-old Air National Guard retiree - after 26 years in uniform - lost his wallet May 21 while bicycling in his Jenks housing addition. Noticing it missing on returning home, he peddled back along his route, but it was gone. ...read full article

Disguises add new twist in identity theft cases



Stealing an identity isn't always as simple as snatching a purse or pilfering a credit card. Sometimes, it requires a disguise. ...read full article

U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say



Flame was developed at least five years ago as part of a classified effort code-named Olympic Games, according to officials familiar with U.S. cyber-operations and experts who have scrutinized its code. The U.S.-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions. ...read full article

Hackers Leak Data from AmeriCash Advance After Company Refuses to Pay Up



A hacker collective called Rex Mundi has leaked a large file that contains information they have stolen from the systems of AmeriCash Advance, a company that provides payday loans and cash advances. ...read full article

Syrian Dissidents Hit By Another Wave of Targeted Attacks



One of the attackers who has been targeting Syrian anti-government activists with malware and surveillance tools has returned and upped the ante with the use of the BlackShades RAT, a remote-access tool that gives him the ability to spy on victims machines through keylogging and screenshots. ...read full article

LinkedIn hit with lawsuit over massive data breach


A lawsuit seeking class-action status said the company failed to implement 'industry standard' security measures


IDG News Service - LinkedIn has been hit with a potential class-action lawsuit alleging it failed to meet "industry standard" security practices in connection with a massive data breach earlier this month, according to court documents. ...read full article

Kayak.com investigates after customers discover security breach



He was trying to clarify a line on his credit card bill, but ended up accessing scores of strangers’ personal information. ...read full article

Researcher Explains Why Scammers Say They Are from Nigeria



Nigerian scams, or 419 scams (419 is the number of a section in Nigeria’s criminal code), are encountered almost daily by most internauts and we can safely argue that by now a large percentage of users are able to identify and avoid them. ...read full article


June 19, 2012


Phony bill payment scheme poses identity-theft risk



AKRON - FirstEnergy Corp., parent company of Met-Ed, is warning customers of its 10 electric distribution companies to be wary of bogus claims that President Obama will help pay utility bills for residential customers through a special federal program. ...read full article

Fla. man gets prison for sealing Pa. soldier's ID



PITTSBURGH -- A Florida man has been sentenced to one year in federal prison for stealing the identity of a western Pennsylvania soldier while the soldier was serving in Iraq. ...read full article

Internet Search Engines Surpass E-Mail in Online Scam Threats



Conducting an everyday search using internet search engines poses more threat for web surfers than e-mail accounts, according to an analysis conducted by Blue Coat Security Lab. With e-mail users smartening up to phishing scams, thieves are now searching for new ways to take money, spread viruses and implement online identity theft. ...read full article

Online credit card complaint database to debut



WASHINGTON (CNNMoney) -- A new online database devoted to cataloging consumer complaints against credit card companies launched Tuesday. ...read full article

LinkedIn Victims Do Not Connect With Legitimate Notifications



The company sent an important e-mail notification with special coding (DKIM) and addressed the recipient by name. It also didn't include any links in the actual message. And yet LinkedIn did not connect with some 250,000 of its users, who flagged the legitimate alert as spam. ...read full article

When Will End Users Stop Being Fooled By Online Scams?



Despite millions of dollars in security tools and hours of awareness training, many organizations still find themselves breached by phishing and old-school social engineering attacks. Is there a way to build a better, smarter user? ...read full article

Trust fined £225k for leaving patient files in abandoned hospital


Is there a secret NHS sweep on who can blow most data?


Belfast Health and Social Care Trust has been fined £225,000 by the Information Commissioner's Office for leaving patient and staff files in an abandoned hospital. ...read full article

CyberZeist Claims to Have Gained Access to Hundreds of Federal Accounts



CyberZeist, the hacker who has recently left the UGNazi collective, has leaked a few hundred login credentials that he allegedly obtained by launching a spear phishing attack on US federal employees. ...read full article

Data in possible credit card breach appears to be old


The data, linked to from Pastebin, includes, names, addresses and emails


IDG News Service - A batch of names, addresses, emails and phone numbers of credit card customers around the world released on Monday indicates a breach of a payment processor, but the data appears old. ...read full article

Cybercriminals Upgrade Banking Malware to Include Automatic Transfer Systems



As if ZeuS and SpyEye haven’t been causing enough damage on their own, security researchers from Trend Micro have found that more recently cybercriminals have begun using Automatic Transfer Systems (ATS) to enhance the information-stealing capabilities of their pieces of malware. ...read full article


June 18, 2012


BYOD exposes the perils of cloud storage



Computerworld - The dangers of using consumer cloud storage systems became clearer earlier this month, when a hacker claimed that he accessed presidential candidate Mitt Romney's Dropbox storage and email accounts using an easily cracked password. ...read full article

Pennsylvania Man Indicted For Hack of Department of Energy Network



A Pennsylvania man was arrested yesterday after a Massachusetts grand jury issued a four-count indictment alleging that he hacked into computer networks belonging to the U.S. Department of Energy (DoE) and the University of Massachusetts and tried to sell access to a DoE supercomputer for $50,000 to an undercover FBI agent. ...read full article

