University students worry about their credit after web site made personal data accessible to public

Social Security numbers and personal information of an unknown amount of students of the Louisiana State University was publicly displayed on the school’s website for an unknown period of time, leaving information accessible to the public. The personal data was displayed on the College of Arts and Sciences portion of the school’s website.

Although there has not been evidence of misuse at this time, the University Registrar, Robert Doolos, has notified students by letter that they are encouraged to use the credit monitoring service on their site at http://creditmonitor.lsu.edu.

State web site had publicly accessible information posted of top business officials

Some of Iowa’s top business officials and company board members are carefully watching their credit reports after a link to the state web site publicly posted over 2,000 Social Security numbers and personal information of out-of-state executives from large, well-known companies around the US.

This breach in personal data has the Iowa Secretary of State second-guessing the information that is posted on the web site and who has access to the information. They are conducting a thorough search on the web site to ensure no other personal information is available to the public.

It is unsure how long the information had been posted on the site and who may have accessed it, but this is the second time in less than a year that identity protection activists have found personal information available on a state web site.

Those who are considered to have been at risk have been notified and are strongly encouraged to monitor their credit for misuse of their personal data.

Accidental email spreads Social Security numbers and birthdates of over 1000 employees to other co-workers

An error in the payroll department of the Colorado Department of Corrections has put the personal information of it’s employees at risk. An employee in the payroll department accidentally sent financial records via email to over 100 co-workers instead of the generic insurance benefits information that was originally intended.

The mistake was made in time for employees to delete about half of the messages before they were opened, but the other half were opened and some had already forwarded the information to personal computers.

There has been no disciplinary action taken on the employee that sent the email, but the staff members were notified of the incident in the event of misuse. Employees should monitor their credit reports.

Tax Time Gives Identity Thieves Many Happy Returns

While many Americans think of tax time as a prime occasion when money heads out the door, identity thieves think of it in just the opposite manner. This is because tax season means W-2s and other papers with names and Social Security numbers flooding into mailboxes across the country. And if taxpayers don’t keep them, they flood right back out, populating vulnerable trash cans and recycling bins. Some people save their tax information to their computers as well, which can be a gift for hackers that break in to wireless networks to steal data. Like paying the IRS didn’t give you enough to worry about!

Don’t worry too much. There are simple things you can do to keep your tax information where it belongs:

• Check your mailbox early and often until you have all of your tax forms safe in hand. You should receive all of your W-2 forms by February 15 at the latest. If you don’t call the IRS at (800) 829-1040. Sometimes it is just an inefficient company late with mailing their paperwork, but other times it could be the result of a thief stealing or intercepting your mail.
• If you’re mailing your returns, do so at the post office or at least by dropping them in a locked mailbox. If you stick them in a traditional mailbox and put up the flag, it tells the thieves exactly where they should strike next, especially as April 15 gets close.
• Shred any tax forms that you don’t need to keep before throwing them out or recycling them. If you don’t have a shredder, hang on to them. When you have a big stack, get all the papers shredded at your local office supply store.
• For efiling, go with a reputable company. Unfortunately, there are fake sites out there designed just to steal your personal information. For a list of companies that are IRS approved, go to www.irs.gov/efile.
• Make sure your antivirus and antispyware software is up to date before you enter any tax information on your computer, whether you plan to efile or you just want to make a few calculations in QuickBooks.

You may think that taking all of these precautions is a complete waste of time, since identity theft would never happen to you. However, you should know that 8.4 million Americans were victimized in 2007 alone according to Javelin Strategy & Research. It’s likely that most of those people thought it would never happen to them either.

Tax time is a good a time as any to assess your family finances. Look into whether you can afford to invest in an identity theft protection service. You can get one for yourself, for your spouse and even for your children and some cost just pennies a day. You may find out that the question isn’t whether you can afford it, but rather with the risk ever growing, whether you can afford not to.

Army members’ information at risk after contractor laptop theft

An Army Guard laptop was stolen from a contractor and is suspected to hold personal data of over 130,000 Amry Guard members. This data includes names, Social Security numbers, and information in regards to the soldiers that are enrolled in the Army National Guard Bonus and Incentives Program.

Even though the information is at risk after the theft, there have been no incidences regarding the information on the laptops or proof of the information being used incorrectly. It appears to investigators that the laptop was stolen primarily for the laptop itself and not for the information stored on it.

