http://www.pogowasright.org/article.php?story=20080910195659148
Countrywide, Franklin Savings Security Breach
Wednesday, September 10 2008 @ 07:56 PM EDT Contributed by: PrivacyNews
John Matarese mentions a breach for which I've found no confirmation so far, and I have contacted the bank to ask for confirmation and additional details. This report will be updated as information becomes available.
.... Letters are going out to customers of Franklin Savings and Loan, one of Cincinnati's oldest banks. A similar letter is going out to Countrywide mortgage customers.
The Blue Ash-based Franklin Savings has eight branches: are in Anderson and Delhi Township, Blue Ash, Obryonville, Roselawn, Forest Park, Sharonville, and Western Hills.
Franklin tells me a hacker accessed files of 25,000 customers...but says there is no evidence of any ID theft.
Source - WCPO
[The Franklin Artuicle:
Franklin tells me a hacker accessed files of 25,000 customers...but says there is no evidence of any ID theft. [The law doesn't require USE of the information stolen before it qualifies as Identity Theft, does it? Bob]
[The Countrywide article: http://www.connpost.com/ci_10431496
This time, there's no doubt: The personal information of more than 28,000 Connecticut residents was stolen from Countrywide Home Loan computers and sold.
The theft of data about more than 2 million people who applied to Countrywide for mortgages between July 2006 and July 2008 is unlike other recent data losses, Connecticut Attorney General Richard Blumenthal said Wednesday, because there is no doubt the information isn't just missing.
"It was sold, we know that. We don't know precisely who bought it," Blumenthal said, calling the loss "extraordinarily frightening," because it definitely came about through criminal activity.
... According to the affidavit, Rebollo said he downloaded information about approximately 20,000 customers each week for nearly two years onto a portable flash drive.
Most of Countrywide's computers had security features that blocked the use of the drives, but Rebollo, who worked at Countrywide for 9 1/2 years, said he had access to a computer without those features. He sold each group of 20,000 or so names for $500.
This would be fun here in the US. New Privacy laws would pop up everywhere! (Shouldn't we be able to call Paris Hilton and wish her a Happy Birthday?
http://www.pogowasright.org/article.php?story=20080911054959910
Se: Site unmasks hidden info on Swedish celebs
Thursday, September 11 2008 @ 05:49 AM EDT Contributed by:PrivacyNews
High profile Swedish politicians and prosecutors, famous artists and other celebrities with unlisted telephone numbers and addresses can all be found using a website designed to help people remember friends' birthdays – and there’s nothing the notables can do about it.
Those who ask to be removed from Birthday.se have so far had their requests denied.
“It’s not our database. We cannot and may not change it. So either we get rid of everything or we don’t get rid of any,” said Patric Ă–rner, the CEO of Berlock Information, which operates the site to the TT news agency.
Source - The Local
Comment: if that's their answer, then they should get rid of everything. -- Dissent.
[From the article:
That Birthday.se publishes the addresses of people with unlisted numbers has been known since the site was launched in the spring of 2006.
But the storm of criticism quickly died down when the company said it would change the site’s search function.
However, it’s still possible to look up celebrity’s addresses. The only difference is that now users must register themselves as a member of the site, which takes a matter of seconds.
Related
http://www.pogowasright.org/article.php?story=2008091105563723
AZ: Death notices removed from county Web site
Thursday, September 11 2008 @ 05:56 AM EDT Contributed by: PrivacyNews
Privacy concerns and identity-theft fears prompted Maricopa County Recorder Helen Purcell to halt public viewing of death certificates on the agency's Web site.
"There is so much personal information on them: a mother's maiden name, what they died from," Purcell said, adding that her office has been fielding complaints for years about the office's practice of posting death-certificate images. The office quietly took them down last month.