Six in Tokyo slammer after Android smut scam


Malware was distributed through adult site


Six men including three IT executives have been arrested in Tokyo in connection with an Android malware scam which netted them over 20 million yen (£160,740). ...read full article

Indictment: Former chief took $115k from police department



HIGHLAND HEIGHTS, KY (FOX19)- A former police chief who is facing charges for stealing money from his police department will be released from jail on Monday. ...read full article

Police seek suspect in Elections NB laptop theft



The Fredericton Police Force is asking for the public's help in identifying a suspect in the theft of two Elections New Brunswick laptops. ...read full article

Internet security company Omniquad warns about DVLA Email Phishing Scam – Identity Theft Warning



Omniquad is issuing a warning about emails that appear to come from the DVLA, threatening that people will need to retake their driving license unless they update their details, including credit card details with CVV number, within two weeks ...read full article

Ex-Employee Charged with ID Theft on Bank Accounts


Police said one of the accounts used belonged to the woman's deceased relative.


A former Commerce Bank employee was charged May 31 with two counts of identity theft. ...read full article

Crack down on SLO County identity theft rings



The San Luis Obispo County operators of two high-tech bank scam operations that ripped off hundreds of Chase Bank customers over the last three years are winding their way through the court system as the result of a crackdown by Attorney General Kamala Harris’ newly created eCrime Unit, according to a press release. ...read full article

Five charged with ID theft



Five men were charged Friday with multiple counts of identity theft after they allegedly used re-encoded credit cards to buy and resell gas for profit, police said. ...read full article

Scammers indicted for identity theft and real estate fraud



According to a FBI press release three Southern California men have been indicted for identity theft and running real estate scams. The men were arrested on June 14 after a grand jury decision to proceed with prosecution. ...read full article

3 Indicted In $10M Short Sale, Identity Theft Scams



LOS ANGELES (CBS) — Federal authorities say three Southern California men have been indicted for allegedly running a scam involving short sales that caused more than $10 million in losses. ...read full article

Cromwell man charged with identity theft



CROMWELL – A 38-year-old Cromwell man has been arrested and charged with looting an elderly woman’s bank account to pay his everyday personal bills. ...read full article

Alleged International Credit Card Trafficker “Badb” Extradited from France to the United States



WASHINGTON – Vladislav Anatolievich Horohorin, aka “BadB” of Moscow, an alleged international credit card trafficker thought to be one of the most prolific sellers of stolen credit card data, has been extradited from France to the United States to face criminal charges filed in the District of Columbia and in the Northern District of Georgia. ...read full article

Man charged with workplace ID theft



A Naperville man faces trial for allegedly stealing the identities of nine people from his workplace in Downers Grove, and then using some of their credit and bank debit card accounts to pay his bills and buy luxury items, including jewelry and tickets to concerts and sporting events. ...read full article

Oahu entrepreneur becomes identity theft victim



If you haven't filed your taxes yet, someone else may have beaten you to the punch. ...read full article

Text Messages Can Lead to Identity Theft



Jefferson City, Mo. –Attorney General Chris Koster today warned Missourians about recent activity by identity thieves to steal information by offering fake prizes like Walmart or Costco gift cards. ...read full article


June 15, 2012


Banks: Hackers more aggressive in attacking customer accounts



Network World - A survey of large financial institutions shows they faced more attacks by hackers to take over customer banking accounts last year than in the two previous years, and about a third of these attacks succeeded. ...read full article

Pennsylvania Man Arrested on Computer Hacking Charges



WASHINGTON – Charges were unsealed this morning against a Pennsylvania man, alleging that he hacked into computer networks in Massachusetts and around the country and then sold unauthorized access to those networks. ...read full article

Software Update Site For Hospital Respirators Found Riddled With Malware



UPDATE: A Web site used to distribute software updates for a wide range medical equipment, including ventilators has been blocked by Google after it was found to be riddled with malware and serving up attacks. The U.S. Department of Homeland Security is looking into the compromise, Threatpost has learned. ...read full article

Panetta: Urgency Needed to Defend Against Cyber Attacks



The increasing threat of cyber attacks against the nation’s computer networks requires a commensurate growth in resources dedicated to protecting them, Defense Secretary Leon E. Panetta told Congress. ...read full article

ATM Skimmer Gets Jail Time


Bank Fraud Scheme Targeted 500 Accounts


A woman who pleaded guilty to conspiracy to commit bank fraud for her role in a New England ATM skimmingcase that targeted more than 500 bank accounts has been sentenced to 45 months in prison (see ATM Skimmer Pleads Guilty). ...read full article

The Wikiboat and Anonymous have leaked Defense.gov files after hack



The Wikiboat and Anonymous have attacked the Defense.gov website and have leaked some files of the website. ...read full article

German police searched homes of more than 100 alleged cyber-attackers of anonymous action



Frankfurt ( hf ) - On Tuesday, officials of the Federal Criminal Police Office conducted 106 raids nationwide. The raid is part of the investigation into a hacker attack last year. On 17 December had called the cyber-collective Anonymous to a distributed denial of service attack (DDoS) on the side of the GEMA. The aim was to put the lame website. ...read full article

New Grad Looking For a Job? Pentagon Contractors Post Openings For Black-Hat Hackers



