Into the Breach: Security Breaches and Identity Theft/Research Report July 2006 “Security breaches of data files can lead to identity theft. In this AARP Public Policy Institute Data Digest, Neal Walters analyzes 244 breaches between January 1, 2005 and May 26, 2006, and finds that 40 percent were caused by hackers or insider access… Continue Reading
Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002
Category Archives: ID Theft
GSA Alerts Public to Recent E-mail Scheme
GSA press release: “The U.S. General Services Administrations (GSA) Office of Citizens Services & Communications is warning the public to avoid falling victim to a recent e-mail scheme that targets users by sending unsolicited e-mails allegedly from FirstGov, the citizen portal operated by GSA. These scam e-mails tell recipients that because of recent fraudulent activities… Continue Reading
Coalition of Public and Consumer Groups Criticize Proposed Data Breach Legislation
EPIC: “A data breach notification bill [H.R. 3997] backed by the House Financial Services Committee drew criticisms from state law enforcement officials and a coalition of consumer groups, who said that existing state laws are more effective at protecting consumers. In a letter to House leadership signed by 48 state attorneys general, the National Association… Continue Reading
GAO: Key Federal Privacy Laws Do Not Require Information Resellers to Safeguard All Sensitive Data
Personal Information: Key Federal Privacy Laws Do Not Require Information Resellers to Safeguard All Sensitive Data, Full text GAO-06-674, and Highlights, June 26, 2006. “The growth of information resellers–companies that collect and resell publicly available and private information on individuals–has raised privacy and security concerns about this industry. These companies collectively maintain large amounts of… Continue Reading
IRS IG Audit Report on Compliance With Taxpayer Browsing Protection Act of 1997
Treasury Inspecter General for Tax Administration – Increased Managerial Attention Is Needed to Ensure Taxpayer Accounts Are Monitored to Detect Unauthorized Employee Accesses, July 24, 2006. Reference Number: 2006-20-111. “The Taxpayer Browsing Protection Act of 1997 made it a criminal offense to access or inspect tax information without proper authorization. A person convicted of any… Continue Reading
PC With Personal Data on More than 500,000 NY Workers Missing
AP reports that “[t]he names, addresses and Social Security numbers of as many as 540,000 injured workers [in New York] have been lost, and the state and a contracted company are trying to protect the workers from identity theft.” Continue Reading
Article Examines Digital Rights Management and Consumer Consent
Matwyshyn, Andrea M., “Technoconsen(t)sus” (May 2006). Posted July 19, 2006 [Link to download] “Law is contributing to an information security paradox. Consumers are regularly consenting to the installation of computer code that makes them more vulnerable to harms such as identity theft. In particular, digital rights management technology accompanying digital music has recently left a… Continue Reading
MarkMonitor Reports Domain-Based Phishing Attacks Now Represent 73 Percent of All Phishing Scams
Press release: “According to MarkMonitor’s AntiFraud Operations Center (AFOC), domain-based phishing attacks now represent 73 percent of all attacks, up from 35 percent just 18 months ago.” Related reference in this press release to an academic paper titled, Why Phishing Works. beSpacific postings on ID theft and cybercrime Continue Reading
Agencies Propose Rules on Identity Theft Red Flags and Notices of Address Discrepancy
FTC press release: “The federal financial institution regulatory agencies and the Federal Trade Commission are soliciting comments on a Notice of Proposed Rulemaking (NPRM) concerning identity theft red flags and address discrepancies. The NPRM, which has been reviewed and approved by each of the listed agencies, implements sections 114 and 315 of the Fair and… Continue Reading
VA OIG Audit of Veterans Data Breach
Review of Issues Related to the Loss of VA Information Involving the Identity of Millions of Veterans, Rpt. #06-02238-163, July 11, 2006 (78 pages, PDF) Related postings on the VA data breach Continue Reading
Commentary on Security Breaches Resulting from Offshoring of Customer Data
Risky Business? How Multinationals’ Outsourcing Involving Customer Data Can Lead to Identity Theft and Other Fraud, by Anita Ramasastry. Continue Reading
Laptops and Lack of Encryption Are Weak Links in Data Breaches
In the wake of the steady stream of news (the latest at this time is here) about stolen laptops and data breaches impacting state and federal government agencies and personnel, as well as corporations large and small, this AP article raises an important question: “…Why is so much private data allowed to be on laptops… Continue Reading
