It isn’t only laptop computers that seem to grow legs and walk away anymore. Even desktops have become a popular target for thieves looking for some easy money. Sure, more and more people are stealing catalytic converters and while it is a pain to have to spend $200-$1000 to get a new one it is a lot cheaper than having someone on the internet buy your identity for next to nothing and creating headaches for you for the rest of your life. Whether or not the person who stole the computer from the office at the Moore School of Business at the University of South Carolina had the intention of just a few easy bucks for a computer or identity theft, it isn’t clear at this point yet.

What is clear as the facts have been coming in is that over the Memorial Day weekend one of the offices at the Moore School was broken into and many items were stolen, including the desktop computer. The computer was the workstation of Deputy Dean Dr. Scott Koerwer. While there is no information at this point that any of the personal data on the computer was actually accessed, the university is taking a proactive stance and alerting the affected people. In total over 130 staff and faculty have been notified and 7,000 students need to keep an extra eye on their financial status. The faculty and staff is only currently employed, so if you had worked at the Moore School in the past, your data is not at risk. As for the student body, the 7,000 students were registered for classes in the business department in the last year, both undergraduates and graduate students.

The break-in is under investigation by the university’s department of public safety and there are currently no leads. This issues has raised the question of USC’s security policy for private information. Although no official would speak on the record, one person familiar with the security systems at the university said that files are encrypted and that procedures are set in place so that private data is contained only on stationary computers that remain on campus at all times. This is in an effort to prevent this type of breach from happening at the homes of individuals who deal with sensitive material. Students and faculty were sent a letter which advised them to keep an eye out for suspicious activities and steps that they should take to safeguard their finances.

One of the measures that is recommended is placing a fraud alert with one of the credit bureaus. Companies, like Lifelock, offer this type of ID theft subscription service. They alert all three credit bureaus and make sure that credit card and loan applications are actually being opened by the person named on the account. If anyone associated with the USC break-in has more questions, they are advised to contact the department of public safety.

The popular website of Cotton Traders was hacked earlier this year. No details have been reported yet about when the actual breach happened or the extent of the information that was accessed, but spokesmen for the company have said that these details will be provided to the public as the case surrounding the breach continues to develop. As it stands right now, over 38,000 people have been affected, although there are varying degrees of what pieces of their private information were taken. In some cases for the 38,000 people, credit card information was taken. Other specific instances also show that personal addresses were obtained, although these have only been noted in a few isolated incidences.

The company that runs the credit card component of the site, Barclaycard, was immediately notified of the breach. As a result of this quick notification, the company was able to prevent even more people from being affected by the breach. This is considerably good news when one notes that Cotton Traders has over one million customers and that most of these people have an online account used to purchasing products. However, the investigating company notes that the threat of fraud in this instance is serious, because the data gathered was active and could be used for illegal activities at the present moment, not down the line, although this also remains a possibility.

Cotton Traders has announced that its customers should rest easy because all of the credit card information was encrypted. No word yet on whether or not this was also the case with the personal addresses and other data involving maiden names. As a result of the breach, the company has called in outside consultants to help assess the quality of Cotton Traders’ systems. These consultants have already prescribed numerous improvements and the company has been quick to act, noting that within the last few months security features for all of its websites and payment affiliates has been increased substantially. These measures now have Cotton Traders well above the standards set for the industry and they want customers to know that they will not be lax in maintaining these exacting standards.

While those who are worried about their accounts are advised to contact the customer service department of the company, others are taking other actions. Although the company caters mainly to British citizens, it also attracts considerable traffic from across the pond. Americans affected by the breach are turning to ID theft service subscription companies, such as Lifelock, to keep an eye on their credit reports. This company contacts all three major bureaus and alerts customers whenever a new credit card or loan application is opened, in an effort to prevent fraudulent activity in these matters.

In a recent press release by 1st Source Banks, based in South Bend, Indiana, the public has learned of a breach that took place within the debit systems of the bank. It appears that an unknown number of debit card numbers and pin codes were illegally hacked from a secure network at the bank’s corporate headquarters. There have been no reports at this point of any illegal activity to have resulted from this breach. The bank isn’t taking any chances though said James Seitz, a senior vice president for the firm.

In an effort to prevent any wrong doings from taking place, the bank has canceled all of the older ATM accounts of affected individuals and has sent out new account numbers and pin codes for people to use to establish their new account. While there have been no details about the number of people affected, the bank has said that these preemptive measures are costing them a considerable amount of money, although they appreciate how understanding all of their customers have been, especially while recognizing how serious of a problem identity theft has become in recent years.

While the bank continues to keep customers informed of changes taking place in the case, it was also decided that each affected individual will receive a one year subscription to an ID theft service. These companies, such as Lifelock, provide a safeguard against illegal credit activities that are reported through the major credit bureaus. Experian, Equifax, and Tran Union are contacted an alerts are placed on people’s accounts to keep an eye out for any new credit card or loan applications. These applications are then confirmed with the customer to make sure that they are legitimate.

