Friday, June 17, 2005

40 Million Credit Files Placed at Risk

Mastercard International admitted yesterday that 40 million credit card accounts have been compromised via a security breach at a payment processing company. The company where this occurred at was CardSystems Solutions of Tuscon, Arizona.

Approximately 20 million Visa account holders and 13.9 million Mastercard account holders were compromised. The remainder were American Express and Discover accounts. This was done when a computer code or script was placed on the CardSystems network that made it possible to steal information.

The FBI has initiated an investigation. More details can be obtained by clicking on the title, which links the article from the New York Times.

Already, the press in Canada is alarmed that Canadian citizens could be at risk also. In fact, with that much information, the issue could be global.

In recent times, there have been an ongoing series of these data thefts. Recently, I have covered some of these in other posts. Here are a couple of them:

In these recent mass thefts of customer information, more often than not, the criminals were not very sophisiticated. Our laws are far too lenient on these types of crimes and the time is now for large corporations entrusted with people's personal data to be held accountable for their apparent lack of security.

There is pending legislation in both the United States and the United Kingdom to give the laws more bite.

Here is a previous post on that matter:

Contained in this article is a link where you can contact your political representatives and let them know how you feel!

Wednesday, June 15, 2005

Identity Theft (Fraud) Protection by Banks Rated

Daily, there are press releases about customers of financial institutions having their identities stolen. This has been happening for a number of reasons, including theft of people's personal information, pharming and phishing. A study was recently done by Javelin Strategy & Research.

The best institutions for protecting their customers were:

1. Discover Card
2. First National Bank of Omaha
3. Citibank
4. Bank of America
5. American Express

Javelin also offers a quiz anyone can take to determine if they are at risk: This quiz was done with assistance of the Better Business Bureau.

Javelin's website is at

You can e-mail Javelin directly for more information, email inquiry@javelinstrategy.

This is great information designed to protect the consumer. With the growing problem of identity theft/fraud, which is estimated to cost us 53 billion a year and claim 9 million victims, it is refreshing to see information being published to make us wiser consumers of financial products.

Sunday, June 12, 2005

iPods and Data Theft

iPods are devices that can be used to steal data and have become status symbols that have been known to attract more violent crimes, such as mugging. Essentially, the iPod is a hard drive and can hold a lot of information. This article (which can be viewed by clicking on the title) states that iPods have been used by identity thieves and even Apple employees to steal corporate secrets. This information came from the former head of information security at Apple, Derrick Donelly. Donelly is now working at a company (Black Bag Technologies) that creates forensic hardware and software to retrieve information from iPods and Macintosh Computers.

There are a lot of options out there to find data on Windows operating systems. Apparently, it is more difficult with Apple products. Macs automatically connect external disk drives to the operating system, which is known as mounting. When this occurs, evidence is often destroyed. Donelly is also in the business of training the authorities how to gather evidence from Macs without destroying it.

A primary reason for this is that the Mac OSX operating system allows built in data encryption. By simply dragging a file to a folder, it is scrambled so completely, that allegedly the CIA couldn't decipher it.

Apple products are well known for their superior features in preventing intrusion, which is why some criminals might find them desirable. On the other hand, this is a reason why many legitimate users would prefer them also.

Besides i-Pods, there are a lot of devices out there, such as cell phones, PDAs, digital cameras and others that can be used to steal information. A University of Michigan study last year revealed that 70 percent of identity thefts originated out of a workplace. Criminal gangs have been known to plant people in organizations for just this purpose.

Realistically, if most identity theft originates out of the workplace, it can be taken out in a number of ways, including documents. Effective personnel screening and resources to investigate and prosecute are the key to defeat wrongdoing. Computers only do what they are told and it is people, who commit these acts in order to profit. The mind figures out how to beat the system and only another mind will defeat those who choose to do so.