LifeLock Blog

As you begin preparations for tax season you might not be feeling a lot of government love. In fact, with the economy the way it is right now, you might be feeling downright hostile. And as you review your household budget yet again for one more way to cut back on expenses, you might be dripping tears onto your keyboard.

Here’s some (sort of) good news from the Identity Theft Resource Center that might help you lighten up a little: Government agencies were responsible for only 16.7% of all data breaches in 2008.

And now the bad news (because when the subject is data breaches, there’s always going to be some bad news): There were 656 data breaches last year, representing a 47% increase in the number of data breaches that occurred in 2007.

Local, state and federal governments were to blame for a total of 110 information leaks last year. The causes for those data losses break down as follows:

• 28 resulted from the improper protection of information while traveling over the government network.
• 22 were attributed to insider theft.
• 20 occurred when employees accidentally exposed citizens’ information.
• 15 have been chalked up to subcontractors with sloppy systems security.
• 5 were the product of hackers.

Which federal agency wins the prize for the biggest bungling of data protection? The U.S. Army wins this dubious distinction for their inadvertent Internet posting of promotion selection lists that contained the names and Social Security numbers of more than 50,000 officers.

So, what does all this tell us? While you’re trimming your budget leave an extra $9 a month for Life Lock protection services. Enroll using the LifeLock discount code Defense for the lowest available price.

Texas A&M University students’ personal information has been exposed in a data breach … again.

A student was surprised to discover the security lapse while searching the University website last week. A list of 1,430 admissions applicants was easily accessible, and revealed the applicants’ names and Social Security numbers.

The student became especially alarmed when she saw that her name and Social Security number was among those on the list. She immediately reported it to officials at the university.

“We take this very seriously and it is always disappointing when something like this happens,” A&M-Corpus Christi President Flavius Killebrew said Friday.

Apparently Killebrew has had a lot of disappointments recently.

In September of this year a hacker accessed one of the university’s servers and was able to see a document containing students’ Social Security numbers.

Two other data breaches occurred during the summer of last year. In June, a flash drive containing the Social Security numbers of 8,000 current and former A&M students. In July 2007 a class roster with the names and Social Security numbers was lost.

When they learned of the most recent data breach last week, officials shut down the website and removed the document, Killebrew said.

Letters notifying the 1,430 applicants involved in the most recent data breach were to be mailed out this week.

College students are particularly vulnerable to identity theft, not only because of data breaches, but because they are frequently among groups of strangers in classes and in their shared dorm rooms and apartments.

More than 1,000 current and former Massachusetts prison employees are at risk of identity theft—and more—after their names, home addresses, phone numbers, dates of birth and Social Security numbers were exposed in a data breach.

Francis Janosko used his time as a prisoner at the Plymouth County Correctional Facility to hack into the prison’s computer network and reconfigure it to allow other inmates to access the employees’ information, according to a grand jury indictment.

Inmates at the Plymouth prison are allowed computer access to perform legal research, but were not given access to the Internet, e-mail or the prison network.

Janosko was arrested in North Carolina last week following an FBI investigation and charge with intentional damage to a protected computer and aggravated identity theft. If he is convicted, the computer charge carries a fine of up to $250,000; the aggravated identity theft charge could result in a two-year prison sentence.

Janosko was serving time in the Massachusetts prison after police found pictures of nude children on his cell phone. It was the third time he was charged with child pornography. The state of Massachusetts has had Janosko listed as a high-risk sex offender since 2005.

The State Department has notified nearly 400 people that their passport applications may have been stolen, and the information used to commit identity theft and fraud.

It all started in March when the department discovered their employees had been snooping around in the passport applications of celebrities and presidential candidates Hillary Rodham Clinton, John McCain and Barack Obama.

Within a month of that disclosure, a 24-year-old man was arrested with 21 credit cards in different names, and eight passport applications. The names on four of the credit cards matched those of some of the applicants.

Lieutenant Q. Harris Jr. admitted he was part of an identity theft and credit card fraud crime ring, and was working with a State Department employee, and another employee of the US Postal Service.

Harris subsequently agreed to cooperate in the investigation, but was fatally shot just a few days after appearing in court.

Sean McCormack, a spokesman for the State Department, said the arrest had nothing to do with employees’ illegal snooping. He did say, though, that one employee had been fired as a result of the data breach. McCormack would not say how the passport applications were obtained.

The investigation into the credit card fraud and identity theft ring is ongoing and being conducted in cooperation with the Washington DC police department.  More passport applicants may be notified as the investigation continues.

Passport applications contain individuals’ names, Social Security numbers, physical descriptions, and the names and places of birth of the applicants’ parents.