Tag Archives: Identity Theft

Cyber breach of IRS records

Image By: Sean MacEntee

CNN has reported that the major cyber breach of IRS records that happened recently originated in Russia.  According to the CNN news report over 100,000 people had their tax returns stolen, but just how big of a breach actually occurred hasn’t been determined yet as the IRS’ Criminal Investigation Unit and the Treasury Inspector General for Tax Administration are still conducting their investigation.

On Thursday, May 28 the FBI also opened their own investigation, and the Homeland Security Department was alerted. None of these agencies are discussing their ongoing investigations with the publci. Essentially, what is known is that the Russians have infiltrated the computer systems in both the White House and the State Department. This isn’t the first time that taxpayer data has been released. Taxpayer’s data security has actually been a problem for many years now (since 1997 according to the testimony about IRS Systems Security given before the Committee on Governmental Affairs at the U.S. Senate on Thursday, April 10, 1997). In fact, the IRS even goes so far as to call this their “number one problem.” With this breach, lawmakers on Capitol Hill began demanding answers.

As Rep. Peter Roskam said, “It’s a problem, no matter where it’s coming from.” However, the IRS isn’t alone when it comes to security breaches. Recently, millions of customers at Target, as well as Anthem Blue Cross, Blue Shield have also had their data compromised. Even Turbo Tax temporarily halted their service because of fraud. So, in today’s day and age, it is more important than ever to keep an eye on our private information. There are even some people who claim that things will get worse before getting better.

Regardless of whether the IRS contacted you or not, it is a good idea to sign up for a credit monitoring service. If you are one of the more than 100,000 households that were affected, the IRS will offer you these services for free. This is a significant step to engage in because this stolen information is oftentimes used to open credit card accounts on which the criminals rack up a lot of fraudulent charges. It is important to understand that even this doesn’t give you a full protection but it does provide for some against criminals who are trying to open new lines of credit in your name.

IRS Takes Steps Against Identity Theft

By: John Morgan

Tax fraud is an issue in the United States. The Internal Revenue Service has been taking steps to protect and prevent consumers from become victims of identity theft through tax refund fraud. More than 236,000 tax returns processed last year were considered fraudulent due to identity theft.

“Tax refund fraud associated with identity theft (IDT) continues to be an evolving threat, one that imposes a serious financial and emotional toll on honest taxpayers and threatens the integrity of the tax administration system,” the Government Accountability Office said in a report in August.

Nearly $1.2 billion in refunds were blocked last year. The IRS has been investing in addressing the issue of identity theft for consumers. The number of identity theft returns is down significantly from 2012. The IRS reported that the numbers have been improved because of new filters that the IRS has put in place.

One of the ways that the IRS has been taking steps to prevent identity theft is through the use of personal identification numbers or PINs for those who have been victims tax fraud. PINs are used to keep consumer information protected and private. The number of identity protection PINs issued by the IRS increased from 770,000 in 2013 to 1.2 million in 2014.

The IRS will limit the number of refunds direct deposited into a single account beginning this year. The idea is that the limit to three direct deposits will reduce identity theft. If a taxpayer has more than 3 refunds, the rest will be mailed as a paper check.

The IRS has increased staff assigned to work on identity theft cases that are reported and the agency has increased the amount of information on the website for consumers. Consumers can learn about tax fraud, identity theft, and the ways to report suspicious activity.

Indiana stops $88M in identity theft in 2014

By: frankieleon

Indiana is successfully putting a stop to identity theft due to new security measures. The Indiana Department of Revenue reported that the agency stopped over $88M in identity theft in 2014. Residents of Indiana should expect to see similar security measures in place for the 2015 tax season.

One of the security measures that the Department of Revenue will uses is an identity confirmation quiz. The quiz is two-minutes long and asks taxpayers to verify their identity.

According to WTHR, “The Department of Revenue says the $88 million figure came from stolen or manufactured identity theft tax refunds stopped (out of $800 million in total requested refunds); 74,000 fraudulent returns identified (out of 2.2 million total returns requesting refunds); 3.5 percent of all tax returns were fraudulent.”