Source - azcentral.com
Related
http://www.pogowasright.org/article.php?story=20080911064322468
Irate Ark. man posts county e-mail records in privacy fight
Thursday, September 11 2008 @ 06:43 AM EDT Contributed by: PrivacyNews
An Arkansas resident is posting the internal e-mail records of various officials in the Pulaski County clerk's office on his Web site in retaliation for what he calls the county's refusal to remove certain public documents containing Social Security numbers from its Web site.
The e-mails are considered public records and were obtained by Bill Philips, a native of North Little Rock, under Arkansas' Freedom of Information Act (FOIA).
Source - Computerworld
Further IT incompetence?
The SF rogue admin Terry Childs installed a 'terminal server,' which appears to be a router, on the city's network, but investigators haven't been able to find or log into it
By Robert McMillan, IDG News Service September 10, 2008
... After a dramatic jailhouse meeting with San Francisco's mayor one week after his arrest, Childs handed over the data, but DTIS Chief Administrative Officer Ron Vinson said Wednesday that the city now expects to spend more than $1 million to clean up the mess. To date, DTIS has paid out $182,000 to Cisco contractors and $15,000 in overtime costs, he said.
The city has also set aside a further $800,000 to address the problem. Vinson did not specify what the additional money was expected to cover, but if the city has to hire network consultants to remap, reconfigure and lock down its network, this would not be an unreasonable estimate. The city has also retained a security consulting firm called Secure DNA to conduct a vulnerability assessment of its network.
What is the fix (technological or otherwise) for this type of crime? (Use cash?)
http://www.pogowasright.org/article.php?story=2008091106053534
GA: Liquor Store Clerk Busted for Huge ID Theft Operation
Thursday, September 11 2008 @ 06:05 AM EDT Contributed by: PrivacyNews
The Secret Service has arrested a man who is suspected of stealing credit card information from customers and using that information to live high on the hog.
Agent Forrest Pruitt tells WSB’s Jennifer Griffies that 29-year-old Vycas Yada, who was a clerk at Perry's Liquor Store in Athens, was arrested in Mississippi. “Items recovered include embossing machines, a laptop, as well as credit card coding machines. Other items taken of evidentiary value include items that were purchased illegally.”
According to authorities, Yadav had installed a secret camera at the cash register that would record a person's credit card information.
Source - wsbradio.com
The true power of Google?
http://tech.slashdot.org/article.pl?sid=08/09/10/203233&from=rss
Automated News Crawling Evaporates $1.14B
Posted by kdawson on Wednesday September 10, @04:10PM from the who-shall-watch-the-watchers dept. Google News
cmd writes
"The Wall Street Journal reports that Google News crawled an obscure reprint of an article from 2002 when United Airlines was on the brink of bankruptcy. United Airlines has since recovered but due to a missing dateline, Google News ran the story as today's news. The story was then picked up by other news aggregators and eventually headlined as a news flash on Bloomberg. [Fact checking is no longer an option. Bob] This triggered automated trading programs to dump UAL, cratering the stock from $12 to $3 and evaporating 1.14 billion dollars (nearly United's total market cap today) in shareholder wealth. The stock recovered within the day to $10 and is now trading at $9.62, a market cap of $300M less than before Google ran the story."
The article makes clear that Google's news bot only noticed the old story because it has been voted up in popularity on the site of the South Florida Sun-Sentinel newspaper. The original thought was that stock manipulation may have been behind the incident, but this suspicion seems to be fading. [Tracks covered, check! Bob]
Pogo seems to be on a “find some studies” kick. Interesting stuff! (Sometimes scary...)
http://www.pogowasright.org/article.php?story=20080911055812530
Most Companies Believe Theirs Sensitive Data Is at Risk
Thursday, September 11 2008 @ 05:58 AM EDT Contributed by: PrivacyNews
Nearly 70 percent of executives believe that their companies' sensitive information is at risk of data theft. [Should be 100% The trick is how they respond to that risk. Bob] But not all of them are taking the right steps to prevent it, according to a study published earlier today.
