Would someone please write an Identity Theft guide for reporters! I'd like them to at least point out the unanswered questions if not the outright impossible statements.
http://www.sptimes.com/2007/04/13/Business/Port_of_Tampa_employe.shtml
Port of Tampa employees victimized by ID thief
By Steve Huettel, Times Staff Writer Published April 13, 2007
A contractor's employee took personal information on thousands of people with Port of Tampa access badges and applied for credit cards in the names of about 20 of them, law enforcement officials said Thursday.
Daniel E. Glenn, 29, was arrested near his Lakeland home Thursday and charged with an offense against intellectual property to defraud/obtain property.
A computer technician for Siemens Building Technologies, Glenn was working on a computer upgrade at the Tampa Port Authority on Feb. 28.
He told port authority employees he needed access to the security badge database to fix corrupted data, according to an arrest report. [...and no one questioned this? Bob] The agency has issued 39,000 badges for longshoremen, truckers and workers at port businesses to enter secure areas along the waterfront.
"He copied thousands of names but only acted on only a very small number," said Mark Dubina, a supervisor with the Florida Department of Law Enforcement (FDLE) in Tampa. "He basically copied the database."
FDLE agents and local police recovered the copied data [and the copies of the copies? Bob] from Glenn's home Thursday, wrote port director Richard Wainio in a memo to agency employees.
Glenn used stolen data from about 20 people to make applications to at least four different credit card companies over the Internet, the FDLE said.
Investigators don't believe he got any cash or merchandise with cards issued in their names. Most of the victims are port authority personnel. They included a port authority governing board member and two managers, said Wainio, who declined to identify them.
Glenn was suspended with pay from Siemens Building Technologies, a subsidiary of German conglomerate Siemens AG, said spokesman Steve Kuehn. The company is investigating the allegations.
"In any instance like this, we take the issue very seriously," he said. "We want to assure customers of the integrity of our service and our relationship."
About 10 days ago, several port authority employees reported receiving calls from companies about credit card applications they'd never filled out, said Wainio. They asked if the port's computers had been hacked into. [How would they know to contact the Port? Bob]
Officials told the FDLE about the earlier computer work by Siemens and identified Glenn as the technician.
Investigators notified the three consumer credit agencies. They monitored Glenn's home mail and found correspondence from financial services companies addressed to people in the port database, according to the arrest warrant.
No worries, mate! We're the police, you can trust us to keep data secure!
http://www.theage.com.au/news/national/secret-police-files-infiltrated/2007/04/13/1175971353176.html
Secret police files infiltrated
Andrea Petrie April 14, 2007
THE girlfriend of a Melbourne crime figure has gained access to confidential police records in a serious security breach.
The woman, who was not a police officer, was working at the force's criminal records branch.
She was suspended from the force last month, resigned 14 days ago and has been interviewed by Purana taskforce detectives for inappropriately checking [Must be an Australian legal term Bob] the law enforcement assistance program (LEAP) and VicRoads databases.
Force command confirmed yesterday that an employee from the corporate support area had resigned because of "one occasion in which she inappropriately accessed" the database.
But senior police sources have told The Age she has been accused of wiping the records of possibly hundreds of criminals and selling information from the confidential files. The Age believes that a taskforce has been set up to check the records examined by the woman while she worked at the unit.
It is also believed to be checking records seen by all other staff in the unit, in case the woman had used their computers without their knowledge. [and you will prove that how? Bob]
The criminal records branch checks on about 1000 people a week to issue national police certificates for employment or voluntary duties.
All employees at the branch are civilians rather than sworn police.
The oversight is the latest of several embarrassing security breaches of the LEAP system, which last year forced the State Government to commit to a $59 million replacement system.
The upgrade is not expected to be introduced for several years.
One source said the woman's actions may have helped convicted criminals get clearance to work in prohibited areas such as the education system.
"The whole system has been compromised because no one bothered to check who this woman's boyfriend was," he said.
He said police had no idea until recently that the boyfriend was involved in organised crime.
