FULL EXPOSURE…LEADS TO DISCLOSURE OF MEDICAL DOCUMENTS…
This is why onsite shredding is so important!
Hundreds of medical records fly out of truck in southwest Omaha
Avoiding Identity Theft
Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.
Identity theft is serious. It can cost you time and money. It can destroy your credit and ruin your good name.
Skilled identity thieves use a variety of methods to steal your personal information, including:
- Dumpster Diving. They rummage through trash looking for bills or other paper with your personal information on it.
- Skimming. They steal credit/debit card numbers by using a special storage device when processing your card.
- Phishing. They pretend to be financial institutions or companies and send spam or pop-up messages to get you to reveal your personal information.
- Changing Your Address. They divert your billing statements to another location by completing a “change of address” form.
- “Old-Fashioned” Stealing. They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records from their employers, or bribe employees who have access.
So, what can you do?
Deter identity thieves by safeguarding your information.
-Shred financial documents and paperwork with personal information before you discard them.
-Protect your Social Security number. Don’t carry your Social Security card in your wallet or write your Social Security number on a check. Give it out only if absolutely necessary or ask to use another identifier.
-Don’t give out personal information on the phone, through the mail, or over the Internet unless you know who you are dealing with.
-Never click on links sent in unsolicited emails; instead, type in a web address you know. Use firewalls, anti-spyware, and anti-virus software to protect your home computer; keep them up-to-date.
-Don’t use an obvious password like your birth date, your mother’s maiden name, or the last four digits of your Social Security number.
-Keep your personal information in a secure place at home, especially if you have roommates, employ outside help, or are having work done in your home.
Detect suspicious activity by routinely monitoring your financial accounts and billing statements.
Be alert for:
-Bills that do not arrive as expected
-Unexpected credit cards or account statements
-Denials of credit for no apparent reason
-Calls or letters about purchases you did not make
Inspect:
-Your credit report. Credit reports contain information about you, including what accounts you have an your bill paying history. Under federal law, you are entitled to a free credit report each year from each of the three main credit bureaus: Equifax, Experian, and TransUnion. Visit www.AnnualCreditReport.com to ask for a copy.
-Your financial statements. Review financial accounts and billing statements regularly, looking for charges you did not make.
If you suspect identity theft:
- Contact the fraud deportments of each of the three major credit bureaus. Tell them to flag your file with a fraud alert including a statement that creditors should get your permission before opening any new accounts in your name. In a few months, order new copies of your reports to verify your corrections and changes, and to make sure no new fraudulent activity has occurred.
- Contact the creditors and tell them if your account has been tampered with or opened fraudulently. Ask to speak with someone in the security or fraud department. After your conversation, follow up in writing. Its required by the Fair Credit Billing Act for resolving errors on credit billing statements, including charges that you have not made.
- File a report with your local police or the police in the community where the identity theft took place. Keep a copy in case your creditors need proof of the crime.
- Report the theft to the Federal Trade Commission. Your report helps law enforcement officials across he country in their investigations. Visit ftc.gov/idtheft.
Armed with the knowledge of how to protect yourself and take action, you can make identity thieves’ jobs much more difficult. You can also help fight identity theft by educating your friends, family, and members of your community.
Confidential information abandoned in forgotten HANO building
WWLTV – Algiers, Louisiana
An office formerly belonging to the Housing Authority of New Orleans (HANO) was found to contain abandoned records, exposing social security numbers, driver license numbers, and other sensitive data. The records have been in the building for at least two years and it was apparent to local investigators that the records had recently been ransacked, exposing both adults and children to identity theft. “There really is no excuse. This office obviously has been abandoned for a period of time,” said Rafael Goyaneche, head of the Metropolitan Crime Commission. “And whoever was responsible for evacuating this facility had an ethical obligation to remove this material with them when they left.”
Authorities at HANO have agreed to look into the matter further and provide credit monitoring to those who may have been adversely impacted by the abandoned records.
Social Security Numbers Found Lying in the Street
Sensitive documents mysteriously appear in Des Plaines, putting identities at risk
www.chicagotribune.com – Chicago, Illinois
January 29, 2010 Documents, including intact W-2s, were found in the streets of Des Plaines, Illinois, presenting a significant risk of identity theft for local residents. The documents originally belonged to several local businesses, including the National Insurance Crime Bureau, and could not be immediately traced back to a specific destruction company.
The Chicago Tribune contacted NAID Executive Director Bob Johnson for a quote on this story, and he informed the reporters that a “good shredding company maintains an unbroken chain of custody over its documents, with a screened employee taking them from a locked container to a locked vehicle to a secured shredder.” NAID believes that given the nature of the incident, there is a high probability that a waste hauler or paper recycler may be the source of the paperwork.
Effectively Erasing Files
Authors: Mindi McDowell, Matt Lytle – US Computer Emergency Readiness Team
Before selling or discarding an old computer, or throwing away a disk or CD, you naturally make sure that you’ve copied all of the files you need. You’ve probably also attempted to delete your personal files so that other people aren’t able to access them. However, unless you have taken the proper steps to make sure the hard drive, disk, or CD is erased, people may still be able to resurrect those files.
Where do deleted files go?
When you delete a file, depending on your operating system and your settings, it may be transferred to your trash or recycle bin. This “holding area” essentially protects you from yourself–if you accidentally delete a file, you can easily restore it. However, you may have experienced the panic that results from emptying the trash bin prematurely or having a file seem to disappear on its own. The good news is that even though it may be difficult to locate, the file is probably still somewhere on your machine. The bad news is that even though you think you’ve deleted a file, an attacker or other unauthorized person may be able to retrieve it.
What are the risks?
Think of the information you have saved on your computer. Is there banking or credit card account information? Tax returns? Passwords? Medical or other personal data? Personal photos? Sensitive corporate information? How much would someone be able to find out about you or your company by looking through your computer files? Depending on what kind of information an attacker can find, he or she may be able to use it maliciously. You may become a victim of identity theft. Another possibility is that the information could be used in a social engineering attack. Attackers may use information they find about you or an organization you’re affiliated with to appear to be
legitimate and gain access to sensitive data.
Can you erase files by reformatting?
Reformatting your hard drive or CD may superficially delete the files, but the information is still buried somewhere. Unless those areas of the disk are effectively overwritten with new content, it is still possible that knowledgeable attackers may be able to access the information.
How can you be sure that your information is completely erased?
Some people use extreme measures to make sure their information is destroyed, but these measures can be dangerous and may not be completely successful. Your best option is to investigate software programs and hardware devices that claim to erase your hard drive or CD. Even so, these programs and devices have varying levels of effectiveness. When choosing a software program to perform this task, look for the following characteristics:
- data is written multiple times – It is important to make sure that not only is the information erased, but new data is written over it. By adding multiple layers of data, the program makes it difficult for an attacker to “peel away” the new layer. Three to seven passes is fairly standard and should be sufficient.
- use of random data – Using random data instead of easily identifiable patterns makes it harder for attackers to determine the pattern and discover the original information underneath.
use of zeros in the final layer – Regardless of how many times the program overwrites the data, look for programs that use all zeros in the last layer. This adds an additional level of security. While many of these programs assume that you want to erase an entire disk, there are programs that give you the option to erase and overwrite individual files. - An effective way to ruin a CD or DVD is to wrap it in a paper towel and shatter it. However, there are also hardware devices that erase CDs or DVDs by destroying their surface. Some of these devices actually shred the media itself, while others puncture the writable surface with a pattern of holes. If you decide to use one of these devices, compare the various features and prices to determine which option best suits your needs.
