AT&T boasts great coverage; see something they won’t be boasting about

Credit card numbers, Driver’s License Numbers, Social Security Numbers – hundreds of names, all dumped in a random bin from Farrell Communications, no longer in business. These people don’t even know their information has been dumped. AT & Ts response – NOTHING – until the television station and local police got involved. They changed their tune pretty quickly.  http://www.news4jax.com/video/23675143/ Thank goodness an honest person found the files.

With the advent of the enforcement of the FACTA Red Flags Rule, LIABILITY FOLLOWS THE DATA. That means, AT&T is ultimately responsible, should these customers be negatively affected. For some reason, so many companies don’t think something like this will happen to them. And because of their lack of understanding their responsibilities, or because they just don’t want to take the time to implement the necessary and required measures, (or any number of other excuses I’ve heard), they are putting yours and my personal and private information at serious risk.  The next time you go to your doctor, kids’ pediatrician, sign up for cell phone service, sign up for cable service, test drive or buy a vehicle, enroll yourself or your child at a school, ask to see their Red Flags Rule Policy. This document should describe who sees your information, what information is collected, where it is stored, how long it is kept, how it is destroyed, and why they ask for your private information. If they cannot show it to you, then they don’t have a policy in place and you should be careful with the information you give them. The next thing you should do is contact me so I can educate them on their responsibilities.

After watching this report http://www.news4jax.com/video/23675143/ I had to chuckle to myself toward the end when the news anchor asked the reporter what these unknowing potential victims could do to protect themselves. The clueless reporter responded in the usual clueless manner – he advised people to contact the credit bureaus to see if anyone had “an identity theft”. While well-intentioned, he’s missing the bigger picture. The information on those records included copies of customers’ drivers licenses – when someone steals your driver’s license information and commits a crime, gets into an accident or maybe gets arrested for a DUI, I’m sorry to tell you that it’s not going to show up on your credit report. Neither will someone using your Social Security # to work in your name and then YOU get a letter from the IRS for taxes owed on a job YOU didn’t have.

What are you doing to protect your identity? “Shred baby shred” is not enough. You need someone watching your back and monitoring alone is not enough -that only tells you something has already happened, but doesn’t help you fix the problem. I can help….let me know you want the help.

http://www.news4jax.com/video/23675143/

Ya Get Whatya Pay For……

Another thorn in their side….

Not only were they fined for deceptive advertising, the fine also was because the supposed “secure data protection” they claimed to use to protect customers’ data, was in fact, not secure at all….

http://www.computerworld.com/s/article/9177353/Lifelock_worries_after_employee_data_leaked_to_Web?source=rss_news

Have you been hospitalized recently?

Healthcare Technology News recently reported findings from several surveys related to data breaches and medical identity theft. Highlights from the article include:

– 40% of hospitals have ten or more data breaches annually – TEN! Really? Are you kidding me?

– 85% of the hospitals reported that they’re not in compliance with HITECHs security provisions ( a new regulation that went into effect earlier this year, and among other things, expands upon HIPAA). Just goes to show that with all the legislation, our private health and personal information is still extremely vulnerable to identity theft.

– “Fraud resulting from exposure of health data [have] risen from 3% in 2008 to 7% in 2009, a 112% increase (Javelin Strategy & Research)

– Ponemon Institute reported that nearly 1.5 million Americans have been victims of medical identity theft. The estimated costs – $28.6 Billion

-Medical identity theft costs more than twice that of other types of identity theft (average cost $12,000) and it takes more than twice the time to detect as other types (Javelin Strategy & Research)

– Victims of identity theft can receive the wrong medical treatment, find that their health insurance is maxed out, and could become uninsurable for both life and health insurance coverage (World Privacy Forum)

– Data breaches are costly to organizations, as well. In 2009, the average cost of a data breach – per record – rose to $202, from $197 in 2008. Five-thousand records breached would cost the facility over $1 million (Ponemon Institute)

– From Jan 1 – March 9, 2010, nearly 75 thousand unencrypted health records were already breached, in spite of the requirements that data must be encrypted (HITECH and others) (US DHHS)

So, with the enactment of FACTA, HIPAA, HITECH, Red Flags Rule and more, health organizations and other industries still are not encrypting our medical or other personal information for that matter. Goes to show that all the legislation in the world doesn’t always properly motivate people/companies to do the right thing.  If you’ve been hospitalized within the last couple years, chances are, your private information is at risk. What are you doing to protect your personal information?

A common source of PI at risk & one you wouldn’t think of….

