Smear campaign: Identity thieves file oil spill claims

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

A fed­er­al grand jury indict­ed sev­en peo­ple after author­i­ties say they filed fraud­u­lent claims total­ing more than $2 bil­lion relat­ed to the 2010 Deep­wa­ter Hori­zon oil spill. The defen­dants were indict­ed on 95 counts of con­spir­a­cy, mail and wire fraud, iden­ti­ty theft, and aggra­vat­ed iden­ti­ty theft, the Jus­tice Depart­ment says. The indict­ment alleges that the defen­dants got the names and per­son­al data of more than 40,000 res­i­dents of areas affect­ed by the spill to sub­mit claims on their behalf with­out con­tact­ing them. “The defen­dants in this case are accused of exploit­ing a dis­as­ter relief pro­gram set up to help those who were injured or suf­fered an eco­nom­ic loss as a result of the BP oil spill—the worst envi­ron­men­tal dis­as­ter in Amer­i­can his­to­ry,” U.S. Attor­ney Gre­go­ry Davis said. Source:

A real concession on Facebook policy

sh_Facebook_280Face­book is mod­i­fy­ing the terms of its con­tro­ver­sial “real name” pol­i­cy, which demands that users go by their “authen­tic name” when on the social net­work rather than a pseu­do­nym. The trans and Native Amer­i­can com­mu­ni­ties have protest­ed the pol­i­cy, cit­ing its use by trolls as a weapon of harass­ment. The announce­ment comes in response to an open let­ter writ­ten by advo­ca­cy groups includ­ing the ACLU. The site will let users pro­vide con­text for using a name when con­firm­ing accounts. Face­book also will require users who flag oth­ers for using alter­nate names to pro­vide addi­tion­al detail and data in their com­plaint. The com­pa­ny hopes this step will dis­suade peo­ple from friv­o­lous­ly flag­ging pro­files, which locks the user out until they can con­firm they are who they say they are. Addi­tion­al­ly, Face­book will tweak both the name con­fir­ma­tion process, no longer requir­ing gov­ern­ment-issued IDs, as well as pro­vide a “more robust” and trans­par­ent appeals process for users locked out of their accounts. Source: Engad­get

Data vs. privacy case could cause wide ripples

The Supreme Court is set to hear a clash between pri­va­cy laws that pro­tect con­sumers and the desire of online data providers to avoid poten­tial­ly crip­pling law­suits if they post inac­cu­rate infor­ma­tion. Mon­day, the jus­tices are to take up the case of Thomas Robins, who sued Spokeo, a tech com­pa­ny that calls itself a “peo­ple search engine.” Spokeo sells pro­files of peo­ple drawn from data avail­able online. When the com­pa­ny pro­duced a pro­file of Robins, he was sur­prised to see him­self described as mar­ried with chil­dren, in his 50s, with a grad­u­ate degree and a pro­fes­sion­al job. None of that was true. He was 29, unmar­ried and unem­ployed. Robins sued, hir­ing Jay Edel­son, an attor­ney who brought the case as a class action on behalf of “mil­lions of indi­vid­u­als” whose pro­files appear on Spokeo. The suit is based on the fed­er­al Fair Cred­it Report­ing Act of 1970. Cor­po­rate Amer­i­ca is watch­ing the case close­ly. “If you have auto­mat­ic dam­ages for statu­to­ry vio­la­tions, it is a tick­et for class actions to sue for mil­lions and even bil­lions on behalf of peo­ple who didn’t suf­fer any harm,” said lawyer Roy Englert, who rep­re­sents the U.S. Cham­ber of Com­merce. Source: The Los Ange­les Times

Talk­Talk infor­ma­tion is cheap for some

sh_stolen data_280Reports say Britain’s Talk­Talk cus­tomers’ bank details are for sale for about $2.50 fol­low­ing a mas­sive online hack. East­ern Euro­pean crim­i­nal gangs are said to be the main buy­ers of such stolen finan­cial data, which includes the 21,000 cus­tomer bank account num­bers and sort codes that phone and broad­band provider Talk­Talk acknowl­edged had been hacked. One hack­er says he could make 150,000 pounds ($232,000) by sell­ing data to many mem­bers or orga­nized crime, who then use the infor­ma­tion to bur­gle homes after phon­ing ahead to see if they are emp­ty, send­ing bogus emails to defraud some­one, and threat­en­ing to delete data unless paid a ran­som. Source: The Dai­ly Mail

Yeah, we like more business, but maybe not this

Mas­sive data breach­es are the best adver­tis­ing for cyber insur­ance, con­vinc­ing many companies—especially in the retail and health care industries—to con­sid­er poli­cies. But for insur­ers, the loss­es are caus­ing insur­ance firms to ques­tion the under­writ­ing some of the largest com­pa­nies because any breach can result in mas­sive dam­ages. Tar­get esti­mates its loss­es from the 2013 breach will exceed $250 mil­lion, with $90 mil­lion cov­ered by insur­ance. The com­pa­ny had to work with sev­er­al insur­ers to build a pol­i­cy with such a high pay­out. Called a “tow­er” in the insur­ance indus­try, such tech­niques are in more demand. Breach­es are caus­ing pol­i­cy pre­mi­ums to rise sub­stan­tial­ly for larg­er com­pa­nies. Some report­ed esti­mates put the year-over-year increase at more than 30 per­cent. Source: eWeek

Some Vodafone customer accounts accessed

sh_vodafone_280Hack­ers may have accessed the bank details of near­ly 2,000 Voda­fone cus­tomers, the com­pa­ny has said. The mobile phone provider said 1,827 accounts were accessed, poten­tial­ly pro­vid­ing crim­i­nals with cus­tomers’ names, mobile num­bers, bank sort codes and the last four dig­its of their bank accounts. “This inci­dent was dri­ven by crim­i­nals using email address­es and pass­words acquired from an unknown source exter­nal to Voda­fone. Vodafone’s sys­tems were not com­pro­mised or breached in any way,” the com­pa­ny said. No cred­it or deb­it card details were accessed and the infor­ma­tion obtained by the crim­i­nals “can­not be used direct­ly to access cus­tomers’ bank accounts,” the com­pa­ny said. Source: The Guardian

Shadow hunters: Customer data said to be on Dark Web

British mobile pay­ments com­pa­ny Opti­mal Pay­ments said it was inves­ti­gat­ing alle­ga­tions that some cus­tomers’ per­son­al data had been com­pro­mised and was avail­able in the pub­lic domain. The com­pa­ny said the alle­ga­tions were that the data breach­es had occurred at two units in 2012 or ear­li­er. The data con­sists of names and email address­es of cus­tomers and is avail­able for pur­chase on the Dark Web, a source with knowl­edge of the hack told Reuters. The units had suf­fered data breach­es as a result of cyber attacks in 2009 and 2010, but none of its cus­tomers lost any mon­ey as a result, the com­pa­ny said. Source: Busi­ness Insurance

Anglo-American test checks cybersecurity

sh_U.S. and U.K._230The U.S. and British gov­ern­ments will hold a joint exer­cise to test cyber­se­cu­ri­ty and infor­ma­tion shar­ing arrange­ments involv­ing glob­al finan­cial insti­tu­tions, accord­ing to the U.K. Nation­al Com­put­er Emer­gency Response Team. The ini­tia­tive will not be a “war game” involv­ing live test­ing but instead will check com­mu­ni­ca­tion and coor­di­na­tion links between gov­ern­ments, author­i­ties and com­pa­nies. The exer­cise is part of ongo­ing engage­ment between the U.K. and U.S. after Pres­i­dent Oba­ma and Prime Min­is­ter David Cameron said in Jan­u­ary the two coun­tries would deep­en cyber­se­cu­ri­ty ties. Source: Bloomberg

Here’s a new debit card! Cause, uh, we got hacked

A large data breach at an uniden­ti­fied nation­al busi­ness has prompt­ed First Nation­al Bank of Oma­ha to reis­sue new deb­it cards to cus­tomers in sev­en states. First National’s secu­ri­ty was not com­pro­mised in the inci­dent, a spokesman said. Its con­nec­tion to the breach is lim­it­ed to cus­tomers who may have done busi­ness with the com­pa­ny that was the tar­get. “We recent­ly issued new deb­it cards across our sev­en-state ser­vice area to cus­tomers whose cards may have been com­pro­mised through a nation­wide breach that has not yet been announced,” First Nation­al said. The bank has oper­a­tions in Nebras­ka, Iowa, South Dako­ta, Kansas, Col­orado, Texas and Illi­nois, and in a let­ter to cus­tomers explained that fraud mon­i­tor­ing deter­mined those cus­tomers’ cards were at risk of being com­pro­mised because of the breach of an out­side com­pa­ny. Source: The Oma­ha-World Herald

Class-action suit may check into Trump Hotels

sh_trump_750The hotel chain that bears Don­ald Trump’s name is fac­ing a data breach class-action suit after sys­tems were hacked in two hotels in New York and oth­er loca­tions in Chica­go, Mia­mi, Las Vegas, Waiki­ki and Toron­to. Accord­ing to the pro­posed data breach law­suit, mal­ware was found in the Trump Hotel Collection’s sys­tems. Cus­tomers of the Trump Hotel Col­lec­tion who might have used their cred­it cards from May 19, 2014, to June 2 of this year may have been hacked. Accord­ing to the data breach law­suit, “the root cause of the data breach was defen­dants’ fail­ure to fix ele­men­tary defi­cien­cies in their secu­ri­ty sys­tems, abide by indus­try reg­u­la­tions and respond to oth­er sim­i­lar data breach­es direct­ed at retail­ers,” the law­suit con­tends. Source: Lawyers and Settlements

Authorities track postings on Facebook of Russia

When Russia’s Yeka­te­ri­na Vologzheni­no­va shared links about the war in Ukraine with online friends on VKon­tak­te, the Face­book of the Russ­ian-speak­ing world, offi­cers from the Inves­tiga­tive Com­mit­tee, an FBI-style law enforce­ment agency answer­able only to Pres­i­dent Vladimir Putin, were track­ing her online. Inves­tiga­tive Com­mit­tee offi­cers, accom­pa­nied by agents from the Fed­er­al Secu­ri­ty Ser­vice, the suc­ces­sor agency to the KGB, seized her com­put­er and her 12-year-old daughter’s tablet. They also informed Vologzheni­no­va that she was being charged with “incit­ing hatred” of Russ­ian “vol­un­teers” fight­ing in Ukraine, as well as of Russ­ian author­i­ties. She was placed on a list of “ter­ror­ists and extrem­ists” and her bank account and cred­it cards have been frozen. Vologzheni­no­va faces up to four years in jail if found guilty. Oppo­si­tion blog­gers say the per­se­cu­tion is part of an ongo­ing bid to silence Russia’s vibrant online com­mu­ni­ty. “Cas­es like Vologzheninova’s are intend­ed to fright­en oth­ers,” says Andrei Mal­gin, one of Russia’s most influ­en­tial oppo­si­tion blog­gers. Source: Newsweek