B12 Solipsism

Spreading confusion over the internet since 1994

Archive for the ‘data’ tag

Dental receptionist allegedly at the center of a massive identity theft scam

without comments

Teeth
Teeth…

Speaking of health care practitioners who cannot manage to protect personal data, there is another reason to be skeptical when your dentist wants copies of your drivers license and so on…

The New York District Attorney’s Office says that a massive identity theft ring stems from a Manhattan dental receptionist who stole customers’ personal information.

Four people, including 27-year-old Annie Vuong, the alleged receptionist, now stand accused of 394 charges relating to theft of $700,000. All four say they’re not guilty.

The scheme centers around the fact that it’s actually quite easy, if you have enough of a person’s information, to create an Apple account, and with one of those, it only takes about 30 seconds to get approved for a program to buy an Apple-themed Barclays Visa card. With one of those, customers can instantly turn right back around and buy Apple gift cards, which can be redeemed in Apple’s physical stores.

(click here to continue reading Dental receptionist allegedly at the center of a massive identity theft scam.)

Written by Seth Anderson

February 7th, 2015 at 3:44 pm

Posted in News-esque

Tagged with , ,

Your Data Is Not Safe at Anthem Nor At Other Healthcare Corporations

without comments

Classless Society

The next decade is going to be a continual escalation of these sorts of crimes. Many sectors of corporations have skimped on beefing up their security practices, making data theft easier for criminals to steal consumer data.

patient medical records typically include information not easily destroyed, including date of birth, Social Security numbers and even physical characteristics that make them more useful for things like identity theft, creation of visas or insurance fraud by falsely billing for expensive medical or dental procedures that were either never done or performed on someone else. Some criminals have also tried a form of so-called ransom ware in which they threaten to reveal medical information unless they are paid.

“The whole thing is evolving,” said Barbara Filkins, an analyst with the SANS Institute, which has studied the risk to the health care sector.

Hospital systems, for example, are increasingly asking for photo IDs and driver’s licenses in an effort to block patients who have stolen someone else’s medical identity, said John Barlament, a lawyer at Quarles & Brady in Milwaukee. The use of medical identity fraud is growing, he said. “It’s a one-way trend here,” he said.

(click here to continue reading Data Breach at Anthem May Lead to Others – NYTimes.com.)

Site of the Doctors' Commons
Site of the Doctors’ Commons

From my perspective, I hate when health care providers make copies of my drivers license and write down my social security number and so on. Why? Because I don’t trust that they will keep my data safe. Especially as there is a push to digitize health records, health practitioners need to have stronger data management and destruction policies. Should a dentist I visited once several years ago be able to keep all my information for ever? I guess I need to get a fake ID for these sorts of situations.

The push to digitize patient health records in hospitals and doctors’ offices has also made medical records increasingly vulnerable, according to security experts. Moving medical records from paper to electronic form allows both patients and providers better access, but it has also made patient records susceptible to breaches, whether unintentionally or through a criminal attack.

About 90 percent of health care organizations reported they have had at least one data breach over the last two years, according to a survey of health care providers published last year by the Ponemon Institute, a privacy and data protection research firm. The founder, Larry Ponemon, a security expert, says most were because of employee negligence or system flaws, but a growing number are malicious or criminal.

Last year, 18 health care providers reported data breaches because of some form of hacking. Information at Centura Health was compromised last year after a phishing scheme obtained access to employee email accounts. The data included, in some instances, Social Security numbers, Medicare beneficiary numbers and clinical information for 12,000 patients of the facility, based in Englewood, Colo. In another case, a keystroke logger virus that infected three computers for a few weeks early last year at the student health center at the University of California, Irvine, may have captured patient’s health and dental insurance numbers and diagnoses.

Health care providers have sharply increased their spending on data security in the last year, but they remain technologically far behind other industries, say experts.

(click here to continue reading Data Breach at Anthem May Lead to Others – NYTimes.com.)

