San Diego, CA - The
American National Standards Institute (ANSI) and the Better Business
Bureau (BBB) created the Identity Theft Prevention and Identity
Management Standards Panel (IDSP). The ICFE is a panel member. The
IDSP is designed to bring together the spectrum of standards and
guidelines germane to ID Theft & Fraud Prevention and ID Management
that exist across industries and sectors into a single resource,
accessible to businesses of all sizes and types. As part of this
process, the Panel identified standards that need updating and/or
gaps where new standards work should be done.
IDSP Newsletter |
The IDSP Newsletter
provides information on identity related news items, either pulled
from the headlines or submitted by IDSP participants. If you have
news that you would like to share for a future issue, please send
it to the
IDSP Program Administrator.
NEWS and INFORMATION
All States Comply with Real ID, Intentionally or Not
The Department of
Homeland Security (DHS) has "granted" 2009 compliance extensions
to all states to comply with the Real ID Act. After a skirmish with
the state of Maine in the late hours of the March 31 deadline for
states to apply for an extension--Maine, along with a handful of
other states, declined to comply with the act, much less ask for
an extension--DHS announced April 2 that all jurisdictions in the
United States had complied with and met the initial RFID (radio-frequency
Settlements with Retailer TJX and Data Brokers Reed Elsevier and
TJX and data brokers Reed Elsevier and Seisint, in two unrelated
Federal Trade Commission actions, have agreed to settle charges
that each engaged in Practices that failed to provide reasonable
and appropriate security for sensitive consumer information. The
settlements require that the companies implement comprehensive information
security programs and obtain audits by independent third-party security
professionals every other year for twenty years.
Auto Parts Retailer Reports Network Breach
Advance Auto Parts
reported a "network intrusion" that exposed financial information
of up to 56,000 people and was the subject of a criminal investigation.
While the auto parts retailer did not specify how the access had
been gained to its network, the company has notified its credit,
debit and check processors. Advance Auto Parts is offering the affected
customers a credit monitoring product from a national credit reporting
agency at no cost for one year.
In a recent report
to Congress, Nina Olson, the IRS national taxpayer advocate, identified
identity theft as one of the "most serious problems" that taxpayers
face. Already this year, the IRS says that taxpayers have forwarded
33,000 phishing-scam emails to the agency reflecting 1,500 different
schemes. While the IRS says that they have made improvements to
combat the problem, Ms. Olson says that the agency "has not done
enough to improve identity theft procedures for victims of identity
theft or to secure its filing system from fraudulent filers."
The Federal Trade
Commission is warning consumers about scams involving the rebate
checks the government plans to send. A typical instance involves
the scammer calling or emailing consumers claiming to be from the
Internal Revenue Service or the Social Security Administration.
The scammer will then request personal information from the consumer
needed to steal the government rebate. The FTC cautions against
giving out personal or financial information in response to an unsolicited
call or email. The IRS does not gather information for rebates by
telephone, nor does it send unsolicited e-mail to taxpayers about
tax account matters.
House stealing is
a new kind of crime that is surprisingly easy to accomplish, according
to the FBI. After selecting a home to steal, the con artist assumes
the identity of the homeowner and creates fake identity documents.
Next, the con artist goes to an office supply store and purchases
forms that transfer property. Once these documents are forged they
can be combined with the previously created fake identity documents
and the con artist can file the deeds with the proper authorities.
While this new crime is not too common at this point, the FBI is
still keeping an eye out for any major cases or developing trends.
While medical identity
theft only accounted for 3 percent of identity theft in 2005, according
to the Federal Trade Commission, privacy experts worry that the
push toward electronic medical records will lead to an increase
in the incidence of medical identity theft. In the past, experts
have attributed medical identity theft to solo operators in need
of medical care; however, a new trend and accompanying theory is
emerging that holds employees of the healthcare system responsible
for stealing patients' information to make false insurance claims.
