This is hardly the type of attention that Sir Richard Branson wanted for his company.  Virgin Media, the portion of the larger Virgin Group that controls the entertainment and communication fields, reported a data breach the other day.  In all, over 3,000 customers of the company have been affected.  Details are still pending, although the extent of the breach is not expected to increase beyond the original 3,000 people whose personal information was contained on a CD.

The CD, unfortunately, was not encrypted.  No one for Virgin Media has come forward to explain why this sensitive material was not secured with any extra features.  It seems that burning the data to a CD goes against company policy.  In previously press releases issued by the company, they have emphasized that all private data is transferred only through secure FTP sites.  No one is sure if their policy has changed or if this is an isolated incident.  More information will be provided as it is given to the media.

The 3,000 people affected by the theft were involved with the Carphone Warehouse stores.  The material covered from January 2008 to the present.  Originally, the breach was discovered on May 29, although it was only announced today.  No one is sure why there was such a delay in notifying the public about the incident.  A company spokesman has said that they are working closely with the Information Commissioners’ Office to alert everyone affected.  Those who are concerned about their personal security should keep an eye out for letters or emails detailing future steps.  Virgin Media has promised to take care of any issues that arise from the problem.

With this not being the first data breach in England, more and more people are investing in ID theft services.  These subscription based companies, such as Lifelock, monitor the credit reports of all three companies, TransUnion, Equifax, and Experian.  Whenever a new credit card application or loan is opened in someone’s name, Lifelock is there to ensure the credit activity is legitimate.

According to the spokesman, the CD contained names and personal addresses.  No other information was on the disc, which has some experts optimistic that no damage will be done to people’s personal credit records.  As a result of the breach, Virgin Media has said they will reinvestigate all of their current security measures and make appropriate changes.  They are dedicated to making sure that their customers continue to have safe transactions and confidence in the company.  More and more companies have turned to electronic data transfers to alleviate this type of information breach.  The same can be said for the encryption practices and security measures that are continually updated to meet the current threat levels.

You pay enough at the pump, don’t you?  While most of the public seems to be in agreement on this point, some companies have decided that they think they can still squeeze more money out of our pockets.  Not by raising their prices any higher (yet), but by being irresponsible with the financial records that oil companies keep.  The guiltiest culprit in this investigation is Petroleum Wholesale.  Petroleum Wholesales operates convenience stores in ten states and while you might not have heard of them, if you’ve driven in Texas, you know the name Sunmart Convenience Store and Travel Center.

There are no specific details about the number of people affected by this data breach, although authorities are saying it is rather large.  It appears that the company has been disposing of people’s financial records in a very unprofessional manner – they dump the material, un-shredded, into a public dumpster on the street.  No company spokesman was available to make a comment about how long this has been the company’s operating practice.  Also, because there is no notion of how many people have been affected, experts in the field of identity theft and personal security are advising frequent customers of the Sunmart locations to invest in ID theft services.

One of the largest providers, in the United States, of such services is Lifelock.  For a small monthly fee, the company maintains connections with the three major credit bureaus in America.  Each of these companies receives certain financial information about consumers and then maintains a score and record about the individual.  Lifelock steps in by monitoring these bureaus to find out whenever a new loan is filed or an application for a new credit card is entered into the system.  Lifelock then contacts its customer to make sure that they are the person who is submitting these applications and if it is an example of identity theft, they handle the next steps of tracking down the individuals.

In the case of the Petroleum Wholesale breach, the material found in the dumpsters contains more than enough data to allow someone to steal an identity.  Financial records that include names, home addresses, social security numbers, credit card and debit card numbers, along with their expiration dates, was all readily available.  There were also forms that contained drivers’ license numbers.  Additionally, returned checks, with bank routing numbers, were also found in the debris.  Authorities have not released how they found out about the material and if the person who reported the breach has been questioned.

Charges are already pending against the company.  While details are still sketchy, authorities say that Petroleum Warehouse will face charges about its failure to live up to the regulations of the 2005 Identity Theft Enforcement and Protection Act.  The company also failed to meet the agreements that all businesses reach over Chapter 35 of the Business and Commerce Code.  This chapter forces companies to develop and maintain secure methods for destroying secure information.  The fine associated with Chapter 35 includes a $500 fee for every financial record illegally disposed.  It looks like the Petroleum company might finally take a hit to its bottom line.