Written by Seth Anderson

February 7th, 2015 at 12:35 pm

Posted in Business,health

Tagged with , , , ,

Photo Republished at All that Big Data Is Not Going to Manage Itself: Part One | The Signal: Digital Preservation

without comments

Data Dump 

My photo was used to illustrate this post

Since 2003 we’ve seen the National Science Foundation release its requirements for Data Management Plans (DMPs) and the White House address records management, open government data and “big data.”  There are now data management and sharing requirements from NASA, the Department of Energy… In this two-part series on government data management we’ll take a look back at some of the guidance that is driving data management practices across the federal government. In the second part we’ll look at the tools and services that have developed to meet the needs of this expanding data management infrastructure. It’s 2014 and we’re still struggling to ensure that the outputs of government-funded research are secure and made accessible as building blocks for new knowledge, but it’s not for lack of trying: federal government agencies such as NIH and the NSF recognized the need to preserve and keep data accessible through the requirements tied to their grant funding.

click here to keep reading :
All that Big Data Is Not Going to Manage Itself: Part One | The Signal: Digital Preservation

automatically created via Delicious and IFTTT

Written by eggplant

May 29th, 2014 at 10:52 am

Posted in Links

Tagged with , , ,

Facebook Is the NSA of Corporate America

without comments

Over Under Sideways
Over Under Sideways

Speaking of Big Data and Facebook, the marketing and privacy experts at Mark Zuckerman’s data mining company have come up with a new way to make money off of you: turning on the microphone on your mobile device, and listening in to your life as you live it.

The social network appears to be preparing to serve ads to users based on a Shazam-style feature that picks up via the microphones on devices with Facebook’s app installed—watching Breaking Bad? Check out this ad for the new drama on AMC. Listening to OutKast? Try Ludacris.…

Facebook’s ad strategy is getting more sophisticated every week; with the new tool (which Facebook stresses is optional, though you know how it is: if people like it and it’s convenient, that’s better than mandatory), it’ll have far more information about something Nielsen, Acxiom and other data giants conduct huge panel studies to determine: user media habits. Not the media habits users write down in diaries, but what people actually do and might not self-report to anyone but their friends—who marathons Murder, She Wrote until 3 in the morning or listens to nothing but Ween for three straight months.

  • It’s totally fair to wonder where the data derived from the recordings—song title, album, etc.—is stored and where it goes. Based on the fact that this is being used for marketing, the short answer seems to be “to people who are willing to pay to know what you’re into.” 
  • It’s hard to make this not creepy. Facebook is using your cell phone to listen to you and serve you ads. It’s doing it all in the name of user convenience, of course, but it’s still doing it. 
  • Marketers are going to love this. Dynamic ad serving has been a pipe dream for so long, and Facebook’s multi-billion-person user base is everyone’s favorite thing for that specific purpose.

(click here to continue reading Listening to Beyoncé? Facebook Has an Ad for You | Adweek.)

Or Pay The Price
Or Pay The Price

From the WSJ:

Facebook on Wednesday added a feature to its mobile app that identifies music and television shows playing in the background and suggests users share them with a larger audience.

The feature was the latest in a series of changes by Facebook to nudge users to divulge more—and more-specific—personal information on the social network. This week, it introduced a feature that allows users to prompt their friends to divulge more information about themselves. Last year, the social network allowed users to categorize posts by activity.

Facebook uses the data to sell targeted advertisements. The more detailed the information it gathers from users, the more personalized—and expensive—advertising the company can sell.

The recent changes represent an effort by Facebook to prod users into sharing more information about themselves. In recent years, the company has added categories, like “watching,” “eating” or “listening,” that users can add to their posts. In April it created a “traveling to” category, allowing users to post their travel destinations. A “nearby friends” feature, also rolled out last month, lets users know when their Facebook friends are in the vicinity. Turning on the feature lets Facebook track users wherever they go, even when the app is closed.

This week, Facebook began allowing users to request their friends’ relationship status using the new “Ask” button.

Advertisers like the additional data.

(click here to continue reading Facebook Adds Feature to Identify Music, TV Shows – WSJ.com.)

Continuous Video Recording in Progress
Continuous Video Recording in Progress

Amusingly, Facebook announced on the same day:

Responding to business pressures and longstanding concerns that its privacy settings are too complicated, Facebook announced on Thursday that it was giving a privacy checkup to every one of its 1.28 billion users.

 …

“They have gotten enough privacy black eyes at this point that I tend to believe that they realized they have to take care of consumers a lot better,” said Pam Dixon, executive director of the World Privacy Forum, a nonprofit research and advocacy group. Ms. Dixon was briefed in advance about the latest changes.

For most of its 10-year history, Facebook has pushed — and sometimes forced — its users to share more information more publicly, drawing fire from customers, regulators and privacy advocates across the globe.

(click here to continue reading Facebook Offers Privacy Checkup to All 1.28 Billion Users – NYTimes.com.)

Sure, sure they are.

