CyberScout is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

U.S. identity theft victims hit nearly 18 million

U.S. identity theft victims hit nearly 18 million
September 28, 2015

sh_identity theft_750

Almost 18 million people were victims of identity theft in the United States last year, with most crimes targeting credit cards and bank accounts, the Department of Justice said. That represents 7 percent of the U.S. population age 16 or older and is up by 1 million people from 2012. The report counts instances where a person experienced misuse of a financial or other account, not just a breach of personal information. Slightly more than two in every five cases involved a credit card account and just under two in five involved a bank account. About half of all victims became aware of a problem when contacted by a financial institution, with a further one in five noticing a fraudulent charge in an account. There was a rise in the number of victims age 65 or older, up 20 percent to 2.6 million. Source: CIO

Violence against women moves online

sh_online stalking_280Cyber violence is just as damaging to women as physical violence, says a U.N. report, which warns that women are growing more vulnerable to cyber violence as more regions gain Internet access. The report estimates that 73 percent of women have experienced cyber violence, and that women are 27 times more likely as men to be harassed online. In Europe, 9 million girls have experienced some kind of cyber violence by the time they’re 15. The U.N. defines violence against women as “any act of gender-based violence that results in, or is likely to result in, physical, sexual or psychological harm or suffering to women, including threats of such acts.” The report notes that cyber violence is an extension of that definition, and includes acts such as trolling, hacking, spamming and harassment. The report also argues that “cyber touch is recognized as equally as harmful as physical touch.” Source: Time

Cyber-coverage policy up to $100 million available

Insurer Ace Ltd. plans to offer cybersecurity policies providing up to $100 million in coverage with services from firms that help identify cybersecurity vulnerabilities and respond to cyber attacks. They include BitSight Technologies, FireEye’s Mandiant services group, Navigant Consulting, NetDiligence, Promontory Financial Group, and Verizon Communications. Customers go through intensive scrutiny during underwriting, a process that includes reviews of cybersecurity defenses, strategies for mitigating the impact of breaches and board plans for responding to attacks, said Toby Merrill of Ace Group’s global cyber practice. Applicants can still obtain coverage if deficiencies are uncovered, but they must allow an outside cybersecurity firm appointed by Ace conduct an on-site assessment. Source: Reuters

Europe may give U.S. data storage the cold shoulder

sh_online surveillance_280European companies may have to review their widespread practice of storing digital data with U.S. Internet companies after a court accused American intelligence services of conducting “mass, indiscriminate surveillance.” The opinion by the European court of justice’s advocate general, Yves Bot, yet to be confirmed by the Luxembourg court, is a significant development in the battle over online privacy. If any EU country considers that transferring data to servers abroad undermines the protection of citizens, the advocate general’s finding said, it has the power to suspend that transfer. The access of U.S. intelligence services to the data covers everyone using electronic communications services, “without any requirement that the persons concerned represent a threat to national security,” Bot’s opinion noted. Source: The Guardian

Insurance that fails to fill the bill

A Wyoming medical billing firm is trying to contact patients of one of its clients that a vehicle theft could result in a data breach of customer information. Insurance Data Services says a West Michigan Delivery Service courier car delivering account information for a client was stolen. The missing documents include information about a portion of Claystone Clinical Associates’ 2,900 patients. The documents include patients’ names, phone number, addresses, diagnoses code, treatment codes, insurer and account balances. No health records or other personal information such as Social Security numbers, credit card information, date of birth, banking information or medical records were breached. Source:

I say, that’s rather annoying

sh_health app_280Smartphone health apps backed by Britain’s National Health Service could be putting users’ privacy at risk, according to a study. Researchers from Imperial College London investigated how data was handled by apps endorsed by the NHS health apps library, and found several sent unencrypted personal and medical information over the Internet, putting users at risk of identity theft and fraud. The findings come after the government announced that patients soon could access their medical records by smartphone and urged the NHS to adopt more mobile technology. A test of 79 apps listed on the service over a six-month period in 2013 found that 70 transmitted data over the Internet, and 38 had a specific privacy policy that did not state what information would be sent. Source: The Guardian

