Identity Theft Secrets           Videos             News               SuperSleuths                Articles               About          Solution           Contact          Links

Join the IDT SecretsSuperSleuths.    Your Name:      E-mail:

Those who took out a loan from Nelnet between November of 2002 and May of this year could be at risk for identity theft.

Nelnet said a tape containing personal information got lost in the hands of UPS. About 188,000 customers who used Nelnet services between November of 2002 and May of 2006 could be affected. "Nelnet and UPS are trying to figure out how the tape was lost. They said they know the package came out of Aurora, Colorado, but it never made it to its destination."

The Identity Theft Guru says this is no big shocker.

Let's see... you take an average UPS worker making $35,000/year, and give him 180,000 people's information. If he knows what to do with that information, it can easily net him $2/name on any of the online boards where people buy and sell information. $360,000 for one missing package? Sounds like a pretty good trade-off to the average middle class UPS worker.

"Nelnet has already sent a letter out to the thousands of customers with information on the tape. They are currently changing its system to encrypted electronic transmission. UPS said it is possible that the package is still in the UPS network. The personal information includes Social Security numbers that were on the Nelnet computer data tape the was lost. "The company sends out 15 million packages a day. Unfortunately, we lost this one. That's extremely rare for us," said UPS spokeswoman Lynnette McIntire."

"We don't believe information on this tape has been acquired by any sort of unauthorized person or that the information has been accessed," said Ben Kiser, Nelnet spokesman."

Well Mr. Kiser, that doesn't make anyone feel more secure. But it shouldn't really. Their information has probably already been compromised in any of the other reported data breaches in the past 2 years that have resulted in over 80 million pieces of compromised information.

Carrie Roll, a college student at the University of Colorado at Boulder who could be affected by this latest data compromise, said "If anybody thinks their information hasn't been stolen yet, then they're pretty naive. Your information is gone, and it's just a matter of time until someone decides to use it."

Want to see the IdentityTheftSecrets solution to Identity Theft?

Posted by Jonathan at 01:01 PM | Permalink | Comments (0)

Check out this new PayPal Spoof video.

One of the interesting things about this email "from PayPal" is that they are actually trying to show you an email that offers you things such as "Identity Protection Highlights" and "Ways to Spot phishing emails" even though this is a phishing email itself.

Check out the newest PayPal Phishing email here.

Posted by Jonathan at 12:48 PM | Permalink | Comments (1)

CS Stars, an independent insurance brokerage, has lost 540,000 people's information.

The article says that the information was on a laptop that was stolen, and the file is password protected. The article suggests that the information would have been more secure had it been encrypted.

An independent insurance brokerage, huh?

Let's talk about how an insurance brokerage works for a moment.

When you apply for health insurance, unless that insurance is purchased through a large company (which has many potential identity theft repercussions of its own), your information is taken and farmed out to several insurance companies, to see who can offer you the best prices. Let's say that there are three companies who are fighting for your business as partners of this broker.

How many people have your information now? 4 you say? Only if each of those insurance companies only has one employee. But what if each company has ten employees, or 100 employees? Your information is now accessible by 40 or 400 people. All because you did something simple, like shop for inexpensive health insurance.

Try encrypting those connections.

The article goes on to talk about the CS Stars' plan for those whose information has been compromised.

At least CS Stars is doing the right thing - albeit after the fact - but they're doing the right thing, by offering an Identity Theft Insurance plan which offers not only credit monitoring, but also access to fraud resolution specialists.

Here's what's different about these 540,000 New Yorkers from the average American - they've been put on alert that they are at risk for Identity Theft, and they have a plan for fixing it WHEN (not if), it happens.

If you are an American with a social security number, this is your alert. YOU are at risk for Identity Theft. As we climb towards 100 million pieces of Americans' personal information being compromised, the likelihood that you will be a victim increases exponentially.

What's your plan? Is your plan for it not to happen to you? Good luck! Here's an alernative solution you should consider.

