Hawaii Says Aloha to Credit Freeze

Although Hawaii ranked towards the middle
of all states for identity theft, three new laws
will go into effect starting this Monday to
provide residents first rate protection in 2007.

Notification of Security Breaches (Act 135)

Requires businesses and government agencies that keep
confidential personal information about consumers to
notify those consumers if that information has been
compromised by an unauthorized disclosure.

"Personal information" means an individual's first
name or first initial and last name in combination
with any one or more of the following data elements,
when either the name or the data elements are not
encrypted:

• Social security number (ssn)
• Driver's license number (dmv)
• Hawaii ID card number or account number
• Credit or debit card number
• Financial account access code or password.

Note, it does not include publicly available information
that is lawfully made available to the general public
from federal, state, or local government records.

Destruction of Personal Information (Act 136)

Requires businesses and government agencies to take
"reasonable measures" to protect against unauthorized
access to an individual's personal information when
disposing of the records they keep.

Either shredding of documents or securely erasing
electronic media are required for any records containing
personal information.

A special note here is the company is even responsible
for auditing any contractors they hire to dispose of the
records containing personal information.

Social Security Number Protection (Act 137)

Restricts businesses and government agencies from
disclosing consumers' Social Security numbers to
the general public.

What this now means for an entity in Hawaii must
not intentionally do any of the following with a
complete social security number (ssn)

• Make publically available
• Print on any membership or services card
• Transmit unencrypted or unsecured over the internet
• Require a person to access a website
• Non employee related printed materials mailed

So, our tip for today is for any anyone you know
who is a resident of Hawaii. Take advantage of
your substantially improved rights against identity
theft and privacy invasion by unauthorized individuals.

Freeze your credit file to secure your financial
protection against thieves by contacting any of the
three major credit bureaus. Secondly, any membership
or services cards you now hold may very well be
immediately invalid under the new laws.

Contact your providers to get new id cards issued
without your social security number (ssn)
included. Once you have received your new cards,
make sure to shred your old cards.

Million Dollar Id Theft Ring Busted from Errant Phone Call

All the illicit gains, $1,000,000 worth, came to a crashing
halt when a phone call was made to the wrong person. It
seems the identity thief while attempting to impersonate
a police chief inadvertently called the father of the actual
local New York police chief.

It seems the scam the identity thief and his criminal
associates would call cell phone owners and claim to
be the authorities attempting to save the victim from
identity theft.

In the case of the call to the father of the local New York
police chief, the phony caller claimed someone else was
attempting to purchase an airline ticket using the police
chief's credit card number.

The scam would then work when the intended victim would
provide more personal information to the caller which would
enable the real identity theft fraud to occur. The identity
thieves would, using the now stolen personal info, would
then make fraudulent purchases or wire transfers.

Fortunately, in this case, the father of the police chief smartly
realized the scam and immediately acted. He also evidently
had caller id and captured the phone number of the identity
thief calling.

After reporting the attempted to scam, with the caller's phone
number, to local police the identity theft ring was busted and
are now facing up to 25 years in prison each.

So, our tip for today is realize anyone making unsolicited
phone calls to you requesting your credit card, bank
account, social security number (ssn), or even date
of birth (dob) information is most likely an identity
thief scammer.

The scam only works if you provide the information
(usually under duress) from an artificially created
"emergency" scenario portrayed by the caller.

If there is any doubt the caller is real, immediately
request the company's full name, physical location,
& toll free phone number.

Then hang up and call AT&T's long directory assistance operator
to verify the number is actually associated with the company
name and location provided by the original caller.

If not, you now have the opportunity to provide a fraudulent
caller to the phone company thus saving yourself and others
from being scammed from a now obvious identity theft criminal.

The toll free number to call AT&T is 1-800-555-1212.

UCLA Suffers Largest Identity Theft Ever

In what lasted for over 13 months, the University of
California - Los Angeles (UCLA) was the victim of
unauthorized computer database access effecting
800,000 people.

Those impacted were students, faculty and staff members
both past and present. In a letter sent today by the
acting chancellor to all those effected, the computer
database break in occurred from October 2005
through November 21, 2006.

Some cases date back to the early 1990s.

Beyond just staff and students though, this break-in also
effected applicants the past 5 years who did not
enroll at the university.