People used to go to the hospital because something ailed them physically. One wonders how long the string of medical related data breaches will continue before people start complaining to their doctors about worry-based ulcers. The most recent hack on a medical institution’s files wasn’t even a hack. It was a simple hit and run job. University Healthcare Hospital in Utah reported that it lost a laptop and jump drive that contained personal data. In this instance there was no corrupt employee or system breach. Someone simply entered one of the offices, pocketed the jump drive and walked out with the laptop underneath their coat.

While investigators are hoping to use an image captured on the security cameras to find the perpetrator, hospital administrators are still assessing the damage. After consulting their files, they alerted the media that 4,800 medical records had been on the laptop that was stolen. These records include personal data, such as addresses, driver’s license numbers, and social security numbers. Authorities report that these are the pieces of information that are most commonly used to commit identity theft and that individuals should be attentive to their records.

A spokeswoman for the hospital assured the media that the information was password protected. In addition to the files being encrypted, there was an additional security system on the laptop itself that should prevent anyone from being able to access the confidential material. Network security officials remain optimistic, although skeptical, that the thief will not be able to access the material. Despite the crude nature of the theft, there are many programs available for free on the internet that are able to break simple encryption and security features on laptops. The hospital also announced that the recent criminal activity on their premise has caused them to reevaluate their security procedures. As a result, they are upgrading all encryption settings and are making it illegal for employees to download personal information on to their own laptops to conduct work at home.

Although the breach took place in February, victims were not alerted until the middle of March. Hospital officials have not explained the delay in notifying affected individuals, although there is hope that they will fill in these details as the investigation continues. In mid-March, letters were sent out to all 4,800 people whose information had been compromised. While the case is still open, the hospital has agreed to provide identity theft services to all victims.

ID theft services, such as Lifelock, work to protect against illegal activity in the personal financial records of individuals. For a minimal monthly fee, which the hospital is paying in this case, members are alerted whenever activity is taken to open a new credit card in their name or efforts are made to get a loan. Lifelock has contact with all three major credit bureaus and monitors each for any activity that might not show up on the others.

This time around, the activities in Peoria, Illinois having nothing to do with Betty Friedan or The Feminine Mystique. While this town was the birthplace of the controversial feminist author, its most current claim to fame is one it wishes would never have happened. An employee at the Illinois Eye Center apparently was using her private access to personal files to screen applicants for identity theft.

Authorities don’t have all the details at this point, although they view the investigation as ongoing. No numbers have been given as to the number of potential victims, although the records at the Illinois Eye Center cover over 100,000 residents in the Land of Lincoln. The employee suspected as the culprit behind the crime worked for the company from June-November of 2007. During this time period, she accessed numerous files in an effort to learn which people had the best credit ratings and were the most susceptible to identity theft. The employees apparent targets were females, aged 18-25.

The Peoria Sheriff’s Department was first notified of a string of identity thefts in January 2008. After some investigative work, they learned that all of the women got treatment at the Illinois Eye Center. Further inquiries led authorities to the terminal used by the terminated employee. She was brought in for questioning and maintains her innocence, although police are hoping to charge her soon. The Illinois Eye Center would not release why the woman was no longer employed there, although they said that it had nothing to do with any violations of personal privacy laws and that they have been fully cooperating with the police.

At least ten attempts of identity theft have been made against women falling in between the 18-25 age range listed above. In the majority of these cases, the attempts have been unsuccessful. Unfortunately, in at least once case the theft was completed and a large loan was taken out by someone in the name of a victim. While none of the victims were available for comment at the time of this article, police said that the women had taken steps to protect their lines of credit and to halt any efforts at identity theft.

Within recent years, companies have developed in response to the prevalence of identity theft. One of these ID theft services is Lifelock. Best known for its promotions that involve the CEO shouting his social security number to groups of people in large cities, it provides services that monitor credit reports. It has contact with all three credit bureaus and alerts members to any actions that involve the bureaus. Such instance include taking out loans or opening new credit card accounts.

