LifeLock Blog

Parents and students in Utah’s new Canyons School District might be looking forward to back to school sales, but this year, 6,000 school employees have to worry that identity thieves might be shopping on their dime.

The district offices sent out notification letters last Friday, telling the employees about a lost USB flash drive that holds 6,000 employees’ addresses, phone numbers, birth dates and Social Security numbers.

Apparently, a district-level employee had a legitimate purpose for storing the data on the flash drive, but maybe has a little bit of a problem with short-term memory. “At, this point we have no reason to believe the information was stolen or used to perpetuate fraud or identity theft,” said Jennifer Toomer-Cook, spokeswoman for the district.

To their credit, the school district mailed the notification letters only two days after the data breach was reported. The letters provided employees with a Web address where they can initiate a 90-day fraud alert or credit freeze, but didn’t mention anything about their paying for their employees’ credit monitoring or identity theft protection services.

And they did try to assuage the concerns of district employees by saying they are working to improve security policies and building a secure network for file transfers.

Unfortunately, those changes are too late for the employees left at risk of identity theft.

“ID theft is the designer crime of the day. Of all the people I trust with my information, my employer is paramount. So, yes, I am concerned,” said Margot McCallum, a middle school teacher.

Visit LifeLock.com to learn more about their innovative tools and strategies for protecting the identities of their nearly 1.5 million customers. Enroll using the LifeLock promo code DEFENSE and pay only $9 a month for comprehensive identity theft protection services, and get 30 days of free protection.

Just try getting someone at Tampa’s Suncoast Schools Federal Credit Union to agree with P.T. Barnum’s assertion that all publicity is good publicity. They’ve been in the news twice in the last three weeks, but the news is hardly a marketer’s dream.

The first splash was a little one about their having to issue some new debit cards because the credit union discovered they—along with about a million other financial institutions–were caught up in the Heartland Payment Systems data breach,

But today’s news is big and ugly–the kind of news to make a CEO want to get stinkin’ drunk and punch Barnum in the mouth … after punching branch manager and pastor Donnell Dewitt Williams, that is. (more…)

I love hearing stories about businesses that have come over to the green side with their recycling programs. Yessir, seeing all those stuffed recycling bins fills my heart with joy … almost always.

The exception is when those bins are filled with thousands of files containing customers’ personal information and left sitting in a parking lot at a closed car dealership.

Richard Freeman discovered 10 trash bins full of files with customers’ information after attending a going out of business auction at Anderson Kia in Boulder, Col.

“When I opened up the Dumpster, I noticed it was plum full of files,” Freeman said.

Each of the files was marked with the customers’ name and contained copies of driver’s licenses, checks, Social Security numbers, photos, phone numbers and bank information. In short, what he discovered was the stuff identity thieves’ dreams are made of.

Freeman said he was astonished and disgusted by the cavalier disposal of the files, a response no doubt heightened by the fact that his own file may be among the others, as he was one of Anderson Kia’s customers.

Though the files were found behind Anderson Kia, many of them came from John Elway’s AutoNation, which closed in 2005.

Women are hit harder and more often by identity theft than are men, according to a recently released survey conducted by Javelin Strategy and Research, a leading provider of financial topics studies.

Among survey respondents, 28% of women said they are identity theft victims, compared to only 21% of men who said they’d been targeted by identity thieves.

Researchers believe the disparity can be attributed to women’s making the majority of purchasing decisions in a household.

Other survey findings:

• 79% of women said they worried more about ID theft than having their homes broken into or having their cars stolen. Only 71% of the men surveyed said they were concerned about identity theft.
• Once becoming an ID theft victim, women were more likely to change their behaviors to lessen the chance of being victimized again. For instance, 7% of women gave up online shopping after having their identities stolen, compared to only 2% of men.
• When it came to recovering from identity theft, 6% of women said they’d spent more than a year to resolve issues with police, credit card companies, banks and credit reporting agencies. Only 4% of men spent more than a year on identity theft resolution.
• More women than men pay for credit-monitoring service, shred documents and limit the number of personally identifying documents they take with them when they travel.

If you’re thinking of getting your mother a Mother’s Day gift that lasts longer than flowers, visit LifeLock.com and learn more about the strategies and services they provide to help protect the identities of nearly 1.5 million members. Use the LifeLock promo code DEFENSE to receive a discount on service.

