uc logo white
Text Size

Announcement: New Study

Check out Smithton Medical's new study!!

Home

Quick Quiz: Has Your Personal Information Been Hacked?

The New York Times has a quick online interactive quiz so individuals can see how much, and which types, of their personal information has been hacked (“How Many Times Has Your Personal Information Been Exposed to Hackers?” by Josh Keller, K.K. Rebecca Lai and Nicole Perlroth; July 29th.The New York Times has a quick online interactive quiz so individuals can see how much, and which types, of their personal information has been hacked (“How Many Times Has Your Personal Information Been Exposed to Hackers?” by Josh Keller, K.K. Rebecca Lai and Nicole Perlroth; July 29th. The authors clearly state certain caveats including:
  1. They’ve included many, but not all, of the most recent major hacks (e.g., OPM, Neiman Marcus, health insurers);
  2. There are likely hacking attacks that are still undiscovered; and
  3. The resulting score should be seen as a minimum, not maximum, given the above caveats.
I took the quiz and wasn’t surprised to find that my personal information has been exposed and potentially stolen.  What parts of personal identity are listed in the quiz?   There are the obvious parts such as address, birthday, credit or debit card, and SSN.  The less obvious but also included are employment history, fingerprints, password and medical information.  I’m angry about the parts of my identity that were exposed while relieved about the parts that have not yet been hacked. The authors also provide very useful concrete information about the steps individuals can take once they discover that some of their personal information has been hacked.  Taking the quiz might seem scary but not knowing, and then not taking pro-active steps, will be even worse. __________________ Ms. Diener is now an independent consultant on privacy, identity management, information protection and risk management. She served in senior managerial, legal, policy and legislative positions in all three branches of the Federal government. In addition to her privacy expertise, Ms. Diener played a lead role on such important domestic and international issues as criminal justice/law enforcement and financial services. She speaks frequently at industry and governmental conferences and meetings.

Grand Theater Shooting

Fake charities are popping up requesting “donations” for victims of the tragedy in Lafayette.Fake charities are popping up requesting “donations” for victims of the tragedy in Lafayette. Scam: Grand Theater Shooting Who Is It Targeting: Anyone What Is It: The Louisiana Attorney General has issued a warning about scams revolving around the recent shooting at the Grand Movie Theater in Lafayette, Louisiana.  Individuals are receiving phone calls, emails and social media contacts from fake organizations asking for donations to help the families of the victims of the shooting. The organizations involved in these scams are not legitimate and funds donated will not reach the families or help the victims in any way. What Are They After: Direct payments in the form of “Donations” How Can You Avoid It: You should be very cautious about which organizations you donate to after a major tragedy. If you are contacted by an organization asking for donations, you should research them.  A quick Google search with the name of the organization with the word scam attached should provide you with information.  You may also look at their profile on Guidestar, a website dedicated to help consumers know about the non-profit organizations they support. While an organization’s lack of a profile on Guidestar does not mean they are fraudulent, it may mean that the organization is either new, or has not filed for non-profit status.  If you still have questions about an organization you can contact the Louisiana Attorney General's Office at 1-800-351-4889 or go to the Attorney General's website. _________________ Identity Theft Resource Center® (ITRC) is a nonprofit, nationally respected organization dedicated exclusively to the understanding of identity theft and related issues. The ITRC provides victim and consumer support, public education, and advisory services to governmental agencies, legislators, law enforcement, and businesses.  Victims may contact the ITRC toll-free at 888-400-5530.

Is Your City Rifling Through Your Garbage?

