Oh come now, I don't know if that's fair... you know what they say
about lawyers.... it's really just 99% of them giving the rest a bad
name :)
Vern Green wrote:
Credit Reporting agencies are only marginally better than
banks in my opinion and a lot worse than lawyers
On 5/8/07, Christian
M. Cepel <EMAIL:PROTECTED>
wrote:
You
could be either an employee OR a student.
If you call the first of the three agencies and register a fraud alert,
they will alert the other two.... all it does is causes them to phone
the number you give them before approving any _new_ lines of credit and
only for the next 90 days.
This does absolutely nothing to stop attacks on existing lines of
credit. There is a service for that, but it costs quite a bit of
money. Some companies/schools will pay for this service, but others
don't. I expect there will be lots of pressure on MU in the next few
days to pony up... right now their website pretty much can be redacted
to the following statement, "We lost your SSN... here are some
numbers.... it's up to you to make sure nothing happens.. the ball is
in
your court". I don't think that's going to fly and I myself have
already responded telling them that I expect for them to pay for this
service, and not for just the next 90 days. Scammers like this don't
mind waiting 90 days to get the payoff.
Disturbing, but I think it's just the tip of the iceberg. There's no
way for this information to be protected in todays world, especially
when everybody and their dog and Joe-disgruntled-employee has access to
it. What's the difference between the guy who's asking your SSN to take
your phone bill payment and the guy who's got your SSN and is setting up
lines of credit.... sometimes the difference is a bad day at work.
The real responsibility here is with Congress and with the credit and
lending institutions and credit reporting agencies. The only reason
this is an issue is because of the ridiculous way in which our
financial
resources are managed and protected and our identities verified. Until
we hold Congress responsible to reform (as far as I'm concern, the
correct word is 'imprison') the credit reporting agencies and the way
lenders and credit card companies do business so that the consumer is
not constantly the looser in these scenarios, we can expect more of the
same.
I have to present photo ID and a birth certificate to renew my license
plate tags here in Missouri, but some schmuck with my SSN and birthdate
can setup and utilize a 30k credit line on my person over the phone.
Bret Hammersland wrote:
> On 5/8/07, Jerry Gamblin <
EMAIL:PROTECTED> wrote:
>> http://www.columbiatribune.com/2007/May/20070507News054.asp
>>
>> Ouch!
>>
>> --
>> Thanks,
>>
>> Jerry Gamblin
>>
>> _______________________________________________
>> discussion mailing list
>>
EMAIL:PROTECTED
>> http://mlug.missouri.edu/mailman/listinfo/discussion
>>
>
> Looks like I am one of those 22,000 :(
> They said the ones affected were employees in 2004 who were
formerly
> students. My first semester was in 2004, but I wasn't an employee
> then. Weird. I'll copy and paste the "you've been hit" emails
below
> in case anyone is interested.
>
> Bret
>
>
>
>
>
-----------------------------------------------------------------------------------------------------------------------
>
> From: UM DoIT Computer Security
> Sent: Tuesday, May 08, 2007 10:04 AM
> To: MU STAFF; MU FACULTY; UMHS; UM - ANNOUNCEMENT
> Subject: Information About May 2007 University Computer Security
Incident
>
>
>
> Dear University of Missouri Employee:
>
> A University of Missouri database was breached beginning May 3,
> compromising more than 22,000 names and social security numbers.
Those
> affected include employees of any campus within the UM system
during
> calendar year 2004 who were also current or former students at the
> Columbia campus.
>
> Of those employees affected, nearly 9,000 are still employed by
the
> University of Missouri. These employees will receive an individual
> e-mail outlining the specifics of the incident along with detailed
> instructions about how to proceed. Emails to affected employees
have
> already been sent. If you did not already receive a separate
email,
> you are not one of the employees affected and no further action is
> required.
>
> The University of Missouri is committed to protecting the
> confidentiality of all employee information. A recent project has
been
> in progress to remove social security numbers from university
> databases in an effort to avoid such breaches of confidentiality.