The security features in place helped taxpayers realize that their identities had been stolen. Indiana residents, and residents of every state in the U.S., are reminded to take care when giving out personal information and to make sure that private information is secure.

Indiana offers residents a guide on protecting themselves from becoming victims of identity theft through the department’s Stop ID Theft website.

Sony Offers Directors and Writers Guilds Identity Theft Protection

Sony Pictures Entertainment is attempting to recover from a mass hacking that took place earlier this month. The hackers, reportedly from North Korea, sent threatening messages to the studio and to movie fans who were hoping to see the film “The Interview” on Christmas Day. The hackers leaked sensitive personal data, embarrassing emails, and subjected numerous employees to identity theft through the release of Social Security numbers along with a list of high-ranking officials within Sony.

In an attempt to try and make matters right within Sony, the company has offered identity theft protection to directors and writers who work for the studio. Identity theft protection will be offered through AllClear ID. The service was offered to Sony’s 3,803 employees when the massive leaks began. Sony is now offering it to the Directors Guild of America and the Writers Guild of America West.

“The DGA supports Sony in its efforts to combat any ill effects of the attack on DGA members,” the DGA told Variety. “We do not know whether or whose personal information may have been compromised, but Sony is offering one year of identity protection at no charge to any present or former employee who requests it.”

Sony is offering the identity theft protection service for one year, at no charge, to present or former employees who request it and who fit certain criteria.

The three largest movie chains in the nation canceled the Christmas screening of “The Interview” and there are currently no plans for when the film will be released. There is no reports about whether it will get to the big screen or if it will go direct to video.

 

NXT-ID claims Wocket™ is useless to thieves

By: bozontee’s golden zebra

Once upon a time, Dr. Seuss wrote a book called There’s a Wocket in my Pocket where a little boy talked to strange creatures living in his house. Nobody really knew what a Wocket was though. NXT-ID, Inc., a biometric authentication company, wants everyone to carry around a Wocket™ in their pocket. The company NXT-ID claims Wocket™ is useless to thieves has plans to launch the Wocket™ in New York City on May 28.

Wocket™ is considered the newest smart wallet heading to the e-commerce market. At the launch consumers and media will get the first look and feel of the smart wallet that claims to zeroize each sale immediately making the Wocket™ useless to thieves.

The patent-pending Wocket™ uses biometric solutions to secure consumers’ mobile platforms. The smart wallet is designed to replace all the cards in your wallet without the need for a smart phone. It will be 3.7”W x 2.75”L x .39”H. The smart wallet only becomes accessible through a unique combination of voice, PIN or pattern. It was designed to keep Wocket™ transactions separate from regular transactions in order to keep Wocket™ transactions secure by zeroizing each card after use.

Wocket™ isn’t the first smart wallet on the market. It is an evolution of the smart wallet’s already on the market. Google offered a smart, virtual wallet to help consumers’ keep their information secure. Google Wallet comes in the form of an app or a card that stores credit card and loyalty card information all in one place.

Security is the biggest concern for smart wallets since they were designed with consumer security in mind. The Google Wallet offers 24/7 fraud monitoring and Google Wallet Purchase Protection. If your phone or card is lost or stolen it can be disabled through a Google Wallet account.  The Wocket™ doesn’t offer a protection program instead it offers a guarantee.

According to the FAQ, the creators say, “while we can’t ensure that your card never gets stolen, we can guarantee that it’s worthless to anyone that gets a hold of it. Each time after the dynamic card is used, it is zeroized. Thus, it is merely blank piece of plastic to any ambitious thief.”

There are very few other smart wallets on the market. The Wocket™’s biggest competitor appears to be Google Wallet, but there are a few other smart wallets attempting to emerge on the scene including the PING wallet and the SmartWallit.

Medical Records are New Target for Cybercriminals

 medical records

Cybercriminals don’t have any scruples when it comes to gathering personal data. They have been known to steal credit card information as well as personal identification such as a social security number.  Now we can add medical identity theft to the list of things that cybercriminals are eager to steal from unsuspecting victims.

Redspin, a cybersecurity company, reports that approximately 30 million Americans have had their personal health information breached or disclosed since 2009. Redspin’s report also claims that 4 million records were breached in the single largest incident.

Health data is becoming increasingly vulnerable to cyber thieves because of the migration of information to mobile devices. Medical professionals use laptops, tablets and other mobile devices to access personal medical data which puts the data at risk if it isn’t encrypted properly or secured properly.

“This should be a clarion call to the healthcare industry,” reports Respin. “The trajectory is predictable yet preventable. With PHI data on more portable devices used by more “under-educated” employees, it is a virtual certainty that there will be more breaches. Mitigating that risk must become a higher priority throughout the entire industry.”

Cybercriminals who hack medical information are looking to steal everything from prescription information to Social Security numbers and credit card information. Medical billing records contain almost all of this information in one place.

Medical data is sought after for numerous reasons by thieves. Last year, CNBC ran a report about medical identity theft targeting victims in order to receive medical services, devices or prescription drugs.  It could take years before the theft of information is noticed.

Robert Gregg, chief executive of ID Experts, a cyber security firm, compared the value of different types of identity thefts for CNBC. He said, “A financial identity can be worth $5 to $10 if you have all the info. A medical identity can be five to 10 times that amount just because how easy it is to monetize that information once the bad guys get it.”

Signs that your medical information may have been breached:

-Unexpected medical bills for services not performed.

-Notice of health plan benefits saying benefit limit has been reached.

-Medical records show a condition you don’t have.

Review your medical history, report anything out of the ordinary, and never share medical information or personal identification information.

U.S. Secret Service Investigating Possible Data Breach at Sears?

Sears Holdings Corp. is launching an investigation in the wake of cyber attacks on other retail stores.  Sears, the retailer run by Edward Lampert, has not revealed any details of an actual attack or security breach.

Sears spokesman Howard Riefs said in a press statement, “There have been rumors and reports throughout the retail industry of security incidents at various retailers and we are actively reviewing our systems to determine if we have been a victim of a breach.”

Riefs added that there has been no information to indicate a breach so far which completely contradicts a report made by Bloomberg News.  Bloomberg News, using an un-indentified source, reported that the U.S. Secret Service was involved in investigating a secret breach at Sears.  The U.S. Secret Service is remaining quiet on whether or not it is actually investigating a breach at the retailer.

What is known is that the U.S. Secret Service is leading the investigation into last year’s cyber attack on Target and last year’s attack on Neiman Marcus.  The Target breach lead to the theft of approximately 40 million credit/debit card numbers and over 70 million pieces of personal data.  Neiman Marcus has also faced the harm of a data breach.  The luxury retailer had 1.1 million credit and debit cards hacked by malware that infiltrated terminals point of sale systems.

Target, Neiman Marcus and other retailers who have experienced data breaches are attempting to gain back customer support by doing a lot of damage control. Target has offered free credit monitoring  and identity theft protection to customers for free for one year as part of its damage control efforts.

The rumor that Sears is investigating a possible security breach may still harm the retailer.  Lampert has struggled to make Sears profitable after 28 straight quarters of declining sales. A tarnished image from a potential data breach isn’t going to make shoppers rush out to buy anything from the retailer.

Original reports of the Target and Neiman Marcus breaches made clear that it could take months to confirm that breaches were made, how many victims were affected, and account for what data was stolen.

Stolen Identity Refund Fraud: Who, What and Why

Stolen Identity Refund Fraud (SIRF) is a category that falls under identity theft. It involves the theft of the “tax” identity of the victim. As the tax filing season descends upon us we need to be aware of the very real threats of having an identity stolen.

Victims of stolen identity refund fraud have had their lives ruined. The criminal steals the “tax” identity of an individual for the purpose of filing a tax return. The criminal will obtain information about the victim and use it to obtain his or her social security number. The thief will then submit a false tax return in the name of the victim claiming a tax return. Forbes report claims that “unfortunately, in many instances the refunds are issued.”