Posted by Jonathan at 02:03 PM | Permalink | Comments (1)

The Kansas City Star has an interesting article this morning about how the IRS has far too much access to our personal information.

From this article, the SuperSleuth learned that the IRS employs over 100,000 people. That many people having access (to all the information required by an organization like the IRS) is never a good thing.

The article goes on to talk about how Internal Revenue Service employees improperly got into taxpayer records, and that although this led to 1,600 “adverse personnel actions” and 126 criminal prosecutions, it really has made very few noticeable decreases over the past eight years in the number of IRS employees who end up getting into personal information that they really have no business looking at.

The article makes some good points.

But here's where the article takes a left turn. The SuperSleuth doesn't really have a solid opinion on whether or not a flat tax is a good thing, but to use people's current fear of their information being compromised, in order to promote the agenda of a flat tax, not only makes the argument weak, but also damages the credibility of those pushing for a flat tax.

The SuperSleuth really fails to see how improving the security of our private information would be "a nice fringe benefit to fundamental tax reform."

Improving the security of our private information is not the issue. According to the privacy rights clearinghouse, over 89 MILLION records have been compromised in the last year and a half. (That's just the breaches we know about.) To take such a cavalier attitude towards Identity theft to say that improved information security is just a "fringe benefit" shows that the article's author doesn't really have much first-hand experience with identity theft. Data Security is no big deal really - it's only the personal information of millions of Americans, already in the hands of people who shouldn't have it.

What people don't understand is that there is a reseller network (which will be detailed in a later post). Once your information is compromised, re-securing your information is no longer the issue. It's compromised forever.

The SuperSleuth will make a pretty bold claim here and say that the majority of Americans' information is ALREADY compromised forever, and using data security as a way to promote the agenda of tax reform is both ignorant and pointless.

What people really need is to understand what's going on with their information, and people need to have a solution to the problem before it affects them.

Posted by Jonathan at 05:38 PM | Permalink | Comments (0)

A recent article on DarkReading.com details one way you could steal information and logins from employees at any company.

The basic idea?

You can steal information with a $10 thumb drive. Just drop it in front of the bank, house, or other company you wish to hack, and pre-load the thumb drive with files, which distract the user from what's really on the thumb drive - programs designed to harvest passwords and steal information.

In this experiment, 15 of 20 thumb drives were eventually plugged into computers at a company where employees where expecting a security audit.

"We figured we would try something different by baiting the same employees that were on high alert. We gathered all the worthless vendor giveaway thumb drives collected over the years and imprinted them with our own special piece of software. I had one of my guys write a Trojan that, when run, would collect passwords, logins and machine-specific information from the user’s computer, and then email the findings back to us."

Posted by Jonathan at 01:56 AM | Permalink | Comments (0)

While the IRS has put together this video to help potential future victims of Identity Theft protect themselves, it's really rather ridiculous...

Think about it.

This is not that the IRS has an interest in punishing innocent people, but if the IRS can double collect from an unknowing or otherwise ignorant taxpayer, (who doesn't understand that the reason their taxes were underpaid was because they're being taxed for a job they never worked, in a state where they have never been,) then what's the real incentive for the IRS to help you when you become a victim of Identity Theft?

Think I'm making this up? Check out this article

"I-Team 8 has discovered a new target for identity thieves. Your government makes it easy. Jack Eller, fraud victim, says the red flags only go up when you owe the government money, not vice versa."

So if you become a victim of Identity Theft, it's your job to know that you owe taxes for a job you've never even been to.

To the IRS' credit, they did go to the effort of putting together this video, and they do seem to be taking some proactive steps towards helping consumers, but I hear, nearly every day, how unhelpful and unresponsive government agencies are towards Identity Theft victims.

Thanks for the informative video IRS, but the pace of the criminals is definitely faster than your response.

Posted by Jonathan at 10:32 PM | Permalink | Comments (0)