How medical data breaches happen
September 30th, 2009 - Posted by Caitlin
For the past three years, Tennessee doctors have been faxing patient information, including Social Security numbers and medical histories, to Bill Keith, an Indiana businessman whose fax number is similar to that of the disability determination section of the Tennessee Department of Human Services. Keith, who shreds the faxes, has contacted doctors, state officials, and even the governor's office, but the they keep coming, at a rate of five or more per week. This past Friday, the Tennessee Department of Human Services began contacting doctor's offices to inform them of the breach and request that they correct the fax number. Naturally, many doctors were concerned, to say the least, when they were told that they'd been faxing confidential patient information to the wrong number for years.
Identity theft expert Robert Siciliano blogged about the dangers of medical identity theft earlier this week. He described a new rule requiring health care providers to notify patients of any breaches of their medical information. But the fact is, many health care providers don't even realize when a breach has occurred, and in this case, continues to occur on a daily basis.
TrustedID, one of the identity theft protection services reviewed on NextAdvisor.com, monitors your medical records in order to detect medical identity theft. To learn more about TrustedID and other identity theft protection services, see our reviews and comparison chart.
VoIP on a plane?
September 30th, 2009 - Posted by Caitlin
Federal regulations prohibit passengers from using cell phones while an airplane is in flight. But as Wi-Fi becomes available on more and more planes, some passengers have discovered that they are able to make phone calls using VoIP. While many airlines in other countries offer in-flight cell phone service, a bill in Congress seeks to ban all in-flight voice communications. In the meantime, many airlines that offer Wi-Fi claim to block Internet-based phone calls, due to concerns about competition for bandwidth as well as in-cabin noise levels. Despite this supposed ban, plenty of passengers find that Skype and other Internet-based phone services currently work fine on many flights.
Whether Congress passes a bill banning all in-cabin phone use, or airlines make a more concerted attempt to enforce their existing policies remain to be seen. But for now, the passengers who do take advantage of their ability to make Internet-based phone calls in the air don't seem to be encountering any problems.
To learn more about VoIP services, see our reviews and comparison chart.
Medical identity theft is a killer
September 29th, 2009 - Posted by Robert Siciliano
Robert Siciliano is a NextAdvisor.com Expert Guest Blogger
Medical identity theft can make you sick. As I once eloquently explained on CBS's Early Show, if medical identity theft happens to you, "you're screwed." And it's true.
Medical identity theft occurs when the perpetrator uses your name and, in some cases, other aspects of your identity, such as insurance information, to obtain medical treatment or medication or to make false claims for treatment or medication. As a result, erroneous or fraudulent entries wind up on your medical records, or sometimes entirely fictional medical records are created in your name. Having somebody else's ailments noted on your medical records can create a great deal of confusion, potentially even negatively impacting your own health or medical treatment.
As of last week, a new rule requires health care providers, health plans, and other entities covered by the the Health Insurance Portability and Accountability Act (HIPAA) to notify individuals of any breaches of their medical information. A breach, in this case, is defined as, "the acquisition, access, use, or disclosure of protected health information in a manner not permitted [by the HIPAA Privacy Rule] that compromises the security or privacy of the protected health information."
Most states have required corporations to disclose data breaches for the past few years. Ever since the ChoicePoint breach in 2005, states have been implementing notification laws. At the time, ChoicePoint was only required to notify California residents. Once word spread that residents of other states had also been compromised in the breach, ChoicePoint became the poster child for what not to do in response to a data breach.
Since health care facilities often handle and store some of the same sensitive personal information that corporations do, these facilities are now subject to similar regulations. But protecting yourself from medical identity theft isn't as easy as protecting yourself from financial identity theft.
Medical statements and identification or insurance cards can be stolen from your mail and used to impersonate you. Install a locking mailbox to prevent this. You should also avoid carrying medical identification or insurance cards in your wallet unless absolutely necessary, such as when you have an actual appointment. Store these cards and other medical paperwork in a locked drawer or file cabinet, and shred sensitive documents before disgarding them. When you recieve a new card, destroy the old one.
If a thief can't steal your financial identity, your medical identity may be less attractive. Either get a credit freeze, set up your own fraud alerts, or invest in identity theft protection. Some identity theft protection services, such as TrustedID, monitor your medical records in order to detect medical identity theft.
