Total Identity Protection

Yesterday, it was announced that McDonalds Corporation experienced a significant data breach where customer data was compromised via a third-party vendor. Basically, the attackers were able to access the sensitive McDonald’s customer data through a couple levels of subcontractors that manage the company’s email marketing campaigns.

A company called Arc Worldwide manages McDonald’s promotional e-mail campaigns — which as you can imagine is very extensive and customer data heavy. Well it turns out that a subcontractor to Arc Worldwide that distributes the actual email campaigns was hacked. So, it was a sub of a sub that was breached. The good news was that no social security numbers or credit card information were stolen.

According to PC World, this is an example of hackers being extra smart and targeting contracting companies that often deal with massive amounts of customer data for their clients (i.e. often major retailers, restaurant chains, etc.).

Read more…

Last year around the holidays I wrote about burglars preying on churches.

This year is no different. The Boston Globe reports “You know things are bad when they start knocking off churches. And judging by the number of churches knocked off recently, things are very bad indeed.”

“I’m seeing levels of desperation out there I haven’t seen for a long while,’’ said the churches Priest. “Like most priests and ministers, he sees a lot of people who live on the margins. They come to the three churches he oversees for food and laundry money and help with the rent. They come because they don’t belong anywhere else.

And sometimes they come to steal. There have been 15 break-ins at Boston area churches in the last few months. And that’s just the Catholic ones.”

It doesn’t matter where, when or who, a burglar will go where there is easy access and easy money, or goods to be resold.

Often, it is those on the inside that have knowledge of how things work and where they are.

Read more…

Q:  I am already a victim of identity theft.  The worst part of my case is that I know who has done this, but I don’t want them to be in any trouble.  Please advise me what to do.

A: If you know that you are a victim of identity theft, you need to take immediate steps to protect yourself.  I understand you don’t want to implicate the person who has done this, but it’s possible that they might sell your information to others who can use your information for profit, so I would think seriously about reporting them.

If you really don’t want to involve the guilty party, at least get copies of all 3 of your credit reports, put a freeze on your credit report and subscribe to an identity theft protection service to protect yourself.  You can learn more about what steps to take in this previous post on what to do it if someone has stolen your identity.

University of Wisconsin-Madison officials say hackers broke into their computer systems and had access to the Social Security numbers of 60,000 people related to the university.

The university became aware of the problem on October 26th and notified the students, faculty and staff members in a letter dated November 30th, said UW-Madison spokesman John Lucas.

An investigation by University of Wisconsin-Madison’s Division of Information Technology and office of computer security found nothing to suggest that anyone had downloaded or used the information in any unauthorized way, Lucas said. The identities of those who obtained unauthorized access remain unknown.

UW discovered the hack from what they referred to as a breach in the “Legacy Database.”  The “Legacy Database” refers to Wiscards printed prior to 2008 that had student’s Social Security numbers embedded on the cards, Lucas said.

“It’s important for current students within the last two years (to know they) are not affected by this… the Wiscards with the Social Security numbers were deactivated in 2008,” Lucas said.

Read more…

While many cyber cafes — especially in Brooklyn — have become a key destination for the young, hip and creative, in developing countries they are the breeding ground for international cyber crime. Since anyone can walk into these Internet parlors and begin a hacking rampage often aimed at U.S. interests, it’s the ideal place for the shady and nefarious.

Well, Nepal is taking some very simple, yet innovative steps that may help fight the scourge that is international cyber crime. In Nepal’s biggest metropolitan city, Kathmandu, cyber cafes are now required to ID customers. Users will have to provide personal information, such as names, addresses, phone numbers and signatures.

And it seems to be working. According to the Himalayan Times, police units have already recorded 13 cases of cyber crime, with nine being resolved and four still under investigation.

While this may be a very tactical approach to fighting cyber crime, just think how effective this could be if other nations like Russia and China did this?

Read more…

Officials from the University of Tennessee Medical Center are notifying approximately 8,000 patients that the facility did not properly dispose of hospital reports.   The personal information poses potential risk of a privacy data breach, according to a Knoxville News report.  

In October, the hospital was notified that records containing private patient information were disposed without proper shredding and were instead discarded in the hospital’s waste stream.

Read more…