The dangers of used devices

March 29th, 2017

The following post is taken from an interesting article from our friends at NAID. Just a little something we thought would be worth sharing with everyone.

Personally Identifiable Information Found on 40 Percent of Used Devices in Largest Study To-Date

FOR IMMEDIATE RELEASE:
 
Phoenix, Ariz., March 24, 2017 – The National Association for Information Destruction® (NAID®) announced today the results of the largest study to date of the presence of personally identifiable information (PII) on electronic devices sold on the second hand market. The study showed that 40 percent of devices resold in publicly-available resale channels contained PII. NAID commissioned CPR Tools, Inc. to analyze the used devices, which included used hard drives, mobile phones and tablets.
 
The current state of electronic storage has made it possible for nearly every adult to carry a form of data storage device.  “As data storage is included in nearly every aspect of technology today, so is the likelihood of unauthorized or unintended access to that data” states CPR Tools CEO, John Benkert. He goes on to say, “Auction, resell, and recycling sites have created a convenient revenue stream in used devices; however, the real value is in the data that the public unintentionally leaves behind.”
 
While there have been similar studies over the past decade, the NAID study is unique insofar as the recovery process used to locate the data on more than 250 devices was, by design, not sophisticated nor was advanced forensic training required. All methods leveraged downloadable shareware. 
 
Robert Johnson, NAID CEO, points out that while this study’s results show a decrease in data found compared to past studies, “NAID employed only basic measures to extract data; imagine if we had asked our forensics agency to actually dig!” He goes on to surmise that “40 percent is horrifying when you consider the millions of devices that are recycled annually.”
 
PII recovered included credit card information, contact information, usernames and passwords, company and personal data, tax details, and more. While mobile phones had less recoverable PII at 13%, tablets were disturbingly found with the highest amount at 50%. PII was also found on 44% of hard drives. In total, 40% of the devices yielded PII. The study included devices that had been previously deployed in both commercial and personal environments.
 
Johnson cautions that the results are in no way an indictment of reputable commercial services providing secure data erasure. “We know by the ongoing audits we conduct of NAID Certified service providers that when overwriting is properly done, it is a trustworthy and effect process. The problem lies with service providers who are not qualified and, too often, with businesses and individuals who feel they can do it themselves.”

2017 Data Breach Forecast

February 24th, 2017

I was just reading an interesting report from Experian, the 2017 Data Breach Forecast. Remember that a data breach can happen to anyone, take the first steps to keeping you and your clients information safe, secure shredding and disposal of your documents and hard discs is a great start, and we’re here to help.

Be sure to read this report and work to keep yourself safe.

http://www.experian.com/assets/data-breach/white-papers/2017-experian-data-breach-industry-forecast.pdf

Another Data Breach…A reminder to SHRED!!!

January 16th, 2016

Check out this article. Here is another data breach in the news. Learn how to protect yourself and your business.

http://www.wcsh6.com/story/news/local/2016/01/15/investigation-concludes-additional-information-compromised-maine-general-hack/78848900/

Tewksbury students’ private information accidentally released

April 8th, 2015

Parents and families were in for a shock when they discovered that personal student information was accidentally released online. Although it did not list student’s names it did disclose ages and school placement for 83 special needs students who’s out of district placement is subsidized by the Tewksbury school district.
Many said it was easy to identify their child even though the names were not attached since they were listed alphabetically with age and current school name.
The list also included a ranking of the parents on a scale of 1-3, with a 3 indicating a difficult parent.
The principal issued an apology to the families. At least one family has already filed a complaint based on the information violating their privacy.

Check out the source here

The Three Most Dangerous Kinds of Identity Theft

April 1st, 2015

Identity theft is awful, inconvenient, life changing and costly. But according to USA Today the three most dangerous types of identity theft are Child ID theft, Medical ID theft and Tax ID theft. Why?

Child ID theft can take years to discover. Often children will not realize they have been a victim until years later when they go to establish their own legitimate credit.
Check out this previous blog on protecting your children from ID theft. PROTECT YOUR CHILDREN’S IDENTITY

Medical ID theft can be scary since it results in your personal information landing in the wrong hands. It could potential lead to deadly medical mistakes. Make sure to review all your medical statements.

Tax ID theft is one of the easier ways for thieves to make money. Make sure to file your tax returns early in the season and shred all your information as soon as you are done with it. Check out this previous post as a reference to when you can shred your personal documents.

