Thursday, September 4, 2008

Fraud Flash for the week of September 1, 2008

Aug. 22, 2008
Liberty McDonald's Restaurant
An employee at a Liberty McDonald's restaurant, took credit or debit cards from drive-through customers and used a device she had hidden near the window to swipe the cards to record their numbers. The information on the device then was downloaded and used to make new cards either in the names of the persons which the original cards belonged or in the names of the perpetrators.

Aug. 26, 2008
Pennsylvania Department of Public Welfare
Paper jams in a state Department of General Services mail inserter caused benefit renewal packets to go to the wrong Pennsylvania welfare client's home. Nearly half of them included the intended recipients' Social Security numbers.

Prince William County Public Schools
Personal information of some students, employees and volunteers was accidentally posted online by a Prince William County Public Schools employee. Information for more than 2,600 people was exposed through a file-sharing program by an employee working from home on a personal computer. Names, addresses and student identification numbers of more than 1,600 students were exposed. Names and social security numbers of 65 employees were exposed. Other confidential information for about 250 employees was exposed. And the names, addresses and e-mail addresses of more than 700 volunteers were exposed.

Aug. 27, 2008
Kansas State University
An instructor for classes offered through the Division of Continuing Education, taught through the UFM Community Learning Center, reported an overnight theft of numerous items from a car, which was parked outside a Manhattan residence. Items taken included a backpack with a list of names and Social Security numbers of 86 K-State students who had taken that instructor’s classes from fall 2007 through summer 2008.

Aug. 28, 2008
The Washington Trust Co.
The Washington Trust Co. has notified about 1,000 customers that their debit and credit card accounts might have been compromised in a suspected security breach at an unidentified MasterCard merchant. The company is investigating a suspected security breach of a U.S. e-commerce-based merchant's Web server which contained debit card data.

Reynoldsburg Ohio City School District
Reynoldsburg school officials were phasing out the use of Social Security numbers in the district's student database when someone stole a laptop containing that information. The district laptop, taken from a computer technician's car, also included names, addresses and phone numbers for two-thirds of the district's enrollment.

Aug. 29, 2008
Ohio Credit Union
A large number of Ohioans have been receiving e-mails telling them that services from the Ohio Credit Union were withdrawn, followed by a telephone number to contact. The Ohio Credit Union League is entreating people receiving these e-mails to not communicate at the given number, as it is a phishing fraud. Instead, the League is asking recipients to call their financial agency directly and report the messages so that authorities could be alerted as well as their accounts be kept on hold, if necessary, as reported by nbc4i on August 21, 2008.

Aug. 30, 2008
Ohio Police & Fire Pension System
A former mailroom supervisor at the Ohio Police & Fire Pension System forwarded the names, addresses and Social Security numbers from his work e-mail address to his personal e-mail address before quitting his job. The file contains information for 13,000 of the approximately 24,000 retired members of the Ohio Police & Fire Pension System, most of whom are former police officers.

Sept. 02, 2008
Montana Credit Union Network
Many Montanans have been receiving calls purportedly "alerting" them to the fact that their debit or credit card has been deactivated or suspended, followed by a phone number to call. The Montana Credit Union Network is urging recipients to NOT call this number; this is a phishing scam. Phishing is a fraudulent attempt to try to access sensitive information by appearing as a trusted source. In this case, the message appears to be sent by a credit union or financial institution asking the recipient to contact them. Once the call is placed, an automatic message prompts the caller to enter their credit or debit card information.

No comments: