Identity Theft News


News Archive


Contact Information

Center for Identity Management
and Information Protection
Dr. Donald Rebovich,
Executive Director
Utica College
1600 Burrstone Road
Utica, NY 13502

April 2010 News Archive

April 30, 2010

U.S. Naval Academy Triumphs in 10th Annual Cyber Defense Exercise

The National Security Agency/Central Security Service (NSA/CSS) is pleased to announce that the U.S. Naval Academy has won the 2010 Cyber Defense Exercise (CDX). CDX, an annual event that is sponsored by NSA/CSS, is a computer security competition designed to foster education and awareness among future military leaders about the role of Information Assurance (IA). This year's proud winners overcame several new challenges, successfully countering the expected network obstacles as well as a host of new ones created expressly for the 10th anniversary of the CDX. full article

US Air Force phishing test transforms into a problem

IDG News Service - Sorry Airman Supershaggy, "Transformers 3" is not coming to Andersen Air Force Base. And by the way, you've been phished. full article

Trading Firm Sues Russian Hacker

MANHATTAN (CN) - A Russian hacker broke into online brokerage accounts and stole hundreds of thousands of dollars from its customers in a "hack, pump and dump" scheme, Scottrade claims in Federal Court. Defendant Valery Maltsev responded in a statement that said, in part: "Scottrade investors didn't even see that money were going away from their accounts, they were not noticing that for six months! I can't understand that." full article

Report: Palin e-mail snooping jury deadlocked

Knoxville jury has reached verdict on three counts, stymied by identity theft charge

Computerworld - The federal jury deliberating the fate of the man who allegedly accessed former Alaska Gov. Sarah Palin's e-mail account in 2008 is deadlocked on one of the four charges, according to a Knoxville newspaper. full article

Glype 'anonymous' proxy may not cloak your identity

It may be possible to view users' personal details when running a proxy service widely used to skirt network admin bans on access to sites like Facebook full article

IT contractor gets five years for $2M credit union theft

Insider threat case the second this week, following Terry Childs guilty verdict

Computerworld - For the second time this week, companies are getting a stark reminder of the danger posed to enterprise networks and assets by insiders with privileged access. full article

Ponzi Real Estate Man Pleads Guilty

ST. LOUIS (CN) - The former CEO and owner of The Duncan Group pleaded guilty to federal fraud charges in a $3.9 million Ponzi scheme. Aaron Duncan, 33, of Defiance, Mo., pleaded guilty to two federal felonies: mail fraud and money laundering. full article

Tearful Ex-General Counsel Details Huge Ponzi Discovery

David Boden gives testimony in all-day deposition concerning fraud committed by Scott Rothstein

Scott Rothstein's former law firm general counsel cried Thursday as he recalled how he discovered his boss had committed a fraud of epic proportions. full article

Researcher: Social networks shouldn't reuse private info

IDG News Service - While social networking services may legally own customer-generated data generated on their sites, they still should not reuse that material outside the context in which it was created, contended a Microsoft researcher who studies social networks. full article

N.Y. State Senator Pocketed $1.3 Million from Sham Job-Training Program, AG Says

(CN) - New York's Senate Majority Leader Pedro Espada Jr. pocketed $1.35 million from a bogus job-training program, Attorney General Andrew Cuomo claimed in Superior Court. It's the second lawsuit in two weeks that Cuomo filed against Espada. Last week, the attorney general accused the Bronx Democrtat of diverting charitable assets and lining his pockets with more than $14 million. full article

Do Cyber-Attacks Require a 'Duty to Assist'?

On Jan. 1, 2009, when an Indian oil tanker found itself under attack by machine gun fire from pirates off the coast of Somalia, the ship's captain sent out an SOS via wireless radio. A nearby Malaysian frigate heard the call and immediately responded, sending a helicopter to the scene. On its arrival, the pirates fled and the tanker's crew escaped unharmed. It's a story that has been repeated countless times, in large part because international law requires anyone receiving an SOS signal to "proceed with all possible speed" to render assistance. Today, similar legal duties abound -- what we might call "duties to assist" -- whether in response to a pilot's mayday call, distress signals, or emergency numbers. full article

Ponzi Allegedly Targeted Jamaican-Americans

FORT LAUDERDALE (CN) - A man says he lost $2.6 million in a "huge Ponzi scheme named OLINT" that targeted Jamaican Americans. He claims the scam was so lucrative that one of its operators, Joseph Issa, "used the money to purchase the Shell Oil facility in Jamaica for $80 million." full article

Attorney's Former Employees Charged in Alleged Multimillion-Dollar Fraud

One-time top Miami forensic accountant and attorney Lewis Freeman conspired with two of his employees to help conceal his embezzlement of $2.6 million from client trust accounts for more than a decade, federal prosecutors charge. full article

DOJ Challenges Sex Offender's Effort to Renounce Citizenship

James Kaufman has been trying for six years to renounce his citizenship, pressing Justice Department officials and other government agencies to let him cut his ties to the United States. full article

Justice Department Opens Criminal Probe of Goldman

Stepping up the pressure on Goldman Sachs two days after its executives were grilled and publicly rebuked by lawmakers, the Justice Department has opened a criminal investigation of the Wall Street powerhouse over mortgage securities deals it arranged. full article

April 29, 2010

Privacy of E-Signatures Still Uncertain

SALT LAKE CITY (CN) - Supporters of government ethics reform will have to wait a week to find out if their electronic signatures will remain confidential. U.S. District Judge Clark Waddoups on Wednesday extended a temporary restraining order on dozens of county clerks keeping "e-signatures" on initiative petitions from the public. full article

Texas man set to admit building botnet-for-hire

IDG News Service - A Mesquite, Texas, man is set to plead guilty to training his 22,000-PC botnet on a local ISP -- just to show off its firepower to a potential customer. full article

Man accused of falsely claiming to be Ranger

PHOENIX — A federal grand jury in Phoenix has indicted a former chaplain for making false claims about his military honors and training. full article

IRS Policies Protect 1.2 Million Identity Thieves

Roughly 1.2 million taxpayers appear to be ongoing victims of identify theft, but the Internal Revenue Service doesn’t have a good way to warn them. In fact, agency rules make it possible for undocumented immigrants to fraudulently use Social Security numbers of U.S. citizens and still file tax returns (with another identifying number) to claim refunds, according to a report put out by the Treasury Inspector General for Tax Administration. full article

Botnets + hacking kits + Web app holes = good times for cybercriminals

Criminal-controlled botnets are becoming more resilient and powerful than ever. It’s easier than ever for even low-skilled hackers to supply botnets with freshly infected PCs via user-friendly hacking tool kits. And many of them are using these tool kits to spread infections on weakly protected web pages put up by legitimate corporations. full article

The staggering cost of a data breach

The average cost of a data breach globally stood at USD 3.43 million last year, the equivalent of USD 142 per compromised customer record, according to research from the Ponemon Institute. full article

Introduction to malware analysis

In this video, Lenny Zeltser will introduce you to the process of reverse-engineering malicious software. He will outline behavioral and code analysis phases, to make this topic accessible even to individuals with a limited exposure to programming concepts. You'll learn the fundamentals and associated tools to get started with malware analysis. full article

The US continues its reign as the king of spam

The United States continues its reign as the king of spam, relaying more than 13% of global spam, accounting for hundreds of millions of junk messages every day, according to a report by Sophos. full article

Please, stop cancelling my health card!