WHAT TO SHRED WHEN
Check out the USA Today article here

Identity Theft Still Number 1 Consumer Complaint

March 18th, 2015

As thieves continue to try to hack sites and steal your identity, make sure you know how to protect yourself and your identity.
The most common way thieves misuse your information is from government records. Credit card theft continues to be on the rise. Americans between the ages of 20 and 60 are the biggest targets. Florida was the state to files the most complaints.
Sharing your Social Security number is the easiest way for would be thieves to gain access to your identify.
Shredding all records with your Social Security number and personal information and limiting the number of agencies that have access to your information is the best way to limit your risk of identity theft.

Check out this article

Scary number of identity thefts at BSU

March 12th, 2015

Employees of Ball State University have been realizing they have something in common and it isn’t a good thing. As several BSU employees have been filing their tax returns they have been alerted that a tax return has already been filed under their Social Security number. One professor learned that her’s, her husband and her children’s Social Security numbers have been stole. It is no coincidence that weeks prior there was a data breach of Anthem health insurance where hackers stole names, birth dates, Social Security numbers in addition to other personal information. At least 17 victims have been confirmed at BSU alone.

There is a twist though, all of the identity theft victims have received unsolicited refunds in the form of a pre-paid debit card between $7,000 and $9,000 from RushCard, T-Mobile and Green Dot.

Check out the whole story here.

Is Student Data at Risk Due to Out-of-Date Privacy Laws

February 25th, 2015

Check out this article that raises concerns about the safety of student’s personal information.
It examines the need for law makers to tighten up the laws to place restrictions on how student’s information is used and to ensure it is not used by third parties for illegitimate advertising purposes.

Click here to read the whole article.

How To Protect Your Childern From Identity Theft

February 17th, 2015

Children can be excellent targets for identity theft since it may not be discovered for many years.

Here are a few tips for helping to protect your child’s social security number.

* You can check if your child has a credit report. Hopefully they don’t! A child does not have a credit report until their social security number is used to apply for credit. Since a child doesn’t have a credit report, a fraud alert can’t be added to their social security number. However, there are several services that offer credit monitoring that will alert you if your child’s information was used in an attempt to get credit. Check with the major credit bureaus to see which service is best for you.

* Make sure to monitor your child’s online activity on social media sites and when making online purchases.

* Educate your child by teaching them the importance of keeping their personal information private – social security #, last name, address, etc.

*Make them aware of “phishing” and scam emails and teach them to delete these emails.

* Don’t allow your children to carry their social security card with them.

* If you are asked for your child’s social security number be sure to ask these three questions: Why is it needed? Is there another way to identify my child? How will my child’s information be protected?

*Shred all personal information using a cross cut shredder.

* Never use your child’s Social Security number to open account for your benefit. It will only hurt them in the long run.

How to know if your child’s identity might have been stolen:

* Your child receives mail such as pre-approved credit card offers and other financial offers only sent to adults.

* You try to open an account for your child and learn one already exist.

* An application is denied because of a poor credit history

* A credit report already exists in your child’s name. A credit report only exists if an application for credit or credit account has been filed

If you think your child’s identity has been compromised be sure to contact the three major credit bureaus, TransUnion, Experian and Equifax.

Consider requesting a credit freeze.

Contact the businesses where your child’s credit was misused.

File a report with the police department and continue to monitor their credit.

Check out these links for more information on keeping your child’s identity safe.

http://money.usnews.com/money/blogs/my-money/2014/05/19/3-ways-to-protect-your-child-from-identity-theft

http://www.equifax.com/specs/child-identity-protection-kit/child-kit.pdf

http://www.transunion.com/childidentitytheft

3 Tips to Keeping Your Email From Being Hacked

February 4th, 2015

If your email has ever been hacked you know how annoying it is to notify your contacts and possibly change your email address. It is also scary to think someone has gained access to your personal information. Hacking personal emails is the fastest way for criminals to gain access to your financial information. YIKES!

Try these three tips to protect your email and personal information.

Make up fake answers to security questions. Social media can make it easy to find out maiden names and birthplaces.

Have a secret email address that you only use for financial institutions and bill paying.

Use different passwords for each account and make sure they are at least 10 characters long and contain numbers, symbols and both upper and lowercase letters.

Check out the full article here.