Written by Seth Anderson

May 22nd, 2014 at 10:07 am

Posted in Advertising,Business

Tagged with , ,

Experian Sold Consumer Data to ID Theft Service

without comments

We Finally Came To Realize

We Finally Came To Realize

A troubling tale via Krebs on Security

An identity theft service that sold Social Security and drivers license numbers — as well as bank account and credit card data on millions of Americans — purchased much of its data from Experian, one of the three major credit bureaus, according to a lengthy investigation by KrebsOnSecurity.

Contacted about the reader’s claim, U.S. Info Search CEO Marc Martin said the data sold by the ID theft service was not obtained directly through his company, but rather via Court Ventures, a third-party company with which US Info Search had previously struck an information sharing agreement. Martin said that several years ago US Info Search and CourtVentures each agreed to grant the other company complete access to its stores of information on US consumers.

Founded in 2001, Court Ventures described itself as a firm that “aggregates, repackages and distributes public record data, obtained from over 1,400 state and county sources.” Cached, historic copies of courtventures.com are available through archive.org.

THE ROLE OF EXPERIAN

In March 2012, Court Ventures was purchased by Costa Mesa, Calif.-based Experian, one of the three major consumer credit bureaus. According to Martin, the proprietors of Superget.info had gained access to Experian’s databases by posing as a U.S.-based private investigator. In reality, Martin said, the individuals apparently responsible for running Superget.info were based in Vietnam.

Martin said he first learned of the ID theft service after hearing from a U.S. Secret Service agent who called and said the law enforcement agency was investigating Experian and had obtained a grand jury subpoena against the company.

While the private investigator ruse may have gotten the fraudsters past Experian and/or CourtVentures’ screening process, according to Martin there were other signs that should have alerted Experian to potential fraud associated with the account. For example, Martin said the Secret Service told him that the alleged proprietor of Superget.info had paid Experian for his monthly data access charges using wire transfers sent from Singapore.

“The issue in my mind was the fact that this went on for almost a year after Experian did their due diligence and purchased” Court Ventures, Martin said. “Why didn’t they question cash wires coming in every month? Experian portrays themselves as the databreach experts, and they sell identity theft protection services. How this could go on without them detecting it I don’t know. Our agreement with them was that our information was to be used for fraud prevention and ID verification, and was only to be sold to licensed and credentialed U.S. businesses, not to someone overseas.”

Experian declined multiple requests for an interview.

(click here to continue reading Experian Sold Consumer Data to ID Theft Service — Krebs on Security.)

Or Pay The Price
Or Pay The Price

so if your account was one of the unlucky ones, what was stolen?

These services specialized in selling “fullz” or “fulls,” a slang term that cybercrooks use to describe a package of personally identifiable information that typically includes the following information: an individual’s name, address, Social Security number, date of birth, place of work, duration of work, state driver’s license number, mother’s maiden name, bank account number(s), bank routing number(s), email account(s) and other account passwords. Fulls are most commonly used to take over the identity of a person in order to engage in other fraud, such as taking out loans in the victim’s name or filing fraudulent tax refund requests with the IRS.

All told, findget.me and superget.info acquired or sold fullz information on more than a half million people, the government alleges.

Why exactly do we as a society allow Experian and similar organizations collect this data in the first place? They accumulate the data, and sell it to advertisers, or to scammers, and what benefit does it bestow on us? Other than headache and grief…

There was much gnashing of teeth when we discovered just how many hard disks the N.S.A. has filled with our personal data, why does Experian and other similar corporations get a pass from the public?

Revolution of The Innocent
Revolution of The Innocent

especially when Experian will skip away from this investigation with nothing more than a slap on the wrist with a wet noodle…

Meanwhile, it’s not clear what — if any — trouble Experian may face as a result of its involvement in the identity theft scheme. This incident bears some resemblance to a series of breaches at ChoicePoint, a data aggregator that acted as a private intelligence service to government and industry. Beginning in 2004, ChoicePoint suffered several breaches in which personal data on American citizens was accessed by crooks who’d used previously stolen identities to create apparently legitimate businesses seeking ChoicePoint accounts. ChoicePoint was later sued by the U.S. Federal Trade Commission, an action that produced a $10 million settlement — the largest in the agency’s history for a violation of federal privacy law.

Experian makes about $500,000,000 in profit a year, btw.

Written by Seth Anderson

October 27th, 2013 at 11:05 am

Posted in Business

Tagged with , , ,