Fearing his identity would be stolen, Mike put out a fraud alert on his credit report to insure he’d be contacted whenever new credit applications went out under his name. The move paid off because someone snagged his social security number and tried to open accounts with AT&T and Sprint.
Taking outsourcing to an extreme, Bank of New Zealand decided that instead of figuring out why one woman’s charges ended up on another customer’s account, they would just give the customer the woman’s name, home address, work address, email address and cellphone number so they could settle things for themselves.
The State Department is advising travelers using super-secure RFID-enabled passports to buy a “radio-opaque” holster, because it turns out that RFID chips aren’t so super-secure after all. Don’t fret if “radio-opaque sheath” isn’t on your holiday shopping list, this is thankfully one of those rare problems that you can solve with a hammer…
It turns out our Social Security numbering system, which launched in 1936, isn’t very foolproof against some types of hacking. The New York Times reports that researchers at Carnegie Mellon University “used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth.”
Yesterday I was musing that Time Warner Cable was passing the cost of customer care off to other businesses, by requiring customers to take half-days or full days off of work just to wait for a cable repairman. Today I think I stumbled upon another hidden economic impact of bad customer service: it’s responsible for generating a lot of the “free” content online. The next time you’re reading an IMDB entry about “Damages” or “Big Love” for example, you can thank Verizon’s collection of angry, confused, and possibly insane employees, and all the idle time they create for a customer who has to deal with them.
Someone stole reader A’s WaMu credit card number and racked up thousands in fraudulent charges, and now WaMu wants A to pay for it. The fraudsters also made a PIN request for a cash advance over the phone, and WaMu said that phonecall orginated from A’s parents house. Because of this, which A says is impossible, WaMu demands A be responsible for the charges. He’s written letters and called executive customer service and it’s gotten him nowhere. His crappy story, inside…
Identity theft is rising in the recession, according to a Brooklyn public defender I talked to at a party this weekend. Most often the crime starts with the perp stealing the victim’s checkbook, he said.
Kathy has an unusual problem. She thinks that there might be a problem with some of her public records and/or her credit report, but she isn’t sure how to find out how it got there, let alone remove it. See, there’s a man named Hipolito, with the same relatively common last name as Kathy, who keeps popping up in public records questions used to verify her identity. She has no idea who this man is, and neither does anyone in her family.
Here are three things you didn’t want to know: 1) The IRS doesn’t always conduct background checks on the employees contracted to handle your sensitive tax documents; 2) Those contracted employees regularly toss your sensitive tax documents into dumpsters without first shedding them; 3) The IRS doesn’t really know who’s in charge of conducting background checks on contracted employees, or who’s responsible for keeping your sensitive tax documents shredded and out of dumpsters. At least that’s what the Treasury Inspector General‘s office uncovered when it audited everyone’s favorite auditors.
Here’s a cautionary tale from a Consumerist reader whose credit card company
contacted his out-of-date phone number and got authorization for a $4000 spending spree. withdrew thousands of dollars from his bank account for a payment he had supposedly scheduled and then OK’d over the phone. The problem? He hadn’t scheduled it, that wasn’t him on the phone, and that wasn’t his phone number.
Do you own an iPhone, G1, Blackberry, Windows or Nokia smartphone? Fancy phones are a nice target for thieves, and unfortunately they’re often packed with sensitive information that can be too easily accessed and exploited. Why not take the time this weekend to make sure it’s secure?
Visa has removed Heartland Payment Systems and RBS WorldPay, the two huge payment processors that suffered recent data breaches, from its list of companies that are in compliance with Payment Card Industry (PCI) rules. It says they can get back on the list when they recertify that they have proper security in place. While this may sound like a significant change in the status of the companies, in reality it does little to change how the three companies do business with each other or with merchants. It’s just a way for Visa to protect itself from any upcoming lawsuits by banks and credit unions against the payment processors.
The New York Times has reported that a list of over 8,000 Comcast user name and passwords were available to the public via Scribd for two months, before a Wilkes University professor discovered it over the weekend after doing a search for his identity online. Comcast is saying it looks like the result of a phishing scam and isn’t an inside job, and that there are so many duplicate entries on the list that it’s closer to 4,000 customers.
Uh oh, another Best Buy employee has been caught swiping data from customers. Unlike the woman last August who went on small time shopping sprees, this woman was caught using a card reader to swipe and store info on as many as 4,000 customers at the Best Buy store located at 1880 Palm Beach Lakes Blvd in Palm Beach, Florida.
Regenersis studied a random sample of 2000 handsets processed during the first week in December and found that 99% of handsets received contained some sort of personal data, including: contacts, SMS messages, pictures, music, videos, calendar entries, emails, notes, mailing lists and to do lists. In some cases, extremely sensitive information was contained, including bank details, addresses, and confidential emails.
The Washington Post has reported that Heartland Payment Systems, a payment processor that services “more than 250,000 businesses,” has had more than 100 million transactions compromised via malicious software that was installed on its network; it will likely turn out to be the largest data breach ever reported. The “good” news is that the criminals were only capturing credit card numbers, the names on the cards, and expiration dates—the info encoded onto the magnetic strip on the card. Because no addresses, SSNs or PINs were stolen, the prospect of full-blown identity theft is pretty small—which must explain why Heartland isn’t offering any sort of credit monitoring package as compensation. Instead, their CFO says, “We recognize and feel badly about the inconvenience this is going to cause consumers.”