Archive for identity theft

Pro-choice employee steals private abortion related medical records from Family Planning organizations like Planned Parenthood

Posted in Abortion, Abortion clinic HPPA Violations, Abortion Clinic Worders, Planned Parenthood and compromised patient records, Privacy, pro-choice, Pro-choice law breakers with tags , , , , , , , , on April 13, 2011 by saynsumthn

Vodpod videos no longer available.

Pro-choice man steals private medical records f…, posted with vodpod

Vodpod videos no longer available.

70,000 private patient records of Planned Paren…, posted with vodpod

Info on 70,000 stolen from Family Planning Council
4/12/2011

The Family Planning Council in Philadelphia has made public the theft of personal information of some 70,000 patients, which was stored on a flash drive.

The suspect is a 40-year-old man by the name of Kelly Stanton, a former employee who has been arrested and arraigned. However, the flash drive itself is still missing.
Stanton, who has a history of fraud convictions, was charged with the theft in February.

The theft happened between December 23rd and 27th, 2010 at the council’s offices, which were closed for the Christmas holiday. The discovery of the theft was made on the 28th when police were notified. Police say Stanton was fired on the same day of the discovery.

The data on the stolen flash drive included personal information only from patients who received reproductive health services at these and other providers between October 2, 2008 and November 30, 2010.

Specifically, patient name, address, phone number, social security number, date of birth, and other information including insurance information and medical information were on the flash drive. So far, the Council said, there is no indication of inappropriate use of the information stored on the stolen flash drive.

The Council went on to say that both the Philadelphia Police Department and the Philadelphia District Attorney’s Office requested that notification of patients and the public be delayed while the investigation was ongoing.

A spokesperson explained in a statement that, under government health care programs, the Council gathers and processes patient data from several area health care providers for reporting and billing purposes.

Providers who are affected by this loss of data include: Spectrum Health Services Inc. (Haddington Health Center and the Broad Street Health Center); Public Health Management Corporation (which operates or operated PHMC Care Clinic, PHMC Health Connection, Rising Sun Health Center, Mary Howard Health Center, Community Court, Project Salud and several emergency housing locations in Philadelphia); Planned Parenthood Southeastern Pennsylvania; Planned Parenthood Association of Bucks County; and The Children’s Hospital of Philadelphia.

The Council said it reported the circumstances of the incident to those providers on January 13, 2011, and each of the providers is notifying its patients affected by this incident.
The Council is offering individuals affected by this breach credit-monitoring services and other credit-protection services free-of-charge.

Patients who need further assistance, or who would like additional information on ways to protect their financial information, can visit the Family Planning Council’s website at http://www.familyplanning.org or call 1-888-414-8020 and enter reference number 3720040811.

Melissa Weiler Gerber, Executive Director of The Family Planning Council, declined an interview request and refused to answer questions about the hiring of Stanton, whose rap sheet includes multiple convictions for theft, fraud and other crimes.

Weiler Gerber issued a written statement saying, “While no abuse of the stolen data has come to light, we regret deeply even the appearance of a breach. I offer my personal and professional apology to all patients whose confidentiality may have been violated. We are moving swiftly and purposefully to ensure that nothing of this type ever occurs again with respect to Council facilities or information, and to ensure that our procedures comply with all privacy and security laws and satisfy industry best practices.”

70,000 private patient records of Planned Parenthood and Family Planning Council’s providers breached

Posted in Abortion, Abortion clinic HPPA Violations, Abortion Clinic Worders, Abortion Regulation, Planned Parenthood and compromised patient records, pro-choice, Pro-choice law breakers with tags , , , , , , , , , , , , on April 13, 2011 by saynsumthn

Vodpod videos no longer available.

70,000 private patient records of Planned Paren…, posted with vodpod

Vodpod videos no longer available.

Pro-choice man steals private medical records f…, posted with vodpod

Info on 70,000 stolen from Family Planning Council
4/12/2011

The Family Planning Council in Philadelphia has made public the theft of personal information of some 70,000 patients, which was stored on a flash drive.

The suspect is a 40-year-old man by the name of Kelly Stanton, a former employee who has been arrested and arraigned. However, the flash drive itself is still missing.
Stanton, who has a history of fraud convictions, was charged with the theft in February.

The theft happened between December 23rd and 27th, 2010 at the council’s offices, which were closed for the Christmas holiday. The discovery of the theft was made on the 28th when police were notified. Police say Stanton was fired on the same day of the discovery.

The data on the stolen flash drive included personal information only from patients who received reproductive health services at these and other providers between October 2, 2008 and November 30, 2010.

Specifically, patient name, address, phone number, social security number, date of birth, and other information including insurance information and medical information were on the flash drive. So far, the Council said, there is no indication of inappropriate use of the information stored on the stolen flash drive.

The Council went on to say that both the Philadelphia Police Department and the Philadelphia District Attorney’s Office requested that notification of patients and the public be delayed while the investigation was ongoing.

A spokesperson explained in a statement that, under government health care programs, the Council gathers and processes patient data from several area health care providers for reporting and billing purposes.

Providers who are affected by this loss of data include: Spectrum Health Services Inc. (Haddington Health Center and the Broad Street Health Center); Public Health Management Corporation (which operates or operated PHMC Care Clinic, PHMC Health Connection, Rising Sun Health Center, Mary Howard Health Center, Community Court, Project Salud and several emergency housing locations in Philadelphia); Planned Parenthood Southeastern Pennsylvania; Planned Parenthood Association of Bucks County; and The Children’s Hospital of Philadelphia.

The Council said it reported the circumstances of the incident to those providers on January 13, 2011, and each of the providers is notifying its patients affected by this incident.
The Council is offering individuals affected by this breach credit-monitoring services and other credit-protection services free-of-charge.