Identity mix-up dates back to last October

Teresa Lawrence is sick of all the problems she’s had with her Ontario health card. full article

Proposal: All New Yorkers Become Organ Donors

Assemblyman Brodsky Introduces Bill That Would Give State The Right To Decide If You Are To Give The Gift Of Life

New York (CBS) - Organ donation has become a vital way to save lives around the world, but a vast shortage of donors continues to mean people are losing their lives while on waiting lists. full article

Nurse Accused Of Using Patient Information To Obtain Painkillers

DUBLIN, Ohio — A nurse was out of a job on Wednesday, after she was under criminal investigation, accused of stealing a patient's identity and using it to obtain narcotics. full article

The Medical Center at Bowling Green Notifies Patients of Breach of Protected Health Information

The Medical Center is currently notifying 5,418 patients of a breach of personal protected health information. The breach involves the theft of computer equipment from The Medical Center’s Mammography Suite containing information on patients who underwent bone density testing at The Medical Center between 1997 and 2009. We have no reason at this point to believe the device was stolen for the information on it or that any personal information has been released or used. full article

Man indicted in probe of UMC privacy leak

A man was indicted today by a federal grand jury in an alleged conspiracy to pay a University Medical Center employee for private information about traffic accident victims that was used to drum up clients. full article

FTC Tells Congress It Is Reviewing Whether Technology Changes Call for Revisions to the Agency's Rule Protecting Kids' Online Privacy

The Federal Trade Commission today said that the rapid-fire pace of technological change, including an explosion in children’s use of mobile devices and interactive gaming, has led the agency to accelerate its review of the Children’s Online Privacy Protection Rule (COPPA Rule) to make sure that it is still adequately protecting children’s privacy. Although the FTC reviews most of its rules every 10 years, the COPPA Rule is being reviewed only five years after its last review, in 2005. full article

European Commission may create new cybercrime unit

IDG News Service - European ministers are considering establishing a new agency that would tie together law enforcement agencies and other entities dedicated to fighting cybercrime. full article

April 28, 2010

Update: Facebook execs to meet with Schumer on privacy this week

Social network had requested a meeting with the senator before press conference today

Computerworld - Facebook Inc. executives have set up a meeting this week with U.S. Sen. Charles Schumer (D-N.Y.), who has been publicly pushing the social networking site to change its privacy policy. full article

Terry Childs found guilty

The admin who kept San Francisco network passwords now faces a maximum of five years in prison

Terry Childs, the San Francisco network administrator who refused to hand over passwords to his boss, was found guilty of one felony count of denying computer services, a jury found Tuesday. full article

Senators Express Disgust, Anger as Goldman Execs Squirm

In subcommittee hearing on financial crisis, legislators raise issues of lack of transparency and conflict of interest

Several senators from both sides of the aisle Tuesday expressed emotions ranging from disgust to utter frustration as they grilled current and former employees of Goldman Sachs Group Inc. over the company's dealings leading up to the financial crisis of 2008. Some senators accused them of resembling Las Vegas gamblers playing risky games using U.S. taxpayers' money. full article

Former Law Firm COO Charged in Alleged Money-Laundering Conspiracy

Plea deal apparently reached by Villegas, the first person to be charged as a co-conspirator in attorney Scott Rothstein's settlement financing fraud

When Scott Rothstein was an unknown labor and employment lawyer in Florida's suburban Broward County, Debra Villegas was there at his side as his trusted paralegal. full article

Worker sentenced for reading celeb records

Researcher at UCLA School of Medicine read files of Barrymore, Hanks Read more:

LOS ANGELES - A former UCLA School of Medicine researcher has been sentenced to four months in federal prison after reading the confidential medical files of celebrities such as Drew Barrymore, Arnold Schwarzenegger and Tom Hanks. full article

Man gets 81 months, $2.5M fine for stock scheme

Marimuthu sentenced for hack, pump and dump scheme that struck brokerage firms

Computerworld - An Indian national was sentenced Monday to 81 months in prison for hacking into online brokerage accounts and using those accounts to manipulate stock prices for personal gain. full article

Cost of cybercrime to businesses doubles

The cost of cybercrime to businesses has doubled to more than £10bn over the past two years, research to be released today will reveal. full article

April 27, 2010

Data breach at Tennessee Blues could affect 1 million patients

A review by the insurer shows that an increasing number of plan members might face identity theft after hard drives were stolen in 2009. full article

Hackers target iPad owners with bogus update

Dupe Windows users into downloading backdoor Trojan; Mac owners not at risk

Computerworld - Hackers are targeting iPad users with bogus update messages that dupe them into downloading malicious code onto their Windows PCs, a security researcher said today. full article

Founders Skimmed $54M, Shareholder Says

LOS ANGELES (CN) - The founders of start-up media company Spot Runner skimmed $54 million from the floundering company while selling their own shares at inflated prices to new investors, according to a derivative complaint in Superior Court. full article

Enders Broke Privacy Rules

THE BBC has been rapped after a mum was plagued by obscene calls and texts after her mobile phone number was shown on EastEnders. full article

Queen's tailor sues former employee

Britain's oldest tailor, Ede & Ravenscroft, is suing a former employee, which it accuses of stealing vital customer data.

The company, sells not just bespoke suits but is also supplies gowns to all the Oxbridge colleges and robes to the House of Lords, claims that confidential data, possibly including the personal measurements of its well-heeled clients, has been stolen. full article

CEO of the Duncan Group Pleads Guilty in Multi-Million Dollar Ponzi Scheme

ST. LOUIS, MO—The United States Attorney’s Office announced today that Aaron Duncan, the former CEO and owner of The Duncan Group, has pleaded guilty to fraud charges involving a $3.9 million investment scheme. full article

Insecure web applications greatest data threat

Most businesses, despite having numerous mission-critical applications accessible via their websites, fail to allocate sufficient financial and technical resources to secure and protect Web applications, leaving corporate data vulnerable to theft. This is one of the results of a study by Imperva, WhiteHat Security and the Ponemon Institute. full article

Visa targets online marketing 'scam'

Visa, one of the world's largest credit card companies, is taking aim at "scam" marketing practices that were quietly used by some of the Internet's largest retailers in recent years. full article

Patient files found dumped in Monticello

MONTICELLO — Officials have seized hundreds, perhaps thousands, of files containing Social Security numbers and other private patient information found dumped outside the shuttered office of DRC Physical Therapy Plus. full article

Houston CPS worker accused in ID theft scam

Potential foster care and adoptive parents are the latest victims in an identity fraud scheme, organized in part by a Texas Child Protective Services worker in Houston, according to prosecutors. full article

Microsoft: Enterprises Hit Hardest By Worms; Consumers By Trojans And Adware

Rogue AV was the common denominator threat to all users, according to findings in the new Microsoft Security Intelligence Report

Enterprises and consumers each suffer from different types of malware threats, but both were hit hard by rogue antivirus attacks last year, according to new data released by Microsoft today. full article

NHS responsible for third of data breaches

A senior member at the ICO has claimed the NHS is the worst data breach culprit in the UK.

