Archive for the ‘Data Security And Privacy’ Category

Armed Forces Day falls on May 18, reminding Americans of the sacrifices that military members make for the country every day. While these brave souls signed up to confront dangers and hazards that would make the average citizen shake in his boots, most members of the military would not have imagined that their jobs would put their identities at risk. Despite efforts from the Pentagon, military personnel still face unusually high potential for having their identities stolen.

One of the key reasons for that increased risk is the frequency with which troops have to give out their . While civilians are reminded repeatedly to keep their numbers closely guarded and to only give them out when absolutely necessary, military personnel often have to give out their numbers for a variety of reasons, some as basic as logging into computers.

The potential for deployment makes the situation even more complicated. When troops are deployed abroad, and don't have regular access to keep a close eye on their accounts or what comes in the mail back home, they're at yet another disadvantage. It could be months before they see evidence of identity theft, long after serious damage has already been done. Fortunately, troops can put "" on their credit reports; those reports ensure that creditors take extra steps to verify identity before granting credit.

Taking the usual steps to protect identity may not be enough for military personnel. While part of the burden is on troops, many military experts believe that changes throughout the system - such as reducing the frequency of disclosing Social Security numbers - are necessary before the trend really slows.
Most families install basic home security precautions: locks, alarms and maybe even landscaping designed to prevent predators from hiding in the bushes. But what about inside the house?

When it comes to inviting strangers into the home to provide services like plumbing, electrical work or even carpet cleaning, not taking careful steps to fully screen the company and the worker who shows up at the door can easily lead to an identity theft situation. Take action to help protect your family from :

* both online and in your community. Identity thieves have set up faux companies, mimicking legitimate companies in name, service offerings and even websites in an effort to gather identity information like addresses, credit card numbers and telephone numbers for fraudulent use. By the time the serviceman doesn't show up for the scheduled appointment, the website has disappeared and the phone disconnected.

* Ask who will be performing the work when scheduling the appointment. When the worker arrives at the door, ask to see a form of identification. Save the name in your files, in case you want to have the worker return for additional projects or if you need to report an identity theft situation.

* Secure your belongings, especially any documents that contain personal information. A credit card statement laying out, waiting to be paid, provides a stranger coming into your house direct access to a lot of personal information. The worker can easily jot down the information, or worse, snap a photo of the statement with a smartphone, and the theft won't be discovered until money goes missing or fraudulent charges are made.

* Empty your trashcans and recycling bins before the service workers show up. Trash cans are gold mines for identity thieves. Be sure all the recycling and garbage is securely stored in the garage, or better yet, schedule your service work to occur the day after garbage is collected in your neighborhood.

Taking steps to better secure personal information is only the first step when it comes to inviting service workers into your home. Monitoring your identity on a constant basis is also critical in catching identity theft early.
Because most people now spend an enormous amount of time online, businesses and organizations are eager to find ways to use that activity to their advantage. In many cases, that means tracking user habits, which they use to tailor and target advertisements. On social media sites and even some retail sites, user information is logged and tracked, which has led to increased concern about privacy. During , the American Library Association is drawing attention to the issue and advocating for consumers to stand up for their privacy.

Much of the worry is tied to whether a company allows users to opt in or opt out of such information tracking. In many cases, users have no choice, and that can leave them in a vulnerable position. For those who take pains to limit the personal information they put on the Web, "data mining" (the collection of personal user data) can undo all their efforts. If identity thieves are able to hack into the systems of a data mining company, they would have easy access to an incredible amount of exploitable information.

So, what can the average person do to limit their exposure?

* Read user agreements. Those popups filled with legalese often contain information about how a website will use identifying data and other information. Simply scrolling through and clicking "accept" is a bad idea for those concerned about where their data is going.

* Think twice about customer rewards programs. While getting coupons and discounts is a great draw, consumers enrolled in rewards programs are giving up their purchase history (and sometimes credit card information) to a corporation or organization. If hacked, that information could be used by thieves to commit .

* Minimalize social media. Lots of social media sites do data mining-Facebook is particularly noted for it, in privacy circles. Read all social media privacy policies carefully, and if there's something you find questionable, you might want to terminate your membership.
Data breaches happen with startling regularity, but they rarely occur on the scale of the 2011 Sony PlayStation breach. When hackers cracked open the PlayStation Network, 77 million users were affected-their passwords, credit card information, security answers, physical addresses and more were all in the hands of thieves. It was a nightmarish scenario for those users and for Sony, but it was much more than just a bad dream.

The results of the PlayStation breach are still playing out. In January 2013, the United Kingdom's Information Commissioner's Office (ICO) Sony nearly $400,000 for the hack. After the breach, companies saw just how important it was to keep their own systems secure; it's estimated that the breach cost Sony . The company also faced lawsuits and government scrutiny from both the United States and United Kingdom, not to mention a major drop in its stock prices immediately following the incident.

No breach since has affected so many users, but breaches still continue to happen. Lessons learned in the aftermath may have helped in combating hacks and increasing security, but everyone needs to continually keep them in mind, and update those lessons.

• Companies-even tech companies-have to stay on their toes. Authorities within the ICO stated that the PlayStation hack was "preventable" and noted that a company like Sony, which is at the forefront of the technology industry, should have had the most up-to-date security system available. In Sony's systems, credit card data was encrypted, but other personal information was not. While companies aren't required to encrypt personal data, after the PlayStation hack, it became clear that doing so is a best practice. Data encryption software and solutions are continually evolving.