"She was a senior officer who had a clearance check of the entire system so she could check anyone on LEAP and do anything she wanted to their file. [Security no-no! Bob] She's believed to have given a lot of people a clean bill of health and wiped their criminal records forever, which is absolutely astounding."
He said her alleged actions would make it easy for those with criminal convictions to get international visas.
"Wiping someone's criminal records could have also helped pedophiles, for instance, get work at child-care centres or in the education system, because employers can only go by what the police tell them about someone's criminal record. [Oh? Bob]
"There's also talk that a heap of bikies' records have been cleared and that crooks from interstate are coming down here and given Melbourne addresses and are cleared of everything they've been investigated or charged for in the past."
The LEAP database contains details of 4.42 million people, 1.22 million vehicles and 5.24 million incidents.
A police spokeswoman confirmed that the woman had resigned on March 30.
She said: "The ethical standards department has established a system of regular audits of the law enforcement assistance program in a pro-active strategy to identify instances of misuse.
"Victoria Police will not tolerate any misuse of LEAP. These regular audits clearly show that any inappropriate use of LEAP will be subject to discipline, including dismissal."
The woman's resignation took effect on the same day that Victoria's Commissioner for Law Enforcement Data Security, Laurie Bebbington, released new mandatory standards that police and authorised personnel must follow to protect the sensitive data available to them.
Under the standards, tighter controls and full security clearance are required for anyone with access to police files; police must maintain a formal disciplinary regime for those suspected of misusing law enforcement data, and police files may be disposed of only in an authorised and specified manner.
Where would you go if you wanted social security numbers?
http://www.informationweek.com/security/showArticle.jhtml?articleID=199000813&cid=RSSfeed_IWK_News
Social Security Administration Worker Charged In Identity Theft Scheme
A California woman is charged with conspiracy and fraud in connection with a scheme that racked up $2.5 million in credit card charges.
By Sharon Gaudin, InformationWeek April 13, 2007
A former Social Security Administration employee surrendered to federal authorities Wednesday to face charges of illegally disclosing personal information she took off a government computer that was then used in an identity theft scheme that racked up $2.5 million in credit card charges.
... Batiste is charged with conspiracy, accessing a protected computer to conduct fraud, and disclosure of a Social Security number. [I wonder if TJX could be charged with 45 million counts... Bob] If she is convicted of the three counts in the indictment, Batiste faces a maximum sentence of 15 years in federal prison.
The indictment alleges that Batiste conspired with her cohort Craig Harris and others by agreeing to access the Social Security Administration's computer system to run search queries for Harris.
Harris, a 50-year-old Los Angeles resident, pleaded guilty in September to conspiracy and unlawful possession of a means of identification. Harris, who faces a maximum sentence of 10 years in prison, is scheduled to be sentenced on July 17.
The government contends that Harris would give Batiste some identifying piece of information about someone -- either a name or Social Security number -- and Batiste would then query the government system to pull up enough other identifying information to put the person's identity at risk.
According to a government report, Bastiste allegedly was paid $20 for every search query she ran on the government computer system to obtain information for Harris. The indictment goes on to allege that Harris and his co-conspirators used the information to make approximately $2.5 million worth of unauthorized charges to credit card accounts.
What hath TJX wrought? Companies are looking to replace credit cards?
http://www.financialexpress.com/fe_full_story.php?content_id=160928
Lightening your stuffed wallet
... Hackers are not the only ones making a killing from plastic. Every time a customer uses a card, retailers must pay an “interchange” fee. This levy is, in effect, a toll for using the payment networks of Visa, MasterCard and others, which is mostly paid to the banks that issue such cards.
According to Nilson Report, a trade magazine, American merchants shelled out $56 billion in payment-card fees last year (see chart), over twice the amount they paid five years earlier. Small retailers feel the pinch the most. Celent, a research outfit, estimates that a small grocer with $1m in sales has seen interchange costs jump by 16% a year on average since 2000.
Taking aim at both of these flaws is GratisCard, a new payments system backed by Steve Case, the founder of AOL, launched later this month. The card, which can function as a debit, credit or prepaid card, is entirely anonymous. A thief who steals one will not find a customer’s name or account number on it, nor will a hacker find anything to decode in the card’s magnetic strip. Instead, customer data are stored in GratisCard’s data centre [AKA “the target” Bob] in Florida and sent to the till only as needed.
