Tuesday, December 15, 2009
Facebook Moves to Standardize and Own Customer IDs
The need for a central repository for IDs is obvious in theory, but the reality of creating such a monster is quite challenging. OpenID is a good attempt to give some control to the individual in managing their online identity, but it has many limitations. The limitations are the creation of a cross-industry, cross-platform, worldwide identity for each individual, the management of such a database and the privacy concerns that are raised with every step in this direction.
Saturday, November 21, 2009
Be careful of hackers and key loggers....and your bank teller?
South Florida Identity Theft Ring Suspects Indicted
Identity theft is not always a high-tech crime. As a matter of fact, the vast majority of identity theft cases are still relatively low-tech in nature. The easiest way to steal identities is still through a trusted source that has access to the information and it is also the hardest to detect. No network intrusion tracks, no data logs...and the insider typically knows how to cover any tracks.
Identity theft is not always a high-tech crime. As a matter of fact, the vast majority of identity theft cases are still relatively low-tech in nature. The easiest way to steal identities is still through a trusted source that has access to the information and it is also the hardest to detect. No network intrusion tracks, no data logs...and the insider typically knows how to cover any tracks.
Tuesday, November 3, 2009
IT worker syphons from bank's customers
Bank IT worker charged in $1.1 million fraud - InformationWeek
Unfortunately, this is not a rare occurrence. What we don't know is how law enforcement detected the fraud. If a tip came from a victim, it is scary to think of how long this fraud would have lasted if this individual were part of a criminal organization. Instead of opening accounts, this thief could have just sold the identities in the black market and he would have been much harder to trace. This is every IT security employee's nightmare.
Unfortunately, this is not a rare occurrence. What we don't know is how law enforcement detected the fraud. If a tip came from a victim, it is scary to think of how long this fraud would have lasted if this individual were part of a criminal organization. Instead of opening accounts, this thief could have just sold the identities in the black market and he would have been much harder to trace. This is every IT security employee's nightmare.
Monday, November 2, 2009
Employer stealing from Employee??
http://www.seacoastonline.com/articles/20091031-NEWS-910310336
One of the objectives of this blog is to educate people about the risks of identity theft and point out potential sources of it. This is a fairly strange and sad set of circumstances that can happen to any of us. The victim in this tragedy will feel the effects of this crime for years and her life will never be the same.
One of the objectives of this blog is to educate people about the risks of identity theft and point out potential sources of it. This is a fairly strange and sad set of circumstances that can happen to any of us. The victim in this tragedy will feel the effects of this crime for years and her life will never be the same.
Wednesday, October 28, 2009
Insider Threat to Banks on Rise
http://www.darkreading.com/insiderthreat/security/government/showArticle.jhtml?articleID=220301087
While this article addresses the topic of insider threats from the perspective of a financial institution, it is quite revealing as this threat is one that makes any business vulnerable. The surveys that are cited are drawn from interviews with managers, which means it represents statistics of "known" cases only.
Any business that handles sensitive information of any kind must understand that, while security may be costly, it is still a fraction of the cost associated with the loss of a customer.
While this article addresses the topic of insider threats from the perspective of a financial institution, it is quite revealing as this threat is one that makes any business vulnerable. The surveys that are cited are drawn from interviews with managers, which means it represents statistics of "known" cases only.
Any business that handles sensitive information of any kind must understand that, while security may be costly, it is still a fraction of the cost associated with the loss of a customer.
Monday, October 19, 2009
HHS website dedicated to prevention of Medical ID Theft
http://www.stopmedicarefraud.gov/
The Department of Health and Human Services launched a web site to educate professionals and consumers on the risks of medical identity theft and suggests ways to prevent it. This type of identity fraud has largely gone unmeasured by recent identity theft studies, but some insurance fraud professionals put the number at $25 billion annually, which is an additional 50% of the reported fraud loss from other types of identity theft. Big number!!
The reason it is so difficult to attain an accurate number is because most measurements revolve around victim surveys. Well, medical identity theft can go undetected for many years and victims usually don't realize that they are victims until unpaid medical bills find their way to the credit report.
Check out the link above for tips on protecting yourself and your family.
The Department of Health and Human Services launched a web site to educate professionals and consumers on the risks of medical identity theft and suggests ways to prevent it. This type of identity fraud has largely gone unmeasured by recent identity theft studies, but some insurance fraud professionals put the number at $25 billion annually, which is an additional 50% of the reported fraud loss from other types of identity theft. Big number!!
The reason it is so difficult to attain an accurate number is because most measurements revolve around victim surveys. Well, medical identity theft can go undetected for many years and victims usually don't realize that they are victims until unpaid medical bills find their way to the credit report.
Check out the link above for tips on protecting yourself and your family.
Friday, October 16, 2009
Stolen Laptop Compromises 800,000 doctor identities
http://www.chicagotribune.com/business/chi-thu-notebook-1015-oct15,0,4209340.story?obref=obnetwork
This is yet another all-too-common data breach event. According to the story, the thieves appeared to be more interested in vandalism and perhaps stealing a few electronic items. Well, if they still have the laptop, they now know there is nice bonus included in this job! It is true they probably had no idea they were stealing such valuable information, but they do now.
Question: Does this type of notification and follow up news story actually put those compromised identities at more risk??
This is yet another all-too-common data breach event. According to the story, the thieves appeared to be more interested in vandalism and perhaps stealing a few electronic items. Well, if they still have the laptop, they now know there is nice bonus included in this job! It is true they probably had no idea they were stealing such valuable information, but they do now.
Question: Does this type of notification and follow up news story actually put those compromised identities at more risk??
Subscribe to:
Posts (Atom)