Authorities do not have a time table for when they think their investigation will conclude. Members of the Illinois Eye Center who were affected are advised to remain vigilant in their record keeping. The affected individuals should have received a letter from the company alerting them to this security breach. If you are a member and notice any suspicious activity on your financial accounts, alert the Peoria Sheriff’s Department immediately.

Everyone is concerned with their personal health information. News segments cover issue on the field on a nightly basis. There is a reason so many people are concerned. Not only are they worried about insurance companies denying them health coverage because of some piece of medical information, but also because of the damage done to individuals who have their personal histories stolen. That is the exact concern for 128,000 people who were insured by WellPoint, Inc. The Tampa based insurance provider reported a data breach earlier in this week.

The data breach was easily preventable, according to reports. Rather than an outside hacker illegally entering the system, an employee accidentally posted the material on the company’s website. The personal information that appeared on the website included social security numbers, prescription numbers, and pharmacy medical records. No information has surfaced about security measures undertaken by the company to prevent similar problems from taking place in the future. There is also no word about when the breach occurred, although it was reported in the middle of April.

Within the 128,000 affected people, at least 71,000 live in the state of Georgia. This group of 71,000 mostly includes low income individuals who were receiving insurance as part of a plan to supplement the health coverage of poor and under privileged people. No details are yet available about any individual complaints or legal actions under way by the affected individuals.

WellPoint, Inc. officials say that there have been no reported incidences of identity theft. In an effort to help those negatively affected by the data breach, the company is providing free credit report checking for all 128,000 victims. Experts in the field of network security view this as being an important step toward the company reclaiming its credibility.

Unfortunately, with the many data breaches happening on a daily basis, few companies are taking the same type of stand as WellPoint. In instances where the affected business does not step forward and approach the situation in a proactive sense, consumers are advised to take matters in to their own hands. Such steps involve monitoring credit cards, loan applications, and all information reported to credit bureaus. One method to streamline this process is to invest in a subscription to an ID theft service. Companies, like Lifelock, monitor all three credit bureaus and alert subscribers to any attempt to take out loans, open new credit cards, or proceed with any other fraudulent activities.

For the time being, officials continue to monitor the situation. Individuals who have their insurance through WellPoint and have not yet been contacted, should check for updates on the company’s website. Anyone who notices fraudulent activity on their accounts, whether through personal screenings or alerts from Lifelock, should contact WellPoint immediately to discuss the next step. Customer service representatives are available to answer all the questions of people insured by WellPoint.

Another international economic institution was hit today by a data breach. In this case, over 10 million Korean users of the popular auction site eBay, are the potential victims of identity theft. The breach occurred in late February, but was only recently discovered and reported to the media. Information about the material stolen in the breach is still uncertain, although authorities continue their investigations both within Korea and around the world.

While the 10.8 million affected Koreans have not all been notified, officials for eBay state that the data breach did not involve the theft of any information from American buyers or sellers. Details about how the company stores its data was not released and this has been the largest of any problems to affect the online auction company. Although there have been problems in the past, this is by far the largest and most troubling for the company. It recently made headlines when buyers went on strike to protest the extra costs now tied in to completing sales on the website.

Authorities involved with the investigation have only provided some details. While they assure that the personal information about the 10 million users was not stolen, they have not made clear how they are aware of this detail. Despite their optimism, personal ids and logins for the website were taken. This information could be used to access other accounts by Korean buyers and sellers who do not have different passwords for different accounts. Variations in passwords and user ids are important for everyone in today’s world. The same can be said for making sure that passwords are strong and use a variety of numbers, letters, and symbols.

Until the investigation is completed, consumers are expected to monitor their personal accounts. This involves credit cards, loans, and other personal information. Data breaches and identity theft are becoming too common. For those individuals who think they might have been affected, there are a variety of options to consider. Many people are vowing to keep an eye on their credit reports. While there are some free reports out there, many people are finding it burdensome to keep an eye on this material in a timely fashion. As a direct result of these difficulties, more and more people are turning to subscriptions by ID theft services. While a number of companies exist to provide these services, most people are turning toward Lifelock and its inexpensive services.