GratisCard will be the first to use the internet to zip data among merchants and banks. This allows it to side-step the big payment networks and their stiff interchange fees. Merchants that accept GratisCard simply pay a processing fee capped at 0.5% of a transaction.
Others are also hoping to profit from undercutting interchange fees. A handful of companies have sprung up offering payment cards that pull money directly from a customer’s bank account through the “automated clearinghouse” network, which was originally set up to settle cheque payments and now also handles electronic ones. One such outfit, Tempo Payments, charges a fee of 15 cents or less per transaction. Another, Pay By Touch, lets a customer pay from his bank account with an imprint of his finger. Almost half the accounts at PayPal, the popular online payments service, are financed directly from customers’ bank accounts.
Another follow-up. I'm beginning to suspect there is more going on here than has been reported...(Perhaps something like the next article?)
http://www.nbc6.net/news/11862075/detail.html
ChildNet Agency's Stolen Laptop Issue Warrants FBI Coverage
POSTED: 6:23 pm EDT April 13, 2007 UPDATED: 7:02 pm EDT April 13, 2007
FORT LAUDERDALE, Fla. -- A Broward County child welfare agency is under fire, officials said, and workers were told Friday to stay home as Federal Bureau of Investigation agents moved in.
Related Content: Video
Have you always wanted to be an e-criminal?
http://www.f-secure.com/weblog/#00001168
Friday, April 13, 2007 Posted by Sean @ 13:42 GMT
We have another phishing related demo for you today. This time it's a Rock Phish Kit in action. Rock Phish allows nontechnical individuals to create and carry out phishing attacks.
Demo (AVI – 8201k) Demo (SWF – 2821k) The video is also available via our YouTube Channel.
Breathing? Here comes the IRS
http://news.com.com/2100-1028_3-6176041.html?part=rss&tag=2547-1_3-0-5&subj=news
Selling stuff online? Here comes the IRS
By Declan McCullagh Story last modified Fri Apr 13 18:44:00 PDT 2007
Americans who sell items through Internet auction sites could be in for an unpleasant surprise at tax time next year, thanks to an IRS proposal designed to identify taxpayers who don't report income from those sales.
The U.S. Treasury Department wants Congress to force auction sites like eBay, Amazon.com and uBid.com to turn over the identities and Social Security numbers of a large portion of their users to the IRS--so tax collectors know how much each person made through online selling.
The effort is part of a larger plan, which enjoys enthusiastic support from both Democrats and Republicans, to close what's known as the "tax gap." It's a broad term that covers Americans who don't file tax returns or those who underreport their income, and the IRS believes it to total around $345 billion for the 2001 tax year.
But the proposal is likely to encounter stiff opposition from Internet auction aficionados, free-market advocates and the auction Web sites themselves, not all of which are large enough to be able to comply with the rules without financial hardship.
"It's a total nightmare," said Matt Stinchcomb, vice president of marketing for Etsy.com, which allows people to sell handmade goods. "Our goal as a company is to allow people to make a living making things, and this is just another impediment to that."
Stinchcomb said Etsy would be uncomfortable asking its users to divulge their Social Security numbers, which are required on the IRS 1099 forms used to report untaxed income. "There are so few things now that are private and sacred," he said. "I feel like your SSN is one of them. Imagine, too, if every e-commerce site starts requiring this, the amount of times that data will be collected or falsely collected. There's a huge potential for fraud and identity theft."
But Washington politicians are looking around for any idea that will increase tax revenue without a formal vote to raise taxes.
... "What's happening is there's this assumption that people aren't reporting," she said. "There are a good number of people who are professional sellers on eBay. However, there's no evidence or any kind of statistic out there to indicate those folks aren't already accurately reporting to the IRS."
... "The IRS coveted this kind of data for years and they didn't have a chance of forcing you to collect it from garages, from flea markets," said Steve DelBianco, vice president for public policy at the Association for Competitive Technology, which represents thousands of technology companies. "But they have a chance in the online world. They're getting the data because they can, not because it'll generate significant amounts of income."