The deputy commissioner of the Information Commissioner's Office (ICO) has named and shamed the NHS as the worst offender when it comes to data breaches. full article

Users' passwords exposed by Splunk

Updated Splunk, a kind of Google for business technology that boasts it can help reinforce your security, has exposed the details of major customers to hackers following a web site slip up. full article

Botnet-driven click fraud attacks pilfering millions from advertisers

The clever hacking of online advertisements has quietly grown into a multi-million dollar criminal industry showing no signs of slowing. full article

Cops raid Gizmodo editor's home over lost iPhone, raise questions of legal search upon journalist

Police raided the home of Gizmodo editor Jason Chen late Friday, busting down the door to serve a search warrant that suggests that the site’s role in obtaining an iPhone prototype is being investigated as a felony, according to a post and documents published on the Gizmodo website. full article

Senators call on Facebook to protect user privacy

They want Facebook to add better safeguards to user information

Computerworld - Three U.S. senators are holding a press conference today in an attempt to push Facebook to change its privacy policy and better safeguard users' personal information. full article

April 26, 2010

Cybercriminals step up click theft from online advertisers

Cybergangs are increasingly targeting advertisers who pay website owners for every click on their online ads, two click fraud technology suppliers have found. full article

Former SEC Lawyer Gets 8 Years for Pump-and-Dump Fraud

Judge said he would have imposed an even higher sentence except that others involved in the conspiracy got much lighter sentences after striking plea deals full article

Tidal wave of ID theft fraud sweeps the UK, survey reveals

Some 44% of Londoners have been victims of bank card fraud and 42% have had their identity stolen, according to an Infosecurity Europe survey. full article

Business spend is failing to protect against top threat to data security, study finds

A lack of protection for web-based applications means many businesses are at a high risk of cyberattack, a survey has found. full article

How young upstarts can get their big security break in 6 steps

Companies crave experience in their security staffers, dimming prospects for entry-level applicants. Bill Brenner on how a young upstart can break through. full article

SEC Wins Backdating Verdict in Maxim Case

The San Francisco SEC office won big in its first stock option backdating trial. full article

Health Care Reform: Impact on Employers and Employees

After at least a year in the making and months of uncertainty, landmark health care reform legislation has been signed into law. full article

Schumer challenges social media sites over privacy rules

NEW YORK (WKTV) - Senator Chuck Schumer is challenging Facebook on how the social networking site shares information. full article

Website shares user credit cards with world+dog

A website that encourages people to share details of their online purchases with world+dog was caught exposing the complete credit card numbers of four of its users. full article

Spammers Pay Others to Answer Security Tests

MUMBAI, India — Faced with stricter Internet security measures, some spammers have begun borrowing a page from corporate America’s playbook: they are outsourcing. full article

April 23, 2010

1.5 million stolen Facebook IDs up for sale

A hacker named Kirllos is offering to sell the accounts in an underground forum for 2.5 cents per account

A hacker named Kirllos has a rare deal for anyone who wants to spam, steal, or scam on Facebook: an unprecedented number of user accounts offered at rock-bottom prices. full article

Microsoft wins piracy battle in China

Microsoft has won its first big piracy battle in China against a Shanghai-based insurer. full article

Marketers Banned from Selling Credit Repair and Mortgage Relief Services; Ordered to Pay $7.5 Million

At the Federal Trade Commission’s request, a federal court has banned eight companies and their principals from selling credit repair and mortgage relief services, and ordered them to pay more than $7.5 million for deceiving consumers throughout the United States. full article

FTC Testifies About Continuing Efforts to Protect Consumers from Deceptive Debt Relief Scams

The Federal Trade Commission today told the U.S. Senate Committee on Commerce, Science, and Transportation that the FTC will continue its stepped-up efforts to protect financially strapped consumers from deceptive and abusive debt relief scams. full article

Privacy gaffe leads to multiple firings at Ohio Apple Store

"Several" workers at the Legacy Village Apple Store in Lyndhurst, Ohio have been fired following an accidental privacy violation, according to a report. Sources note that when a computer is brought in for service by Apple, a standard procedure is used to backup and restore a customer's data; this normally ensures that once a restore is complete, all of the backup data is deleted, preventing leaks of sensitive information. The firings are connected to photos, finances and videos from one customer somehow ending up on another person's Mac. full article

Malware infects UK National Health Service systems

IDG News Service - Computers belonging to the UK's National Health Service have been hit with data-stealing malware, although it doesn't appear patient information was stolen, according to security vendor Symantec. full article

Survey: 71% of companies monitor employee social media use

Over seventy percent of corporations have visibility into employee use of social media, according to a recent survey from nCircle. full article

Fake fast food survey with cash reward leads to phishing site

Scammers often use the familiarity of a brand as a means of lessening the victims' tendency to be cautious when perusing unsolicited emails. In this latest email scam, this method is coupled with the offer of $80 to whomever takes a short survey. full article

White House To Modernize Cybersecurity Reports

New directive requires government agencies to get with the times and abandon paper-based reporting for real-time digital updates on all potential cybersecurity threats. full article

Beware of fake emails from Twitter Support

As evidenced by the tweets on their official Safety account, Twitter is warning their users not to open emails purportedly coming from Twitter Support ( and containing links that don't link to Twitter or messages of any kind. full article

Tracking Criminal Data Centers

A study shows that companies that host malicious Web content are well hidden and hard to shut down.

