Student Finds Own Information Online and Leads to Security Breach of School District Site

A student was able to find sensitive information about himself while doing an internet search. This information was personally identifiable information that was hosted by the Beaumont Independent School District. The data posted was confidential information that was accidentally placed online, providing private data such as names, birth dates, Social Security numbers, and school test scores. It was posted last fall, and is believed to have been online for approximately a year.

Beaumont Independent School District has since pulled the files from the public server and is working with the IT department to strengthen the school network’s security to ensure no future incidences of the like happen in the future. As for the student information that may have been accessed, parents are encouraged to consider credit report monitoring services for their family to watch for any unusual or suspicious behavior on financial or medical accounts.

School District Computer Network Hacked

A post on a hacker website titled “El Paso School District Hacked Hard!” led the IT department of El Paso Independent School District to investigate the school’s computer networks to ensure proper security.

This security breach indicates that a vindictive individual was able to hack into the district’s internal network and access information of both employees and students, including Social Security numbers, birth dates, names, and addresses. This information can be used for identity theft, which raises the biggest concern yet for the school district. The biggest concern with all of this is that the information was never encrypted, which is a huge security mistake on the school district’s part.

Protecting children from identity theft can be a little more difficult, as they typically do not establish credit reports until later in adulthood, in which it is oftentimes too late to fix any damage that may have been done while they were not actively establishing credit.

While investigation continues, the El Paso Independent School District is encouraging parents to enroll their children in credit report monitoring . This will help ensure that any suspicious activities do not hit their children’s financial accounts and cause future damage to their credit and financial future.

Identity Theft Phone Scam

Sometimes it is truly scary how identity thieves think. You may find it disturbing to learn about a $20 million phone scam which swindled Americans, mostly seniors, out of their hard earned money. Essentially the scam occurred when persons located in Costa Rica called potential victims telling them that they were the winners of a sweepstakes. To receive the winnings, consumers were asked to provide information so that they could pay for the required taxes and insurance in order to receive their checks.

What is scary is that many of the victims were targeted because their names were on “sucker lists,” which are lists that thieves purchase with the names and contact information of people who are likely to fall for their schemes. According to ABC News, these people were singled out many times because they had sent in sweepstakes mailers filled out in “shaky handwriting – indicating the potential mark was elderly.”

In addition to targeting “suckers,” the thieves made it appear on consumers’ caller ID systems as if the calls were coming from the 202 area code, which indicates Washington, D.C. This was a smart move on their part because it is home to many charities and federal organizations, so it is pretty recognizable.

Because this scam was so widespread, and the victims were so vulnerable to it, the U.S. Postal Service sent out a nationwide mailer on fraud to 129 million households, with the hopes that it would reach every American. The mailer had details about fraud and prevention, as well as directions on what people should do if they believe they have been victimized.

The postal service also has a website, www.deliveringtrust.com, which is designed to help lower the rate of victimization to various types of scams. It is worth paying a visit.

The post office has done their part to help prevent fraud and identity theft, have you? If your answer is no then please take a look through our identity theft blog and acquaint yourself with some credit protection options.

Students Hack School District’s Computer and Access File with Over 14,000 Social Security Numbers

Two students of Birdville Independent School District in Texas are under disciplinary actions and further investigation after they hacked into the school district’s network server and accessed a private file containing the names and Social Security numbers of 14,500 students from the 2008-2009 school year. Although investigators are unsure if the information was used fraudulently, they are still taking the proper precautions and notifying parents of the students about the incident. Parents are encouraged to place fraud alerts on their children’s credit reports, as well as consider identity theft protection services to ensure nothing suspicious or unusual arises from this situation.

Computer Virus Leaves Personal Data Exposed

The University of Wisconsin-Oshkosh College of Nursing and Living Healthy Community Clinic are in the process of contacting approximately 3,000 clients regarding the exposure of their personal medical information due to a computer virus that attacked the network’s computers. It is not believed that this was a targeted attack because the virus has been found on other unrelated computer systems in the past.

Though the IT department has found that there is no evidence of access of the file being personally accessed; however, as the investigation continues, the company is contacting individuals by mail and providing them with information needed to monitor their credit reports and consider identity theft protection services to ensure the safety and protection of their personal information.

Red Flag Exemptions

The controversial Red Flags Rule, which makes it mandatory for organizations that are “creditors” to have a written action plan and programs in place to respond to suspected cases of identity theft has been in the news for over a year now. The latest roadblock in enforcing the rules comes in the form of the Red Flag Program Clarification Act, which passed the Senate unanimously. This Act aims to make professionals, such as doctors, lawyers and accountants exempt from the Red Flag provisions.