Mikko Hypponen enjoys his position as the chief research officer at the Helsinki-based security firm F-Secure. He has no intention of leaving. But lately, he’s been spending a lot of time looking at job openings. ...read full article

Miley Cyrus Tumblr Tape Scam Leads to Shady Video Player



Experts have come across a Tumblr post that advertises an adult tape featuring Miley Cyrus. The goal of this scheme is to convince unsuspecting users to install a shady-looking video player. ...read full article

Tax Return Identity Theft Hotline announced



If you think someone used your identity to file a fraudulent tax return and snatch your refund, call the new Tax Return Identity Theft Hotline. ...read full article


June 14, 2012


One in 10 Children Are Victims of Identity Theft, Report Finds



(NEW YORK) -- Children are increasingly becoming the preferred target of identity thieves, authorities say. ...read full article

Troy woman charged in ID theft of 800 people



Federal agents recently arrested a Troy woman on felony charges for allegedly stealing the identities of 800 people while working at an area hospital as part of a government tax fraud scheme. ...read full article

Scam Text Messages Could Lead To Identity Theft



Jefferson City, Mo. (KMOX)– Beware of scam text messages that could affect cell phones with malware and make personal information accessible to thieves. ...read full article

Woodbury man accused for third time of identity theft



For the third time in little more than a year, a Woodbury man has been charged with stealing someone's identity. ...read full article

Ham Lake woman pleads guilty to bank fraud, identity theft



A 25-year-old Ham Lake woman pleaded guilty June 6 in U.S. District Court in St. Paul to two felony charges for her role in a large-scale identity theft ring. ...read full article

LinkedIn bolsters security while some users ignore breach



After LinkedIn sent out millions of emails urging users to update their account information following last week's data breach that resulted in some 6.5 million compromised passwords, many of the messages were mistakenly designated as spam. ...read full article

LulzSec Reborn aims to keep hacking movement alive


Real danger from federal officials who 'continue to pooh-pooh' cybercrime, police investigator says


CSO — About three months ago, following the arrests of five members of an Anonymous spinoff hacker group, an FBI official declared: "We're chopping off the head of LulzSec." ...read full article

Expect A Surge In Breaches Following MySQL Vulnerability


Vulnerability is so easily attacked and so prevalent that we're bound for a bump in database exposures


An unusual password vulnerability that makes hundreds of thousands of MySQL and MariaDB databases vulnerable to simple brute-force attacks is likely to soon start a ripple effect of increased data breach activity online, security experts predict. ...read full article

FTC Bares Teeth, Levies $800k Fine Against Data Brokerage Firm



In a first-of-its-kind ruling, the Federal Trade Commission (FTC) told data brokerage firm Spokeo it has until tomorrow to hand over $800,000 to the Treasurer of the United States. ...read full article

Alleged Lulzsec member, Ryan Cleary, indicted in U.S.


Cleary, already charged in the U.K., is accused of attacking Sony Pictures and Fox Entertainment


IDG News Service - A U.S. federal grand jury has indicted Ryan Cleary, a British citizen, accusing him of orchestrating a hacking rampage last year that victimized Sony Pictures Entertainment, Fox Entertainment Group and others. ...read full article

Comcast Refuses to Hand Over the Identities of Suspected Pirates



Comcast has asked an Illinois District Court to quash subpoenas obtained by copyright holders that want to learn the identities of individuals who allegedly download their materials from BitTorrent websites. ...read full article


June 13, 2012


Oregon Woman Gets $2.1M Fraudulent Tax Refund on Debit Card



Oregon's Attorney General's office says a woman will be charged today with obtaining a fraudulent $2.1 million tax refund on a debit card, the biggest fraud refund case in the state's history. ...read full article

Girlfriend gets 8 years for hiding 'Whitey' Bulger



(CNN) -- The girlfriend of James "Whitey" Bulger was sentenced to eight years in federal prison Tuesday for identity fraud and helping the reputed mob boss avoid capture for 16 years. ...read full article

2 Russians accused of ID theft for smartphone buys



BATON ROUGE, LA -- Two Russian women living in New York state used fake IDs to get dozens of $500 iPhones for about $200 each in Texas, Tennessee, Arkansas and Oklahoma by taking out long-term contracts under other people's names. ...read full article

IRS warns taxpayers of scam



Rolla, Mo. — The Internal Revenue Service (IRS) is warning taxpayers to be cautious of a new, email-based phishing scam that targets Department of Defense military members, retirees and civilian employees. ...read full article

Leader of Staten Island ID theft ring gets 2 to 6 years in prison



STATEN ISLAND, N.Y. -- A Bulls Head man was a ringleader in a Staten Island-based gang that stole as much as $5 million from borough residents and others, including soldiers who were deployed in Afghanistan and Iraq while they were being ripped off. ...read full article

Merchant information may have been stolen from Global Payments


Hackers had access to servers hosting personal information of merchant applicants, Global Payments said


IDG News Service - Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments. ...read full article

The Importance Of Interviews In Insider Investigations


Exit interviews speed up investigations, prove intent, and cover your legal bases


Whether it is an exit interview upon termination or resignation, or just a simple question-and-answer session during an investigation, employee interviews are critical to handling insider incidents, IT forensics experts say. ...read full article

Attacks Targeting US Defense Contractors and Universities Tied to China



Researchers have identified an ongoing series of attacks, possibly emanating from China, that are targeting a number of high-profile organizations, including SCADA security companies, universities and defense contractors. The attacks are using highly customized malicious files to entice targeted users into opening them and starting the compromise. ...read full article

James Bond-style malware targets firm that secures industrial systems


Malicious e-mail tries to siphon data related to US critical infrastructure.