For the time being, authorities continue to investigate the breach. Local law authorities have concluded that the perpetrators were located outside of the country. Unfortunately, no further details have been made available. Asia has been the site of a number of recent data breaches, although many have been traced to Germany and other locations in Europe. While international law enforcement agencies try to combat the problem, consumers are being advised to take steps to protect their identities, such as purchasing subscriptions with Lifelock.

Comcast users beware! Once again a large company in the United States finds itself in trouble after having had its electronic data systems breached. The second largest provider of cable TV and internet services suffered a disruption of its services late last week. At the time of the company’s press conference with the media, the number of people affected was roughly estimated in the millions. Thankfully, it appears that the personal data of Comcast customers was not stolen.

As Roel Schouwenberg, vice-president of Kaspersky Lab, noted, “the hackers seemed more interested in fame than money.” The market for stolen information, such as personal addresses, drivers license numbers, social security numbers, and mother’s maiden names is widely known about on the Internet. In some chat rooms, identities can be purchased for as little as $12. With such prevalence, more and more individuals are investing in ID theft services, such as Lifelock.

The specifics of the Comcast case are still developing. Beginning on Wednesday evening, users who went to the Comcast homepage were redirected to a site that informed users that Comcast had been hacked. Thankfully, a site was not set up that would have allowed users to enter their personal information. Many subscribers use the Comcast homepage to access their personal and business email accounts. Insiders familiar with the case say that this could have been a much worse breach.

The hack occurred when the DNS settings for the Comcast homepage were changed by the guilty individuals. The redirected site contained the names “KRYOGENICS, Defiant and EBK.” KRYOGENICS is known for hacking other sites, most recently numerous celebrity accounts on MySpace. Although it was Comcast customers affected in the most current breach, investigators informed the media that it was a lack of security at Network Solutions. No one was available for comment at Network Solutions, although they were called multiple times.

Various reasons have been given for the hack, although no one is certain which is most accurate. The most frequently cited cause is the recent policy by Comcast to limit download speeds from such sites as Bit Torrent. These sites are frequently used to illegally download music and movies. Comcast has been in close contact with the music and film industries to help limit the amount of illegal downloading that has been occurring in recent years.

What has attracted so much attention to this case is the size of Comcast’s client network. It currently has 14.1 million customers, narrowly behind AT&T’s 14.6 million. Although this is the first time that a major company’s homepage has been hacked in a number of years, information security specialists remind consumers to be weary. No wonder more and more people are investing in ID theft services, Lifelock being one of the most popular choices. At the end of his interview, Schouwenberg stated, “there are a lot of sites compromised every hour, they just don’t get the same attention.”

Consumers, beware.

Everyone hates paying for long distance calling. In recent years, people have gotten away from calling cards and expensive programs on their landlines. For many, the better option was using their cellular phones which offered a cheaper plan for long distance calls. Yet, there is now an even more cost effective way to make calls – through the internet. Better known as VoIP, voice over IP, the system has been increasing in popularity. However, recent development have shown that there is an elevated chance of data breaches occurring with the system. Some companies have responded to the new concern with increased levels of security.

The company leading the charge to raise awareness about the need for security is Newport Networks. Based in the United States, the company is spreading the word about potential data breaches and the vulnerability of individual accounts. According to the vice president of the company, David Gladwin, the market for the logins and passwords is growing. When compared to credit cards, which have been illegally sold on the internet for years, logins and passwords for VoIP have a higher price. On average, they cost around $17, about five dollars higher than credit card numbers. While most people are unaware of the trafficking of stolen information on the internet, there has been an increase in the number of new subscribers to ID theft services, such as Lifelock.

In talking with Mr. Gladwin, he mentions that the threat of losing personal information is not as big of a concern for large companies that use VoIP. Their information is safely guarded in encrypted serves. The people who are really at risk are individual users, who use their home wireless networks to complete the calls. Gladwin said that when calls are completed, the login and password are sent along with the call in a form that is “easily captured and unobscured.” He goes on to explain that over 90% of the VoIP providers do not provide secure networks for calls. The software provided by Newport Networks provides encryption that protects the information of the user and only costs around $5 more a month.