One such case involved the theft of 1,100 Medicare beneficiaries'
medical identities a few years ago by a front desk clerk who used
the stolen information to make more than $2.8 million in false Medicare
According to the non-profit
Identity Theft Resource Center (ITRC), reported data breaches more
than doubled in the first quarter of 2008 compared with the first
quarter of 2007. The ITRC advises, however, that it is too early
to draw the conclusion that more breaches are actually occurring.
Factors potentially responsible for the increase may include state
mandatory reporting laws, corporate integrity, or the fear of media
exposure. In addition, those receiving breach letters are not being
given enough information, according to IRTC.
The tech industry's
out to thwart data breaches at supermarkets, on social networks,
in banks and schools, and across government and business, but it
has a long way to go to get out the word about available products.
Identity theft remains a big issue, yet relatively few companies
plan to use data loss prevention products on their computers. Makers
of such products hope regulations will boost the market.
Quest Software, Inc,
(Nasdaq: QSFT) has released the results of its
Government Survey of federal, state, local and municipal government
IT professionals' perceptions on the progress of compliance with
mandates such as HSPD-12, FIPS 201, and FISMA. The survey was conducted
by Pursuant, a public opinion research firm. One of the findings
shows that while most government IT professionals (69%) believe
that identity management is "very important" to their organization
or agency, even more (72%) believe it will increase in importance
over the next five years.
According to M.E.
Kabay of Network World, identity-theft rates are higher in the United
States compared to some other countries in part because of the use
and inadequate control of universal identifiers in the U.S., such
as the use of social security numbers. The system of fraud recovery
in the U.S. banking system as well as the practice of sending unsolicited,
pre-approved application forms to millions of residents are cited
as other root causes in the rise of identity theft.
HM Treasury has published
Sir James Crosby's independent review, "Challenges
and opportunities in identity assurance," which consists of
contributions from twelve organizations from both the public and
private sector. The review looks at how the most effective ID assurance
systems and infrastructure can maximize the economic and social
advantage to the UK. The terms of reference for the review were
to: appraise the current and emerging use of identity management
in the private and public sectors and identify best Practices; consider
how public and private sectors can work together, harnessing the
best identity technology; and produce a report. The report supports
the UK government's commitment to establish a national ID card scheme,
recommends the government enable employers to quickly verify "right
to work" for new employees, and supports efforts underway to provide
a free service for the swift repair of compromised identities. With
regard to that last aspect, see attached additional information
provided by Susan Grant, Consumer Federation of America.
Please check the IDSP
Events Calendar for regularly updated event information.
For further information and updates on the Panel, please visit the
About the ICFE:
The Institute of Consumer Financial Education (ICFE) was founded in 1982 by the late Loren Dunton (creator of the Certified Financial Planner (CFP) designation). The ICFE is dedicated to helping consumers of all ages to improve their spending, increase savings and use credit more wisely.
The ICFE is an award winning, nonprofit, consumer education organization that has helped millions of people through its education programs and Resources. It publishes the Do-It-Yourself Credit File correction Guide, which is updated annually. The ICFE has distributed over one million Credit/Debit Card Warning Labels and Credit/Debit Card Sleeves world wide.
The ICFE became an official partner with the Department of Defense/Financial Readiness Campaign in June of 2004.The ICFE was an active partner in the California Student Debt Resource Awareness Project (CASDRAP) which resulted in a new web site: (studentdebthelp.org). CASDRAP disbanded in 2010, shortly after the web site project was completed. In 2011 the ICFE assumed the single sponsorship of the (studentdebthelp.org) web site and is now responsible for its content and operation.
The ICFE is also an on-line help for consumers who spend too much. ICFE's spending help was featured in PARADE Magazine in the Intelligence Report section. The money helps and tips are from the ICFE's Money Instruction Book, our course in personal finance.
Visit the ICFE's other web sites at: www.financial-education-icfe.org and studentdebthelp.org. Both sites helps consumers and students with mending spending, learning about the proper use of credit, budget and expense guidelines, how to set up and implement a spending-plan and also how to access financial education courses and how to teach children about money. Other ICFE services include: Ask Mr. G, a free eNews, and an online resource center for students, parents and educators, plus financial education learning tools and a book store.