To get a sense of just how advanced some malware-based espionage campaigns have become, consider one recently perpetrated against Digital Bond, a security consultancy that specializes in safeguarding computer systems used to control dams, gasoline refineries, and other critical infrastructure against attack. ...read full article

Study: Few Aware of Risk of Medical ID Theft


Nationwide Insurance consumer survey shows need to educate, take precautions to protect your credit and your health


COLUMBUS, Ohio, Jun 13, 2012 (BUSINESS WIRE) -- While it's the fastest-growing type of identity theft, a new Nationwide Insurance survey reveals few people know what medical identity theft is or how devastating it can be to your credit and your health. ...read full article


June 12, 2012


Dutch Citizen Charged With Fraud, Identity Theft in Hacking Case



A 21-year-old Dutch citizen has been charged with allegedly selling credit card numbers collected from Boeing's employee credit union and stealing card numbers from other illegal online data markets. ...read full article

ID thefts paid for cell scam


Federal agents: Two women had 81 cellphones, 27 IDs


Two Russian nationals took a road trip through four Southern states, using other people’s identification to purchase discounted smartphones under long-term wireless contracts, federal officials alleged Monday in Baton Rouge. ...read full article

Va man sentenced to more than 6 years in federal prison for identity, benefits theft



NORFOLK, Va. — A Norfolk man has been sentenced to more than six years in prison for using another man's identity to obtain federal government benefits. ...read full article

Robbery Victim Now Fighting Identity Theft


Local man survives ATM armed robbery, says he's a victim again


SPARTANBURG, S.C. -- Struggling to recover, a local man survived an armed robbery at a bank ATM, and now he says he's a victim again. This time he's fighting to pay his bills and prove his identity. ...read full article

LinkedIn Claims Vulnerable Passwords Have Been Disabled



Business social network LinkedIn issued more information and advice to its users over the weekend, in the wake of a massive cyber attack in which 6.5 million passwords were stolen. ...read full article

Six-Member Identity Theft Ring Sentenced in UK


Ringleader Jason Place was sentenced to six years and nine months in prison.


Six men were recently sentenced at the UK's Southwark Crown Court for their involvement in the "design, production and sale of fake identities and the management of online forums where clients were coached in how to commit fraud," according to London's Metropolitan Police Service. ...read full article

LifeLock General Counsel Confronts Challenges By Going Big



After Clarissa Cerda accepted the general counsel position at LifeLock, Inc., she did something a little unusual: she attacked the company’s biggest problems by teaming up with her boss. The Phoenix-based identity theft protection company was facing 14 class-action suits, and a competitor lawsuit, on top of an ongoing government inquiry. There were times when Cerda, already a veteran GC, joked with the company’s chief executive that she didn’t know if she’d been hired just in the nick of time or a day too late. ...read full article

Identity thieves reach into local accounts



Approximately 15 million U.S. residents have their identities used fraudulently each year with financial losses totaling about $50 billion, according to the Bureau of Justice statistics. The bureau's data suggests about 7 percent of all adults have their identities misused with each instance resulting in about $3,500 in losses and Greene County residents have fallen victim to identity theft as well ...read full article

Tumblr Users Should Beware of Cookie Thieves



Two researchers say they've found a security hole in Tumblr, one of the most popular sites on the Internet, that could steal users' authentication cookies to break into their accounts. ...read full article

'Conclusive' Link Found Between Stuxnet And Flame


Researchers say Flame predates Stuxnet and shares some source code with first-generation version of Stuxnet


A new twist in the mystery that is Stuxnet/Duqu/Flame: Researchers now say Flame came first and has direct ties to Stuxnet, the targeted attack reportedly launched by the U.S. and Israel against an Iranian nuclear facility. ...read full article

Building a Culture That Values Privacy


A Three-Step Approach to Managing Change


A successful effort to build a corporate culture that values privacy should be built on ideas that come from the rank-and-file staff in all departments, not just upper management, says Jan Hillier, a specialist in managing change. ...read full article

Emails from “Amazon.com” Fool Users into Visiting Malware-Serving Sites



We’ve recently reported that Amazon has started warning its customers after they’ve identified a large number of malicious emails that relied on the company’s name and reputation. Today, GFI experts provide a sample email that’s making the rounds, attempting to lure users onto compromised websites. ...read full article

Passwords pillaged from League of Legends wand-strokers


Euro gamers' very private jewels sniffed by hackers


Passwords, email addresses, dates of birth and other sensitive data have been plundered from the player databases of fantasy strategy game League of Legends. ...read full article


June 11, 2012


Multimillion-pound cyberfraud gang jailed for selling identity theft kits


Confidential Access's 'platinum' products cost £5,500 and came complete with instructions on how to defraud companies


Members of a gang who provided fake identities and documents to thousands of customers have been jailed following a two-and-a-half-year investigation into their multimillion-pound operation. ...read full article