Malicious Web content is increasingly distributed by professional criminals who operate their own infrastructure. These crooks run hosting companies that are used to host harmful code, and issue commands to hijacked computers. At a talk given this week at Source Boston, a conference on computer security, one researcher described the tactics one such malicious hosting company uses to evade being shut down. full article

Portable PHP password hashing framework

phpass is a portable public domain password hashing framework for use in PHP applications. It is meant to work with PHP 3 and above, and it has actually been tested with at least PHP 3.0.18 through 5.3.0 so far. full article

April 22, 2010

New York Irish immigrants lose thousands of dollars in ATM scam

An ATM scam in the Woodlawn and Yonkers area has stolen money from hundreds of Irish people. full article

Two Romanian nationals charged with stealing bank acount numbers

Two Romanian nationals are in federal custody for allegedly using card skimmers to steal the account numbers from PNC Bank card users and then using those accounts to spend some $200,000. full article

Army discloses theft of medical patients' data

The names, phone numbers and health information of 1,272 patients being treated at one of the Army's top hospitals may have been breached by a car break-in, an Army spokesman said Wednesday. full article

Police: Identities Of 400 People May Be At Risk

Vancouver police officers who arrested a man on a criminal harassment charge earlier this month found an account book with the names, dates of birth and Social Security numbers of 402 people at his home. full article

Telstra confirms customer data breach

Telstra has patched a data breach on its business website that had the potential to reveal personal information, such as date of birth, of 700 customers. full article

Financial fraud: How investigators work to combat data theft

Financial institutions once considered fraud a given risk, but also a small nuisance. Today, stopping fraud is a front-and-center priority for banks and lenders full article

Fake N.J. psychologist, accomplice plead guilty of defrauding insurers

A Branchburg, N.J., man, pretending to be a licensed psychologist, along with his female accomplice, recently pleaded guilty to defrauding several health insurers, including Aetna and UnitedHealthcare. full article

April 21, 2010

Extradition Sought in Giant ID Theft Case

MANHATTAN (CN) - Federal prosecutors are extraditing a Belarusian man from the Czech Republic on charges of aggravated identity theft and conspiracy to commit wire fraud and credit card fraud. The complaint accuses Dmitry M. Naskovets of more than 5,000 instances of fraud and helping more than 2,000 clients commit identity theft through his Web site, full article

Google, YouTube received 10,000 government requests for user data

Network World - Google and the Google-owned YouTube received more than 10,000 requests for user data from government agencies in the six months ending Dec. 31, 2009, according to newly released data. full article

SEC Says It's Nailed $90M Ponzi Scheme

ALBANY, N.Y. (CN) - McGinn, Smith & Co. and the two men who ran it squandered $90 million of investors' money by making unsecured loans to prop up cash-poor affiliates, paying salaries, and for their own delight, including hiring strippers for a "sexually themed" cruise, the SEC says. full article

Germany named Europe's top computer virus culprit

Germany hung onto its dubious title as Europe’s leader in spreading computer viruses in 2009, though its share of malicious activity in the region dropped slightly, a survey has found. full article

Police data on copiers causes city to scramble

CBS report prompts worry on disclosure

Buffalo officials are trying to figure out why police information was left on the hard drives of two of the department’s old copy machines, which have turned up as part of an investigation by CBS News. full article

Fear of identity theft after break-in at college

BIRTH certificates and other personal details including bank drafts and cheques from around 20 teacher training applicants have been stolen from a college. full article

Attorney General Seeks More Details About Student Loan Data Breach Involving 3.3 Million

Attorney General Richard Blumenthal today announced that he is seeking more details about a data breach at Educational Credit Management Corporation (ECMC) that may have exposed personal information on 3.3 million federal student loan borrowers, including hundreds of thousands from Connecticut. full article

Woman pleads no contest to charges of identity theft

A confessed professional identity thief pleaded no contest in state court yesterday to charges that could put her behind bars for the rest of her life. full article

Cybercrooks befuddled by Icelandic volcano name

Scareware slingers have balked at using the name of the Icelandic volcano that this week has prevented planes flying across much of Europe as a theme for search engine manipulation campaigns because its name is simply too complicated. full article

Amazon purges account hijacking threat from site administrators on Tuesday closed a security vulnerability that made it possible for attackers to steal user login credentials for the highly trafficked e-commerce website. full article

Drug-dealing spammers hit Gmail accounts

Google is investigating a growing number of reports that hackers are breaking into legitimate Gmail accounts and then using them to send spam messages. full article

April 20, 2010

Attack on Google said to hit password system

Ever since Google disclosed in January that Internet intruders had stolen information from its computers, the exact nature and extent of the theft has been a closely guarded company secret. But a person with direct knowledge of the investigation now says that the losses included one of Google’s crown jewels, a password system that controls access by millions of users worldwide to almost all of the company’s Web services, including e-mail and business applications. full article

Miners fear secrets stolen by Chinese cyber-spies

THE internal communications of Australia's major iron ore producers have been aggressively targeted by cyber attacks that many senior executives and members of the Rudd government suspect originate in China. full article

Manhattan U.S. Attorney Charges Belarusian Creator of International Identity Theft Website

Dmitry Naskovets Allegedly Ran Online Business That Targeted U.S. and European Financial Institutions and Committed Over 5,000 Frauds. At Request of U.S. Authorities, Naskovets was Arrested in the Czech Republic on April 15, 2010. full article

Symantec 2010 Internet Security Threat Report

The Symantec Internet Security Threat Report provides an annual overview and detailed analysis of Internet threat activity, malicious code, and known vulnerabilities. The report also discusses trends in phishing, spam and observed activities on underground economy servers. full article

Identity theft nets $15k

A 50-year-old woman is accused of stealing more than $15,000 by using someone else's identity. full article

100 potential attacks per second blocked in 2009

Symantec released its new security threat report which highlights key trends in cybercrime from Jan.1, 2009 to Dec. 31, 2009. In a year bookended by two very prominent cyber attacks – Conficker in the opening months of the year and Hydraq at the very end – the report reveals continued growth in both the volume and sophistication of cybercrime attacks. full article

Phishing student loans' pages target students

University students in the UK that have taken out a loan with the Student Loans Company have lately been targeted by a phishing scam that presents to them a page that is supposedly a login page for "Student Finance". full article

Certegy Agrees to Settle in Florida Data Breach

Subsidiary of Fidelity National Information Services has inked an agreement with Florida attorney general to upgrade security technology in the wake of large-scale data breach. full article

Medical groups say heavy fines for practices that breach regulations for the new unique health identifier legislation are unnecessary and will stop doctors using them in the first place.