Robert Siciliano, identity theft speaker, discusses medical identity theft on CBS's Early Show.
[youtube]http://www.youtube.com/watch?v=6IpSNameOkc[/youtube]
Robert Siciliano is CEO of IDTheftSecurity.com , an identity theft expert, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 companies and startups as an advisor on product launches, branding, messaging, representation, SEO and media. Siciliano's thoughts and advice on all these matters appear often in both the televised and print news media including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of security training as a member of the American Society of Industrial Security. He is the author of two books, including The Safety Minute: Living on High Alert; How to take control of your personal security and prevent fraud. He's also partnered with Uni-Ball to help raise awareness about the growing threat of identity theft and to provide tips on how you can protect yourself.
NextAdvisor reviews SugarSync online backup
September 29th, 2009 - Posted by Kent
We've just added another review to our online backup service comparisons. SugarSync is a novel entry to the field, a product that really moves online backup to the next level. Sporting a variety of innovative features, SugarSync is actually fun to use. In most ways it works like other online backup services, uploading your changed files to a data cloud, making sure they're available to you anytime, anywhere.
But SugarSync is more inspired than that. Keeping your files in a cloud has all kinds of potential benefits, and SugarSync takes advantage of them. You can stream your stored music to any computer, or even a handheld device like an iPhone. You can sync data from multiple computers no matter where they are or what kind they are (PC or MAC). You can share your files too. While a lot of online backup service providers do this, SugarSync makes it very easy and very configurable, making it the perfect tool for those who collaborate on projects from remote locations.
Check out our full review and see how SugarSync compares to other online backup service providers.
McAfee VirusScan Plus coupon: $10 Off
September 29th, 2009 - Posted by Kent
McAfee has extended their discount with us to cover McAfee VirusScan Plus, bringing their basic Internet security software down to $29.99. In our review, we looked at McAfee's Internet Security suite ($44.99 after discount). VirusScan Plus has the same highly-rated virus-scanning capabilities, but lacks the identity theft protection, email spam filtering, parental controls and data backup capabilities of the Internet Security suite. For users who just need anti-phishing, anti-virus and anti-spyware, McAfee's VirusScan Plus is a pretty good bargain.
Just follow any of our links to McAfee and use the coupon code Next25 at checkout.
163,000 Social Security numbers compromised in UNC data breach
September 28th, 2009 - Posted by Caitlin
In July, a University of North Carolina researcher was unable to access a server containing information pertaining to a federally funded mammography study. That information included records on a total of 236,000 women, and Social Security numbers for about 163,000 of those women. Further investigation revealed that the system had been hacked as long ago as 2007. This past Friday, UNC began to notify the 163,000 women whose Social Security numbers were exposed. The delay occurred due to the need to investigate the extent of the compromise and determine which participants were affected.
Imagine being told that hackers have had access to your Social Security number for the past two years. Two years is more than enough time for an identity thief to open new credit accounts in your name, max them out with charges, and move on to the next victim. Meanwhile, unless you check your credit report regularly or subscribe to an identity theft protection service, you might be blissfully unaware of the debt that "you" have accumulated. At least, until you are denied a loan for a new house or car, or collection agents begin banging on your door. It's important that data breach victims be notified in a timely manner, but sometimes, as in this case, the breach isn't discovered until years later. The only way to immediately informed about any new, potentially fraudulent lines of credit in your name is to invest in credit monitoring or identity theft protection. A credit report monitoring service will alert you to any chances in your credit file, which will allow you to take action in response to any suspicious activity. An identity theft protection service will go beyond this basic level of protection to help prevent, detect and, if necessary, resolve cases of identity theft.
To learn more, see our reviews and comparison charts for credit report monitoring and identity theft protection services.
Criminal hackers target children
September 25th, 2009 - Posted by Robert Siciliano
Robert Siciliano is a NextAdvisor.com Expert Guest Blogger
I'm particularly irate about this. There are criminal hackers, and then there are the scumbags that target children. Last week, hackers infiltrated PBS's "Curious George" page. Visitors were sent to a fake authentication page, and when they attempted to log in they were served with an error page containing hidden JavaScript which then loaded malware that attempted to exploit vulnerabilities in Adobe Acrobat Reader, AOL Radio AmpX and SuperBuddy and Apple QuickTime. Computers that lacked the latest security patches were infected with viruses.
