Identity theft often traced to nondigital sources

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Although iden­ti­ty theft is fre­quent­ly asso­ci­at­ed with mega-data breach­es such as the Tar­get breach in 2013, research from the Cen­ter for Iden­ti­ty at the Uni­ver­si­ty of Texas at Austin has found that old-fash­ioned “ana­log” theft is the major dri­ver in iden­ti­ty-relat­ed crimes. The find­ings, in the 2017 Iden­ti­ty Theft Assess­ment and Pre­dic­tion Report, found that approx­i­mate­ly 50 per­cent of iden­ti­ty theft inci­dents ana­lyzed between 2006 and 2016 result­ed from crim­i­nals exploit­ing nondig­i­tal vul­ner­a­bil­i­ties, such as emp­ty pre­scrip­tion drug bot­tles or sen­si­tive paper doc­u­ments. Vul­ner­a­bil­i­ties caused by human error often are used by iden­ti­ty theft fraud­sters. The report also found that despite the atten­tion high-pro­file nation­wide data breach­es receive, the major­i­ty of iden­ti­ty theft cases—99 percent—were con­fined to a local geo­graph­i­cal area, small­er busi­ness­es or cer­tain vic­tim pro­files. Addi­tion­al­ly, the research found that “insid­er threat” played a role in 34 per­cent of cas­es, mean­ing employ­ees of com­pa­nies or fam­i­ly mem­bers of indi­vid­u­als had a role in one-third of iden­ti­ty theft cas­es ana­lyzed. Source:

Chipotle says hackers invaded payment system

Chipo­tle Mex­i­can Grill said it detect­ed unau­tho­rized activ­i­ty on its pay­ment sys­tem this spring. CFO Jack Har­tung said the hack affect­ed the company’s cred­it card sys­tems from March 24 through April 18. Source: Nation’s Restau­rant News

Russians now accused of interference in French election

Researchers with the anti-virus firm Trend Micro say French pres­i­den­tial front-run­ner Emmanuel Macron’s cam­paign has been tar­get­ed by Rus­sia-linked hack­ers, adding more detail to pre­vi­ous sug­ges­tions that the cen­trist politi­cian was being sin­gled out for elec­tron­ic eaves­drop­ping by the Krem­lin. The campaign’s dig­i­tal chief, Mounir Mahjoubi, con­firmed the attempt­ed intru­sions in a tele­phone inter­view late Mon­day but said they had all been thwart­ed. Source: CBS News

Air Force asks white-hat hackers to go after bugs

The U.S. Air Force announced a bug boun­ty chal­lenge, ask­ing researchers for find­ing and report­ing weak­ness­es in the organization’s cyber­se­cu­ri­ty. “We are under attack right now. And [the attack­ers] aren’t telling us what’s going wrong,” said Peter Kim, the Air Force’s chief infor­ma­tion secu­ri­ty offi­cer. The pro­gram, run by the con­trac­tor HackerOne, will apply to pub­lic-fac­ing Air Force sys­tems. Source: The Hill

Organizations see a disconnect in coverage of assets

Despite believ­ing that their plant, prop­er­ty and equip­ment are less valu­able than their cyber assets, most orga­ni­za­tion spend four times more on insur­ance pro­tect­ing their phys­i­cal plants, prop­er­ties and equip­ment than they do their infor­ma­tion-based assets. The 2017 Cyber Risk Trans­fer Com­par­i­son Glob­al Report notes that most orga­ni­za­tions spend more on fire insur­ance pre­mi­ums than on cyber insur­ance even though the prob­a­bil­i­ty of any par­tic­u­lar build­ing burn­ing down is sig­nif­i­cant­ly low­er than 1 per­cent. Source: Insur­ance Journal

Bitcoin exchange loses a bundle, customers to pay up

South Kore­an exchange Yapi­zon has report­ed­ly lost 3,800 bit­coin in cus­tomer funds to hack­ers. Yapi­zon said it would dock remain­ing cus­tomer bal­ances by the same amount to spread the bur­den of the loss­es. Source: Coin Tele­graph

U.S. finances need better protections, report says

The Fed­er­al Reserve could be doing more to pro­tect the nation’s finan­cial indus­tries in the face of cyber per­il says a report from the Fed’s Office of Inspec­tor Gen­er­al. The report called for tighter secu­ri­ty pro­ce­dures sur­round­ing mul­ti­re­gion­al data pro­cess­ing ser­vice firms, which pro­vide tech­nol­o­gy ser­vices to the finan­cial indus­try. These firms may process mis­sion-crit­i­cal appli­ca­tions for mul­ti­ple insti­tu­tions in diverse loca­tions across the coun­try, and are con­sid­ered a vul­ner­a­ble point. Source:

TalkTalk isn’t cheap-cheap as two plead guilty in hack attack

Two men admit­ted to being part of a 42 mil­lion pound ($54 mil­lion) hack attack on the Talk­Talk web­site. Matthew Han­ley sup­plied data for hack­ing to anoth­er man and gave Con­nor All­sopp the per­son­al and finan­cial details of a Talk­Talk cus­tomer. Source: BBC

If you’ve got the Look, it might look at you when you’re not looking

Amazon’s new ver­sion of its Echo smart-home device, the Look, boasts a built-in video cam­era that can cap­ture your out­fits and pro­vide fash­ion rec­om­men­da­tions. But it also cre­ates pri­va­cy issues. Is the device always lis­ten­ing? Who can see the pho­tos and videos it takes? If you don’t want the device watch­ing or lis­ten­ing to you, you can turn the cam­era and micro­phone off. Source: Busi­ness Insider

Cleanup service might leave something in the dust for Uber

Inbox cleanup ser­vice was sued in North­ern Cal­i­for­nia Dis­trict Court for fail­ing to ade­quate­ly dis­close how it alleged­ly har­vests data from its users’ accounts. The law­suit accus­es and its par­ent com­pa­ny, Slice, of vio­lat­ing the Elec­tron­ic Com­mu­ni­ca­tions Pri­va­cy Act and the Stored Com­mu­ni­ca­tions Act. offers a free ser­vice that promis­es to orga­nize your inbox by sort­ing sub­scrip­tion emails and let­ting you unsub­scribe from the ones you don’t want. But accord­ing to reports, also tracked emailed receipts sent by the ride-shar­ing com­pa­ny Lyft, and sold them to Uber, Lyft’s biggest com­peti­tor. Source: CNet