However, there is not a consensus in the field about the prevalence of the crime. One VoIP provider, Skpe, says that it provides a service that includes encryption from end-to-end on all of its calls. Yet, it realizes that it is in the minority of companies that provides such high levels of security for its individual customers. Other analysts, such as Ian Fogg of the company Jupiter, state that this is a problem which has been blown out of proportion. Because the field is relatively new, it has not received the same amount of criminal attention as more established sections, such as the trafficking of credit card numbers. Nevertheless, one should stay cautious and carefully monitor all bills and records which show the calls made on their VoIP account.

It looks like the housing market is in trouble, yet again. If lending institutions were not already receiving enough negative attention in the media, the online mortgage firm LendingTree announced that it has suffered a data breach. The company has figured out the cause of this breach. Former employees illegally entered the system and granted other mortgage lenders access to customers’ personal data.

The extent of the breach is not fully known at this point. What is clear is that the information gathered by the other lending companies includes personal information, such as social security number, address, maiden name, and yearly income. All of this material is enough to allow someone to effectively steal the identity of one of LendingTree’s customers. It is advised that those who have taken out a mortgage with the firm consider purchasing an ID theft system, such as Lifelock. It is too early to tell how many people have been affected by this breach because LendingTree has been reluctant to provide full disclosure.

According to initial reports, the breach occurred over the course of 1.5 years, from late 2006 to early 2008. How the illegal activities of the former employees was discovered has not yet been released. LendingTree also remains silent on when the breach was first discovered and how long it took for them to alert the media. Although their discussions about the incident with the public have been limited, they have assured the media that they are fully cooperating with the authorities investigating the matter. The company also announced that it has taken legal action against the former employees and is suing them for damages. LendingTree, since the initial reports, has increased its security and has vowed to remain vigilant to prevent any future breaches from happening.

While some mortgage companies have praised LendingTree for its prompt handling of the situation, others have speculated that they did not act quickly enough. Their reluctance to share when the breach was discovered or the number of affected individuals is disconcerting to many. Equally troubling is the company’s claim that they believe no cases of fraud or identify theft took place. Unfortunately, this type of data breach is usually the cause of both activities. LendingTree’s claim does not seem to match up with their inability to share the full details about this case. Until LendingTree is able to alert its customers impacted by this breach, consumers need to remain vigilant. Purchasing Lifelock, or another ID theft service, is one step to take. Keeping track of individual credit card bills is also important. Consumers who have recently received an increased number of mortgage materials from other lenders will also want to check for illegal activity in their bank accounts.

Security Focus has reported that retail slugger TJX has finally settled up with all of the credit card issuers whose clients were exposed during the massive data breach they experienced in 2007. TJX has agreed to reimburse all of their clients for the cost of the reissue of their Mastercards. A few months ago TJX settled a $41 million claim with Visa in a similar response for their clients who had to have their Visa cards reissued with new credit card numbers.

The TJX breach was absolutely enormous with over 100 million credit cards exposed and their respective liability in covering was equally massive. It was unofficially advised for all clients to seek some sort of identity theft protection–Lifelock, Debix–something. Fortunately Lifelock is able to offer very significant identity theft protection for users at risk and the millions of people affected in this particular breach were prime Lifelock candidates.

It hasn’t been a great period for TJX–in addition to breach itself they were also sued by a collective of New England bankers (Maine, Massachusetts, and Connecticut) covering over 300 different banks in an enormous class action lawsuit. Ultimately that was settled for an undisclosed sum but since the banks had to pay around $25 per credit card for cancellation and reissue you’d have to imagine that the settlement amount was an astronomical number since over 100 million cards were facing reissue.

TJX’s breach occurred between 2005 and 2007 and the original number of people affected was, as it was later revealed, “only” 46,000,000. Unlike a lot of news on identity theft, this case was a blatant crime–there was no misplaced laptop, misused password–this particular case was a run-of-the-mill network hijacking. To date, it’s still the largest data breach in US history, far surpassing the paltry 27 million people affected when CardSystems’ network was breached in 2003. Consider the size of the breach, the affected customers were very lucky to only have been on the line for $8 million dollars of merchandise purchased with the stolen credit cards. With 125,000,000 cards exposed, that’s only about six cents charged per card. That certainly doesn’t make it ok or fair or any positive at all but at the same time, six cents a card in the context of this breach isn’t really that bad. Protect your identity!