Complaint resolution service publishes case studies, recall information and consumer news.

The U.S. Food and Drug Administration is warning consumers about a scam to purchase drugs from an international location.  The callers claim to be FDA “special agents” and apparently target  consumers who use mail order pharmacies or similar services.

After an order is placed, the agency says the consumer receives a call several days later demanding money for a “fine” because of the order.  Consumers are threatened during the call and even told they can be jailed.

If you have been contacted or know someone who has, please call the FDA toll-free at (800) 521-5783.

Posted under Health, Privacy

A new report from the AARP Public Policy Institute (PPI) states that from January of 2005 through May of 2006, 89.8 million Americans were potentially exposed to identity theft as a result of security breaches involving sensitive personal information. As security breaches at high profile institutions have made the public aware of the seriousness of this problem and more concerned about the safety of their personal information, PPI has analyzed the kinds of institutions most often experienced by security breaches and also the most common ways used to gain sensitive personal information.

The report, “Into the Breach: Security Breaches and Identity Theft,” closely examined 244 publicly disclosed security breaches that took place from January 1, 2005 through May 26, 2006. It found that educational institutions were more than twice as likely to report a breach as healthcare organizations, financial services companies, corporations, and government agencies.

The report found that 40 percent of the publicly disclosed security breach incidents were caused by hackers or insider access specifically targeting sensitive personal information. Breaches caused by hackers or insider access put the personal information of 50 million individuals (making up 56 percent of all breach victims) at risk of identity theft.

“Security breaches have become all too common in our daily lives,” said Dalmer Hoskins, AARP Managing Director of Public Policy. “And while safeguards are constantly being improved to protect personal information, it is also incumbent upon all institutions that experience a security breach to immediately alert those individuals in danger of identity theft so that they can take measures to further reduce that risk.”

While companies across the country look for ways to protect private information from outside hackers, the report shows that much of the threat comes from within the walls of the institutions themselves. The report notes that of all the ways used to improperly gain or display personal information, 30% are the result of breaches from the inside.

Posted under Privacy

AT&T Inc. today said that unauthorized persons illegally hacked into a computer system and accessed personal data, including credit card information, from several thousand customers who purchased DSL equipment through the company’s online Web store.

The unauthorized electronic access took place over the weekend, was discovered within hours and the online store was shut down immediately. AT&T also quickly notified the major credit card companies whose customer accounts were involved. The company is now working with law enforcement.

Customer notifications are ongoing by email, phone and letter to fewer than 19,000 customers. In addition to notifying those customers who were affected, the company will pay for credit monitoring services to assist in protecting the customers involved.

“We recognize that there is an active market for illegally obtained personal information. We are committed to both protecting our customers’ privacy and to weeding out and punishing the violators,” said Priscilla Hill-Ardoin, chief privacy officer for AT&T. “We deeply regret this incident and we intend to pay for credit monitoring services for customers whose accounts have been impacted. We will work closely with law enforcement to bring these data thieves to account.”

Customers who have been affected have been provided with a toll-free number to call for more information.

Posted under Privacy

The U.S. General Services Administration has issued a blanket purchase agreement to a Massachusetts firm specializing in identity theft monitoring services. According to Identity Force, a subsidiary of Bearak Reports, the company received the government’s order on August 14, shortly after the well publicized data breaches of U.S. military personnel records.

Identity Force says it is the only firm on the BPA that also provides Social Security Number Monitoring, Credit Card Monitoring and Public Record Directory Monitoring & Deletion. These three additional elements provide a proactive and preemptive frontline defense that notifies consumers if anyone is attempting to steal his/her identity, and is a more effective response to data breaches than only providing credit report monitoring.

The GSA issued the Credit Monitoring Blanket Purchase Agreement on August 14, 2006, shortly after the Veteran’s Administration experienced one of the largest data breaches on record.