Two Suspects Arrested On Charges Of ID Theft



A man and a woman were arrested Thursday on charges of identity theft and other theft charges after allegedly stealing a purse from a worker at a Hermiston doctor's office. ...read full article

ID-theft victim regrets error



FARMINGTON — If Kelsey Ross had put a lock on her Social Security number after a burglary in November, she could have been in the market to buy a house this summer. ...read full article

UK cops hunt for thousands who bought identity fraud 'packages' online



LONDON -- An extensive search is underway in the UK for thousands of individuals who used an online service that helped people commit identity theft and mortgage fraud. ...read full article

2 men sentenced for ID theft, to be deported



Two men have been sentenced to federal prison terms for conspiracy to commit identity theft and sale of fraudulent Social Security cards. ...read full article

Trappe Man Struck By Identity Theft



A 60-year-old Trappe man was victimized by identity theft last month, Pennsylvania State Police said Friday. ...read full article

Another Case of Identity Theft in Westlake



A Wakefield Lane couple is dealing with the mess that identity theft creates. ...read full article

Police: Woman arrested near Walmart had fake I.D.



Two women were arrested Friday night near the Walmart in American Canyon, one for alleged possession of stolen property and one on suspicion of identity theft, police said. ...read full article

Police: Man impersonated physician on phone to pharmacy



NEW HARTFORD, N.Y. (WKTV) - New Hartford Police arrested a Utica man after he allegedly called a pharmacy, impersonating a local physician, to prescribe and obtain medicine. ...read full article

Survey Shows 85 Percent of Small Business Owners Convinced a Data Breach Unlikely



If a newly released survey is any indication, publicized data breaches aren't enough to prompt small businesses to better protect their customer or employee data. ...read full article


June 8, 2012


“t0pp8uzz” and “GM” Sentenced to Jail for Running Fraud Website



Jay Moore, known by his online moniker as t0pp8uzz, and his accomplice Damian Horne, aka GM, have been sentenced to jail after investigators accused them of running a fraud website worth an estimate of £26.9 million ($41 million or 33.2 million EUR). ...read full article

UK court requires Facebook to hand over troll identities



In the first case of its kind in the United Kingdom, a woman has won the approval of courts to force social networking giant to reveal the identities of cyberbullies who allegedly incited a hate campaign against her. ...read full article

How Charles Dickens helped crack your LinkedIn password


Researchers are using words from classic novels to crack the LinkedIn password hashes


IDG News Service - Kevin Young, a computer security expert who studies passwords, is nearly at a loss for words. Literally. ...read full article

Report: North Korea Accused Of DDoS Attack On South Korean Airport



North Korean agents have been linked to a malware attack on a South Korea's Incheon International Airport, according to a report from the JoongAng Daily, a South Korean paper. ...read full article

FTC Highlights P-to-P Network Risks


2 Settlements in Cases That Exposed Data on 100,000


The Federal Trade Commission has reached settlement agreements with a debt collector and an automobile dealership charged with exposing sensitive consumer information on peer-to-peer file-sharing networks. ...read full article

Flame: Developed by Expert Cryptographers, Comes with “Suicide” Switch



There are a couple of new reports about the now-infamous Flame that we thought of sharing with our readers. One group of researchers has stated that the malware may have been developed by world-class experts, while Symantec has revealed that the threat comes with a “suicide” functionality. ...read full article

Last.fm Confirms They Were Hacked, Change Your Passwords Now



After this week’s LinkedIn fiasco, it appears the latest tech giant to fall to bored hackers is Last.fm. Music-streaming website Last.fm is the latest organisation to urge its users to change their passwords immediately. ...read full article

Mobile devices bring cloud storage -- and security risks -- to work


Corporate policies alone won't address the use of cloud storage services by employees


Computerworld - Dropbox made headlines this week when Gawker.com was the first to report that an unnamed hacker broke into Mitt Romney's hotmail account with the same password used for a Dropbox account also associated with the GOP presidential candidate. ...read full article

Cybercrime 'much bigger than al Qaeda'


Security experts confirm concern outlined by DHS Secretary in recent speech


June 07, 2012 — CSO — It is unlikely that Americans will ever again see commercial jets crashing into skyscrapers, piloted by terrorists. But Department of Homeland Security (DHS) Secretary Janet Napolitano believes that malicious computer code generated by groups like al Qaeda are just as big a threat to the security and stability of the nation. ...read full article

Suspect in ID theft case sentenced



The final suspect in custody following a federal investigation into an identity theft ring that allegedly served the Hattiesburg and Laurel area was sentenced to five years in prison. ...read full article

Man gets prison for posing as SEAL in ID theft case



A former sailor who posed as a SEAL chief to persuade other sailors to turn over their personal information was sentenced Wednesday to a little more than seven years in prison for bilking a credit union out of nearly $182,000. ...read full article

Ham Lake woman pleads guilty to bank fraud, identity theft



A 25-year-old Ham Lake woman pleaded guilty June 6 in U.S. District Court in St. Paul to two felony charges for her role in a large-scale identity theft ring. ...read full article

Scarsdale Police Arrest Two On ID Theft, Grand Larceny Charges


SPD arrested a Mount Vernon woman and Bronx man yesterday


Scarsdale Police detectives have had a busy week. SPD arrested a Bronx man and a Mount Vernon woman yesterday on charges of identity theft and grand larceny, after the two attempted to fraudulently withdraw money from a Chase Bank in Scarsdale. ...read full article

