10 Arrested in Theft of Personal Data. "J’ai passé deux années à organiser ma disparition" Appelons-le Éric. Porté disparu en région parisienne à la fin des années 1990, et recherché à l'époque par les forces de l'ordre, il n'a plus donné signe de vie depuis cette période... Pourtant il est vivant, il travaille et élève les enfants de sa compagne, en vivant désormais sous un nouveau nom, dans l'Aude. Midi Libre l'a rencontré et il a accepté de raconter son histoire. Vous avez disparu un beau matin en allant au travail. J'avais une vie assez réglée. Vous aviez une famille ? Oui, une femme et un petit garçon trisomique. Pourquoi avez-vous choisi de disparaître ?
L'argent d'abord. Vous avez su ce qui s'est passé après votre départ ? Oui. Et maintenant ? Je vis dans l'Aude. Vous n'avez jamais eu peur d'être découvert ? Les premières années, oui. Avec le recul, avez-vous des regrets ? Aujourd'hui, je suis un homme neuf.
Microsoft cofounder ID theft. ID theft and SM. ID theft statistics 2011. 24 million customer accounts hacked at Zappos. Hacking group releases more Stratfor subscriber data. News By Jeremy Kirk December 30, 2011 12:17 PM ET IDG News Service - Hackers released another batch of data on Thursday pilfered from Stratfor Global Intelligence, a widely used research and analysis company whose website was attacked last weekend. The data purports to be the names and credit-card numbers of people who have purchased research from Stratfor plus hundreds of thousands of user names and e-mail addresses used to register with the website. The hackers, believed to be part of the Anonymous movement, described the data on Pastebin, then provided several links to websites hosting the information. The data comprises 75,000 names, credit card numbers and MD5 hashes, or cryptographic representations, of passwords for people who have paid Stratfor for research. Stratfor said on Thursday that it was offering a free one-year subscription to an identity protection service to those affected.
A first batch of data was released by hackers shortly after the breach. Enisa.europa. Every day we experience the Information Society. Interconnected networks touch our everyday lives, at home and at work. It is therefore vital that computers, mobile phones, banking, and the Internet function, to support Europe’s digital economy. That is why ENISA is working with Network and Information Security for the EU and the Member States.
ClassAction. FTC about ID theft. Citigtoup hackers stole 2.7 M. Indian call centres selling UK financial dat. JPMorgan Chase Banker Pleads Guilty to ID Th. Thieves Are Stealing Children's Identities | PCWorld. Network World - Identity theft has saddled thousands of children with debt, sometimes for years before they ever discover their personal information has been stolen, a study says. Within a database of 42,232 children that was compiled by an identity-protection business, 4,311 -- 10.2% -- had someone else using their Social Security numbers, according to "Child Identity Theft," a report by Richard Power, a distinguished fellow at Carnegie Mellon Cylab. MORE ON THE PROBLEM: FTC: ID theft again tops consumer complaints In one case, a 17-year-old girl's Social Security number was used by eight different people to amass $725,000 in debt.
In another case, a 14-year-old boy had a 10-year-old credit history that included a mortgage on a $605,000 house, according to information supplied to Power by the identity-protection firm All Clear ID. Meanwhile, it doesn't make a lot of difference what percentage of children's IDs are stolen, Power says. NHS organisation loses medical papers of 31 children and their mothers in office move. The Information Commissioner has found NHS Liverpool Community Health in breach of the Data Protection Act 1998 for losing the sensitive papers in transit which were transferred in unlocked crates.
The Information Commissioner’s Office (ICO) was highly critical of the organisation which had no formal contract in place with the company moving the papers and no system was in place to keep the sensitive documents secure. The chief executive has been forced to sign an undertaking. The case highlights the need to make sure NHS organisations: always have a proper contract in place with third party contractors which include appropriate security provisions; always undertake due diligence on suppliers (especially if they handle NHS information in either paper or electronic form); and audit compliance of contractors to make sure they are doing the job.
The next time this type of thing happens, an organisation could well find themselves facing a fine from the ICO. Please make sure you are in control. BP loses laptop with private info on 13,000 people. By Rich Phillips, CNN Senior Producer March 30, 2011 -- Updated 0037 GMT (0837 HKT) People who filed claims related to massive oil spill affectedOil giant says there's no evidence data has been accessed (CNN) -- A BP laptop computer containing the private information of about 13,000 individuals who filed oil-related claims after last year's oil spill has been lost, according to the oil giant.
The laptop contained names, addresses, phone numbers, dates of birth and Social Security numbers for those who filed claims related to last year's Deepwater Horizon spill. "There is no evidence that the laptop or data was targeted or that anyone's personal data has in fact been compromised or accessed in any way," BP spokesman Tom Mueller said in a written statement. The loss of the laptop, which can be remotely disabled, was reported to law enforcement authorities and BP security.
Mueller told CNN that he could not comment on the employee involved in the loss of the laptop. Play.com customer details 'leaked' | Technology. The online retailer Play.com is warning its customers their names and email addresses may have been stolen from a company that handles its marketing. However the company suggests in its message, sent out to everyone who has done business with the site, that credit card details held at its main site have not been affected. In an email to customers, the company said the issue "occurred outside of Play.com and no other personal customer information has been involved".
Play.com is the second largest online gadget and games retailer to the UK from its Jersey base, competing with Amazon for customers. Founded in 1998, it has about 7 million registered customers. The breach could though put people at risk of "phishing" in which they receive fake emails pretending to be from Play.com which ask them to "confirm their details" and link them to a website which masquerades as the retailer's and asks for information such as passwords or credit cards. Matthijs R. Koot's notebook: 1 Database Containing 35.000.000 Google Profiles. Implications? The Identity Theft Evidence Trail. What Is Available and How Might It Help Victims and Law Enforcement This guide includes:What Evidence Is Out There How This Information Fits Into an Investigation Most victims agree – the burden of proving their innocence typically rests solidly on their shoulders.
Many law enforcement agencies are receiving more budget money for financial crimes these days, allowing them to upgrade training and add staff. But they continue to struggle to keep up with their caseload. In June 2004, the Cantwell/Enzi amendment of a federal bill called FACTA finally permitted ALL identity theft victims access to the credit applications and the transaction records in accounts opened fraudulently in their names. The reality is that once an account has been identified as fraudulent, the credit issuer must provide application and transaction information to you and to the designated police, as long as you send a police report with your request. Financial Identity Theft Cases.
St Ebbas abandonned building. Former University of California IT employee sentenced to one year and a day for ID theft. Cam Giang was sentenced today to 12 months and one day in prison for his role in an identity theft scheme, United States Attorney Melinda Haag announced. A restitution hearing in this case has been scheduled for Jan. 20, 2011. Giang, 31, of San Francisco, Calif., pled guilty on July 22, 2010, to one count of wire fraud, in violation of 18 U.S.C. § 1343 and one count of use of a social security number in violation of 42 U.S.C. § 408(a)(8).
Giang, who was an employee of the University of California (UC) San Francisco Medical Center at the time of the offense, obtained and used the personal information (i.e., birthdates and social security numbers) of other UC employees to create accounts on the StayWell Health Management, Inc. (StayWell) website and complete on-line health surveys on behalf of these individuals without their knowledge or consent.
StayWell is a company based in St. Source: U.S. #EDPS review of #data enforcement strategy | Stewart Room. Jailbreak "detection" API now gone from iOS 4.2. Apple has apparently dropped access to a jailbreak detection API first added to iOS 4.0 this past summer. Third-party developers of mobile device management software told Network World that the API no longer works in iOS 4.2.1, though Apple never warned that it was being deprecated. Word of a jailbreak detection API appearing in iOS 4.0, combined with the publication of a patent application for disabling an iPhone when an "unauthorized user" is detected, originally stirred fears that Apple might be looking to automatically disable iPhones that were jailbroken.
However, such a move would run counter to a Copyright Office ruling that jailbraking was essentially a legal activity. In fact, the detection API was introduced along with a series of APIs designed to improve device management for enterprise deployment. MDM software vendors such as Sybase already used their own methods for detecting jailbreaks, since jailbroken devices can represent a significant security risk. Hackers steal McDonald's customer data. News By Juan Carlos Perez December 11, 2010 10:34 AM ET IDG News Service - McDonald's is working with law enforcement authorities after malicious hackers broke into another company's databases and stole information about an undetermined number of the fast food chain's customers. McDonald's has also alerted potentially affected customers via e-mail and through a message on its Web site.
"We have been informed by one of our long-time business partners, Arc Worldwide, that limited customer information collected in connection with certain McDonald’s websites and promotions was obtained by an unauthorized third party," a McDonald's spokeswoman said via e-mail on Saturday. McDonald's hired Arc to develop and coordinate the distribution of promotional e-mail messages, and Arc in turn relied on an unidentified e-mail company to manage the customer information database. This means that customer data likely includes full names, phone numbers, postal addresses and e-mail addresses. Stolen Credit Card Numbers Auctioned Online « ePrivacyWatch.org.
The State of Privacy Regulation. ChoicePoint Inc., the Atlanta-based provider of identification services for the insurance and real estate industries, revealed in March that criminals had gained unauthorized access to aggregated personal data of 145,000 people. What followed provides a good lesson for CIOs about the impact an assortment of new privacy laws in the U.S. will have on business and technology. ChoicePoint was required, under a California privacy law enacted in 2003, to notify consumers in that state of any unauthorized acquisition of personal information about them -- such as first and last name combined with social security number, driver's license number, or other personal identifiers.
But ChoicePoint didn't just mail notices to the 35,000 California residents impacted by the security breach and covered under that state's law, according to the company's filing with the U.S. Securities and Exchange Commission. Here is an update on privacy regulations that impact businesses: Two years after a hacking incident, firm learns that employee data were accessed. Tennessee-based EOD Technology (EODT) recently notified the New Hampshire Attorney General’s Office of a breach that occurred in August 2008. No, that’s not a typo: 2008. By letter dated November 12, the firm reported that in August 2008, they became aware that one of their computers had been accessed by an individual or individuals outside of the U.S. while the computer was connected to a non-EODT network.
The incident was reported to the FBI at the time and an investigation by the FBI at that time reportedly suggested that the goal of the intrusion was to acquire EODT banking information and that no personal information had been accessed or acquired. Fast forward to 2010 when the FBI recently notified EODT that it had uncovered additional information — information that indicated that documents containing the names and Social Security Numbers of employees had been accessed after all. ACS:Law and the Norwich Pharmacal Orders. As one of the first news websites to break the ACS:Law copyright extortion and data leak scandal ( see here ) currently engulfing the UK – we might just have a little more than most. And over the coming few days, WIREDVC fully intends to use it: read on ….
So how was Andrew Crossley , now undoubtedly the #1 scum lawyer in the UK – extracting all those names and addresses from the average Internet user’s service provider (ISP?) We go back to 1974, when The Norwich Pharmacal Co. was having trouble with their patented furazolidone antibacterial compound. Somebody was importing a counterfeit version of the compound, but Norwich Pharmacal themselves didn’t know who. But – and here is the key point – the UK Government customs authority at the time, the Customs & Excise Commissioners – did know who was doing the importing, but they wouldn’t tell, citing that their records contained “confidential information, the release of which would be injurious to the public interest”.
Or did they? Blippy credit card details exposed on Google - Mashable. Nearly 200 credit card transactions shared on social networking site Blippy have been exposed - with full credit card numbers included - in Google search results, according to Mashable. Mashable reader Trey Copeland wrote to the Web news serive with a link to results for the search: site:blippy.com +"from card". Search returns appear to highlight debit and credit card transactions with the amount spent, the specific location and the full card number. Given the apparent breach, Mashable suggests that Blippy users who have authorised the site to access their debit or credit transactions take immediate action to revoke access. In a statement, the company tries to downplay the incident: "We take security seriously and want to assure Blippy users that this was an isolated incident from many months ago in our beta test, and doesn't affect current users. Personal data for thousands of patients leaked online.
Car shoppers' credit details exposed in bulk. 100 Million Facebook Users Learn True Meaning of Going Public. Showthread. Kindsight 'Identity Theft Continues to be a Major Concern for Consumers' | HostExploit News. Ex-Bank Employee Charged with Fraud, ID Theft. U.S. data breach = $204 per lost record. 190 - Le coût d'un vol de données personnelles – Analyse du cas.
Missing records on stolen laptop from Cincinnati Children's Hosp. UCLA hospital fined over privacy breaches that sources say invol. WSYX ABC 6 :: Lifestyle & Trends - Personal privacy in the age o. IT Story | Pizza Lovers Suffer Data Breach From Hell.