In a survey of more than 1,300 corporate executives -- 54 percent of whom have some direct responsibility for security -- security vendor Finjan found that 68 percent believe that their companies' intellectual property and other sensitive information is at risk of data theft. Seventy-three percent are more concerned about data theft than they are about lost productivity due to worms or virus infections.
Source - Dark Reading
Related - Finjan's press release and Finjan's Web Security Survey Report – H1/08 [pdf] (free reg. req.)
...and...
http://www.pogowasright.org/article.php?story=20080911061441566
Financial firms could have sensitive data stolen in 30 minutes or less
Thursday, September 11 2008 @ 06:14 AM EDT Contributed by: PrivacyNews
TraceSecurity, in its five-year statistics on Social Engineering and Penetration Testing, said that, on average, 95 percent of U.S. financial institutions’ sensitive data, including bank account records and social security numbers, could have been stolen in 30 minutes or less.
Between 2003 and 2008, TraceSecurity’s engineering team, headed by Jim Stickley, compromised the security of more than 1,000 financial institution branches. Had the attempts been genuine, TraceSecurity said that tens of millions of records could have been compromised as a result.
Source - The Tech Herald
...and...
http://www.pogowasright.org/article.php?story=20080911064144302
Study: Most U.S. banks not yet compliant with identity theft rules
Thursday, September 11 2008 @ 06:41 AM EDT Contributed by: PrivacyNews
Less than one-third of U.S. banks will be fully compliant with the U.S. government’s identity theft prevention rules by the Nov. 1 deadline, according to a new study.
With the deadline looming, research by Needham, Mass.-based TowerGroup found that many U.S. financial services institutions have mistakenly considered compliance with the “Red Flags Rules,” as they are known, as merely an administrative exercise.
Source - Business Journal
Is this related to reports of the Dear Leader's health problems?
http://www.pogowasright.org/article.php?story=20080910213059251
Korea Logs Highest Number of Network Security Breaches in August
Wednesday, September 10 2008 @ 09:30 PM EDT Contributed by: PrivacyNews
Nearly half of all computer network security breaches in the world last month occurred in South Korea, an industry report showed Thursday, tarnishing the nation's image as an information technology (IT) stronghold.
A network monitoring survey conducted recently by AhnLab, the nation's largest security solutions company, showed that 48 percent of all network security threats last month occurred in South Korea. The report did not elaborate on the number of breaches.
South Korea was trailed by the United States and Japan, with 17 percent and 13 percent, respectively. Hong Kong and India followed, with 7 percent and 5 percent, the report said.
Source - Telecoms Korea
“Good morning, Dave. Would you like to play a game of Chess?”
http://thehottestgadgets.com/2008/09/the-panasonic-life-wall-learns-your-preferences-001382/
The Amazing 150″ Panasonic Life Wall TV Learns Your Preferences
This is the Life Wall by Panasonic. An extremely thin 150″ TV that does amazing things. It has face recognition so that it recognizes the face(s) that watch it and adjusts the display or program to that person’s preferences automatically.
Even my students agree with me that this is coming fast.
http://www.economist.com/science/tq/displaystory.cfm?story_id=11999307
The meek shall inherit the web
Sep 4th 2008 From The Economist print edition
Computing: In future, most new internet users will be in developing countries and will use mobile phones. Expect a wave of innovation
... A case in point is M-PESA, a mobile-payment service introduced by Safaricom Kenya, a mobile operator, in 2007. It allows subscribers to deposit and withdraw money via Safaricom’s airtime-sales agents, and send funds to each other by text message. The service is now used by around a quarter of Safaricom’s 10m customers. Casual workers can be paid quickly by phone; taxi drivers can accept payment without having to carry cash around; money can be sent to friends and family in emergencies. [No need for checks, credit/debit cards, banks – any of that old 'brick & mortar' stuff. Bob]
... Xuehui Zhao, a recent graduate of the Anyang Institute of Technology in Henan province, explains that a typical monthly package for five yuan ($0.73) includes 10 megabytes of data transfer—more than enough to allow her to spend a couple of hours each day surfing the web and instant-messaging with friends. It is also much cheaper than paying 200 yuan per month for a fixed-broadband connection. [Looks like China could own the market here, if they chose to compete.. Bob]
Related Training (addicting?) them young.