Arrests made in thefts from online bank accounts


Fourteen people were indicted in an alleged cyber bank fraud scheme that took money from the accounts of Bank of America customers


Stealing victims’ identities was the first step toward pilfering from their online banking accounts, according to a cyber bank fraud indictment announced Thursday. ...read full article

Son Turns in Feasterville Dad for Identity Theft



A Lower Southampton man is facing identity theft charges following his son telling police that he was using a stolen identity to avoid legal problems in Virginia. ...read full article

Richmond woman charged with Social Security fraud, identity theft



A Richmond woman was indicted Thursday on charges of using another person's Social Security number, adding to charges she already faces, including tax evasion and bank fraud. ...read full article

ID theft sting nabs state employee



ALBANY - An employee of the New York State Office of Children and Family Services is accused of selling personal information to an outside person. ...read full article

Police flush ID theft scheme



BRANDON -- Deputies have made two arrests in what they said is a stolen identities scheme that wound its way from South Florida to Hillsborough County. ...read full article


June 7, 2012


Phantom Debt Collectors From India Harass Americans, Demand Money



Hundreds of thousands of cash-strapped Americans have been targeted by abusive debt collectors operating out of overseas call centers suspected of links to organized crime in India, law enforcement officials told ABC News. ...read full article

Microsoft's reaction to Flame shows seriousness of 'Holy Grail' hack


Company's fast, sweeping response proves how critical it considers Windows Update


Computerworld - The exploit of Microsoft's Windows Update system by the sophisticated Flame cyber espionage malware was a "significant" event in the history of Windows hacking, experts said today. ...read full article

Like LinkedIn, eHarmony is hacked; 1.5 million passwords stolen



EHarmony, the popular online dating site, was the target of a password hacking attack that resulted in 1.5 million stolen passwords, most of which have been cracked. ...read full article

LinkedIn Confirms Password Breach


Nearly 6.5 Million May Have Been Compromised


LinkedIn has confirmed that a breach of its network compromised passwords connected to accounts. While LinkedIn has not yet confirmed how many passwords were affected, some reports estimate nearly 6.5 million could have been compromised. ...read full article

Survey Shows Consumers Still Openly Risking ID Theft



A new survey conducted by a credit card comparison Web site indicates consumers continue to be lax when it comes to guarding against identity theft. ...read full article

CloudFlare Details How AT&T Systems Were Bypassed by Hackers



A few days ago we reported that CloudFlare representatives reached the conclusion that UGNazi hackers managed to breach their systems by first compromising AT&T. Today, the company’s CEO Matthew Prince has returned with additional details. ...read full article

Siemens Enhances Security In Post-Stuxnet SCADA World


Firewall, VPN features now embedded in some products as Siemens gradually beefs up its security strategy


Stuxnet was not only bad news for Iran, but also for Siemens, whose process control systems were targeted in the attack that disrupted a nuclear facility in Iran. Since then, Siemens has quietly made several security moves in the wake of Stuxnet's discovery two years ago -- most recently, new industrial control products that come with built-in security features. ...read full article


June 6, 2012


6.5 Million Alleged LinkedIn Password Hashes Dumped Online


A 271-megabyte file containing hashes was published on a Russian forum a couple of days ago. The data allegedly represents encrypted passwords that belong to LinkedIn customers.


According to a Norwegian publication, dangensit.no, a total of 6.5 million LinkedIn password hashes are in the file. ...read full article

Indian ISPs targeted in Anonymous censorship protest


Their websites have been attacked as blocks on some file-sharing sites continue


IDG News Service - The websites of Indian government-run communications company Mahanagar Telephone Nigam and the Internet Service Providers Association of India faced DDoS (distributed denial of service) attacks from Anonymous on Wednesday as some Internet service providers continue to block file-sharing websites following a court order. ...read full article

Hacker Says He Accessed Pair Of Presidential Hopeful Romney's Online Accounts



Breach suggests Mitt Romney--or his aides--used same password across multiple Web services ...read full article

Google starts warning users of state-sponsored computer attacks


Users targeted by government-involved campaigns may see advisory banners


Google unveiled a service that automatically displays a warning to users who may be the target of state-sponsored phishing or malware attacks. ...read full article

Identity theft victim fights to clear his name after deadly crash



FORT WORTH, TX - A Texas man is trying to clear his name after his identity was stolen. ...read full article

Two indicted for ID theft, tax fraud


Edwin Bonannee, Sabrina Balkman-Bradwell are accused


A 32-year-old Hollywood man is one of two people indicted for identity theft in a tax fraud scheme, according to U.S Attorney Wifredo A. Ferrer. ...read full article

Suspect sentenced in identity theft case



Only one suspect remains to be sentenced following the arrest of 10 in a federal investigation of an identity theft ring in Laurel last year. ...read full article

Woodbury man accused of stealing co-worker's identity


Washington County prosecutors allege a Woodbury man convicted last year of identity theft was back at it again this year.