Federal Agencies that experience a data breach can select Identity Force as a pre-approved vendor to provide credit monitoring and other identity theft prevention solutions that will protect individuals whose personal information has been compromised. Identity Force will immediately execute a planned response directly matched to the risk level of the exposure. The BPA contract will be in effect for five years.

Posted under Safety

You can take steps to minimize your risk of becoming a victim of identity theft. That is the message of a nationwide education program launched today by the Federal Trade Commission:“AvoID Theft: Deter, Detect, Defend.”

Deter – Take steps to reduce your risk of ID theft
Detect – Monitor your personal information
Defend – Act quickly when you suspect identity theft

The program coincides with issuance of an executive order signed by President Bush, creating an Identity Theft Task Force, chaired by Attorney General Alberto R. Gonzales and co-chaired by FTC Chairman Deborah Platt Majoras. The Task Force will develop a strategic plan to enhance the effectiveness and efficiency of government efforts to deter, prevent, detect, investigate, and prosecute identity theft.

“Personal information is the new currency,” said Chairman Majoras. “Consumers should protect their personal information as carefully as they protect their cash.”

The FTC and the Justice Department will send “AvoID Theft: Deter, Detect, Defend” education kits to 4,500 victim advocates across the country. The U.S. Social Security Administration will involve its field offices. Other partners include the National Association of Realtors, the American College Personnel Association – College Student Educators International, the National Association of Student Personnel Administrators, the National Crime Prevention Council, the National Apartment Association, and America’s Community Bankers.

The FTC maintains the central federal database for ID theft complaints. With experts in ID theft, privacy, and data security, its Division of Privacy and Identity Protection helps criminal law enforcement detect and prosecute identity thieves, and provides victim assistance and consumer education. The agency also pursues law enforcement actions against companies that fail to provide reasonable security for sensitive customer data. Since 2001, the FTC has brought 13 such cases, and challenges organizations that make deceptive claims about privacy procedures and security.

Materials in the “AvoID Theft: Deter, Detect, Defend” education kit include a victim recovery guide, “Take Charge: Fighting Back Against Identity Theft. The kit also contains a training booklet, “Talking About Identity Theft: A How-To Guide,” and a 10-minute video on identity theft. All materials are available in English and in Spanish. Through a toll-free number (1-877-IDTHEFT) and Web site, the FTC has distributed more than 22 million publications on identity theft.

Posted under Privacy

In a game of basketball, baseball, or hockey, you
can’t win without a strong defense. In the game against cyber
crooks, a strong defense is just as important. Learn some
new moves with Outsmarting Internet Crooks, a new, free
package of publications (including an informative DVD) from
the Federal Citizen Information Center.

Almost 10 million people are victims of identity theft
every year. But there are steps you can take to keep your
identity safe, whether you’re surfing the Net or shopping
online. Don’t use personal information to create your
passwords, and guard them as you would your house keys. To
keep thieves from stealing your personal information, shred
documents like bank statements, receipts, or credit card
bills that you might otherwise throw in the trash. Or
consider enrolling in online banking to receive account
statements electronically. You should also check your
credit report from each of the three credit reporting
agencies once a year-just to make sure no one’s opened
unauthorized accounts in your name.

Don’t forget, crooks love to use email. The messages
may seem harmless enough: “Make $60,000 with just a $20
investment!” or “Hot stock tip. Invest now!” But
responding to such messages can set you back thousands of
dollars. The Securities and Exchange Commission warns you
to always investigate the company and offer before you hand
over any cash. Be sure to read “Internet Fraud: How to
Avoid Internet Investment Scams,” also in this package, for
ideas on how to safely use the Internet to invest.

Play harder in the game against identity thieves and
scam artists with the free Outsmarting Internet Crooks package.
There are three easy ways to get your package:

*Send your name and address to Outsmarting Internet Crooks,
Pueblo, Colorado 81009.

*Visit http://www.pueblo.gsa.gov/rc/n39internetcrooks.htm
to place your order online or to read or print out these
and hundreds of other federal publications for free.