When I ask the question, “What are you doing to protect your identity from identity thieves?”, believe it or not, I still occasionally get the answer, “I shred my documents” – duh, duh, and duh!  If this is your response, please, I implore you to get your head out of the sand! With a mind boggling 11 million records stolen last year, do you really think shredding your documents alone, is an effective measure? Did you ever go to high school? College? Physician? Hospital? Are you a veteran? How about this one – have you, or has any one else (i.e. employer, government agency, community agency, health care facility, etc.) ever made a copy of any of your personal information? A driver’s license perhaps, or maybe you made a copy of your income tax returns using the copy machine at work? Did you know that if you have been a victim of domestic violence in  recent years in Buffalo, NY that your private, personal information was shipped outside of New York, for anyone to see? Not only are you a victim of DV, you may very likely become an Identity Theft statistic, thanks to the BPD.

Watch this CBS news clip, especially if you live in Buffalo or Erie County, NY. Click on the link below (or copy/paste) and let me know if you are as outraged as I.

http://www.cbsnews.com/video/watch/?id=6412572n&tag=related;photovideo

If this news doesn’t convince you that you need protection, nothing will. I’m not talking about your bank giving you free monitoring on your bank or credit card accounts either. That’s not protection.

UPDATE – here is a link to an article about Affinity Health Plan (mentioned in the CBS news report) with 400,000+ records breached

http://www.darkreading.com/database_security/security/privacy/showArticle.jhtml?articleID=224600001

Inside the Mind of Google – CNBC.com

Googlefacts:

20 Hours of video uploaded to YouTube every minute

Most successful technology company in the world – 2008 profits > $4 Billion

Almost 2 Billion searches a day worldwide

Is it really FREE? Watch this special report about Google

Inside the Mind of Google – CNBC.com.

10 Tips to Reduce Your Risk When Holiday Shopping Online

Online Shopping Tips

With the number of victims of Identity Theft/Fraud rising nearly as quickly as our federal deficit, it is not of matter of “if” you become a victim, but rather, “when” you do. Last year alone, nearly 10 million consumers were victims of Identity Fraud or Identity Theft, a 28% increase over 2007 (Javelin Strategy & Research).

Approximately 48% of holiday shoppers will do all their holiday shopping online this Christmas Season. The holiday season provides many opportunities for thieves and thugs to steal your personal information.  Below are 10 Tips to Reduce Your Risk When Holiday Shopping Online. Most are common sense; however, let’s face it…if they weren’t effective, the crooks and scammers would move on to other methods.

If you’re shopping online, IDTheft Solutions recommends the following steps:

1. Protect your computer – be sure you have the most current security software, with the most recent spam filters, anti-virus, and anti-spyware/malware updates.

2. If you’re using a wireless modem, make sure it is “secured”. If you are on an unsecured network, you’re vulnerable to “wardriving”. Hackers could use unsecured networks to anonymously download illegal material or initiate attacks that make it appear as though they’re coming from you.

3. Use trustworthy sites. You can check out online retailers at www.bbb.org

4. Protect your personal information – the website you’re ordering from should have a link to their privacy policy. Although it’s a boring read, it’s essential that you understand how your personal information is being used. (Most say that they share your information with third party merchants to advertise to you.) If they do not have a privacy policy, the site may sell your personal information to third parties without your permission or knowledge.

5. Only make purchases on secure websites. Look for https:// in the address bar. Shop on safe sites that have SSL (secure communications) certification – indicated by a locked padlock on the bottom right of your screen.

6. Beware of phishing scams – you’ve probably heard of phishing scams by now, but every year we have to warn people…why? Because they work. If phishing scams weren’t effective for the crooks, they would not be using them. A legitimate business won’t send you an email claiming to have a “problem” with your order. It’s an attempt to get you, the buyer, to reveal your financial and personal information. If you’re not sure, err on the side of caution and call the contact number on the website where you made your original purchase to confirm whether there is really a problem with your order.

7. Use a credit card to pay for your purchases. Credit cards give you more protections. You can dispute the charges if you don’t receive the items or if there are unauthorized charges on your account.* (*Time limits apply.)  If an unauthorized purchase is made with your check/debit card, that purchase amount will be tied up until authorities investigate your identity fraud claim. With a credit card, that charge is temporarily removed, pending an investigation. While it doesn’t have to do with Identity Theft, an additional advantage to using your credit card is that most often, your credit card provider offers an additional warranty on the merchandise.