Contravening a minor regulation exposes practices of fines of up to $5,500 a time. full article

Hospital board mum on possible privacy violations

Officials at Regional Medical Center have completed their first look into possible violations of patient privacy at the hospital. But so far, the results of that investigation are, well, private. full article

Newborn DNA Registries Raise Privacy Concerns

Parents are expressing outrage after discovering through recent news reports that their newborns’ DNA has been stored or even turned over to the Armed Forces lab to build a national registry, without obtaining their consent. full article

Thieves steal Blood Bank of Hawaii's computer

HONOLULU (HawaiiNewsNow) - Police are on the lookout for thieves who stole a laptop computer from the Blood Bank of Hawaii's Donor Center on Dillingham Boulevard. full article

Amazon purges account hijacking threat from site administrators on Tuesday closed a security vulnerability that made it possible for attackers to steal user login credentials for the highly trafficked e-commerce website. full article

April 19, 2010

Police called after 9-year-old steals password

IDG News Service - A few weeks ago, officials at Fairfax County Public Schools thought they had a hacker on their hands. full article

FBI lists the key roles in cybercrime enterprises

Computerworld - Criminal hacker organizations are operating with increasing corporate-like efficiency and specialization, according to Steven Chabinsky, deputy assistant director in the FBI's cyber division. full article

Pa. school district snapped 'thousands' of student images, claims lawyer

District staffers called the photos taken by laptop software a 'little soap opera'

Computerworld - The suburban Philadelphia school district accused of spying on students using school-issued laptops snapped thousands of images of teenagers in their homes, including shots of a boy asleep in his bed, documents filed in a lawsuit claimed Thursday. full article

Expert picks out loopholes in US e-passports

WASHINGTON: Every new US passport issued since 2007 has been outfitted with a computer chip, embedded on its back cover. Till recently hackers were able to access it from afar, but now such e-passports can only be read when they are opened. full article

Man charged for importing card skimmers

Australian Customs won a small victory in the fight against bank fraud, arresting a 23-year-old Chinese man arriving at Brisbane International Airport late last week who was allegedly carrying tools used to "skim" bank cards. full article

Sexting case raises workplace privacy issues

The future of employee privacy rights in the workplace may hinge on a case that the U.S. Supreme Court is taking up today involving a cop and sexting. full article

Health Data CD Missing

Albany, N.Y. - Nearly 20 years of state health data is missing. A health department official said a disc with data connected to 328,000 New Yorkers has been missing for almost a month. The information was linked to a program for infants and toddlers with disabilities. full article

Targeted cyberattacks testing IT managers

Targeted cyberattacks like the one that accessed Google's internal network earlier this year are testing enterprise security models in new ways, and they pose a more immediate threat to sensitive corporate data and bank accounts. full article

Network Solutions sites hacked again

Newest wave infects hosted sites, sends users to Ukrainian attack server

Computerworld - A week after Web hosting company Network Solutions dealt with a large-scale infection of WordPress-driven blogs, the company acknowledged that other sites it hosts have been compromised. full article

April 16, 2010

Zeus spyware pretends to be Royal Mail PDF

The postman always zings twice. Zing!

Zeus spyware Trojan variants have begun using PDF files to package exploits. full article

Inmates bilk Uncle Sam for millions

Key West, Florida (CNN) -- Officer Mark Lindback started his day off with a routine contraband check of a jail cell. He pulled up the inmate's mattress, and ducked his head under the bed. He didn't find any shanks or drugs, but he did find papers -- lots and lots of papers. full article

Armenian websites attacked Turkish hackers

Turkish hackers have attacked several Armenian websites ahead of annual commemorative remembrances of the Armenian Genocide. full article

Facebook puts faith in its software smarts to see off sexual predators

Facebook has developed sophisticated algorithms to monitor its users and detect inappropriate and predatory behaviour, bolstering its latest raft of initiatives to improve the safety of its users. full article

Files Installed On Wrong Hard Drive At CompUSA

Imagine all your private e-mails, social security numbers and family records handed over to a stranger. full article

2d hacker in TJX case sentenced to 5 years

Another hacker involved in the TJX credit card theft case, Damon Patrick Toey, has been sent to prison. full article

ID theft steals information from 155,000 debtors on state list

If you recently received a letter warning you that your date of birth, Social Security number or other personal information may have gotten into the wrong hands, you're not alone. More than 155,000 New Yorkers in recent weeks have gotten such warnings, stemming from a pair of data breaches related to their college loans. full article

U.S. Accuses Goldman Sachs of Fraud

Goldman Sachs, which emerged relatively unscathed from the financial crisis, was accused of securities fraud in a civil suit filed Friday by the Securities and Exchange Commission, which claims the bank created and sold a mortgage investment that was secretly devised to fail. full article

SEC Warns Investors

WASHINGTON (CN) - The SEC issued an "Investor Warning" that Eric Bartoli, whom it sued for securities fraud, may be operating another game out of Peru using the alias Enrico Orlandini. The SEC says Bartoli/Orlandini calls his new company DT Analysis or Dow Theory Analysis. full article

China had millions of Conficker worm infections in '09

IDG News Service - China last year hosted more than one in four of the world's computers infected with a major variant of the Conficker worm, according to an official report, highlighting the wide reach of malware inside the country. full article

Daily Telegraph third-party website hacked and defaced

A Daily Telegraph third-party website is the latest high-profile site to be defaced by hackers apparently unhappy about the news organisation referring to Romanians as gypsies. full article

Former US security official charged with leaking secrets by encrypted e-mail

A former high-ranking National Security Agency (NSA) official allegedly leaked information about secret government documents using the Hushmail encrypted e-mail service. full article

April 15, 2010

Postal employee faces mail-theft charges

A U.S. Postal Service employee has been indicted on federal charges that accuse him of stealing more than 2,000 pieces of mail. full article

China-based DDOS attack hits Australian multinationals

A China-based distributed denial of service (DDOS) attack on a financial services company has halted internet services for several hours to some customers of Australian telco Optus. full article

Data stolen from 95,000 credit card customers

A single information trafficker managed to steal the personal data of more than 95,000 Korean credit card users - and sell it to thieves who created cloned credit cards, police said Sunday. full article

Apache project server hacked, passwords compromised

Hackers broke into a server used by the Apache Software Foundation to keep track of software bugs. full article

Atlassian hacked – passwords may have been compromised

Atlassian, the developer of leading software development and collaboration tools, has informed all customers that late on Sunday Night, US PST, a security breach was identified that may have placed some password information at risk. full article

Researchers find bugs in archive file formats

Researchers have found ways to hide malicious software in commonly used archival formats that went undetected until recently by most antivirus programs. full article

Brokerage hit with $375,000 fine over 2007 data breach

The Financial Industry Regulatory Authority (FINRA) has fined brokerage firm Davidson & Co. $375,000 over a 2007 data breach in an action that highlights the growing attention regulators are paying to the controls companies have in place for protecting customer data. full article

Hackers exploit new Java zero-day bug

Just five days after a Google researcher published information of an unpatched Java bug, a compromised song lyrics site is sending users to a Russian attack server exploiting the flaw to install malware, an antivirus firm said today. full article

Gmail spam uses fake addresses to spread malware

Gmail spam is on the rise. Spammers are using fake Gmail accounts to clog up inboxes, making "" the most abused domain name, according to Commtouch's quarterly Internet Threats Trend Report, released Wednesday. full article

House moves to stop use of false caller IDs to scam people

Using false caller ID with the intent of tricking people into revealing personal information or otherwise causing harm would become illegal under legislation that passed the House Wednesday. full article