*Call toll-free 1 (888) 8 PUEBLO. That’s 1 (888) 878-3256,
weekdays 8 a.m. to 8 p.m. Eastern Time and ask for
Outsmarting Internet Crooks.

Posted under Privacy

Cheers to Jeff Gelles of The Philadelphia Inquirer who reports that the agency is considering allowing tax preparers to sell data about their clients.

“In a world of identity theft and Sarbanes-Oxley, this makes no sense,” said Consumer Help Web President Joan Bounacos. “Why would anyone use a tax preparer who disclosed that they would sell the data? Only price or non-disclosure would typically change that and neither seems good for the consumer.”

Gelles’ article broke March 21 and has the IRS and the blogsphere in an uproar, to say nothing of consumer advocates. The IRS, which typically spits out 1-2 press releases a day, has been strangely quiet. The same cannot be said of consumer advocacy groups.

US-PIRG’s Pennsylvania chapter and the Consumer Federation of America both testified April 4 at the IRS’ final hearings on the subject. The IRS is reportedly considering changes based on an outpouring of public emotion, but perhaps most importantly, after lawmakers began questioning the agency’s motives.

Posted under Privacy

The Federal Deposit Insurance Corporation (FDIC) has released an on-line multimedia education tool that consumers can use to learn how to better protect their computers and themselves from identity thieves. The presentation also features actions consumers can take if their personal information has been compromised.

Identity theft continues to be one of the fastest growing crimes in the United States, and has ranked as one of the top consumer concerns for the past several years. Identity theft is evolving in more complicated ways that make it harder for consumers to protect themselves, and easier for criminals to set up virtual storefronts on the Internet to sell confidential personal information.

Some of the steps outlined in the presentation that consumers can take to help safeguard their computers and their personal information from identity theft are:

• never provide personal information in response to an unsolicited telephone or Internet request
• never provide a password over the phone or in response to an unsolicited Internet request
• review account statements regularly to ensure all charges and transactions are correct
• use a firewall and anti-virus and spyware protection software.

One of the more frustrating aspects if identity theft occurs is restoring your good name and credit. If consumers either suspect that their personal information has been compromised, or have been victimized by identity thieves, they should:

• contact the fraud department at one of the three major credit bureaus and ask that a fraud alert be placed in their file at all three companies
• review their credit reports periodically and carefully and look for inconsistencies or red flags such as accounts they didn’t open
• debts they can’t explain or inquiries from companies they haven’t contacted, contact the companies where the fraudulent activity occurred, and follow up any telephone calls in writing
• file a police report with local police or the police department in the community where the crime took place and keep a copy of the report
• file a complaint with the Federal Trade Commission.

Posted under Privacy

Identity theft doesn’t pay, and that includes email addresses. That will be the message when Jason Smathers turns himself into authorities Monday to begin serving a 15 month jail sentence. Smathers was convicted last month of stealing more than 90 million email addresses from AOL and selling them to a spammer.

Smathers also may be required to repay AOL for its costs in dealing with spam created by his sale of the names as well as its costs in employee time spent conducting the investigation.

After cooperating with authorities, Smathers was sentenced to only 15 months in prison rather than the two years he could have received for the information theft.

Posted under Privacy

Scott Levine, owner of SniperMail, was found guilty of using his company’s access to information services company Acxiom to steal more than 1.6 billion records about U.S. consumers.

Prosecutors said the case, heard in U.S. District Court in Little Rock, was the largest computer theft case ever tried. One way in which the case was unique is that Levine and his employees did not use illegal methods to gain access to the data. Instead, they took data that was left unprotected by the company.

Acxiom did not issue a statement regarding the verdict, but multiple media sources have quoted company representatives as stating that there is no evidence that consumers have suffered as a result of the data breach.

Consumer Help Web, in partnership with Apple Federal Credit Union, has published an article on avoiding credit card thieves at:

http://www.consumerhelpweb.com/finance/apple/creditthieves.htm

Posted under Privacy