Scam of the day – July 14, 2014 – Chinese hackers steal information from Federal Office of Personnel Management

Hacking of American companies by Chinese hackers is not particularly startling as it is going on all of the time, however the federal government is now admitting that back in March Chinese hackers were able to hack into the data bases of the Office of Personnel Management and gain access to personal information on thousands of government workers.  What is particularly troublesome is that the Office of Personnel Management manages a program called e-QIP where federal employees who are seeking security clearances must provide much personal information including personal financial data.  It is not known what the purpose of the hacking was and whether or not it was government sanctioned or not.  What is known is that, just as the hacking into the computers of the United States Department of Energy last week, showed, government databases are just as vulnerable as those of private companies.

TIPS

So what does this mean to you?

First and foremost if you are someone whose information was maintained by the Office of Personnel Management you should be on heightened alert for identity theft.  You should check your credit report with each of the three major credit reporting agencies, Equifax, TransUnion and Experian.  You also would be wise to put a credit freeze on your credit reports at each of the three major credit bureaus to prevent someone with personal information about you from gaining access to your credit report and utilizing your credit.  You can find a detailed explanation of credit freezes along with instructions for getting one in the right hand column of the first page of Scamicide.  As for the rest of us, this is yet another lesson that you are only as safe from identity theft as the places with the weakest security that hold personal information about you.  Whenever possible limit the amount of personal information held by companies and governmental agencies with which you do business.  Also, do not leave your credit card number on file with any retailer with which you do business regularly.  It may be convenient to do so, but it increases your risk of identity theft if the company is hacked and your data is compromised.

Scam of the day – November 20, 2013 – Dangers posed by hacking of government websites

In November 2nd’s Scam of the day, I told you about the recent arrest of British citizen Lauri Love for hacking into the computers of a number of United Sates Government departments.  In a confidential memorandum, the FBI has recently warned other government agencies about actions of the informal hackers group known as “Anonymous “to also hack various agencies of the United States government. According to the memorandum which was leaked to Reuters, many federal agencies have already been hacked and information stolen from the U.S. Army, the Department of Energy, the Department of Health and Human Services and many more resulting in Anonymous stealing large amounts of personal information contained in the unencrypted computers of these various agencies.  Among the information stolen was personal information on 104,000 employees and contractors of the Department of Energy including bank account information on some of these people.  A common thread between Lauri Love’s hacking and the hacking done by Anonymous is the exploiting of security flaws in Adobe’s Cold Fusion software which is a popular website development software used by many companies and federal agencies.  I have been warning you that this was going to happen since we first became aware of the hacking of Adobe.

So what does it mean to you?

TIPS

Once again, this illustrates that your personal information is only as safe as the place with the weakest security that holds your information.  It is important to limit the places that hold your personal information to as few places as actually need it.  Also, do not leave credit cards on file with online companies with which you shop for your convenience.  Your convenience can lead to your becoming a victim of identity theft if they are hacked.  You should make sure that you monitor your credit reports at least annually to be on the lookout for identity theft and you may wish to consider putting a credit freeze on your credit report to limit the damage if you do become a victim of a hacking.  For more information about credit freezes and getting free copies of your credit reports check out my book “50 Ways to Protect Your Identity in a Digital Age.”

Scam of the day – September 11, 2013 – Department of Energy hacking – what it means to you

A couple of weeks ago the United States Department of Energy initially announced that its computers had been hacked and personal information on 14,000 employees had been stolen placing these people in serious danger of identity theft.  Now the Department of Energy has disclosed that the number of people involved is 53,000.  These are all employees or former employees of the Department of Energy whose names, Social Security numbers, dates of birth and other personal information was stolen by identity thieves who hacked into the Department of  Energy’s computers during the summer.  Although the DOE is providing free credit monitoring services for a year to affected people, this is of little consolation to the victims.  Once again, this shows that you are only as safe as the place with the weakest security that holds your information.  This is particularly important now as we approach the October first start date of the insurance exchanges created by the Affordable Care Act.  Under the Affordable Care Act a data hub of seven different federal agencies will be accessible by insurance navigators who are people who will assist people as they try to find the right insurance policy.  This data hub of agencies such as the Social Security Administration, the IRS, the VA and others will provide information to verify eligibility for various discounts, but it also may provide information for identity thieves accessing the data hub for their own purposes.  This threat is quite real as the security system for the data hub has still not been fully tested and, as has been shown by the Department of Energy hacking, the federal government still does not do a good job of protecting our personal information.

TIPS

As much as possible, limit the amount of personal information you provide to any company or agency with which you do business.  Don’t leave your credit card on file with Amazon or any other company you regularly do business with.  You might also want to consider putting a credit freeze on your credit report so that even if someone does get access to your Social Security number, they cannot get access to your credit report for purposes of making a large purchase using your credit.  You can find information about how to put a credit freeze on your credit report here on Scamicide.