Boy, 9, accused of hacking into Fairfax schools' computer system

Are you smarter than a third-grader? Because the online education system used by the Fairfax County public schools apparently is not. full article

DNS Trojan poses as iPhone unlocking utility

An application that offers to unlock iPhones is actually designed to hijack internet connections on compromised Windows PCs, security watchers warn. full article

Swiss HSBC data breach victim count trebles

A French prosecutor said bank account details of 79,000 customers was stolen from the Swiss subsidiary of HSBC, three times the number previously admitted by the bank. full article

April 13, 2010

Federal court upholds border search of laptop in Texas

Customs agents did not violate individual's rights when they searched computer for child porn

Computerworld - The U.S. District Court for the Southern District of Texas has become the latest federal court to uphold the right of U.S. customs agents to conduct warrantless searches of laptop computers at U.S. borders. full article

Calif. man pleads guilty to faker charges

LOS ANGELES — A California man who posed as a military officer and sought donations that he claimed would help wounded veterans pleaded guilty Monday to federal fraud charges in the scam, federal prosecutors said. full article

Forgotten databases are a bigger risk than firms admit, says Imperva

Forgotten or unprotected databases are responsible for more data breaches than most businesses would like to admit, says security firm Imperva. full article

Conviction of Google execs signals call for content screening, says judge

The Italian judge who convicted three Google executives of violating the privacy of an autistic teenager who was bullied in a video posted on Google's Italian website in 2006, says content must be screened. full article

New method protects patient privacy in electronic records

US researchers have developed a way to protect patients' privacy while maintaining researchers' ability to analyse patient-specific genetic and clinical data. full article

Rich more likely to use eHealth records but poor benefit more, survey finds

Patients also highly concerned with their privacy

Computerworld - The results of a survey released today of thousands of users of electronic personal health records nationwide (PHRs) revealed that while the wealthy tend to use them more, it was the poor who derive the greatest benefits from online records. full article

Update: Malicious Facebook ad redirected to fake antivirus software

IDG News Service - A malicious advertisement has been found within an application for Facebook that redirected users to fake antivirus software, according to a security researcher. full article

Windows 7 SP1 leaks to pirate sites

March build of service pack hits BitTorrent, pirates download

Computerworld - Pirated copies of Windows 7 Service Pack 1 (SP1) leaked to the Internet last week, searches at several BitTorrent sites show. full article

Teen Sues Mom for Hacking Facebook Account

Suing your parents isn't just for celebrities anymore--a 16-year-old Arkansas boy is suing his mother for hacking into his Facebook account and allegedly posting slanderous remarks. full article

Nifty Java Bug Could Lead to Attack

A Google researcher has published details of a Java virtual machine bug that could be used to run unauthorized programs on a computer. full article

FTC Sends Out More Redress Checks to Victims of the J.K. Publications Credit Card Fraud

Beginning April 9, the FTC, through its claims administrator, will be mailing more than 145,000 checks totaling over $4 million to consumers identified as victims of an illegal credit card billing scam operated by J.K. Publications and other defendants. The operators of this scam made unauthorized charges on consumers’ credit and debit cards for purported Internet services. Information about the case can be found here: full article

Telemarketers Barred from Falsely Telling Consumers That Proceeds from the Sale of Household Goods Will Benefit Charities or the Disabled

Complaint Brought as Part of 2008's “Operation Tele-Phoney” Law Enforcement Sweep

An Arizona-based telemarketing operation that identified itself as “Helping Hands of Hope” has settled charges that it conned consumers into buying household items such as light bulbs and trash bags that were priced substantially higher than at retail, by falsely promising the proceeds would benefit charities or the disabled. The defendants will be permanently barred from such fraudulent conduct and from calling consumers who have asked not to be called. full article

FTC Charges Payday Lender with Deceiving Employers in Scheme to Collect Debts

The Federal Trade Commission has charged a payday loan operation with illegally trying to garnish borrowers’ wages and using other illegal debt-collection practices. The FTC seeks to stop these practices and require the operators to surrender improperly collected money so it can be used for consumer refunds. full article

2010 Census

The 2010 Census is underway and you may be wondering about whom you can trust. The Census is easy, important, and safe — just fill out your form and mail it back. full article

Apache Foundation Hit by Targeted XSS Attack

Combining a cross-site scripting (XSS) vulnerability with a TinyURL redirect, hackers successfully broke into the infrastructure for the open-source Apache Foundation in what is being described as a "direct, targeted attack." full article

April 7, 2010

Facebook takes steps to deal with gift card scams

IDG News Service - Like many other Facebook users Jeff Crites heard of the US$1,000 Best Buy gift-card offer last month from a friend, a Web savvy director of social media at a Fortune 500 company. full article

Chinese hackers attack Dalai Lama and India High Commission

Hackers use social networking sites to create unbreakable command and control system

Security researchers have discovered a complex ecosystem of cyber espionage which they claim systematically compromised computer networks in India, the Offices of the Dalai Lama, the United Nations and several other countries. full article

Botnets 'the Swiss Army Knife of Attack Tools'

Hacker militias may be at the bottom of the cyberwar food chain, but when they want to hit a target, they can mobilize botnets that are already up and running, security experts say. full article

Estonia readies for the next cyberattack

It's fended off attacks in 2007

IDG News Service - More than anyone else, Jaak Aaviksoo has first-hand knowledge of what a cyberwar might feel like. In April 2007, Estonia's banking, media and government presence online was disrupted by several waves of distributed denial of service attacks that knocked services offline. The country is heavily wired -- 90% of all financial transactions are conducted over the Internet and 70% of the population files their tax returns electronically -- so the incident was widely felt by the country's 1.3 million citizens. full article

After Google-China dust-up, cyberwar emerges as a threat

The episode highlighted cyberthreats facing the U.S., but it's not a war -- yet

Computerworld - Few events have crystallized U.S. fears over a cyber catastrophe, or brought on calls for a strategic response, more than the recent attacks against Google and more than 30 other tech firms. full article

Tories to veto key clauses in Digital Economy Bill - but not anti-piracy measures

The Tories will veto Clauses 1, 29 and 43 of the controversial Digital Economy Bill when it comes to a third reading in the House of Commons later today, Wednesday 7 April. full article

Targeted cyberattacks test enterprise security controls

Instead of prevention, the real focus should be attack mitigation

Computerworld - Targeted cyberattacks of the sort that hit Google and more than 30 other tech firms earlier this year are testing enterprise security models in new ways and pose a more immediate threat to sensitive data than a full-fledged cyberwar. full article

April 6, 2010

US govt effort against ID theft said to fall short

WASHINGTON -- An internal review has found that the Justice Department has not done enough to fight identity theft, the fastest-growing crime in the country. full article

Does ACTA Kill Online Anonymity?