8. Keep Confirmation emails/documents. You may need them for future reference and for a record of your purchases. IDTheft Solutions recommends that you create a separate folder in your email account and save them to that folder (i.e. Confirmations/Receipts)

9. Regularly check your credit card and bank account statements. Don’t wait till you get the paper statement or email notification, if you receive them electronically. Check your accounts at least once a week. Remember, after 48 hours you can be held liable for the fraudulent activity (see earlier blog posts).

10. Know your rights. According to federal law, orders made online, by phone, or by mail must be shipped by the date promised or within 30 days, if no delivery date is specified. If not, you can cancel or demand a refund. If the item is defective or misrepresented, you have the right to reject the merchandise. Do your due diligences…read over the company’s cancel/return policies before you make your purchase, to know whether you can cancel and receive a refund or a credit.

Medical Records: Stored in the Cloud, Sold on the Open Market

Medical Records: Stored in the Cloud, Sold on the Open Market

Posted using ShareThis

Child Identity Theft on the Rise

Vodpod videos no longer available.

more about “Child Identity Theft on the Rise“, posted with vodpod

Child Identity Theft occurs when the thief uses your child’s SSN and/or other personal information for his or her own gain. The “thief” could be someone you don’t know or someone you’ve had limited contact with, such as an employee at your child’s pediatrician’s office or someone at your child’s school. More often, however, it’s a family member of close friend who has gained your trust and access to your home, where your personal belongings may be left out on the counter or table. Family members with substance abuse or gambling addictions may also be looking to steal the information, as well. Stangers target kids because it’s so easy to go unnoticed for so long. Think about it…someone gets ahold of your infant’s Social Security Number. They can virtually use that Number and go unnoticed for many years before anyone is the wiser, as illustrated in the above video.

Those entities that issue credit may not have a way of verifying the applicant’s age, especially if it’s done over the telephone.  Additionally, the credit repositories (Equifax, Experian, TransUnion) don’t know the age of the person applying for credit. Typically, the age the applicant gives when applying for credit, is the age that is used on the consumer credit report. For example, if “Sally Q. Public” makes application for credit and gives her age of 19, then that’s the age that is listed on her credit report. The credit repositories have no reason to believe otherwise, unless and until a dispute is filed and proven.

Your child could have loans, mortgages, credit cards, drivers’ licenses, a criminal record, or be collecting government benefits without your knowledge. Like the video segment suggests, you could pull your child’s credit report annually – that would tell you if there’s any CREDIT – related issues; it won’t tell you if there’s drivers’ licenses issued in your child’s name or if your child’s had medical procedures done using his or her private information. It won’t tell you if there’s arrest warrants in their names either.

In addition to your own full restoration service, Identity Theft Shield now offers the same protection – credit report, 24/7 monitoring, and full restoration should an Identity Theft crisis occur, with your child. For just $1 more a month, Kroll will provide the same expert service for up to FOUR of your children for only one additional dollar per month. You, your spouse, and your four children will have FULL RESTORATION protection/service for less than $14.00 a month! Enrolling is easy…for existing members, just call Customer Care at: 800-654-7757

New members or for more information, you can visit: http://www.prepaidlegal.com/idt/dpeterson34 and follow the instructions.

Child Identity Theft is on the rise and it’s not going to go away…my guess it that child identity theft is only going to grow more lucrative for the thieves.

Your thoughtful comments are appreciated.

Is it Fraud or is it Theft

Given the following scenarios, which is considered identity theft? Which is considered identity fraud?

Scenario 1: You review your credit card statement and see a charge that you don’t recognize as being one you made. Or, your bank statement shows a withdrawal you know you didn’t make, and now your account is overdrawn. To make matters worse, you wrote a couple checks the other day and now you’re getting charged for insufficient funds.

Scenario 2: You get your credit report and notice a credit card account and an auto loan that you did not open. Not only that, but they’re showing 60 days late. Or, it’s Friday evening, you just got your kids settled in bed for the night, and you’re about to sit down and watch the DVD you rented and your phone rings…it’s a collection agency and they want to know when you are going to make good on your delinquent loan.

Identity theft and identity fraud are often used interchangeably. The public and private sectors define identity theft differently. For instance, federal law, law enforcement, and the criminal justice community define identity theft as an act wherein a person(s) “knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law.”

On the other hand, financial institutions maintain a more narrow definition of identity theft as it relates directly to their operations. For example, with instances of theft and unauthorized use of the victim’s credit card – this type of theft is almost always considered simple “credit card fraud”, which the institution most often writes off without investigation. In many cases the institution may hold the account holder liable for transactions because the fraudulent activity wasn’t reported in a timely manner, or was an “exempted transaction” not afforded the liability protections.

