LifeLock Blog

Binghamton University has been keeping their current and former students’ records in a very public, easily accessible, unlocked storage area—in fact, the door to the storage area was actually taped open.

Roughly 42,000 students are currently enrolled at the university, but because the records include information on students enrolled as far back as the mid-nineties–and their parents–the number of records is expected to easily exceed 100,000.

News reporters spent hours last week perusing the records found haphazardly scattered around the two-story storage area in boxes and binders, stacked loosely on open shelving and stuffed in unlocked file cabinets.

Every imaginable type of personal and financial information for the students and their parents was available to anyone meandering through the halls or attending classes in one of the most commonly used lecture halls on campus.

The compromised records include:

• Records of tuition payments sorted by Social Security number.
• Receipts for tuition payments, complete with credit card account information.
• Residency records with tax information and copies of students’ parents’ Social Security cards.
• Scans of students’ Social Security cards, driver’s licenses and vehicle registrations.
• Scans of a letter from the U.S. government granting a student’s mother asylum.
• Scans of W-9 tax forms from a student’s parents, both parents’ social security numbers, tax forms for the parents’ business and Social Security numbers and vital information for the parents’ employees.
• Undeliverable mail which included students’ names, addresses and Social Security numbers.

Learn more about LifeLock’s identity theft prevention and protection strategies at LifeLock.com. Enroll using the LifeLock promo code Defense and for a deep discount.

Cars, furniture, a motorcycle and a personal watercraft were among the fraudulently-purchased big-ticket goodies Riverside, Cal. police found when they busted Miriam Macedo.

Macedo had apparently been living large until the day she drove her fraudulently-purchased, $40,000 2008 Chevy Tahoe to a Riverside motorsports dealership, and tried to fraudulently purchase two Sea-Doo watercrafts with fraudulent identification. A dealership sales associate spotted the ID for what it was and called the cops.

That’s when Macedo’s fraudulently-funded, identity theft-enriched life came to an end.

Police officers discovered that Macedo was carrying three other people’s identification, including their credit reports and fake California driver’s licenses. She had even more driver’s licenses bearing different men’s names but the same man’s picture.

The officers searched the fraudulently-financed Tahoe and found envelopes stuffed with credit card applications made out under the names printed on the fake driver’s licenses, and a receipt for $6,000 worth of new fraudulently-purchased furniture from Ashley Home Store. The receipt showed the furniture had been fraudulently financed under one of the men’s names and delivered to Macedo’s address in Moreno Valley.

Police found more loot before they even got inside the Macedo’s house: in the driveway was a fraudulently-purchased 2008 Nissan Altima, and a fraudulently-purchased Waverunner; in the garage sat a brand new, fraudulently-purchased Yamaha motorcycle. All three vehicles were registered to one of the fraudulent names.

It comes as no big surprise, but Macedo’s house was nicely furnished with $6,000 worth of fraudulently-purchased furniture from Ashley Home Store.

By now just about everyone you know has gotten the dreaded data breach letter: “Dear Customer, we regret to inform you we have become aware…” If you haven’t gotten this letter yet, that doesn’t mean your information hasn’t been exposed.

A recent survey of 300 companies by Logica–an information technology security firm—revealed that only 40% of the companies who experienced data breaches notified their customers. Only 50% of the companies notified police or other authorities. Only 30% of them give their employees training on how to prevent or respond to data breaches. (more…)