With the full draft of ACTA leaked, lots of people have been highlighting the various lowlights found in the draft. Andrew Moshirnia, over at the Citizen Media Law Project, has picked up on another one. If you read the draft, it appears to remove due process in revealing anonymous users. While other countries have viewed anonymity differently, in the US, at least, the courts have been very strong defenders of the right to anonymous speech. full article

Update: Researchers track cyber-espionage ring to China

IDG News Service - Researchers in the U.S. and Canada have tracked and documented a sophisticated cyber-espionage network based in China, dubbed Shadow, that targeted computers in several countries, including systems belonging to the Indian government and military. full article

New Cyber Security Threats Noted in Blue Note Annual Report

A new report on consumer online behaviour and criminal activities on the Internet noted that new security threats have recently emerged, prompting the implementation of a mix of security solutions to protect unsuspecting victims. full article

New Cyber Security Threats Noted in Blue Note Annual Report

A new report on consumer online behaviour and criminal activities on the Internet noted that new security threats have recently emerged, prompting the implementation of a mix of security solutions to protect unsuspecting victims. full article

FTC Issues 2010 Fair Debt Collection Practices Report to Congress

At a time when many consumers are facing debt problems, the Federal Trade Commission has issued its annual report detailing the steps the agency has taken to protect consumers from unfair, deceptive, and abusive debt collection practices and educate the public on the subject. full article

Discovery Failure Sinks Lockheed's $37 Million Win

Federal judge also tosses out motion for more than $16 million in legal fees

A federal judge has tossed out a $37.3 million trade secrets verdict for Lockheed Martin Corp. and ordered a new trial after finding that the aircraft company failed to turn over to a defendant competitor documents critical to the case. full article

San Francisco Crime Lab Scandal Is Fiasco for Law Enforcement and Feast for Defense Bar

In a federal gang murder case last year, criminal defense attorney John Philipsborn tried to get Northern District of California Judge Maxine Chesney to hold a hearing on the integrity of drug evidence coming out of the San Francisco crime lab. He didn't get far. full article

Vietnam rebuffs hacking claims from Google

IDG News Service - Vietnam tersely rejected charges from Google that tens of thousands of Vietnamese-speaking PC users around the world were targeted by hackers. full article

April 5, 2010

Countrywide Sold Private Info, Class Claims

(CN) - Countrywide Financial employees stole and sold "tens of thousands, or millions" of customers' personal financial information, invading their privacy and exposing them to identity theft, a class action claims in Ventura County Court, Calif. The class seeks to know, among other things, whether Countryside merely aided and abetted the theft and illegal dissemination, or whether it was "an architect of the plan". full article

Ruling suggests limits on employer's access to personal e-mail

Network World - Can employers read an employee's personal e-mail composed and sent via a corporate computer, and does the employer own that e-mail? Or what if it's an e-mail to a lawyer, which raises special questions of client-attorney privilege that invoke confidentiality? full article

Fake gift card scams on Facebook

Whole Foods Market, a Texas supermarket chain, has been fighting the latest gift card scam that takes advantage of the company well-known brand by offering a $500 gift card to lure Facebook users to part with their personal and credit card information. full article

Red Condor Warns Of Fake eBay Security Alert

Phishing campaign poses as a security alert from eBay

Rohnert Park, Calif. " April 1, 2010 " Red Condor today issued a warning of a new blended email threat that appears to be a security alert from the leading online marketplace, eBay. The email message with the subject line "eBay Procedural Warning " Security Alert," is addressed to "Dear eBay Member," and warns recipients that the sender has "detected security issues on behalf of your account." The email warns that to correct the issue, users "have to download and install the eBay Security Shield." The embedded link in the email actually takes user to a likely compromised site on eBay's network. On the site is a Download Now button that when executed installs a Trojan virus. After the victim installs the malware as prompted by the email, they are directed to log into their eBay accounts, which then sends their eBay log-in credentials to the scammers. full article

Private papers found in trash

Law director not sure how documents got into the recycling Dumpster without being shredded.

MIDDLETOWN — For several weeks, a mound of city documents containing Social Security numbers, phone numbers and carbon copies of checks filled a Dumpster at Smith Park, where they were accessible to anyone. full article

How to detect a phishing site, the Google way

Google analyzes millions of pages per day when searching for phishing behavior. This kind of activity is, of course, not done by people but by computers. full article

8 Sentenced for Sending Money to Palestine

ST. LOUIS (CN) - Eight men were sentenced on federal racketeering charges for a scheme to send money to the Palestinian territories. The so-called Hamed Organization had run the scheme out of five St. Louis area-convenience stores since 2000. full article

April 2, 2010

Vietnamese campaigners targeted in cyberattacks

Malware that was disguised as a popular Vietnamese-language keyboard driver for Windows users was used to create a botnet, according to blog posts from Google's Neel Mehta and McAfee chief technical officer George Kurtz. full article

More Heartland-Related Fraud Detected

A Florida credit union must issue 12,000 new debit cards after new fraud attempts traced back to the Heartland Payment Systems data breach. full article

Navy took more than a year to announce personal data breach

In case of danger or a natural disaster, the U.S. Navy can rapidly dispatch troops, fighter jets or relief supplies to troubled areas around the world. full article

Accused Delaware hacker skips arraignment

A Delaware college student accused of hacking into a video spy game unveiled in Boston over the weekend skipped his day in court and now has a warrant out for his arrest. full article

Machias Savings Bank Warns of Phishing Attack

A phishing attack has been detected against Machias Savings Bank. The attackers are sending e-mails, text messages and placing automated calls to home and business phones, the bank said in a statement released Wednesday evening. full article

WARNING: Tri-City cops say scammers are ‘phishing’ for bank information

Scammers appear to be targeting Tri-City residents again trying to get confidential bank information by claiming their debit cards have been deactivated or their bank accounts have been frozen. full article

Consumer body slams HDFC Bank for unauthorised fund transfer

MUMBAI: In a significant ruling, the District Consumer Complaints Redressal Forum has held HDFC Bank responsible for unauthorised fund transfer in an internet banking transaction. full article

Are Your Internet Activities Illegal? Radisson Blu is Watching You

Have you ever been staying at a hotel with fast and free WiFi only to find that when you sit down for some internet time at night, that the speed of the connection has slowed? This is usually due to other users in the hotel downloading porn or accessing other streaming video content. It's sad, but it's true and we wish it was rarer. full article

Report: Cybersecurity bigger than an IT problem

Companies that confine cybersecurity concerns to the information technology department put their bottom line at risk, according to a report released Wednesday by the Internet Security Alliance and the American National Standards Institute. full article

Cyber attacks target critics of Chinalco mine in Vietnam

BEIJING: Google, which moved its search engine out of China last month after claims of cyber attacks on human-rights activists, says it has detected software targeted at critics of bauxite mining in Vietnam. full article

Gonzalez Sentence Is No Deterrent to Hackers, Security Expert Warns

The 20-year sentence imposed last week on Albert Gonzalez of Miami, the computer hacker who led the attack on Heartland Payment Systems, TJX Cos., and other major retailers, won’t deter future data breaches, a security expert says. full article

Google confirms a report on cyber attack

A recent finding, conducted by Google, has shown a new kind of cyber-attack. This is akin to the prior attacks that happened on Google. full article

Yahoo! mail hacked, claims China.