Patients who need further assistance, or who would like additional information on ways to protect their financial information, can visit the Family Planning Council’s website at http://www.familyplanning.org or call 1-888-414-8020 and enter reference number 3720040811.

Melissa Weiler Gerber, Executive Director of The Family Planning Council, declined an interview request and refused to answer questions about the hiring of Stanton, whose rap sheet includes multiple convictions for theft, fraud and other crimes.

Weiler Gerber issued a written statement saying, “While no abuse of the stolen data has come to light, we regret deeply even the appearance of a breach. I offer my personal and professional apology to all patients whose confidentiality may have been violated. We are moving swiftly and purposefully to ensure that nothing of this type ever occurs again with respect to Council facilities or information, and to ensure that our procedures comply with all privacy and security laws and satisfy industry best practices.”

RFID Skimming, the new rip off-Protect Yourself

Posted in RFID with tags , , , , , on December 20, 2010 by saynsumthn

Vodpod videos no longer available.

RFID Skimming, the new rip off-Protect Yourself, posted with vodpod

Opinions mixed about White House’s online identity plan

Posted in Big Brother, biometrics, New World Order with tags , , , , , , , , , , , , , on June 30, 2010 by saynsumthn

Angela Moscaritolo
June 29 2010
Critics of the White House’s proposed national internet identity authentication plan, intended to improve online privacy and security, say the strategy may do just the opposite.

The National Strategy for Trusted Identities in Cyberspace (NSTIC), unveiled on Friday by White House cybersecurity coordinator and special assistant to the president Howard Schmidt, is intended to enable individuals to voluntarily obtain a secure credential, such as a smart identity card, from public and private sector providers. Under the plan, this credential would be used for online authentication when banking, accessing electronic health records, sending email and making online purchases.

“No longer should individuals have to remember an ever-expanding and potentially insecure list of usernames and passwords to log into various online services,” Schmidt wrote in a White House blog post Friday.

But the focus of this plan is not where it should be, said John Pescatore, vice president and research fellow at Gartner.

“The real issue why there’s successful cybercrime is because we are still using reusable passwords [as opposed to one-time passwords or other strong authentication methods], and that’s the only choice people have,” Pescatore told SCMagazineUS.com on Tuesday. “If you really want to address cybercrime and identity theft, you address what the government can do to minimize the use of reusable passwords versus putting together a complicated framework which will rely on passwords all over again.”

One of the primary goals of the plan is to develop and foster what is referred to as an “identity ecosystem” where users can be confident about the security of their online transactions, while trusting the identity of each other and the infrastructure on which the transaction is running. Under this plan, members of the public would be able to use their multifactor, interoperable credential to authenticate themselves online for various transactions.

A website has been set up where individuals can provide public comment on the draft strategy.

According to a review of the comments, many worry the plan could actually hinder the security of online transactions because it seeks to enable individuals to have a single, centralized identity. This is less secure than multiple identities, many say, as it creates a “single point of failure.”
“This effort will be counterproductive at best and has the potential to cause problems that are orders of magnitude worse than current identity theft issues,” one commenter wrote.

Many others have expressed similar concerns.

“Now, if a black hat hacker hacks this universal access method, they get universal access,” another commenter wrote.

However, one of the plan’s developers, Craig Spiezle, said there has been some confusion as to how the plan is intended to work.

An individual’s identity would be made up of multiple attributes, not all of which would be used for authentication with every transaction, he explained. For example, an individual may have 50 attributes associated with his or her identity, only a fraction of which would be used to complete a transaction with a particular organization. Also, under the plan, identity solutions should be resilient and capable of being restored if compromised.

“It’s not just having a single identity and password – that would be ineffective,” Spiezle, executive director and CEO of the Online Trust Alliance, told SCMagazineUS.com on Tuesday. “Yes, there’s room for improvement, but I think it’s a step in the right direction to address some of the ills we have in the standard username and password.”

Other supporters believe the plan will have a positive impact on cybersecurity.

“Finally we have before us a proposal that can move society forward in protecting individual privacy, and simultaneously create a secure and trustworthy infrastructure with enough protections to be resistant to insider attacks,” Kim Cameron, chief architect of identity in Microsoft’s identity and security division, said in a blog post Sunday.

Meanwhile, Christopher Burgess, senior security adviser at Cisco, told SCMagazine US.com on Tuesday that the plan is a positive step forward and presents a good vision for the future of online transaction security.

“Putting control of an individual’s data in the hands of the individual is an absolute right step,” Burgess said. “It’s really going to have an impact on online crime. When you raise the cost of doing business for criminal elements, then you reduce criminal activity.”

The proposed plan calls for the federal government and private industry to deploy the identity authentication solutions and encourage the deployment of authentication protocols, such as Domain Name Security (DNSSEC), Internet Protocol Security (IPsec), and Border Gateway Protocol Security (BGPSEC), the White House said in a fact sheet about the plan.

Additionally, according to the fact sheet, the plan calls for the federal government to strengthen privacy protections for users of the “ecosystem,” which may be achieved through the passing of new laws. The government would also create a national awareness campaign to promote the importance of cybersecurity and the trusted identities plan.

“A hill they will have to get over is in the education,” Cisco’s Burgess said. “I think that’s going to be one of the most important parts – educating the citizen on the value – if they expect citizen participation.”

For the plan to be successful, citizens must have assurance that their information is under their control and is secured in a reliable manner, he added.
Finally, to manage the identity ecosystem, the government would establish an office to oversee the strategy and an industry advisory council to ensure the long-term success of the ecosystem, the White House said.

The plan was developed collaboratively among government agencies, including the Department of Homeland Security, along with private-sector businesses and privacy advocates.

The White House plans to release a final version in the fall.