Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: ID Theft

Federal Information Security: Actions Needed to Address Challenges

Federal Information Security: Actions Needed to Address Challenges, GAO-16-885T: Published: Sep 19, 2016. Publicly Released: Sep 20, 2016.

“Cyber incidents affecting federal agencies have continued to grow, increasing about 1,300 percent from fiscal year 2006 to fiscal year 2015. Several laws and policies establish a framework for the federal government’s information security and assign implementation and oversight responsibilities to key federal entities, including the Office of Management and Budget, executive branch agencies, and the Department of Homeland Security (DHS). However, implementation of this framework has been inconsistent, and additional actions are needed: Effectively implement risk-based information security programs. Agencies have been challenged to fully and effectively establish and implement information security programs. They need to enhance capabilities to identify cyber threats, implement sustainable processes for securely configuring their computer assets, patch vulnerable systems and replace unsupported software, ensure comprehensive testing and evaluation of their security on a regular basis, and strengthen oversight of IT contractors. Improve capabilities for detecting, responding to, and mitigating cyber incidents. Even with strong security, organizations can continue to be victimized by attacks exploiting previously unknown vulnerabilities. To address this, DHS needs to expand the capabilities and adoption of its intrusion detection and prevention system, and agencies need to improve their practices for responding to cyber incidents and data breaches. Expand cyber workforce and training efforts. Ensuring that the government has a sufficient cybersecurity workforce with the right skills and training remains an ongoing challenge. Government-wide efforts are needed to better recruit and retain a qualified cybersecurity workforce and to improve workforce planning activities at agencies…”

Treasury IG – Processes Are Not Sufficient to Assist Victims of Employment-Related Identity Theft

Treasury Inspector General for Tax Administration – Processes Are Not Sufficient to Assist Victims of Employment-Related Identity Theft. August 10, 2016. Reference Number: 2016-40-065. “Taxpayers identified as victims of employment-related identity theft are not notified. During the period February 2011 to December 2015, the IRS identified almost 1.1 million taxpayers who were victims of employment-related… Continue Reading

NYS DMV employs enhanced facial recognition technology to catch ID thieves

Ars Technica: “In January, the New York State DMV enhanced its facial recognition technology by doubling the number of measurement points on a driver’s photograph, a move the state’s governor says has led to the arrest of 100 suspected identity thieves and opened 900 unsolved cases. In all, since New York implemented facial recognition technology… Continue Reading

FACE Recognition Technology: FBI Should Better Ensure Privacy and Accuracy

FACE Recognition Technology: FBI Should Better Ensure Privacy and Accuracy [Reissued on August 3, 2016] GAO-16-267: Published: May 16, 2016. Publicly Released: Jun 15, 2016. “The Department of Justice’s (DOJ) Federal Bureau of Investigation (FBI) operates the Next Generation Identification-Interstate Photo System (NGI-IPS)— a face recognition service that allows law enforcement agencies to search a… Continue Reading

Report by 3 companies – Cyber resiliency in the Fourth Industrial Revolution

Cyber resiliency in the Fourth Industrial Revolution – A roadmap for global leaders facing emerging cyber threats “The First Industrial Revolution, in the late 18th century, was driven largely by steam engines. The second, in the late 19th century, introduced mass production and the division of labor. The third, in the late 20th century, involved… Continue Reading

Leakedsource collects hacked data from across the globe

Follow up to previous posting on this database – Leakedsource – “There are currently 1,933,304,758 accounts in our database” – users may search by term or type. Via ET Tech – “If you have an account online regardless of the country you reside in, chances are you have been hacked or will be hacked at… Continue Reading

GAO Reports – 2020 Census, Defense Headquarters, Registering Voters, FOIA, ID Fraud

2020 Census: Census Bureau Needs to Improve Its Life-Cycle Cost Estimating Process, GAO-16-628: Published: Jun 30, 2016. Publicly Released: Jun 30, 2016. Defense Headquarters: Geographic Combatant Commands Rely on Subordinate Commands for Mission Management and Execution, GAO-16-652R: Published: Jun 30, 2016. Publicly Released: Jun 30, 2016. Defense Headquarters: Improved Data Needed to Better Identify Streamlining… Continue Reading

Learn how to fight fraud – at your library!

Carol Kando-Pineda – Counsel, FTC’s Division of Consumer & Business Education: …we have developed resources to address…needs for: people with challenges reading English, older patrons, Spanish-speakers, identity theft victims, new arrivals, and families looking to start a conversation with kids about digital literacy and living life online. Coming soon are tips and tools to address… Continue Reading

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

“The Sixth Annual Benchmark Study on Privacy and Security of Healthcare Data by the Ponemon Institute, finds that criminal attacks are the leading cause of half of all data breaches in healthcare.  Employee mistakes, third-party snafus, and stolen computer devices—are the root cause of the other half of data breaches. The study also found that… Continue Reading

Lack of Trust in Internet Privacy and Security May Deter Economic and Other Online Activities

National Telecommunications and Information Administration (NTIA): “Every day, billions of people around the world use the Internet to share ideas, conduct financial transactions, and keep in touch with family, friends, and colleagues. Users send and store personal medical data, business communications, and even intimate conversations over this global network. But for the Internet to grow… Continue Reading

Multiple data security breaches reported by FDIC

Washington Post: “In yet another example of fragile security in federal cyber systems, data for 44,000 Federal Deposit Insurance Corp. customers were breached by an employee leaving the agency. The breach occurred in February and was outlined in an internal FDIC memorandum obtained by The Washington Post. The March 18 memo from Lawrence Gross Jr.,… Continue Reading

EU Parliament adopts General Data Protection Regulation

European Parliament News: “New EU data protection rules [EU General Data Protection Regulation (“GDPR”)] which aim to give citizens back control of their personal data and create a high, uniform level of data protection across the EU fit for the digital era was given their final approval by MEPs on Thursday. The reform also sets… Continue Reading