Law enforcement officials have known for years that stolen identities are bought, sold and traded in highly secretive online chat rooms and forums. In fact, last year, the FBI revealed that Dark Market, a forum that catered to international identity theft entrepreneurs, was launched by them as part of a two-year sting operation.

Now, however, identity thieves are becoming shockingly brazen in e-marketing their stolen wares. A YouTube video that has recently been pulled is an example of this trend. In it, the poster is shown rifling through his wares: manila folders he claims contain his victims’ names, addresses, genders, Social Security numbers, mothers’ names, driver’s license numbers, birth dates, employment information, credit reports, net worth and details of real estate holdings and financial accounts.

Armed with that much information, there is virtually no limit to the damage that could be inflicted on the identity theft victims.

The seller offers this information for as little as $25 for a single data set, or $100 for five. The seller gave no indication in the video of how he obtained the information, or the extent of his inventory. However, in an email exchange with an investigate reporter, he offered to sell 100 of the identity sets, and directed the reporter to deposit payment into a PayPal account.

LifeLock provides their nearly 1.5 million members with eRecon™, a service that scours thousands of websites for the enrollees’ personal or financial information. If LifeLock members’ data are detected, they are immediately notified and LifeLock’s Certified Identity Theft Risk Management Specialists assist them in resolution or recovery as needed.

Only LifeLock offers eRecon™. To learn more about this exclusive service visit LifeLock.com. Enroll using the LifeLock promotion code DEFENSE for the lowest available price.

Investigators say Audrey Loraine Neal, 42, stole money from the elderly patients she cared for as a home health-care worker, used her children’s names to open new credit and bank accounts and used the money for pot dealing and high-living (no pun intended).

Neal no longer works at Home Support Services, her previous employer, and now collects welfare instead.

The hammer dropped when Bank of America workers became suspicious as Neal and her 17-year-old son made two to withdraw $18,000 from an account in the teenager’s name. Tracing the money backwards, they discovered the money was transferred into the account from the account of an elderly Los Angeles woman.

San Bernadino Sheriff’s investigators searched Neal’s home last Wednesday and discovered several of her victims’ credit reports and several fraudulent identification cards. They also found marijuana split into small packages, ready for sale. Though the son was carrying the pot, officials believe his mother was forcing him to sell it for her.

Officials are now using the contraband credit reports and identification in attempts to contact Neal’s many victims.

Neal’s mother was a beneficiary of the long-running scheme, receiving money from checks deposited into her grandchildren’s accounts. The accounts became overdrawn as Neal deposited bad checks that later bounced, leaving the children with ruined credit.

Neal has been charged with commercial burglary, grand theft, elder abuse, possession of stolen property, fraudulent use of an access card and furnishing marijuana to a minor for sale. She is being held on $550,000 bail.

Laura Bustamante used her job as an eligibility specialist at the Utah Department of Workforce Services to steal the identities of roughly 100 of the agency’s clients, and giving the information of 33 clients to two other people.

Their victims gave their personal information to the agency while applying for food stamps, financial aid, childcare and Medicaid. The crimes took place between September 2007 and January 2008.

Bustamante and her accomplices opened instant credit lines or obtained credit cards with the stolen information.

Once she had the clients’ addresses, she would determine whether she could access to their mailboxes. If she could, she used their personal information to submit credit card applications and either stole the cards from the victims’ mailboxes when they arrived, or had them sent to her boyfriend’s mother’s address.

Bustamante, 34, pleaded guilty to unlawful access of a protected computer and aggravated identity theft and was sentenced to 36 months in a federal prison. She must also make nearly $70,000 in restitution to Workforce Services and her other victims.

Her accomplices also pleaded guilty to using the clients’ identities. Michelle Rae Chapman, 32, received a sentence of 36 months in federal prison. Joshua Smith, 32, will be sentenced next week for his participation in the crimes.

Chapman and Smith were arrested at a hotel January 2008 when Motor Vehicle officers discovered counterfeit state ID cards, a large amount of stolen mail, credit cards, credit card member agreements, credit card PINs, credit reports and two laptops.

Smith and Chapman directed the officers to Bustamante.

Binghamton University has been keeping their current and former students’ records in a very public, easily accessible, unlocked storage area—in fact, the door to the storage area was actually taped open.

Roughly 42,000 students are currently enrolled at the university, but because the records include information on students enrolled as far back as the mid-nineties–and their parents–the number of records is expected to easily exceed 100,000.

News reporters spent hours last week perusing the records found haphazardly scattered around the two-story storage area in boxes and binders, stacked loosely on open shelving and stuffed in unlocked file cabinets.

Every imaginable type of personal and financial information for the students and their parents was available to anyone meandering through the halls or attending classes in one of the most commonly used lecture halls on campus.

The compromised records include:

• Records of tuition payments sorted by Social Security number.
• Receipts for tuition payments, complete with credit card account information.
• Residency records with tax information and copies of students’ parents’ Social Security cards.
• Scans of students’ Social Security cards, driver’s licenses and vehicle registrations.
• Scans of a letter from the U.S. government granting a student’s mother asylum.
• Scans of W-9 tax forms from a student’s parents, both parents’ social security numbers, tax forms for the parents’ business and Social Security numbers and vital information for the parents’ employees.
• Undeliverable mail which included students’ names, addresses and Social Security numbers.

Learn more about LifeLock’s identity theft prevention and protection strategies at LifeLock.com. Enroll using the LifeLock promo code Defense and for a deep discount.

Cars, furniture, a motorcycle and a personal watercraft were among the fraudulently-purchased big-ticket goodies Riverside, Cal. police found when they busted Miriam Macedo.

Macedo had apparently been living large until the day she drove her fraudulently-purchased, $40,000 2008 Chevy Tahoe to a Riverside motorsports dealership, and tried to fraudulently purchase two Sea-Doo watercrafts with fraudulent identification. A dealership sales associate spotted the ID for what it was and called the cops.

That’s when Macedo’s fraudulently-funded, identity theft-enriched life came to an end.

Police officers discovered that Macedo was carrying three other people’s identification, including their credit reports and fake California driver’s licenses. She had even more driver’s licenses bearing different men’s names but the same man’s picture.

The officers searched the fraudulently-financed Tahoe and found envelopes stuffed with credit card applications made out under the names printed on the fake driver’s licenses, and a receipt for $6,000 worth of new fraudulently-purchased furniture from Ashley Home Store. The receipt showed the furniture had been fraudulently financed under one of the men’s names and delivered to Macedo’s address in Moreno Valley.

Police found more loot before they even got inside the Macedo’s house: in the driveway was a fraudulently-purchased 2008 Nissan Altima, and a fraudulently-purchased Waverunner; in the garage sat a brand new, fraudulently-purchased Yamaha motorcycle. All three vehicles were registered to one of the fraudulent names.

It comes as no big surprise, but Macedo’s house was nicely furnished with $6,000 worth of fraudulently-purchased furniture from Ashley Home Store.

If you have a bank account—and who doesn’t—your account is being targeted by identity theft malware, according to Sean-Paul Correll, a threat researcher at Panda Security.

“In 2007, we received more malware samples than in the previous 17 years combined,” Correll said in an interview with SCMagazineUS.com. “Our forecasts for 2008 indicated that we would end the year with some seven or eight million malware strains. However, we actually ended up with over 15 million malware specimens.”

Today’s hackers might have evolved from the nerdy boy geniuses who broke into computer systems for personal ego satisfaction, but they bear little resemblance to their ancestors. Instead, they more closely resemble the mega financial corporations they target.

“Today, there are huge illegal businesses behind this type of cybercrime, and criminal organizations are making a lot of profit from identity and data theft,” Correll said.

And just like other businesses can outsource their technology infrastructure, virus writers today can either rent the hardware, or contract with the hardware designers and owners to distribute their viruses for them.

Most of the major cybercriminal rings are in the former Eastern bloc countries, according to Correll. In fact, the criminals who hacked into then-presidential hopefuls Barack Obama’s and John McCain’s campaigns are thought to be from that region, as are the masterminds behind the Express Scripts data kidnapping.

The viruses are much like biological antigens that mutate and become antibiotic resistant; the software and technologies that used to work are becoming increasingly ineffective.

The only way an individual can protect themselves is to enlist the help of identity theft protection experts like those at LifeLock. Visit LifeLock.com to learn more about the technologies and strategies they employ to protect their nearly 1.5 million members. Enroll in their service using the LifeLock promo code Defense to receive a discount.