Wednesday, July 30, 2008

Private Medical Data of Thousands of Blue Cross Patients Exposed

A mailing error for Blue Cross and Blue Shield of Georgia has put thousands statewide at risk of identity theft. Blue Cross reportedly sent over 200,000 benefits letters containing personal and health information to the wrong addresses last week. The letters in the erroneous letters were primarily Explanation of Benefits letters containing an ID number, the name of the provider, and amounts charged and/or owed. Blue Cross claims that only a small percentage of the letters included Social Security numbers.

The security breach was caused by a change in computer system that had not been properly tested. Blue Cross must send a written notice to those whose names were on the list, and they are in the process of removing Social Security numbers from future mailings.

As you can see, security breaches come in all shapes and sizes. This one was caused by the careless use of an untested computer system. Even though Social Security numbers were not on all the letters, ID numbers and health care information can expose people to potential medical identity theft, where someone can use their information to obtain medical care.

Tuesday, July 29, 2008

New Phishing Scam Targets Investors

Sometimes it seems we receive phishing emails that seem to be fairly random. I can't count how many emails I've received supposedly regarding my account at a bank I've never heard of or a business I've never bought from. They seem like a shot in the dark hoping to find a customer of this bank or business who might fall for this scam. However random phishing scams may seem, they are try and target a certain group, and this new one is targeting investors.

According to U.S. Insurance News, investors should be warned about emails being sent on behalf of Securities Investor Protection Corporation (SIPC). The emails claim to be from a senior investment advisor who is looking to return funds to the investor by having them file an investment claim with a fake form. The form asks for specific information that would allow the scammer to withdraw funds from the investor's account.

SIPC says that these emails are from scammers and anyone receiving these emails should forward them to SIPC for investigation. Never provide account information without 100% certainty that the request is legitimate.

Monday, July 28, 2008

School Replaces SSN Identification with Hand Scans to Prevent Identity Theft

Many have wondered if perhaps biometric identification is the answer to preventing identity theft. At least one university is putting that to the test. Middle Tennessee State University is assigning new identification numbers (instead of Social Security numbers) and requiring hand scans for identification.

The school is requiring both for access to some of the university's facilities including the new recreation facility. The university stopped stopped printing Social Security numbers on ID cards years ago although some professors still had them. The new ID numbers and hand scans are moving them further from the Social Security number identification system and will hopefully aid in the prevention of identity theft.

The matter has been discussed in a number of resources on identity theft. Biometric identification is one method being seriously considered. Whether or not it will prevent identity theft on the level experts are hoping for remains to be seen. However, the method MTSU with both the identification numbers and the hand scan together is fairly limited in its use, so this appears to be a positive step for protecting both faculty and students.

Friday, July 25, 2008

Most Bank Websites Do Not Protect You from Identity Theft

Don't you love the convenience of banking on the Web? I know I do. And when I signed up, my bank's manager was raving about how secure it was. However, a recent study at the University of Michigan made me more than a little concerned.

According to the study, more than three quarters of all bank Websites have design flaws that can expose users to identity theft. Some of the flaws include login boxes or security and contact information placed on insecure pages, allowing insecure IDs and passwords, and emailing sensitive information insecurely as well as others.

Some of the issues have been addressed since their discovery, but there is still a lot of work to be done. The problems become an issue only if you are logging in from an insecure network. So one major way to protect yourself from identity theft is to log in only from your home computer with a secure cable or DSL connection, not at a coffee shop with an open wireless connection.

Thursday, July 24, 2008

Medicare Cards Put Seniors at Risk of Identity Theft

While a great deal is being done by both academic institutions and private businesses to remove Social Security numbers from ID cards, apparently not everyone is moving quickly on this issue. And while the government passes laws to prevent identity theft and punish identity thieves, they also contribute to it by leaving Social Security numbers on ID cards.

Many seniors have expressed concern over the years about identity theft since their Social Security numbers being displayed on their Medicare cards. And they have every right to be concerned. Apparently, Congress has caught on to this concern as well because they are introducing legislation to have Social Security numbers removed from Medicare cards.

In the mean time, the best remedy is not to carry your Medicare card with you. Yes, they encourage you to carry it at all times, but they say the same for Social Security cards. But you shouldn't be carrying that around either. Unless you are seeing a new doctor or traveling outside the country, you shouldn't need your Medicare card. Make a copy of it and black out all but the last four digits of your Social Security number. That should serve as enough for identification purposes.