The victims are left to discover the fraud when they go to file their tax returns. The IRS refuses to send out a refund because a return was already filed under the name of the individual.  The burden of proof rests on the individual to prove that their identity was actually stolen and that they did not file a return in the first place. It can be a very lengthy process for an individual to get straightened out with the IRS and it can be an even lengthier amount of time for any resolution to happen.

Sadly, stolen identity refund fraud victims are the elderly and individuals who are not required to file tax returns. Criminals who steal this information often get away with it for a long time before being caught. Often the victim finds out when they apply for state or federal benefits and cannot receive them due to information found on the fraudulent returns.

The IRS and the Justice Department have begun cracking down on identity theft and have been active in fighting identity fraud. The IRS makes it clear that the agency is devoted to preventing identity fraud. The website has information on how to report suspected identity theft and the precautionary measures that people can so they don’t become a victim.

Consumer Reports Warns Email Theft Increases Identity Theft

Consumer Reports is warning to consumers that use of email addresses as a user ID increases your risk of identity theft.  The report cites the theft of millions of Yahoo users who had their email addresses stolen recently. Yahoo identified the attack on user email accounts and immediately acted to protect users by prompting holders to reset their passwords, according to a blog post by the corporation.

While there is no evidence that data was breached from Yahoo’s computer network, according to Bloomberg Businessweek, there is evidence that user names and passwords may have been taken from a third-party database. Consumer Reports warning is to users who often use their email address as their user ID because it can increase the chance of hackers getting into any other accounts you have associated with that email/user ID.

Identity thieves call the maneuver multipurposing. They steal personal data from one account and use it to break into other accounts. The theft of an email address can also lead to phishing scams, malicious software being placed on users’ computers, and malicious and fraudulent links being sent to everyone on a users contact list.

Once a criminal has access to email and passwords he can use it to break into a users bank accounts, online accounts, and use the information gathered to steal a users identity.

Consumer Reports gives an example, “Once the criminal has your e-mail address, he tries to sign into accounts at some large banks or major shopping sites, claiming he forgot his password. Some institutions will e-mail a “password reset” link or, worse, the password itself, to your address.”

Consumer Reports goes on to explain that once the password has been reset to the criminals password he will have full use of banking or shopping accounts that were broken into. The best way users can protect themselves is to consistently change their passwords and never use the same user ID as their email.

Datapalooza , Tax Returns and Identity Theft

Protecting personal information is important. It is extremely important in the online world. Identity theft is a real problem. Thieves who steal information often gather it easily from unsuspecting victims who willingly give out personal information to the wrong person or those who give out the information unwillingly but didn’t have their information protected.

Identity theft might become an even bigger problem with the announcements that were made at the White House’s “Datapalooza” event. “Datapalooza” is an ambitious new agenda that has been outlined by President Obama to combat rising college costs and to make college more affordable for American families.  It was a meeting of policy leaders and innovators exploring how open government data could help the education system in the United States. Part of the plan includes using technology for tools, services, and apps to help students evaluate and select colleges.

Apps will be used to help students access information about colleges including statistical data, program data, and form data (i.e. FAFSA).  Third party apps are also being considered for integration into the U.S. Department of Education’s financial aid toolkits. These applications should be viewed skeptically by students.  If the apps do not have the proper protections and encryptions against hack attacks then hackers might have “datapalooza” with student’s personal information.  Identity theft is a real concern with the potential data that would need to be stored online to use the governments’ apps.

The White House announced at “Datapalooza” that Americans will now be able to download their tax returns directly from the IRS’ new service Get Transcript.  Tax information is not easily accessible and for good reason. Tax papers have very personal information on them including names, birthdates, social security numbers, and wage information.  To obtain tax information before one would have to fill out a questionnaire, send it back and wait 5-10 business days for physical forms to arrive. Get Transcript makes it much easier for people to download their tax information instead of waiting to get the physical forms. But it also means that much more personal information is at risk of being stolen.