Identity theft often traced to nondigital sources

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Although identity theft is frequently associated with mega-data breaches such as the Target breach in 2013, research from the Center for Identity at the University of Texas at Austin has found that old-fashioned “analog” theft is the major driver in identity-related crimes. The findings, in the 2017 Identity Theft Assessment and Prediction Report, found that approximately 50 percent of identity theft incidents analyzed between 2006 and 2016 resulted from criminals exploiting nondigital vulnerabilities, such as empty prescription drug bottles or sensitive paper documents. Vulnerabilities caused by human error often are used by identity theft fraudsters. The report also found that despite the attention high-profile nationwide data breaches receive, the majority of identity theft cases—99 percent—were confined to a local geographical area, smaller businesses or certain victim profiles. Additionally, the research found that “insider threat” played a role in 34 percent of cases, meaning employees of companies or family members of individuals had a role in one-third of identity theft cases analyzed. Source: Phys.org

Chipotle says hackers invaded payment system

Chipotle Mexican Grill said it detected unauthorized activity on its payment system this spring. CFO Jack Hartung said the hack affected the company’s credit card systems from March 24 through April 18. Source: Nation’s Restaurant News

Russians now accused of interference in French election

Researchers with the anti-virus firm Trend Micro say French presidential front-runner Emmanuel Macron’s campaign has been targeted by Russia-linked hackers, adding more detail to previous suggestions that the centrist politician was being singled out for electronic eavesdropping by the Kremlin. The campaign’s digital chief, Mounir Mahjoubi, confirmed the attempted intrusions in a telephone interview late Monday but said they had all been thwarted. Source: CBS News

Air Force asks white-hat hackers to go after bugs

The U.S. Air Force announced a bug bounty challenge, asking researchers for finding and reporting weaknesses in the organization’s cybersecurity. “We are under attack right now. And [the attackers] aren’t telling us what’s going wrong,” said Peter Kim, the Air Force’s chief information security officer. The program, run by the contractor HackerOne, will apply to public-facing Air Force systems. Source: The Hill

Organizations see a disconnect in coverage of assets

Despite believing that their plant, property and equipment are less valuable than their cyber assets, most organization spend four times more on insurance protecting their physical plants, properties and equipment than they do their information-based assets. The 2017 Cyber Risk Transfer Comparison Global Report notes that most organizations spend more on fire insurance premiums than on cyber insurance even though the probability of any particular building burning down is significantly lower than 1 percent. Source: Insurance Journal

Bitcoin exchange loses a bundle, customers to pay up

South Korean exchange Yapizon has reportedly lost 3,800 bitcoin in customer funds to hackers. Yapizon said it would dock remaining customer balances by the same amount to spread the burden of the losses. Source: Coin Telegraph

U.S. finances need better protections, report says

The Federal Reserve could be doing more to protect the nation’s financial industries in the face of cyber peril says a report from the Fed’s Office of Inspector General. The report called for tighter security procedures surrounding multiregional data processing service firms, which provide technology services to the financial industry. These firms may process mission-critical applications for multiple institutions in diverse locations across the country, and are considered a vulnerable point. Source: FCW.com

TalkTalk isn’t cheap-cheap as two plead guilty in hack attack

Two men admitted to being part of a 42 million pound ($54 million) hack attack on the TalkTalk website. Matthew Hanley supplied data for hacking to another man and gave Connor Allsopp the personal and financial details of a TalkTalk customer. Source: BBC

If you’ve got the Look, it might look at you when you’re not looking

Amazon’s new version of its Echo smart-home device, the Look, boasts a built-in video camera that can capture your outfits and provide fashion recommendations. But it also creates privacy issues. Is the device always listening? Who can see the photos and videos it takes? If you don’t want the device watching or listening to you, you can turn the camera and microphone off. Source: Business Insider

Cleanup service might leave something in the dust for Uber

Inbox cleanup service Unroll.me was sued in Northern California District Court for failing to adequately disclose how it allegedly harvests data from its users’ accounts. The lawsuit accuses Unroll.me and its parent company, Slice, of violating the Electronic Communications Privacy Act and the Stored Communications Act. Unroll.me offers a free service that promises to organize your inbox by sorting subscription emails and letting you unsubscribe from the ones you don’t want. But according to reports, Unroll.me also tracked emailed receipts sent by the ride-sharing company Lyft, and sold them to Uber, Lyft’s biggest competitor. Source: CNet