Washington County prosecutors allege a Woodbury man convicted last year of identity theft was back at it again this year. ...read full article

Bronx man arrested after stealing Darien identities



A FedEx driver's vigilance helped Darien Police arrest a Bronx man who tried to buy nearly $7,000 worth of computers after stealing identities from at least two Darien residents. ...read full article

Urbana woman charged with aggravated ID theft



URBANA — An Urbana woman who allegedly stole the identity of an elderly Champaign County Nursing Home resident to pay two bills has been charged with aggravated financial identity theft. ...read full article

Empowering the IRS in Combating Identity Theft



The National Taxpayer Advocate, Nina Olsen says the main reason people go to her office is to seek help because their identities have been stolen. Identity theft is a growing crime that results in stolen tax refunds and fraudulent tax claims. In response, the IRS has taken steps to curb the menace. Out of the approximately 100 million tax returns the IRS processes each year, the agency has detected 940,000 fraudulent tax returns in 2010 and avoided paying out $6.5 billion to suspected identity thieves. ...read full article

ID Theft in Backyard of Texas Attorney General



LAREDO, Texas (CN) - An identity thief who used her position in the Texas Attorney General's Office to claim other people's tax refunds will serve 2 1/2 years prison. ...read full article

Anonymous Again Crusading Against Child Pornography



Members of the hactivist collective Anonymous resurfaced this week with a new campaign to expose suspected pedophiles on Twitter and get the site and its users to help root out other accounts linked to child pornography. ...read full article

New Bern man pleads guilty to ID theft scheme



Raleigh, N.C. — A New Bern man pleaded guilty Monday to stealing the identities of dozens of people and filing fraudulent tax returns in their names to obtain refunds, authorities said. ...read full article


June 5, 2012


Financial Documents Found In Bank Trash Bin


Oildale Woman Victim Of Identity Theft


OILDALE, Calif. -- A family contacted 23 ABC after they said a local bank did not shred documents appropriately and that led to identity theft. ...read full article

Commission candidate faced ID theft charge in 2008



Linda K. Armstrong, a candidate for the Shawnee County Commission, said Monday that her having received diversion on an identity theft charge filed in 2008 “is a moot point, because it’s not a conviction.” ...read full article

Police: Man working in Cinnaminson using woman's identity



CINNAMINSON — A man from Cherry Hill who is an undocumented immigrant was working in the township by using a woman’s identity, police said Friday. ...read full article

Police search for man who stole $10,000 in Carlisle area identity theft case



A suspect in an identity theft stole nearly $10,000 from a Carlisle man in May, according to state police at Carlisle. ...read full article

Police say woman used fake ID at Sears store in Meriden



MERIDEN — A Bronx woman faces charges after police say she tried to purchase $2,200 worth of merchandise from the Sears store at Westfield Meriden mall using stolen information. ...read full article

Manteca man sentenced for ID theft and fraud



SACRAMENTO - A Manteca man found guilty of defrauding more than 50 individuals, banks and financial institutions by using victims' personal information to obtain credit cards and make phony driver's licenses was sentenced in Sacramento federal court. ...read full article

Stockton Man Sentenced to Nearly 5 Years for Identity Theft



(Source: FBI) - SACRAMENTO, CA—Michael Garcia, 39, of Stockton, was sentenced today by United States District Judge Morrison C. England Jr. to 57 months in prison for fraud in connection with computers and in connection with an access device, United States Attorney Benjamin B. Wagner announced. ...read full article

Dominican national used personal ID of dead man for decade, feds say



A Dominican national who has been living in Winter Springs was sentenced to 30 months in federal prison Friday for aggravated identity theft and making a false statement on a passport application. ...read full article

Plea agreement filed in identity theft case



A sentencing date has been set for a Linden woman accused of using another woman’s identity to establish utility and credit card accounts. ...read full article

Restaurant Chain Reports Card Breach


Method of Attack, Which Affected 43 Sites, Is Unclear


Penn Station Inc. has confirmed that 43 of its 235 U.S. restaurants may have been affected by a payments breach that exposed credit and debit details. ...read full article

State of California Site Hacked, Sensitive Data Leaked



After breaching the State of Rhode Island website yesterday, today The Unknowns return with another target from the same category. This time the victim is the California Department of Forestry and Fire Protection, a subdomain hosted on ca.gov. ...read full article

SwaggSec claims China Telecom data breach


Hacktivists not happy with China 'screwin with the Pentagon'


Hacktivist group SwaggSec is claiming the scalps of China Telecom and Warner Brothers after apparently taking advantage of poor security to infiltrate their networks and steal a sizeable booty of sensitive data. ...read full article

Famed 'credit zombie' resurrected, with lessons for anyone with a SSN



Judy Rivers isn't dead after all. And, as anyone who's had a maddening run-in with the nation's credit system would agree, her "resurrection" is miraculous. ...read full article


June 4, 2012


Experian Data Breach Resolution and Ponemon Institute study indicates consumer confusion following a data breach


New survey reveals 72 percent of respondents were disappointed in the way they were notified of a data breach


COSTA MESA, Calif., June 4, 2012 /PRNewswire via COMTEX/ -- A business's ability to protect personal information and communicate the circumstances of a data breach can impact customer loyalty and an organization's trustworthiness and reputation, according to a recent study by Experian Data Breach Resolution and the Ponemon Institute. In fact, according to more than 700 survey respondents, 72 percent of people who received notification of a data breach were dissatisfied with the communication and often felt the need for more information. ...read full article