Show me a better tool and I'll use it. Tell me my tax dollars should support your research and I'll say “Pork!”
http://hardware.slashdot.org/article.pl?sid=07/04/13/2130206&from=rss
National Projects Aim to Reboot the Internet
Posted by Zonk on Friday April 13, @09:09PM from the do-it-right-this-time dept.
iron-kurton wrote with a link to an AP story about a national initiative to scrap the internet and start over. You may remember our discussion last month about Stanford's Clean Slate Design project; this article details similar projects across the country, all with the federal government's blessing and all with the end goal of revamping our current networking system. From the article: "No longer constrained by slow connections and computer processors and high costs for storage, researchers say the time has come to rethink the Internet's underlying architecture, a move that could mean replacing networking equipment and rewriting software on computers to better channel future traffic over the existing pipes. Even Vinton Cerf, one of the Internet's founding fathers as co-developer of the key communications techniques, said the exercise was 'generally healthy' because the current technology 'does not satisfy all needs.'"
What a shock! Perhaps they are learning about sex from other sources?
http://news.yahoo.com/s/ap/20070413/ap_on_go_ot/abstinence_study
Study: Abstinence classes don't stop sex
By KEVIN FREKING, Associated Press Writer Fri Apr 13, 5:37 PM ET
WASHINGTON - Students who took part in sexual abstinence programs were just as likely to have sex as those who did not, according to a study ordered by Congress.
Perhaps I should ask for a review copy... Purely for academic purposes. (Probably available on YouTube)
Principal, teacher resign after racy DVD made public
Tribune staff report April 13, 2007, 9:47 PM CDT
Cook County sheriff's police are trying to figure out who recorded a south suburban school principal engaging in sex acts with two school employees on separate occasions in his office.
The sounds and images, burned to DVD, were mailed this week to parents and news outlets.
Leroy Coleman, principal of Sandridge Elementary School, near Lynwood, resigned Thursday, citing health reasons, said John Izzo, an attorney for the district. A female teacher resigned the same day, citing family illness, and a teacher's aide quit Friday without explanation, he said.
John Palcu, first deputy chief with the Cook County sheriff's police, said investigators were working with the state's attorney's office to determine if charges could be brought against any or all of the adults caught on video or the person who recorded them. [Has the law been broken? Bob]
Palcu noted that parents of Sandridge students were concerned about the principal's lack of judgment and the fact that the sexual encounters could have happened while school was in session. [Clearly, this is an after-school activity! Bob] If that's true, Coleman could face official misconduct charges, Palcu said.
Izzo expressed concern about the incidents on many fronts.
"Somebody without permission gained access to confidential district office space and planted a surreptitious recording device, [What makes you think it was surreptitious? Bob] and that's frightening," Izzo said. "There are confidential records there—student records."
He said no one at the district level had seen the DVD, but he was told the images could be a few months old.
The principal and the women are also to blame, Izzo said.
All you need to attract your own personal “monitor” is an audience and a viewpoint they disagree with. (Pay attention politicians.)
http://politics.slashdot.org/article.pl?sid=07/04/14/0524206&from=rss
Blogger Spurs US Radio Host's Firing
Posted by Zonk on Saturday April 14, @06:26AM from the those-tubes-they-reach-everwhere dept. Media The Internet Politics
jas_public writes "The Wall Street Journal reports on the controversial events which ultimately led to the firing of radio shock jock Don Imus. 'At 6:14 a.m. on Wednesday, April 4, relatively few people were tuned into the "Imus in the Morning Show" ... Ryan Chiachiere was. A 26-year-old researcher in Washington, D.C., for liberal watchdog organization Media Matters for America, he was assigned to monitor Mr. Imus's program. Mr. Chiachiere clipped the video, alerted his bosses and started working on a blog post for the organization's Web site.' The article breaks down how that viral video clip and word of mouth outrage reached the ears of the presidents of CBS and MSNBC, ultimately leading to Imus' dismissal."