For many years now, we’ve been warning our readers to shred their documents before throwing them away. After all, you never know who may decide to go through your trash to steal your identity. What you probably don’t know is that your city may also be going through your garbage. No, they are not trying to steal your identity.For many years now, we’ve been warning our readers to shred their documents before throwing them away. After all, you never know who may decide to go through your trash to steal your identity. What you probably don’t know is that your city may also be going through your garbage. No, they are not trying to steal your identity. These city programs are designed to enforce recycling laws and, in the process, raise revenue by ticketing offenders. In Seattle, the Garbage Gestapo is alive and well. Trash collectors there are under orders from the city to rifle through trash and to determine if residents are throwing out food… which by law must be composted rather than discarded. These trash collectors serve as judge, jury and executioner in their determinations. They have the power to ticket anyone whose trash in their sole judgment contains more than 10% recyclable material. It probably won’t come as any great surprise to you that the city is also being sued as a result of this law. Seattle is far from the only place looking at the trash that is collected. Several cities in Wisconsin now tag trash cans with RFID (radio frequency identification) chips. When garbage is collected, the trucks picking it up actually film the trash as it is dumped and then match the film with the RFID tag. Anyone not following the city recycling laws can be identified and fined. And other cities across the country are using less sophisticated forms of monitoring. Many of them use RFID chips simply to track how often residents actually place their recycle bin on the street for collection. If the city determines that a particular resident almost never uses their recycle bin, that can be enough for the city to dispatch someone to inspect their trash, and possibly a fine.
What’s a privacy conscious person to do?
If you don’t like the idea that your city may be inspecting your trash, there may be some things you can do to protect yourself. First of all, make sure that when you throw out your regular garbage, it is properly bagged. That means making sure that the bag is tied shut. This will help prevent inspection by video camera and make it more difficult for anyone who wants to manually inspect your trash. Second, make sure that what you throw in your recycle bin is actually recyclable. If you are unsure, most cities publish this type of information on their web sites. As for Seattle’s Garbage Gestapo, there is a pretty good chance that the city will be forced to change the way they inspect. Courts have repeatedly held that for police to go through your garbage, they need a warrant. Since Seattle has seen fit to bestow police powers on their garbage collectors, there is a very good chance the court will make the same requirement of them. ___________________ Jim Malmberg, ACCESS, American Consumer Credit Education Support Services, is a non-profit, tax exempt 501(c)(3) consumer advocacy group whose primary purpose is to disseminate credit education information and assistance to the general public, visit www.GuardMyCreditFile.org

950 Million Android Phones Vulnerable to Hacking

If you haven’t been paying attention to the news this morning, you may have missed the latest hacking vulnerability. This one involved virtually every single cell phone powered by Android worldwide. The most frightening thing about this is that the only thing a hacker needs to know to gain access to everything on your phone is your phone number.July 28, 2015 – If you haven’t been paying attention to the news this morning, you may have missed the latest hacking vulnerability. This one involved virtually every single cell phone powered by Android worldwide. The most frightening thing about this is that the only thing a hacker needs to know to gain access to everything on your phone is your phone number. But there are some things you can do to protect yourself. Here is what you need to know. What is the hack called? The hack is being referred to as “Stagefright”. The name is based on Google’s Stagefright engine which is used to play back videos on Android phones. What does the hack do? Once triggered, the hacker can gain access to all of the information on your cell phone including credit card information and stored files. The hacker can also use your phone to record video, take pictures and record sound without your knowledge.
How does it work?
The hack is actually vulnerability in Android phones. A hacker can send a multimedia message (MMS) to your phone that plays a video. (Most people refer to MMS and SMS messages the same way; as “text” messages.) Depending upon the settings of the program you use for MMS messages, the hack can be triggered as soon as you receive the message… meaning that you don’t even have to open the message up. Which phones are vulnerable? Any cell phone running Android 2.2 and above. That means virtually every single Android phone sold in the past five years. It affects approximately 950 million phones that are currently in use. Is there a security patch available? Sort of. Google has already released a security patch but it isn’t something that you can download and install yourself. It has been provided to all cell phone carriers, and they tend to be very slow in rolling out updates to their users. Anyone having a rooted phone (if you don’t know what that means then you don’t have one) running Cyanogen Mod should be able to get the update very soon as the developers have announced that the patch will be included in all releases from now on. But if you are running a stock Android device that you received from your cell phone carrier, you are going to have to wait. What can I do in the meantime to protect myself? Until your carrier releases and update, you need to disable autoretrieval of MMS messages in your texting app.  twiloBlog has an easy to follow explanation of how to go about this. This is especially important for anyone using Google Hangouts to process their text messages. Hangouts processes messages before the user actually reads them. This means that the user doesn’t even have to read the message in order for the hack to take place. Hangouts is the default messaging app for millions of users. How worried do I need to be? The Stagefright vulnerability is very bad. It has the potential to be the largest vulnerability ever detected in Android.  But with that said, androidcentral.com is pointing out that it has been available to hackers for the past five years and there hasn’t been a single reported incident in that time. Given the publicity Stagefright is getting this week though, that is likely to change. The bottom line here is that you need to be proactive and take the steps required to disable automatic processing of MMS messages right away. Not doing so could lead to fraud, invasions of privacy and identity theft. ____________________ Jim Malmberg, ACCESS, American Consumer Credit Education Support Services, is a non-profit, tax exempt 501(c)(3) consumer advocacy group whose primary purpose is to disseminate credit education information and assistance to the general public, visit www.GuardMyCreditFile.org