Bend Man Charged With Theft From Elderly Victim



BEND, Ore. -- A 56-year-old Bend man was arrested Friday on more than 100 theft, ID theft and fraud charges, accused of stealing over $180,000 from an 83-year-old Bend resident over the past six months, police said Saturday. ...read full article

BHPD Chief Alleged Victim of Identity Theft


David Snowden's personal information was allegedly stolen in an effort to shut off the electricity at his home


Beverly Hills Police Department Chief David Snowden is one of the alleged victims named in the case against Steven Grant Almeida, who pleaded not guilty Friday to charges that he stole the identities of people in the local justice system and used their personal identifying information to try to shut off the electricity at their homes. ...read full article

Federal blunders enable ID theft



TAMPA -- Thousands of names, Social Security numbers and birth dates accidentally are released to the public every year by the U.S. government. ...read full article

Offices need to lock up IDs to prevent theft



With South Florida leading the nation in identity theft, companies especially need to safeguard employees' and clients' personal information from being taken by dishonest co-workers. ...read full article

Utah CTO steps down following data breach



Computerworld - The executive director of Utah's Department of Technology Services has resigned over a data breach that exposed the Social Security numbers and other personal data of about 280,000 Medicaid recipients. ...read full article

Thrift Savings Plan Notifies Customers of Breach 10 Months After the Incident



Data breaches have become more and more common in the past few years and if most companies are capable of handling the effects of such incidents, there are some that appear to be failing at the task. Such is the case of the Thrift Savings Plan (TSP), which alerted customers only 10 months after hackers gained unauthorized access to their systems. ...read full article

Five Sentenced for Their Roles in Stolen Identity Refund Fraud Scheme



Fahim Suleiman and Muuad Salem were sentenced to prison today by U.S. District Court Judge James S. Gwin in connection with their roles as co-conspirators in a scheme to defraud the United States by obtaining false and fraudulent U.S. Treasury tax refund checks, the Justice Department and Internal Revenue Service (IRS) announced. According to documents filed with the court, the two participated in a conspiracy with others to file false United States income tax returns using personal identifying information, including names and Social Security numbers, of deceased taxpayers in order to obtain false tax refund checks that were subsequently sold and negotiated. Suleiman was sentenced to 64 months in prison, including a 24 month mandatory minimum sentence for aggravated identity theft. Salem was sentenced to 27 months in prison. ...read full article

Companies See Business In 'Doxing' The Adversary



It's not a malware problem -- it's an adversary problem: More security firms are focusing on the people behind the keyboards in order to stymie attacks ...read full article

Microsoft certificate used to sign Flame malware, issues warning



Summary: Microsoft has issued a security advisory warning and a high-priority update after parts of the Flame malware were signed with Microsoft-issued certificates. ...read full article

Small banking Trojan poses major risk



Security researchers have discovered a tiny, but highly capable banking Trojan. ...read full article

'Spy' contacted defense firms / Police plan to investigate, question those courted by diplomat



A Chinese diplomat allegedly engaged in espionage contacted officials at several defense companies while he was in Japan, according to investigative sources. ...read full article

'SwaggSec' claims hack of China Telecom, Warner Bros.


The alleged data haul includes internal documents and administrator login credentials


IDG News Service - A hacking group is claiming to have breached the networks of Warner Bros. and China Telecom, releasing documents and publishing login credentials. ...read full article

Malicious PowerPoint Presentations Exploit Flash Vulnerability to Drop Backdoor



It’s not uncommon for internauts to come across shady-looking emails that bear .exe, .zip, or .pdf files which hide some sort of malicious plot. However, it’s rather unusual to find a Microsoft PowerPoint presentation that embeds a Flash file which hides an exploit. ...read full article


June 1, 2012


IRS Aims High to Crack Down on Identity Theft



The IRS is ramping up its efforts to crack down on personal identity thefts involving illegally procured tax return information. ...read full article

Four Arrested in Federal Identity Theft Investigation



(Source: Richmond County Daily Journal, Rockingham, N.C. (MCT) — Four people have pleaded guilty in connection to identity theft charges after a joint federal investigation by the United States Secret Service and the Richmond County Sheriff’s Office. ...read full article

Fort Bragg police: Two boys posing as officers in ID theft scam



Ukiah Daily Journal -- Two teenaged boys are possibly going door-to-door in Fort Bragg posing as police officers who are investigating identity theft to get personal information, according to the Fort Bragg Police Department. ...read full article

Philly Woman Charged with Credit Card, Identity Theft in Toms River



A Philadelphia woman is charged with credit card theft and identity theft, in incidents within Monmouth and Ocean counties, police said. ...read full article

Hackers Not Attracted to Small Businesses? False



Small business owners may think the size of their company precludes them from being targets of identity theft, not realizing they are more at risk than the larger companies. ...read full article

Tenafly man sentenced for role in bank fraud ring



A Tenafly man, described as an essential cog in a scheme to build up credit scores for a Bergen County identity theft and bank fraud ring that catered to Koreans, was sentenced Thursday to two years in federal prison. ...read full article


 

Contact Information

Center for Identity Management and
Information Protection
Dr. Donald Rebovich,
Executive Director
315.792.3231
drebovich@utica.edu
Utica College
1600 Burrstone Road
Utica, NY 13502