“Account fraud” or “account takeover” occurs when the thief accesses the victim’s existing account without authorization. Victims discover the fraud in numerous ways and as long as the fruadulent charges are detected and reported within the 60-day period, financial institutions will usually void those charges. After 48 hours, you may be responsible for up to $50 in charges. After 60 days, you’re stuck.

Conversely, “new account fraud” or “true name fraud” occurs when someone opens a new account at an institution in the victim’s name. This is what’s considered by most financial institutions to be actual identity theft. This is the one that will cause you trouble, especially if you don’t have protection. Not only are you financially responsible for the charges, but it’s also going to cost you time – in making phone calls, filing reports and forms, taking time off from work, depending upon the severity of the theft. It could you additional money to hire lawyers or private investitgators, as well.  Identity theft victims end up with ruined credit and being denied credit because of unpaid debts, quite possibly in collections or having judments placed against them – they are doubly-victimized.  Now you may not get that mortgage for that house you were planning to buy, or you’re going to end up paying higer interest rates for any loans or credit cards you open.

In case you haven’t figured it out, Scenario 1 is considered Identity Fraud; Scenario 2 is Identity Theft.

The “Zero Liability Fraud” Myth

So you say you’re not concerned if someone gets your credit card information and goes on a “shopping spree”…after all you’ve got that Zero Liability Fraud thing they told you about when you initially got your credit card. And besides, if someone opens up a credit card in your name, you’re not responsible for it because of Zero Liability Fraud, you say.

Have you read the fine print? For example, I received an “offer” from Chase (formerly WaMu) Bank. On the back side, at the very bottom, the fine print says: “$0 Liability Fraud Coverage — applies only if: you exercise reasonable care against the loss or theft of your card, your account is open, in good standing and not overdrawn; and you have not reported two or more incidents of unauthorized use in the preceding 12 months. You must notify us of the unauthorized transaction within 60 days of the date of the statement reflecting the transaction was mailed or made available to you. This coverage does not apply to PIN-based transactions at a WaMu branch, or to certain non-personal cards and accounts.”

The Fair Credit Billing Act is the federal law that places limits on the consumer’s liability for unauthorized credit card charges. That liability is limited to $50 per card. HOWEVER…you must:

• send a letter to the creditor at the address given for “billing inquiries”. Do not send it to the payment address. Include your name, address, account number, and a description of the billing error, including the amount and the date of the error.
• send your letter so that it reaches the creditor within 60 days after the first bill containing the error was mailed to you. If an identity thief changed the address on the account and you didn’t receive the bill, your dispute letter still must reach the creditor within 60 days of when the creditor would have mailed the bill. (Take Charge: Fighting Back Against Identity Theft, Federal Trade Commission, p 19) (-emphasis mine)

They also recommend sending your letter by certified mail, with return receipt requested, because that’s your proof of the date the creditor received your letter. Copies of your police report and any other documents that support your position should be included as well.

While you may be protected by Zero Liability Fraud for an unauthorized purchase that you caught within days, what happens when someone changes your address, applies for a credit card in your name, maxes out the card, then moves on to his next victim? You’re getting the statement at an address you didn’t know you lived at, and after a few months a collection agency is calling you morning, noon, and night wanting payment for your “delinquent debt”. How many times have debt collectors heard, “It’s not me!”? Zero Liability Fraud won’t help you now – you didn’t notify them within the 60-day time frame.

What are your options at this point? You could screen your calls – don’t answer your phone because it may be the debt collection company calling. You could decide to “reason” with the agent on the other end – if you’ve ever had an experience with a debt collection agency or know someone who has, you know that won’t get you anywhere. You could just ignore it; eventually they’ll stop calling….that is, after they serve you with a summons to appear in small claims court. You could ignore that too (which many people do), after all, this isn’t YOUR debt anyway….and end up with a judgment against you. If you had good credit before this, you surely don’t now. Judgments are public record and show on your consumer credit report for 10 to 20 years in most states. Another option is to hire an attorney and fight the case against you. All of these options are costly…some more than others.

Be sure to read the fine print and don’t get swayed by the Zero Liability Fraud claims that creditors make when they’re trying their darndest to get you to apply for their fantastic credit card offers.

If you don’t already have one, get yourself a good identity theft protection plan; one that gives you layered protection – credit monitoring, one that communicates with the USPS on a daily basis; one that gives you full restoration, and one that includes access to quality attorneys. There are many so-called identity theft protection services that claim to provide all sorts of protections….caveat emptor!