http://reviews.cnet.com/8301-12261_7-10038783-51.html?part=rss&subj=news&tag=2547-1_3-0-5
Mobile carriers see opportunity in 'tween' market
Posted by Marguerite Reardon September 10, 2008 5:43 PM PDT
SAN FRANCISCO--Nearly half of kids age 8 to 12 years old own cell phones in the U.S., in what could be the next big cell phone demographic for the mobile industry, according to a Nielsen report released here Wednesday at the CTIA Fall 2008 trade show.
Does this mean Friday's orgy has been cancelled?
http://www.bespacific.com/mt/archives/019289.html
September 10, 2008
Interior OIG Investigations of Minerals Management Service Employees
"This memorandum conveys the final results of three separate Office of Inspector General (OIG) investigations into allegations against more than a dozen current and former Minerals Management Service (MMS) employees. In the case of one former employee, Jimmy Mayberry, he has already pled guilty to a criminal charge. The cases against former employees, Greg Smith and Lucy Querques Dennet, were referred to the Public Integrity Section of the Department of Justice (DOJ). However, that office declined to prosecute. The remaining current employees await your discretion in imposing corrective administrative action. Others have escaped potential administrative action by departing from federal service, with the usual celebratory send-offs that allegedly highlighted the impeccable service these individuals had given to the Federal Government. Our reports belie this notion." Investigative Reports as follows:
Collectively, our recent work in MMS has taken well over two years, involved countless OIG human resources and an expenditure of nearly $5.3 million of OIG funds. Two hundred thirty-three witnesses and subjects were interviewed, many of them multiple times, and roughly 470,000 pages of documents and e-mails were obtained and reviewed as part of these investigations."
Related? Management is often clueless...
http://idle.slashdot.org/article.pl?sid=08/09/10/1541200&from=rss
Verizon Tech Accused Of Making $220K In Sex Calls On User Lines
Posted by samzenpus on Thursday September 11, @02:31AM from the lots-of-lotion dept.
Joseph Vaccarelli, a former Verizon Technician, has been charged with racking up $220,000 in phone-sex calls by tapping into the land lines of nearly 950 customers. Authorities say that he made approximately 5,000 calls, resulting in 45,000 minutes of call time. Verizon estimated that out of a 40-week period, Vaccarelli spent 15 weeks talking on sex lines. How in the world do you have this much phone sex, period, but especially at work, and not have anyone notice?
The most significant use for the Internet since e-mail?
http://news.cnet.com/8301-1023_3-10038703-93.html?part=rss&subj=news&tag=2547-1_3-0-5
Amazon.com to uncork wine sales
Posted by Steven Musil September 10, 2008 5:00 PM PDT
Amazon.com customers will be able to buy wine through the e-tailer's Web site as early as this month, a spokesman for the Napa Valley Vintners Association said Wednesday.
Is this the future of textbooks? (Comments include a Texting version of the Origin of the Universe -- cute)
http://news.slashdot.org/article.pl?sid=08/09/10/1556242&from=rss
Virginia Begins Open-Source Physics Textbook
Posted by CmdrTaco on Wednesday September 10, @12:46PM from the wiki-physics-are-much-easier-than-textbook-physics dept. Education
eldavojohn writes
"The Commonwealth of Virginia has issued a request for contributions to an open source physics textbook (or 'flexbook' they termed it). They are partnering with CK-12 to make this educational textbook under the Creative Commons by Attribution Share-Alike license."