The breach took place on May 12 and was identified that same day. Unfortunately, the people affected were not sent letters until the 28, over two weeks after the event took place. This is the result of the extensive investigation that the bank launched to uncover the extent of the damage and what the breach exposed. On May 12 when the breach was discovered, the server was set down and no other access was allowed to the system. This is what analysts believe has prevented any of the information from being illegally used. In an effort to prevent further incidences from happening, 1st Source hired an external consulting firm to review the safety features of the network. Seitz has noted that this group has contributed positive suggestions that have helped the bank update it encryption standards.

In an effort to answer all the questions of its customers, the bank has extended its customer service hours and has received favorable comments about the efforts taken by the bank. Additionally, the bank is monitoring ATM transactions on a minute by minute basis in order to detect any fraudulent activities that might occur.

Today, officials at the University of Nebraska at Kearny released a press release that informed current and former students of a data breach that took place last month on nine computers on campus. Although all the computers were affected were desktops, there are going to be an increase in the data regulations and security policies implemented on campus computing facilities. In all, over 2,000 people are now potential victims of identity theft.
According to the press release, the breach took place on June 8 and was noticed and responded to on June 9. No word on why the university took almost a month to alert its students and alumni of the breach, although the release did note that a thorough and complete investigation of the matter had taken place. After this investigation, the breach was traced back to individuals in the Republic of Slovenia. The departments affected by this intrusion include History, Biology, Psychology, Computer Science, Math, and Sociology. Two computers in History, Biology, and Psychology were affected, while only one computer was accessed in each of the other departments. Students impacted by this were either History advisees in 2002-2003, or deciding students in 2001-2002, or students enrolled in the Masters of Science in Biology program that takes place online.

At this point, there have been no reports of any illegal activities taking place from the data gathered illegally. Such information included social security numbers, names, addresses, and bank routing numbers. The release said that there is no indication that there was any effort to use the information for illicit purposes or if it was even stolen from the systems. One proposed possibility for the breach was to use the computer’s processing power to help spread spam to all computers on campus, although the validity behind this claim has yet to be proven. Letters to this affect and that spell out necessary actions to take are being sent out to the 2, 035 people involved in the breach.

The university has spelled out that this is the first breach of its kind to affected Kearny. Officials with the information systems and services department have assured the student body that they have numerous security features in place to prevent this type of intrusion, including firewalls and encryption services.

Those affected will only receive a letter. The university will not contact anyone by email or phone and individuals are advised to not give their social security number out to anyone inquiring for the information over the phone or online. Authorities suggest that students file fraud alerts with credit card companies and the credit bureaus. For those now familiar with how to go about these procedures, they can contact the FTC. There is also the possibility of subscribing to ID theft services, such as Lifelock. Lifelock contacts all three credit bureaus and alerts consumers whenever a new credit card or loan application is filed, which helps stop identity theft before it starts.

Residents of Arkansas have some reason to cheer tonight.  Today both Tamara Hill and Ebony Flowers were arrested in connection to the theft of personal data from the Baptist Health Hopsital’s information system.  Hill is a former employee of the company who was released in early June as more details about security mistakes at her work terminal were reported.  Hill was found guilty of using 25 other people’s personal information to get gift cards at Walmart for use at other periods of time.  Flowers was caught doing the same thing, although she was only in possession of three people’s financial information.

It appears that Hill obtained the information while she was working at the Emergency Center in the Baptist Health Hospital.  She took screen shots images of the private data and then printed it out for later use.  No word has come from the hospital yet of security upgrades it will take to prevent similar malicious deeds from taking place in the future.  There is a rising push for background screening of individuals, although this is and of itself can have its own liabilities.

The hospital had over 970,000 visitors last year and there is no idea about the extent of the theft that took place.  There has also been no word on how Hill and Flowers are connected and if anyone else received copies of the screen shots with the personal data.  Authorities found out about the breach when a victim contacted police to say that they had not authorized the gift card charges at Walmart.  The extent of the breach is potentially so large that the U.S. Secret Service has entered the case in an effort to limit the number of affected people.

The hospital released a letter saying that some of the personal and financial information had been illegally accessed.  However, they assured their patients that none of the material that had been obtained involved their medical records or diagnosis.  This is important, because any such information would be in violation of HIPAA, the Health Insurance Portability and Accountability Act.  If this was the case, the hospital could face even greater threats of a lawsuit and sanctions by the U.S. government.  Yet, there is some confusion about what information was released.  According to Pam Dixon, executive director of the San Diego-based World Privacy Forum. she believes that all the information released in the breach falls under the protection of HIPAA and that the hospital will need to show considerable improvements before it can handle the admission of patients in the future.