Studying up on security needs

The employee records of some University of Calgary staff members were fraudulently accessed, and banking records altered, during an “isolated breach” being investigated by the Calgary Police Service. In a letter to University of Calgary staff, Linda Dalgetty, vice president of finance and services, says 29 employee records on the PeopleSoft system were altered during the security breach. The comprised accounts have been locked and removed from the school’s internal network. As a result of the breach, at least 13 employees did not receive their pay on Friday. The university has made alternate arrangements to ensure affected workers get their wages. Student records and accounts were not affected. Source: CTV News

Get on the bus, but with a stronger password

sh_bus app_280The Big Blue Bus is alerting customers of a potential data breach related to the NextBus program. Officials were notified of a data security incident at NextBus, the company that BBB works with to make predictive real-time bus arrival information available to customers in Santa Monica, Calif., and Los Angeles. BBB said the breach affected customers who created an individual account on and advised those customers to reset their passwords. “An unauthorized individual may have gained access to a database containing some account information of our NextBus agency customers and the riders who use NextBus services,” said a BBB alert. NextBus has disabled the compromised account, increased minimum password strength, and blocked traffic to or from any suspicious Internet addresses. Source: Santa Monica (Calif.) Daily Press

Governing governance in government

In a worldwide survey of 800 privacy professionals, agency employees in 70 percent of U.S. government programs say they’re not being given enough money to do their jobs properly, according to Government Executive. A survey conducted by the International Association of Privacy Professionals and EY (formerly Ernst and Young) showed that government agencies, on average, spend $130,000 on privacy protection. That compares with $250,000 in a regulated private company, such as banking and health care, and $300,000 in a nonregulated company. Nor are government agencies using all the tools they could to ensure privacy. Those in government were the least likely among the three categories to use internal audits and privacy working groups as part of their privacy strategies. Source:

Hilton guests might want to check out credit card bills

sh_hilton_280Hilton Worldwide is looking into reports that credit card information may have been exposed in hacks at Hilton Hotel properties across the United States. Cybersecurity journalist Brian Krebs, citing several banking sources, reported that a pattern of fraud has been detected involving credit cards used at point-of-sale registers in gift shops and restaurants at “a large number of Hilton Hotel and franchise properties.” It’s not clear how many properties were affected. In a statement, Hilton Worldwide said it was aware of the report. “We take any potential issue very seriously, and we are looking into this matter.” Source: NBC News

Troubles at my old Kentucky school

North Oldham High School in Goshen, Ky., is alerting 2,800 current and former students that a data breach could have exposed their names, Social Security numbers and other personal information. An outside scammer breached a computer after a nutrition services staff member at the school “ended up at a website that wasn’t the site she intended to be on,” said Oldham County Schools spokeswoman Tracy Green. On that computer was a database that contained the names, telephone numbers, addresses, Social Security numbers, and date of birth of both current and former students. The district began sending out letters to all students in the database earlier this week. Source: The Louisville Courier-Journal

U.S., China reach an ‘understanding’

sh_US and China_280President Obama reached a “common understanding” with Chinese President Xi Jinping on curbing economic cyber espionage, but threatened to impose U.S. sanctions on Chinese hackers who persist with cyber crimes. Speaking after White House talks during Xi’s first U.S. state visit, Obama homed in on the thorniest dispute between the world’s two biggest economies—U.S. complaints about Chinese hacking of government and corporate databases, and the suspicion that Beijing is sometimes behind it. “It has to stop,” Obama said, adding: “The question now is, are words followed by actions?” He made clear he is prepared to levy sanctions against cyber criminals. The two leaders said neither government would knowingly support cyber theft of corporate secrets or business information. Source: Reuters


The post U.S. identity theft victims hit nearly 18 million appeared first on Third Certainty.

Offer 24/7 CyberScout Protection

CyberScout's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, customer retention, and quickly generate long-term recurring revenue.

Get Started