Plus, some parents of students or applicants who had applied for
financial aid.

Even 3,200 of those being notified are current or former staff and
faculty of UC Merced and current or former staff of UC's Oakland
headquarters.

UCLA handles administrative processing for both groups.

"We take our responsibility to safeguard
personal information very seriously,"

Among the data prized by identity thieves everywhere, the hackers
gained access to the following highly confidential information:

• Names
• Home addresses
• Social security numbers (ssn)
• Dates of birth (dob)

Basically, with these type of data, even a relatively novice identity
theft fraudster can easily open up new accounts during this
holiday shopping season and likely the evidence of it would not be
uncovered until months afterwards.

So, our tip for today is if you or anyone you know who was a student,
student applicant, or faculty member of the UCLA dating back to the
early 1990's, contact the university's special toll free hotline
immediately.

Also, given the rather lengthy amount of time since the initial
break in by the computer hackers (Oct., 2005), it would be wise
to also quickly contact any of the three national credit bureaus
to place a fraud alert and/or credit freeze (depending on
what state you currently reside in) on your file.

UCLA can be contacted on their special toll-free line of
(877) 533-8082 -or- on their special identity theft
announcement website.

Avoiding Smart Phone Identity Theft

Up to 85% of the smart phones recently purchased
from an eBay online auction revealed highly
confidential personal information was still
intact and available for identity theft.*

With over 220 million U.S. cell phone subscribers
there exists a huge opportunity for identity thieves
as the average consumer resells or recycles their
phone as part of an upgrade decision every 1.5 years.

In recent tests conducted by two different technology
security firms, "smart" phones legally purchased from
online auction sites revealed the following snippets from
over thousands of pages recovered:

• Contact lists containing names, address, & phone numbers
• Bank accounts with passwords
• Medical prescriptions
• Payment receipts for utility payments
• Personal pictures of the owner's children
• Web site searches
• Text messages between a married man and his lover
• A company's plans to win a multi-million dollar contract

Unfortunately, these type of data in the hands of an identity
thief can bring financial ruin and years of emotional distress.

"You could recreate someone's entire life
from the data you recover from these devices"

So, our tip for today is to help prevent identity
theft from happening from unknowingly providing
your confidential data to potential fraudsters.

Before you upgrade to a new cell phone, make sure to
securely erase your data by conducting what is
known as "zero-out reset" or "factory reset". Also,
fully delete any contact addresses, photos, email, &
text messages from your smart phone even before
you conduct the factory reset.

Finally, here's a handy resource we found which
provides smart phone specific information you can
use to destroy your confidential information to
keep it from being recovered later.


*Portions excerpted courtesy of the Washington Post.

DMV Identity Theft Special Alert

A suburban Philadelphia town (Wilkes-Barre) department
of motor vehicles (dmv) office recently was the victim of
two stolen computers containing over 11,000 people's
confidential information.

Burgulars evidently broke into this DMV office last Tuesday
evening to steal the computers containing driver's license or
identification cards of customers whose photos had been
taken at this Wilkes-Barre center.

The highly sensitive information, in addition to the photos, stored on
the computers now listed as stolen included:

• Names
• Addresses
• Dates of birth (dob)
• Drivers license number
• Social Security Numbers (ssn)

With this type of information, criminals can easily produce fake
identification used to quickly conduct identity theft based
fraud such as opening new credit accounts with retailers who offer
"instant credit".

To the credit of the local DMV office, security breach letters were
mailed out this past Saturday offering free credit checks and
fraud alerts for your credit file.

So, our tip for today is for you or any associates you know may
have had their DMV photo taken during the timeframe of
Aug. 30th - Nov. 28th of this year.

Contact the DMV immediately to get further details on
the free credit check arrangements reserved for you. Also,
make sure to inquire with the local DMV office effected
(PennDOT Wilkes-Barre center) on getting a replacement
driver's license.

A toll-free hotline, 1-800-PENNDOT, has been setup to aid
the impacted identity theft victims.

Finally, because you are suffering from the loss of DMV data
(instead of just credit data), get your public information profile
(pip) checked out to guard against false arrest resulting from
fraudulent use of your personal information in traffic violations
or medical claims.