In the letter sent out to patients, there is no indication of whether or not the hospital will provide credit monitoring or insurance services for its victims.  For those who don’t want to wait until it is too late, they are turning to ID theft subscription services, such as Lifelock.  Lifelock and other companies can help guard the credit reports of people by monitoring all three credit bureaus and verifying with the customer whether or not they are the person opening up a new credit card account or filing a new loan application.

If you were robbed, you would probably tell your friends about it. You would also alert the authorities. This all seems like common sense. That is unless you are the online company Montgomery Wards. After the company went bankrupt in 2001, it found a new lifeline by selling its products online. It also falls under the jurisdiction of its parent company, Direct Marketing Services. So they are at fault in all of this, although it is only coming to light the size of the data breach they kept mum about.

Direct Marketing Services learned in December 2007 that it has been hacked. One of its off-site locations where it stored credit card names and numbers was illegally accessed and over 51,000 people were affected by this. However, these people had no idea that their personal data was now floating around the internet, ready to be used by anyone willing to pay a small fee. While experts are only getting bits of information regarding the breach, they have attributed the theft to The Force, an internet mafia that deals with the theft and laundering of private data. There is no real information on the group, other than that it has increased its attacks recently and has become increasing more efficient at its data extraction.

In December, DMS alerted the major credit card companies that there had been a breach and that they should take note of the potential abuse of the sensitive material. However, DMS did not alert its customers. As Dan Clements of CardCops said, “It would seem that notifying the customer would be the prudent thing to do.” Unfortunately, Wards did not live up to this expectation and now it is the consumers who might pay the price. There is no telling the number of people who have been affected by this breach over the last seven months and it will be some time before people are able to get all of their personal affairs back in order.

In 44 states, laws exist that allow groups of people to sue companies that do not quickly alert people to breaches that involve personal data. No word yet on whether or not affected individuals in any of the 44 states will be taking class-action suits against Wards and its parent company. In the mean time, the customer is left holding the bag. Avivah Litan, Gartner vice president, recently stated that there is still a severe problem in the whole system, because victims have to go through the tedious and time consuming process of filing a claim and hoping that they get their money and identity back.

While Wards has not stepped out to help out its customers, and the claim process being as long as Litan noted, more and more people are looking for alternatives to protect themselves. No one wants to wait until they’ve become a victim to find a way to ensure their personal identity. Enter Lifelock, an ID theft service that people can subscribe to for a minimal monthly fee. The company contacts all three credit bureaus and alerts its customers whenever a new credit card or loan application is filed in their name. By stopping these applications at an early phase, less people become victims of identity theft.

For some teachers, summer vacation can’t come quickly enough.  For over 800 educators in Texas, this might be a summer they wish they could forget.  After an issue with insurance companies in the state and their policies of destroying confidential records, and the theft of personal information from one of the largest gas station chains in the state, now those who teach our children have to worry even more about their personal identity because they were following state laws.

It was reported yesterday that a lockbox containing the personal data was stolen from an office located inside a home in the community of Wichita Falls.  The name of the company is L-1 Identity Solutions.  It seems that the company will need to find its own solutions to prevent any future breaches from taking place at its offices.  According to a spokesman for the company, letters have been sent out in the mail to notify the people affected by the theft.  Unfortunately, those connected to this case have had their names, addresses, social security numbers, and license numbers stolen.  This is more than enough information for someone to assume the identity of another person.

A representative from the Association of Texas Professional Educators, Doug Rogers, noted that there have been concerns with the state’s policy about conducting background checks on teachers.  While there is no debate that parents should be confident in the safety of the instructor teaching their children, the methods used to conduct the checks need to be modified.  Thefts of this nature are what educators feared.  It appears that L-1 shared this concern and has laid out measures for future finger print screenings that do not require that material to be accompanied by mounds of private data.  No word has been issued on whether or not their proposal has been accepted.

In the letter that the company sent out to affected parties, they have promised to provide a year of identity theft insurance and credit report monitoring.  In other data breaches, the affected business has not been so upfront about the danger and has not provided similar guarantees.  In those cases, people turn toward companies, such as Lifelock, that provide ID theft subscriptions.  Lifelock and others provide monitoring services with all three credit bureaus.  Unlike some companies, Equifax, Trans Union, and Experian all are in touch with members of Lifelock’s staff.  These staff members alert their customers whenever a new credit card application or loan is filed in their name, actions frequently undertaken by criminals involved in identity theft.

As time goes on, more details about this case hope to be made available to the public.  L-1 will continue to look for new measures to insure the safety of their office locations, in addition to the material contained within.  As data breaches of this type become more common, state agencies will have to reevaluate their policies regarding background checks to ensure that those in compliance with the law are not inadvertently punished with the exposure of their private data.