Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: ID Theft

President Obama’s new Cybersecurity National Action Plan

What is the President’s Cybersecurity National Action Plan (CNAP)? It’s the capstone of more than seven years of effort from this administration that takes near-term actions and puts in place a long-term strategy to ensure the federal government, the private sector, and American citizens can take better control of our digital security.

The President’s plan takes new action both now and in the long-term to help the conditions we need to improve our approach on cybersecurity across the federal government, the private sector, and our personal lives. Here’s a brief look at what it does:

  • Establishes a Commission on Enhancing National Cybersecurity that will bring top strategic, business, and technical thinkers from outside the government to make critical recommendations on how we can use  new technical solutions and best practices to protect our privacy and public safety
  • Transforms how the government will manage cybersecurity through the proposal of a $3.1 billion Information Technology Modernization Fund and a new Federal Chief Information Security Officer to help retire, replace, and modernize legacy IT across the government
  • Empowers Americans to secure their online accounts by using additional security tools – like multi-factor authentication and other identity processing steps – and by working with Google, Facebook, DropBox, Microsoft, Visa, PayPal, and Venmo to secure online accounts and financial transactions
  • Invests more than $19 billion for cybersecurity as part of the President’s budget – a more than 35 percent increase from last year’s request to secure our nation in the future

You can dig into all of the specifics the CNAP here.

What does his plan do to help protect my privacy online? While there is no silver bullet to fully guarantee our data security, the President has done a lot to enhance security measures on a lot of our daily activities to protect our private information. Last year, he took executive action as part of his BuySecure Initiative to help drive the market toward more secure payments by pushing companies to use microchips instead of magnetic strips or PINs on credit, debit, and other payment cards. Building on those actions, the President called on Americans to think differently about how they log on. For example, instead of just a basic password, Americans should leverage multiple factors of authentication when logging-in to online accounts. Have a Gmail account? Check out their two-step authenticator as a way to better protect your privacy. Are you on Twitter? Your account can have two-step verification, too. Along with your personal information, it’s also important that you protect your financial transactions with businesses. As of today, we have supplied over 2.5 million more secure Chip-and-PIN payment cards, more than any other country in the world, and under his new plan we will also offer cybersecurity training to reach over 1.4 million small businesses. We’re doing a lot to prevent cybercrime, but if you’re a victim of identity theft, you don’t have to deal with the consequences alone. Check out IdentityTheft.gov to report identity theft, create a personal recovery plan, and print pre-filled letters and forms to send to credit bureaus, businesses, and debt collectors…”

FTC Announces Significant Enhancements to IdentityTheft.gov

“For the first time, identity theft victims can now go online and get a free, personalized identity theft recovery plan as a result of significant enhancements to the Federal Trade Commission’s IdentityTheft.gov website. The new one-stop website is integrated with the FTC’s consumer complaint system, allowing consumers who are victims of identity theft to rapidlyContinue Reading

Federal Background Investigations Tasked to New Agency

Via the White House Blog, January 22, 2016 – “The Government has a responsibility to determine the fitness of Federal employees, members of the Armed Forces, and contractors for the jobs they are hired into and for the sensitive work they do on behalf of the American people each and every day. At the sameContinue Reading

SEC publishes 2016 priorities for Office of Compliance Inspections and Examinations

“This document identifies selected 2016 examination priorities of the Office of Compliance Inspections and Examinations (“OCIE,” “we,” or “our”) of the Securities and Exchange Commission (“SEC” or “Commission”). In general, th priorities reflect certain practices and products that OCIE perceives to present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.Continue Reading

Database comprising 191 million voter records made publicaly available

CSO Online – “The database contains a voter’s full name (first, middle, last), their home address, mailing address, a unique voter ID, state voter ID, gender, date of birth, date of registration, phone number, a yes/no field for if the number is on the national do-not-call list, political affiliation, and a detailed voting history sinceContinue Reading

Hacking as a business model against financial institutions

New York Times – Prosecutors Announce More Charges in Hacking of JPMorgan Chase: “Billing it as the largest hacking case ever uncovered, federal prosecutors in Manhattan on Tuesday described a global, multiyear scheme to steal information on 100 million customers of a dozen companies in the United States and use the data to advance stockContinue Reading

Password Security – How to Memorize a Random 60-Bit String

How to Memorize a Random 60-Bit String. Marjan Ghazvininejad, Kevin Knight – Information Sciences Institute, Department of Computer Science, University of Southern California: “User-generated passwords tend to be memorable, but not secure. A random, computer-generated 60-bit string is much more secure. However, users cannot memorize random 60- bit strings. In this paper, we investigate methodsContinue Reading

Victims of Identity Theft, 2014

Victims of Identity Theft, 2014 – Erika Harrell, Ph.D., – BJS Statistician “An estimated 17.6 million persons, or about 7 percent of U.S. residents age 16 or older, were victims of at least one incident of identity theft in 2014, the Bureau of Justice Statistics (BJS) announced today. These statistics were similar to those inContinue Reading

OPM, DoD Announce Identity Theft Protection and Credit Monitoring Contract

OPN News Release: ” The U.S. Office of Personnel Management (OPM) and the U.S. Department of Defense (DoD) today announced the award of a $133,263,550 contract to Identity Theft Guard Solutions LLC, doing business as ID Experts, for identity theft protection services for 21.5 million individuals whose personal information was stolen in one of theContinue Reading

EY, LANL make new cybersecurity tools available to private sector

News release: “Ernst & Young LLP and Los Alamos National Laboratory have formed a strategic alliance to deliver some of the most advanced behavioral cybersecurity tools available to the commercial market. “Cybersecurity attacks are ever more frequent and more sophisticated, and they destroy the trust needed to conduct business,” said Duncan McBranch, Chief Technology OfficerContinue Reading

FCW obtained official timeline of OPM data breach

FCW.com: “An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data and the government’s step-by-step response. It illuminates a sequence of events that lawmakers have struggled to pin down in public hearings with Obama administration officials. The timeline makes clear that the heist of dataContinue Reading

Mandatory Minimum Sentencing: Federal Aggravated Identity Theft

CRS report vai FAS – Mandatory Minimum Sentencing: Federal Aggravated Identity Theft – Charles Doyle, Senior Specialist in American Public Law. August 20, 2015. “Aggravated identity theft is punishable by a mandatory minimum sentence of imprisonment for two years or by imprisonment for five years if it relates to a terrorism offense. At least thusContinue Reading