Wednesday, July 23, 2008

Data Breaches Up 69% From 2007

Consumers should always be vigilant when it comes to keeping private information private, but as we all know, we can't completely prevent identity theft ourselves because we can't control how the companies and people we work with handle our information. Data breaches are primary examples of situations beyond the consumer's control. And according to the Identity Theft Resource Center, it's a growing problem. The ITRC Data Breach Report for 2008 reached 342 (between January 1 and June 27), which is 69% higher than the same period in 2007. The number may actually be higher since some companies don't report breaches and some single breaches affect more than one company.

The list is further broken down into subcategories such as government/military agencies, educational institutions, general businesses, health care companies, and banking/credit/financial services. The Identity Theft Resource Center has made its data breach reports available in pdf format for consumers to read.

Obviously, when companies report these breaches, they don't know whether or not the information has been used for identity theft or not. If a company you do business with announces a data breach, it would be a good to monitor your credit reports for several months just in case your information has been used fraudulently.

Wednesday, July 16, 2008

Online Games on Social Networking Sites Can Lead to Identity Theft

I've made multiple posts regarding social networking sites like MySpace and Facebook, and why you should keep your private data private. You should be especially cautious with online gaming accessed through these sites. If you are asked for any private information like your Social Security number or date of birth in order to play a game or gain points, this is a clue that there may be more here than meets the eye. There is no reason why you should have to provide this information to play a game.

The teenager in this news report learned this the hard way. He was downloading and playing games online from his Facebook page. One game offered extra points if he filled out an application that asked for, among other things, his Social Security number. The trouble began after he provided this information and his mother received a call regarding his "credit card application."

This is not an isolated incident. Parents need to educate their children about identity theft. Young people who know what information not to divulge online and why will be less likely to fall for a scam such as this one.

Tuesday, July 15, 2008

Graduates Easy Identity Theft Targets

Whether it's high school or college, graduation is always an exciting time for anyone, but according to a recent report, it's not a time to be too carefree. After all, graduates fall into the age group (between 18 and 29 years old) at high risk of identity theft. In fact, one third of identity theft victims fall into this age group.

One reason is that this age group tend to be less vigilant about protecting credit data and private information. They are more likely to divulge information online, and they think that since they don't have established credit records that no one would want to steal their identities. But as we know, it's easy to obtain a credit card, even if you have no credit.

As a recent graduate, you need to be more vigilant. The article mentioned above includes some very good tips for graduates regarding protecting your identity including shredding junk mail and credit card offers, keeping your Social Security card safe, and not carrying cards you don't use often.

Thursday, July 10, 2008

Identity Theft Involving ATMs Increases

We should always be cautious at ATMs. My post on shoulder surfing gave just one reason. However, a recent news report should remind us to be extra vigilant not only about who might be watching but about which ATMs you use. Identity theft involving ATMs is increasing, and the ones you find in convenience stores are the biggest problem because they are easiest to tamper with.

According to the report, the use of skimming at ATMs in stores and other public places is on the rise. While they may seem convenient, especially when you need some quick cash at a store or restaurant that only accepts cash, they may have a skimmers attached to them. Is the convenience worth having your bank account information compromised? The best way to avoid this problem is to only use bank-owned ATMs. While they may not be perfect, they are more secure when it comes to protecting your private information.

You should always be cautious when using ATMs, but you save yourself a lot of trouble upfront if you use your bank's ATM or one owned and operated by another reputable bank.

Wednesday, July 09, 2008

Major Rise in Tax-Related Identity Theft

According to a news report regarding the Internal Revenue Service, tax-related identity theft has grown several times over a four year period. National Taxpayer Advocate Nina Olson reports that her office handled 644 percent more identity theft cases for 2007 than they did for 2004. Identity thieves have used stolen Social Security numbers to obtain fraudulent employment or refunds.

However, the IRS's efforts to combat the problem seem to be doing more harm to the victim than good. One of these efforts includes delayed or frozen refunds for legitimate taxpayers or collection actions against them.

Clearly, the IRS stands to lose a lot from identity theft, and more preventive measures need to be taken. However, punishing the victim for the crime is not the answer.