• Response time matters. The PlayStation hack happened some time between April 16 and 19, 2011, but Sony didn't shut down the system until the 20th, and then waited to make an announcement about the breach until the 22nd. It wasn't until April 26th that the company confirmed users' data had been compromised. During that period, users were confused, nervous and angry at the company's sparse communications. One of the key takeaways from the hack was that telling customers what's going on is essential, not just from a customer service standpoint, but because most states have laws requiring disclosure of breaches.

While users can protect themselves with clever passwords and other identity theft protection methods, corporations should be equally concerned with protecting their users.
Brides and grooms are busy people in the months leading up (and even following) their weddings. There are flowers to be arranged, photographers and caterers to be hired, dresses to be purchased and honeymoons to be booked. But with all of that activity comes the risk of identity theft, which can put the brakes on marital bliss in a hurry.

Both before and after the wedding, couples need to keep their guard up, even when doing fun activities like attending wedding fairs. To ensure that fraud doesn't end up on the guest list, newlyweds should keep these tips in mind:

• Don't sign up for trouble: At wedding fairs, brides and grooms are often asked to give vendors contact information. There's no guarantee that the vendor will safeguard the data they're given, so think twice before disclosing identifying information.

• Change accounts carefully: Many couples merge accounts after they're married and the long-held tradition of a bride taking her husband's last name is still going strong. The paperwork associated with both of these actions needs to be carefully guarded, as it often contains the information that thieves are dying to get their hands on. Shred non-essential documents that contain sensitive data.

• Pay wisely: Paying with a check can be a risky decision, but many couples hand personal checks over to wedding vendors. Just think about it: a lists about everything an could need: names, addresses, phone numbers, bank names and addresses and bank account numbers.

• Safeguard the honeymoon: Traveling to that long-dreamed of destination is a great way to kick off newlywed life, but with travel comes the risk of identity theft. Talk to banks and credit card companies about where you're going so that they can help guard against fraud. While traveling, keep cards and IDs close at hand (or in a money belt) and stay vigilant. Once home, carefully monitor your accounts.
5_Egg basket

Getting a basketful of chocolate eggs is an Easter treat that anyone would love. But having a basketful of passwords stolen is a nightmare that no one wants to deal with. Protecting yourself from identity theft involves a number of steps, and being smart about passwords is the first one in keeping your identity safe online.

Get smart about password safety—and —using these steps:
(more...)
Unfortunately, it isn't very hard for a person with bad intentions to gather bits of personal identifying information and create fake accounts in a victim's name. And often, the victim's behaviors could lead to the identity theft in the first place.

Pay attention to how you're handling your personal identification numbers. If you have any of the following five bad habits, you might be making yourself a target for .

• Carrying your Social Security card-Most institutions have moved away from using Social Security numbers as an identifying number. Leave your Social Security card at home, and only give out the number in limited circumstances.
(more...)
In the latest celebrity hacking scandal, the personal data and financial details of several public figures including Jay-Z, Beyoncé, Michelle Obama, and Hillary Clinton was illegally posted to a Russian website.

The FBI and Los Angeles Police Department are investigating several cases of doxxing, a new cybercrime in which information about a person is obtained or discovered based on a limited number of clues, the FBI said. Doxxing isn't a case of identity theft, but it does leave victims vulnerable to future cases of identity fraud when personal information is published.

Anyone can be a victim of , even celebrities, government leaders and law enforcement officers. The FBI and Los Angeles Police Department are currently investigating several cases of doxxing, a new prankster trend. In this case, the private information of several public figures, was made illegally available on a website.

The private information made available includes Social Security numbers, mortgage amounts, credit card information, banking information and credit reports. In a few cases, compromising photos were revealed.

The website that contained this illegal information has an Internet URL address suffix assigned to the Soviet Union, and did not list where or how the information was accessed, according to .

Public figures often complain about how much of their personal information is made public. But they are covered under the same laws as all other civilians. For example, financial information discussed in court cases like child custody disputes and divorce is public information unless sealed by a judge, even if the case involves a celebrity.

This isn't the first time celebrities have been hacked. A year ago Christopher Chaney pleaded guilty to hacking the email addresses of celebrities like Christina Aguilera and Scarlett Johansson. He was sentenced to 10 years in jail in December.
Most people know which documents contain sensitive information and require special care. But do you know what to do if you lose your Social Security card, credit card or driver's license?

There are two concerns when you lose a card or document that contains sensitive information - retrieving it for your personal use and doing whatever you can to prevent identity theft from lost information. Here's a guide for getting through the loss of sensitive documents.

Social Security card

Replacing your Social Security card isn't difficult or expensive - the allows you to receive three free replacements in a year or 10 in a lifetime. Completing an application and showing a photo ID will get you a new card. (more...)
Cleaning and finances don't intuitively go hand-in-hand, but spring's a great time to address both. Since you're already doing your taxes, it's the perfect time to do a little financial house cleaning.

Here are a few financial spring cleaning tips that can also help :

• Check your credit report. Regularly monitoring your credit is perhaps the best way to protect yourself from identity theft. Inaccuracies in your report are the first clues that your identity has been stolen, which is why most identity theft services include credit monitoring.
(more...)