The Army National Guard has set up a website with specific information regarding the security breach, and they encourage credit monitoring and close inspection of strange activity on their credit reports and financial accounts.

A letter has been sent to all those who may have been affected with more information regarding the data breach.

Concord inmate found with list of Corrections Department employees and their SSNs

In Concord, New Hampshire’s Correctional Department, an inmate was caught with a list containing the names of all Corrections Department employees as of March of 2008 onward. This list included the names, positions, department, and Social Security numbers of some 1,000 employees of the correctional facility.

A full investigation is being conducted by state officials, who are unsure as to how the inmate obtained the list, which is believed to have been printed for the use of the human resource department and was intended to be shred.

The Corrections Department is unsure how long the inmate was in possession of the list or what his intentions were with it, but if found guilty of using it inappropriately, charges will definitely be filed against the inmate.

In the meantime, an e-mail regarding the situation was sent out to corrections employees and a more formal letter is to follow. At this time, there is no incidences that have occurred that make state officials believe that the information was breached. The State Employee’s Association president has recommended that employees be on the lookout for unusual activity on their financial and personal accounts.

We would recommend ordering your free annual credit report and looking it over for unusual activity though credit protection may be a better solution.

Tulsa, Oklahoma natural gas producer and distributor notifies more than 4,000 previous employees of security breach

An employee’s vehicle was left vulnerable to a burglary in which a Williams Companies, Inc. laptop was stolen, leaving the personal information of some 4,400 past and present employees of the company at risk for identity theft.

The laptop, which belonged to this 100-year-old natural gas producer and distributor’s company, contained names, birthdays, Social Security numbers and personal income information for employees dating back to the beginning of 2007 all the way up to current employees of the Oklahoma company.

At this time, it is not believed that the information has been accessed, as the information was reportedly password protected, but the company is still offering to pay for a 12 month membership to Experian Triple Advantage for all of its former and current employees to help them monitor their credit reports and bank accounts on a regular basis.

Williams Companies, Inc. reacted quickly to this incident, and authorities believe the laptop was stolen only for means of erasing the hard drive and reselling the computer.

All past and present employees have been notified of the incident, and authorities continue to investigate the burglary.

Network Solutions e-commerce services were hacked for 3 months and was recently exposed

Network Solutions is one of the leading providers of web hosting and e-commerce services, and recently released information regarding a 3-month hack.

Apparently, hackers placed code on Network Solution’s server that diverted credit and debit card transactions from their merchants’ sites to a rogue server, leaving over 500,000 numbers at risk. This was found to have been happening back to mid-March, allowing hackers to hack small business websites and receive credit and debit card numbers straight to their own server. Although the data breach was discovered in early June, the code was just recently cracked and removed from the Network Solutions server.

Network Solutions is offering its customers free fraud-monitoring services to their customers for one year, and is also offering to pay for merchants to notify their customers of the breach. This is required by law in most states.

Network Solutions is working with authorities to investigate the situation, and all those who have been affected are encouraged to visit the website created for this incident at careandprotect.com

Missouri school district investigating the theft of a laptop computer with personal information on past employees

The St. Charles County Sheriff’s Department responded to a break-in mid-July where a rock was used to break an exterior window of the Francis Howell School District administrative building and resulted in a stolen laptop.

The computer was password protected, so the likelihood of the information at risk is slim to none. On the laptop was information including Social Security numbers and names of over 1,700 noncertified employees that worked for the school district between 2005 and 2008.

The district is strongly encouraging previous employees to place fraud alerts on their credit cards, and the district would provide identity theft services in the event of an incident occurring from this situation.

This appears to be an isolated incident, but authorities are still investigating the theft.

Southern California hospital reports hacker breached center computers and had access to personal data

The University of California’s San Diego Moore’s Cancer Center is notifying over 30,000 patients that their information could be at risk after a hacker had accessed their computer.

Although most patient information did not contain Social Security information, it did include names, addresses and treatments. Their personal medical records are stored on a separate server and have not been accessed.

It appears as though the information was not viewed, as there is no evidence showing it was, but either way, the Southern California hospital is taking the correct precautions by notifying their patients of the recent data breach. They are encouraged to monitor their credit for suspicious activities, even though the threat of identity theft is slim.

As of right now, authorities are still investigating the situation.

Next Page »