The argument here is that the definition of what makes an organization a “creditor” is too broad and that in some instances “creditors” are in industries where identity theft is not likely to occur. Small businesses, like private legal practices are currently considered creditors because clients don’t have to pay at time of service and can instead elect to be billed, effectively putting their customers on credit.

Going against that ruling, Senator Mark Begich of Alaska said that businesses such as these don’t maintain credit accounts for their customers, which makes the risk of identity theft pretty low. He wants the Red Flag rules to only apply to businesses who report to the credit bureaus or similar agencies or who loan money. This, according to many Senators, will keep small business owners from having to shoulder the financial burden associated with complying with the rules. The vote will now go to the House. If it passes, we may finally have some closure on this legislation, but there is no guarantee we won’t be revisiting it again before the end of 2011.

If you are a small business owner that is currently considered a “creditor,” keep an eye on this vote. It could affect your business activities in the near future. Even if small businesses do become exempt, it’s important that they take steps to protect their customers’ information. That’s one good way to keep them coming back for repeat business.

Hacked and Posted Database Leaves 20,000 Usernames and Passwords Available Online

A private hacker accessed and posted a database containing client usernames and passwords of Allianceforbiz.com. The company Allianceforbiz.com is an event management company that handles conferences and trade shows, and has some 20,000 individuals that work with them and have access usernames and passwords. This data can be used to attempt hacks into customers’ bank accounts, emails, and other websites in which the emails and passwords are the same. Some of this information posted is associated with government agencies, which raises some serious concern.

Identity theft is a growing problem, and a breach such as this could result in hacked bank accounts and emails, leading to further attempts at identity theft and fraud. Any companies and individuals who have dealt with this company in the past are encouraged to consider credit monitoring services and to watch their financial accounts closely.

Stolen Laptop Contains Personal Medical Data

Texas Health Partners and the Texas Health Presbyterian Hospital Flower Mound (business associates) are in the process of contacting patients regarding possible security breach.

A company laptop was stolen on June 21, 2011 and was reported the same day to officials. Although the laptop was encrypted and password protected, the company is concerned about the information stored on the laptop. it includes data about patient’s medical care and personal information that can be used for identity theft.

Texas Health Partners encourages individuals that might be affected to participate in identity theft protection services and closely monitor their medical and financial information to watch out for signs of identity theft.

Free Identity Theft Protection: Does It Work?

Who would want to pay for something when they could get it for free; right? That sentiment makes some people wary of identity theft protection services that charge a monthly or annual fee. However, what many don’t research is how effective these free services really are. It is a case of getting what you pay for, at least according to a recent article in PC World magazine. The publication reported on free services, such as the one offered by Xfinity and had some surprising findings.

• While some free services offer credit report monitoring, it’s rare that you will get timely alerts regarding suspicious activity on your accounts. This can make said monitoring not quite as useful as you would have hoped.
• Many free services are offered simply to whet your appetite and encourage you to upgrade to a paid plan. This is similar to the services that offer “free” credit reports when you enroll in some other type of promotion.
• Some services actually have free trials only; not completely free service. That means that if you don’t pay attention you could see monthly charges appearing on your credit card statement due to not taking the time to cancel.
• There are some free services that are simply antivirus packages for your computer, such as the services offered by Earthlink and Time Warner Road Runner. They just provide you with popup warning windows when you’re submitting personal information over the Web.

While some free identity theft services offer minimal protection, it’s nothing compared to what you can receive if you use the right paid service. In a 2010 Javelin Strategy and Research Study, it was reported that about 11.1 million individuals in the U.S. were victims of identity theft, and that they collectively lost $54 billion. The Better Business Bureau further reports that the out of pocket costs per person average at $400. Simply using a free service could turn out to be quite costly in the long run.

Disgruntled Employee Runs Off With Company Laptop After Supposedly Transferring Files

An ex-employee of the Chocolate Emporium in Ceder-Green Plaza in Ohio is under investigation due to a possible security breach.

The employee was taught how to handle customer information, and it was later discovered that the employee had installed DropBox, a file transferring program, onto the company computer in order to transfer documents. These documents included sales receipts with customer names, addresses, and credit card information, among others. The employee quit without notice two weeks before the computer had been stolen. It has been found that he has also been offering the store’s recipes to individuals via Facebook.

Although investigators are unsure yet as to the extent of the information the suspect has, as well as what he has done with the data, it is still important that customers of this chain diligently monitor their credit reports and credit card statements for unusual, suspicious activity. Credit report monitoring services can assist with ensuring financial fraud does not occur.

Next Page »