Tuesday, September 24, 2013

Health care and insurance companies on the hook if they don't encrypt PII on laptops; what about working from home?

A major health care provider in Illinois is the object of a class action law suit after four of its laptops or PC’s were stolen.  The problem was that the data on the hard drives was unencrypted.

That means anyone could use the PII on the four computers from Advocate Health Care.

There is a story Sept. 10 Sophos (the anti-virus provider allied with Webroot) by Paul Ducklin here
When I worked for a life insurance company, mostly in the 1990s, it was common for employees to do production support from home, and some, including me, often used personally owned laptops, which in the environment at the time sometimes offered legal advantages.  That’s not so now. Obviously this would be a risk.

ABC has reported that much medical identity theft seems to report in India because so much work is offshored. 

A few companies offer customer service jobs to people to work at home with their own computers, and I wonder if the PII data on home computers is encrypted.  This sounds like a new security wrinkle that can affect the home job market.  

Saturday, September 21, 2013

New scam sifts personal information from prospective renters before showing apartments

NBC4 in Washingtin DC is reporting a scam where someone posts a below market apartment or home for rent on Criagslist without giving the address, and then demands very detailed personal information from the applicant before the apartment will even be shown.  The personal information is used to make bank account withdrawals. 

Legitimate rentals don’t take applicant information until showing a unit.  

Thursday, September 05, 2013

Credit card skimming at gas pumps seems to explode as a problem on the road

ABC News is reporting on a large increase of “skimming” at credit card readers at gas station pumps, news story here. This was reported on the “Lookout” show from ABC Nightline Sept. 4 and on World News Tonight.

The problem has gotten so pervasive that some security experts recommend paying inside.  It is impossible to tell by inspection if a skimmer has been placed in a gas station card reader. 

I personally have not encountered any unauthorized charges (except from cards stolen in a street snatch at the DC Metro) since 1995!
It is also safer to use credit cards, where unauthorized charges are easier to reverse, than debit cards.

Indoor reading machines, where a clerk is present, should be safer.