The State Department is advising travelers using super-secure RFID-enabled passports to buy a “radio-opaque” holster, because it turns out that RFID chips aren’t so super-secure after all. Don’t fret if “radio-opaque sheath” isn’t on your holiday shopping list, this is thankfully one of those rare problems that you can solve with a hammer…
identity theft
Some SSNs Can Be Guessed Using Birthdate And Location, Say Researchers
By 7.7.09
It turns out our Social Security numbering system, which launched in 1936, isn’t very foolproof against some types of hacking. The New York Times reports that researchers at Carnegie Mellon University “used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth.”
Everyone Knows How To Handle A Stolen Checkbook Except For Verizon
By 7.3.09
Yesterday I was musing that Time Warner Cable was passing the cost of customer care off to other businesses, by requiring customers to take half-days or full days off of work just to wait for a cable repairman. Today I think I stumbled upon another hidden economic impact of bad customer service: it’s responsible for generating a lot of the “free” content online. The next time you’re reading an IMDB entry about “Damages” or “Big Love” for example, you can thank Verizon’s collection of angry, confused, and possibly insane employees, and all the idle time they create for a customer who has to deal with them.
WaMu Saddles Credit Card Theft Victim With Thousands In Fraudulent Charges
By 6.10.09
Someone stole reader A’s WaMu credit card number and racked up thousands in fraudulent charges, and now WaMu wants A to pay for it. The fraudsters also made a PIN request for a cash advance over the phone, and WaMu said that phonecall orginated from A’s parents house. Because of this, which A says is impossible, WaMu demands A be responsible for the charges. He’s written letters and called executive customer service and it’s gotten him nowhere. His crappy story, inside…
The Maid Is Stealing Your Checkbook
By 6.9.09
Identity theft is rising in the recession, according to a Brooklyn public defender I talked to at a party this weekend. Most often the crime starts with the perp stealing the victim’s checkbook, he said.
Erroneous Public Records Data, Or: Who The Heck Is This Hipolito Guy?
By 5.29.09
Kathy has an unusual problem. She thinks that there might be a problem with some of her public records and/or her credit report, but she isn’t sure how to find out how it got there, let alone remove it. See, there’s a man named Hipolito, with the same relatively common last name as Kathy, who keeps popping up in public records questions used to verify her identity. She has no idea who this man is, and neither does anyone in her family.
The IRS Isn't Sure Who They Hired Or Why Your Sensitive Tax Documents Are Filed In Dumpsters
By 5.24.09
Here are three things you didn’t want to know: 1) The IRS doesn’t always conduct background checks on the employees contracted to handle your sensitive tax documents; 2) Those contracted employees regularly toss your sensitive tax documents into dumpsters without first shedding them; 3) The IRS doesn’t really know who’s in charge of conducting background checks on contracted employees, or who’s responsible for keeping your sensitive tax documents shredded and out of dumpsters. At least that’s what the Treasury Inspector General‘s office uncovered when it audited everyone’s favorite auditors.
Watch Out For Fraudulent ITunes Purchases, Whether You Have An ITunes Account Or Not
By 5.19.09
I woke up this morning to an email stating I had made two $50 gift card purchases [on iTunes Music Store]. I contacted my bank and apple, then did a google search and found that many others had the same thing happen to them.
Don't Move House If You Have An Amex Card
By 5.13.09
Here’s a cautionary tale from a Consumerist reader whose credit card company contacted his out-of-date phone number and got authorization for a $4000 spending spree. withdrew thousands of dollars from his bank account for a payment he had supposedly scheduled and then OK’d over the phone. The problem? He hadn’t scheduled it, that wasn’t him on the phone, and that wasn’t his phone number.
Make Sure You Secure Your Smartphone
By 4.24.09
Do you own an iPhone, G1, Blackberry, Windows or Nokia smartphone? Fancy phones are a nice target for thieves, and unfortunately they’re often packed with sensitive information that can be too easily accessed and exploited. Why not take the time this weekend to make sure it’s secure?
Visa Covers Butt By 'Delisting' Breached Credit Card Payment Processors
By 3.18.09
Visa has removed Heartland Payment Systems and RBS WorldPay, the two huge payment processors that suffered recent data breaches, from its list of companies that are in compliance with Payment Card Industry (PCI) rules. It says they can get back on the list when they recertify that they have proper security in place. While this may sound like a significant change in the status of the companies, in reality it does little to change how the three companies do business with each other or with merchants. It’s just a way for Visa to protect itself from any upcoming lawsuits by banks and credit unions against the payment processors.
8,000 Comcast Passwords Exposed, Phishing Scam Suspected
By 3.16.09
The New York Times has reported that a list of over 8,000 Comcast user name and passwords were available to the public via Scribd for two months, before a Wilkes University professor discovered it over the weekend after doing a search for his identity online. Comcast is saying it looks like the result of a phishing scam and isn’t an inside job, and that there are so many duplicate entries on the list that it’s closer to 4,000 customers.
Best Buy Employee Arrested For Stealing Credit Cards
By 2.10.09
Uh oh, another Best Buy employee has been caught swiping data from customers. Unlike the woman last August who went on small time shopping sprees, this woman was caught using a card reader to swipe and store info on as many as 4,000 customers at the Best Buy store located at 1880 Palm Beach Lakes Blvd in Palm Beach, Florida.
Cellphone Recycler Says 99% Of Phones Still Contain Personal Data
By 2.5.09
Regenersis studied a random sample of 2000 handsets processed during the first week in December and found that 99% of handsets received contained some sort of personal data, including: contacts, SMS messages, pictures, music, videos, calendar entries, emails, notes, mailing lists and to do lists. In some cases, extremely sensitive information was contained, including bank details, addresses, and confidential emails.
Credit And Debit Card Breach May Affect Over 100 Million
By 1.21.09
The Washington Post has reported that Heartland Payment Systems, a payment processor that services “more than 250,000 businesses,” has had more than 100 million transactions compromised via malicious software that was installed on its network; it will likely turn out to be the largest data breach ever reported. The “good” news is that the criminals were only capturing credit card numbers, the names on the cards, and expiration dates—the info encoded onto the magnetic strip on the card. Because no addresses, SSNs or PINs were stolen, the prospect of full-blown identity theft is pretty small—which must explain why Heartland isn’t offering any sort of credit monitoring package as compensation. Instead, their CFO says, “We recognize and feel badly about the inconvenience this is going to cause consumers.”
Play Anti-Phishing Phil And Learn How To Spot Phishing Attacks
By 1.2.09
Phishing attacks are pretty cleverly designed, because they skip most virus checkpoints altogether and go for the true weak spot in human-computer interaction, the human. Lorrie Faith Cranor, a computer security researcher at Carnegie Mellon University, has been studying phishing attacks to identify new ways to fight them.
By 1.2.09
../../../..//2009/01/02/boingboing-has-the-500-worst/
BoingBoing has the 500 worst passwords. We’ll sum it up: if your password is password, 123456, or 696969, say goodbye to your identity.
DIY ID Theft Protection
By 12.14.08
Do you want to be one of over eight million identity theft victims? No, but most of the services sold by “identity theft protection” companies you can get for free. Here’s how.