As
> this extensive process continues, please be advised the university
is
> doing everything possible to ensure the safety of its data.
>
> For more information about the security breach, please access the
> Computer Security Web page that includes a question-and-answer
section
> regarding the event at http://doit.missouri.edu/computersecurity.
>
>
>
-----------------------------------------------------------------------------------------------------------------------
>
> May 8, 2007
>
> Dear University of Missouri Employee,
>
> I am writing to you because on May 3 and May 4, 2007, a database
> containing the names and Social Security Numbers of certain current
> and former University staff was accessed by an unknown individual
or
> individuals who gained unauthorized online access to a University
> computer system. Your name and Social Security Number were
included
> in this disclosure.
>
> We do not know the specific purpose behind this unauthorized
access,
> but evidence indicates that the information was accessed
> intentionally. The University considers this a serious matter and
has
> notified law enforcement authorities.
>
> Although we have no reason to believe that an unauthorized person
is
> using your personal information, because the database contained
your
> Social Security Number you may want to take steps to avoid possible
> identity theft. This could include placing a fraud alert on your
> credit files to let creditors know to contact you before opening
new
> accounts. You can do this by calling any one of the three credit
> reporting agencies listed below.
>
> Experian Equifax
> TransUnion
> 888-397-3742 800-525-6285
> 800-680-7289
>
> You may also wish to check your credit report. You can get a free
> copy of your credit report at www.annualcreditreport.com
or by calling
> 877-322-8228. When you receive your credit report, look it over
> carefully for accounts you did not open. Look for inquiries from
> creditors that you did not initiate and look for personal
information,
> such as home address and Social Security Number, that is not
accurate.
> If you see anything you do not understand, call the credit
reporting
> agency at the telephone number on the report.
>
> If you do find suspicious activity on your credit report, call your
> local police or sheriff's office and file a police report of
identity
> theft. You should get a copy of the police report in case it is
> needed to give to creditors to clear up your records. You should
also
> contact the Missouri Attorney General's Identity Theft Hotline at
> 800-392-8222 and file an Identity Theft Complaint Form with the
> Attorney General's Office.
>
> Even if you do not find any signs of fraud on your reports, you may
> want to check your credit report every three months for the next
year.
> You can find additional information on the Missouri Attorney
> General's website at http://www.ago.mo.gov/publications/idtheft.htm,
> and on the Federal Trade Commission's website on identity theft at
> http://www.ftc.gov/bcp/edu/microsites/idtheft.
>
> We deeply regret that this occurred and are reviewing systems,
> applications, and procedures in an attempt to remove the
possibility
> of an event of this nature recurring.
>
> In order to answer any questions that you may have regarding this
> incident a special phone line, (573) 884-7222 or toll-free (866)
> 241-5619 has been activated and will be answered from 8 AM to 5 PM
> CST, Monday through Friday. Additional information about this
> security incident is available at
> http://doit.missouri.edu/computersecurity.
>
>
> Sincerely,
>
> Gary K. Allen, DVM, PhD
> Vice President for Information Technology, University of Missouri
System
> Chief Information Officer, University of Missouri-Columbia
> 225E University Hall, Columbia, Missouri 65211
>
> _______________________________________________
> discussion mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/discussion
>
--
Christian M. Cepel - Thistledowne Productions -
http://thistledowne.org
Computer Support Specialist, Sr. - University of Missouri - Columbia
College of Education - School of Info Science & Learning
Technologies
VRCbd, KidTools & StrategyTools Support Systems Projects, and
Truman,
Library Whistlestop Project - Web Design & Programming -
573.999.2370
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
--
Thanks
F Vernon Green
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
--
Christian M. Cepel - Thistledowne Productions - http://thistledowne.org
Computer Support Specialist, Sr. - University of Missouri - Columbia
College of Education - School of Info Science & Learning Technologies
VRCbd, KidTools & StrategyTools Support Systems Projects, and Truman,
Library Whistlestop Project - Web Design & Programming - 573.999.2370
|
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact