castledoom.com

[JuntaJoe]

Are you the real you?

Huh?

I mean are you the only person being you?

Read this first and then see my commentary in the next post:

U.S. Citizens' Data Possibly Compromised

March 09, 2005 4:46 PM EST

NEW YORK - Using stolen passwords from legitimate customers, intruders accessed personal information on as many as 32,000 U.S. citizens in a database owned by the information broker LexisNexis, the company said.

The announcement Wednesday comes on the heels of a series of similar high-profile breaches, the most serious affecting another large data broker, ChoicePoint Inc. in which scores of identities were stolen.

The ChoicePoint case, as well as other data losses including one affecting some 1.2 million federal employees with Bank of America charge cards, have prompted an outcry for federal oversight of a loosely regulated commercial sector. In the data-brokering business, sensitive data about nearly every adult American is bought and sold.

The first in a series of Capitol Hill hearings are scheduled for Thursday.

At LexisNexis, criminals found a way to compromise the log-ins and passwords of a handful of legitimate customers to get access to the database, said Kurt Sanford, the company's chief executive, told The Associated Press.

The FBI and the Secret Service are both investigating the breach.

The database that was compromised, called Accurint, sells reports for $4.50 each that include an individual's Social Security number, past addresses, date of birth and voter registration information, including party affiliation.

No credit history, medical records or financial information were accessed in the breach, LexisNexis parent company Reed Elsevier Group PLC said in a statement.

The Accurint database is part of the Seisint unit, which LexisNexis bought in August. Sanford said a team examining Seisint's data security routines in February noticed abnormal usage patterns and suspicious billing on some accounts.

He said the team told superiors, who notified law enforcement. Both internal and external investigations continue, he said.

"What we're doing now is trying to act as quickly and responsibly as possible to lend a helping hand to consumers who might have been adversely impacted by these incidents," Sanford said.

Sanford refused to name the law agencies involved, saying that could only compromise the investigation: "We are trying to catch the bad guys here."

But the FBI and Secret Service confirmed they were investigating, though they declined to discuss whether any cases of identity theft have resulted from the breach or discuss any other specifics.

LexisNexis said it would be notifying affected customers in the coming days. It will provide them with ongoing credit monitoring "and other support to ensure that any identity theft that may result from these incidents is quickly detected and addressed," it said. LexisNexis said it was also tightening up password and login procedures.

Boca Raton, Fla.-based Seisint stores millions of personal records, including information on bankruptcies, corporate affiliation, drivers licenses, neighbors and criminal records. Customers include police, lawyers and businesses.

LexisNexis paid $775 million for Seisint, which also provides data for Matrix, a crime and terrorism database project created in 2002 and funded by the U.S. government. Thirteen states originally were to participate but most later pulled out, citing citizen privacy and other concerns. Seisint was founded by a millionaire, Hank Asher, who stepped down from its board of directors last year after revelations of past ties to Bahamian drug smugglers.

Word of the Seisint breach follows the embarrassing disclosure Feb. 15 of a breach at rival data broker ChoicePoint Inc. that the company said involved as many as 145,000 Americans. In the scam, thieves posing as small business customers gained access to the company's database and at least 750 people were defrauded, authorities say.

ChoicePoint's vice president, Don McGuffey, is expected to testify Thursday at a Senate hearing on identity theft. The chairman of the Federal Trade Commission, a representative from the Secret Service and a Bank of America executive also are to appear before the Senate Banking, Housing and Urban Affairs Committee.

Sen. Bill Nelson, D-Fla., introduced legislation Wednesday that would impose tighter requirements on the industry. The ChoicePoint case only became known when the company heeded California law by notifying affected citizens of that state that their personal information had been compromised.

California is the only state with such a law.


Copyright 2005 Associated Press.

[Brf]

Only 32k people?

I read an article in the paper a few weeks ago about some company's database that had been broken into.... and 30-billion social security numbers were stolen... which struck me as funny, since there are only 6-billion people in the world, of which less than 300-million are in the US.

[JuntaJoe]

Ok, there are really smart people out there trying to assume your identity and steal under your good name.

The penalty if they get caught?

A white collar federal prison for a few years.

Compensation for ruining your good name and credit?

Rarely anything.

Chances are that they would be caught, go to trial, serve prison time, and be back in the game long before you regain your financial standing. They could actually assume your identity again while you are still in the financial hole they dug the first time! :shock:

So what do you do?

Become a hawk about protecting your personal info.

First, the basic advice.

We use numbers to access data all the time. Passwords, account numbers, etc. You should get a mental alarm every time these requests come up. Think about who is getting these numbers. Do you check your debit and credit reciepts when you pay? Does the ticket show the whole number or just the last four? Quit shopping at places that have the whole number on the receipt as a minimum wage clerk now has access to your name and account number. Do you sign up for the store credit card to get the discount? Now another place has all your info sitting in their data bases. See my point? You need to become a miser about your personal info. People who call your house and say they called a wrong number, but ask what number they dialed should send up a red flag. Become as annonymous as you can.

Next is fiscal responsibility. Paying cash is annonymous. Paying cash also limits your ability to use debt. Debt crushes far too many people today. Money problems are the single largest contributor to suicide, divorce, and poor medical assistance. Besides ruining your life and giving potential thieves a target, being fically irresponsible can literally shorten your lifespan. Start living within your means and learn to use cash at all possible times. Now don't carry a wad of cash around and keep your savings in a coffee can. Banks are still important. Just plan carefully and carry only what you need. Limit bank visits and keep to a schedule. If you regularly pay your bills on a certain day then the checks will clear about the same time. This allows you to see anomolies when your statement arrives. It also provides a track record to dispute things at the bank should charges arise that you didn't authorize. Using that debit card every day for every snack purchase can make sorting your charges a nightmare. Get regular about the money you spend. You will find that you save money by doing this by avoiding impulse purchases.

Last is learning to track your money and credit. Learn to read your bank statements, bills, and credit histories to learn what everything means. Call and ask about anything you don't understand. Learn every little charge and tax on those statements. Remember them and look for the patterns. Get your credit reports and learn them. I will make later posts in this thread to help you with doing just that.

Look for follow-up posts in the near future that explain tools to manage your identity, credit, and finances.

[Robbo]

Fraudsters expose 100,000 across US

"Georgia-based ChoicePoint Inc. confessed on Tuesday that the scammers "may have stolen credit reports, Social Security numbers and other sensitive information" on thousands of Californians, although it admits that "the number of victims nationwide could total 100,000". "

Big company, crap security

"Choicepoint, one of the nation's largest information aggregators, had mistakenly allowed criminals to access the private identity and credit information of thousands of individuals. Approximately 50 "fake" companies had a crack at the billions of records the company stores on almost every citizen in the US.

Bank of America announced that it had "lost" tapes containing information on over 1.2 million federal employee credit cards -- exposing the individuals involved and the government to fraud and misuse."

[skeeber]

Case in point after reading this...

Found in my mass of emails yesterday a few from Paypal and Ebay. Apparently, my account has been suspended after a number of attempts to access it with multiple faulty passwords. Fortunately, I had very little funds in my Paypal and haven't made an Ebay purchase in over a year.

You need to protect yourself everwhere online!!

[NibbyCat]

Oh, no, Skeeber... Tell me you didn't go to the sites and give information...

Those emails were phishing, the urls aren't to the real sites, but to imposters.

If the emails were addressed as "Dear Valued Customer" or some such instead of "Dear (your full name)," that's a big tip off. Also misspellings, funky grammar, and if you mouseover any links, you'll see that it isn't to paypal.com or ebay.com.

If there is a real problem, they'll tell you to type in the url, or use the link in your own bookmarks.

If you did give information, go to the websites for the sites, and there'll be a link about fraudulent emails.

[skeeber]

Oh heck no I didn't go my fellow feline. I figured that might be the case and one I spend some time at the sites that I really enjoy, I'll head in with my normal log-ins and see what gives.

I've been around the block to long for that one to pull my tail!