With an aim to seize the sensitive information from writers, journalists and activists in China, the Yahoo! mail accounts of the citizens have supposedly been targeted this time. And that is the reason why the information on Yahoo! is getting hacked. full article

New legal trick: Fake hospital sites for finding clients

Until about noon on Wednesday, dozens of websites were identifying themselves with a Red Cross-ish logo and names like "VA Medical Center Palo Alto," or "VA Hospital San Francisco," or "VA Medical Center Gainesville" though they had no affiliation with the U.S. Department of Veterans Affairs. They were actually operated by plaintiffs law firms that were searching for clients with asbestos-related diseases. full article

Barnet council employee loses 9,000 schoolchildren's records

UK: Barnet Council has reported the loss of 9,000 student records which were stored on unencrypted CD-ROMs and USB sticks. full article

Top 10 positions in a hacker organization

NEW DELHI: Think hackers are some evil-minded people working in disparate parts of the world with little or no networking among themselves? Time to get a reality check! full article

Concern over surge in banking Trojans

Trojans made up nearly two thirds (61 percent) of all new malware identified during the first quarter of 2010, says PandaLabs. According to the security firm's Q1 2010 report, the majority of these were banking trojans. full article

IBM Teams With FAA to Neutralize Cyberthreats

IBM is providing the FAA with a new streaming analytics system that will help the agency get the jump on any would-be cyberattackers. full article

ID theft No. 1 FTC complaint in 2009

A recent Federal Trade Commission report does not surprise Florence police Sgt. Cliff Billingsley. full article

Frequent users of internet report higher incidence of identity theft

A recent report indicates that people who use the internet more are more likely to encounter identity theft. full article

Mail Mix-Up Exposes Identity Theft Vulnernability

A young woman living the Yolo County town of Winters was anxious to get her unemployment benefits information in the mail. But once she received that letter, she was surprised to find someone else's social security full article

Internet retail scams contributed to a rise in online fraud losses in 2009

Online fraud losses more than doubled in 2009, with scams related to online retail contributing to the problem, according to the latest annual report from the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center. full article

N.J. woman accused of fraud, assuming dead mother’s identity

A Warren, N.J., woman faces a number of charges, including third-degree insurance fraud, for allegedly using the identity of her deceased mother to gain benefits, secure an auto policy and make an accident claim through that coverage. full article

A tale of two Michael Nelsons

Michael Scot Nelson was admitted to the State Bar of California in 1995 and works as an attorney for the Federal Reserve Bank in New York. Michael Anthony Nelson of Atlanta, on the other hand, has never been an attorney anywhere in the United States. full article

Pleasanton man arrested in reshipping scam

Police arrested a Pleasanton man Thursday on suspicion of 15 counts of identity theft and possession of stolen property. full article

April 1, 2010

Government held liable in warrantless wiretapping case

San Francisco, California -- A federal judge ruled Wednesday that the government is liable for illegally wiretapping an Islamic charity without a valid search warrant. full article

Revising privacy law for the 'cloud' era

(Ars Technica) -- The government needs a search warrant to bust into your house, search your files, and pull out any incriminating documents. It needs the same warrant for files stored on your computer. So why doesn't the same standard apply when the same information is stored in online servers operated by third parties like Google or Microsoft? full article

Proposed law would keep inmates from data

WASHINGTON, March 31 (UPI) -- The U.S. Social Security Administration plans to propose legislation to ban prisoners from access to data that could be used for identity theft, officials say. full article

Top execs need to be involved in cybersecurity, study says

IDG News Service - Organizations with top executives who aren't involved in cybersecurity decisions face a serious problem -- a major hit to their bottom lines, according to a report released Wednesday. full article

'Fog of War' Led To Operation Aurora Malware Mistake

McAfee says some malware disclosed as part of Google attacks was actually a separate infection and unrelated to targeted attacks out of China full article

Banker Trojans Comprised More Than 60 Percent of New Threats Created in Q1, Finds PandaLabs

Traditional viruses made up more than 15 percent of all malware, despite having shown a dramatic decrease in recent years full article

Microsoft, Google Call For Internet Privacy Changes

The Digital Due Process coalition says the same legal requirements for offline criminal investigations should apply to online information full article

Sharing vs. your privacy on Facebook

Facebook is, by its nature, a social experience. But as the undisputed king of social networking expands ways for its users to interact, it's raising more questions about how much of their information is made available to people they don't know. full article

Trivial security flaw in popular iPhone app leads to privacy leak

A trivial security flaw within a popular photo sharing iPhone app known as Quip, has exposed thousands of shared photos, with repositories of them — including the naked ones — already circulating across the Web. full article

Cracking Open Genetic Privacy

Common Good Is Best Served by Not Building Walls Around This Deeply Personal Information

I am an altruist by nature, so when a letter from my healthcare provider inquired as to my interest in volunteering for a research project my initial thought was, “Why not?” full article

Two more newly revealed breaches

There are two newly revealed breaches on the HHS/OCR web site that were not previously reported in the media full article

Cybersecurity masters degree to be offered at Utica College

Utica College might just be the safest place to be when it comes to cyber security. Wednesday night Utica College announced they're offering a new degree that no other school has, a masters degree in cybersecurity. full article

Councils slammed after children's data lost on stolen kit

Warwickshire County Council has been found in breach of the Data Protection Act (DPA) by the Information Commissioner’s Office (ICO) after two laptops were stolen. full article

Detective: Hundreds could be victims of identity theft

Travis County deputies have arrested a man who they say is responsible for hundreds of cases of identity theft. full article

Microsoft uses botnet to detect Office bugs

Microsoft uncovered more than 1,800 bugs in Office 2010 by tapping into the unused computing horsepower of idling PCs, a company security engineer said today. Office developers found the bugs by running millions of "fuzzing" tests, said Tom Gallagher, senior security test lead with Microsoft's Trustworthy Computing group. full article

Women Accused Of Stealing From Cancer Patients

Four Broward women are behind bars accused of stealing from cancer patients. full article

Data Theft Trojans, Black Market Cybercrime Tools on the Rise

Cyber crooks are becoming more destructive and inventive, according to Panda Security's latest cybersecurity and vulnerability report, despite the fact that they're less skilled and technically proficient than their predecessors. full article