So imagine that you're in your kitchen, maybe baking a cake. Every so often, you glance over in amazement at your three year old, who can't color inside the lines or spell or count higher than twenty or even tie her own shoes yet, but she can navigate through the various games at PBSKids.com. Little do you know that some hacker is attempting to take advantage of your child's playtime in order to access to your data. Is there no shame? Boundaries? Apparently not. It is not immediately evident how hackers compromised the site. They may have taken advantage of a known flaw and exploited an SQL injection vulnerability.
Lax security practices by consumers are giving scammers a base from which to launch attacks. In the first five months of 2008, IBM Internet Security Systems blocked 5000 SQL injections every day. By June, the number spiked to 25,000 a day. By October there were over 450,000 attacks a day.
To prevent your computer from becoming a zombie, keep your operating system, browser, media player, and all your software updated, and be sure to install and update Internet security software. To prevent identity theft, you might consider getting yourself a credit freeze, or setting up your own fraud alerts, or investing in an identity theft protection service.
Robert Siciliano, identity theft speaker, discusses criminal hackers on Fox News.
[youtube]http://www.youtube.com/watch?v=xKoI07bj_H8[/youtube]
Robert Siciliano is CEO of IDTheftSecurity.com , an identity theft expert, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 companies and startups as an advisor on product launches, branding, messaging, representation, SEO and media. Siciliano's thoughts and advice on all these matters appear often in both the televised and print news media including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of security training as a member of the American Society of Industrial Security. He is the author of two books, including The Safety Minute: Living on High Alert; How to take control of your personal security and prevent fraud. He's also partnered with Uni-Ball to help raise awareness about the growing threat of identity theft and to provide tips on how you can protect yourself.
A truly tasteless way to lose weight: the tongue patch
September 24th, 2009 - Posted by Kent
There's a new weight-loss method in town (if your town happens to be Long Beach, California). Dr. Nikolas Chugay's tongue miracle patch seems more reminiscent of medieval torture than anything that should come out of a medical office, but ten patients so far have undergone the treatment. The patch is sewn directly onto the tongue making eating completely unpleasant. A liquid diet replaces all the solid food you won't want to eat.
Or you can check out our reviews of much more palatable, surgery-free diet plans that actually focus on foods you can eat. Some even deliver meals straight to you.
Software updates: annoying but necessary
September 24th, 2009 - Posted by Kent
One week after visitors to the New York Times website encountered ad-based malware, a similar attack befell popular websites such as the Drudge Report and Horoscope.com. The trojans were pdf-based and were delivered via ad networks such as Google's DoubleClick.
The adds would pop up a nearly invisible window in the victim's browser that contained a maliciously encoded pdf document, which included attack code that placed a variant of the Win32/Alureon Trojan horse program on the victim's computer.
The virus only attacked computers using older versions of Adobe's Acrobat Reader. PDF vulnerabilities are fairly widespread, which is why Acrobat seems to need monthly updates. It's easy to ignore these reminders, but keeping your software updated is part of a three-pronged approach to computer security that also includes Internet security software and good common sense.
LifeLock wins 2009 ACE Award
September 23rd, 2009 - Posted by Caitlin
This week, LifeLock received a 2009 Arizona Corporate Excellence Award, and was recognized as Arizona's fastest growing company. The ACE Award is presented based on revenue growth over the most recent two years, using both actual dollar growth and percentage-revenue growth over those same years. In 2008, LifeLock's member base grew by over 204%.
"It's a tremendous honor for us," said LifeLock CEO Todd Davis. "We've seen phenomenal growth over the last few years, and I'm proud of my team to meet the challenges that come with the fast-changing dynamics. I'm also proud to be helping to build our community right here in Arizona."
LifeLock rapid growth makes sense, given that identity fraud continues to increase relentlessly, reaching a five year high last year after a 22% rise from the year before. As this crime becomes even more prevelent, the need for an identity theft protection service becomes even more apparent. And LifeLock has proven itself as an industry leader.
To learn more about LifeLock and other identity theft protection services, see our reviews and comparison chart.
Categories
Blog Archives
Popular Services Reviewed:
Credit Monitoring Services |
Find Us On:
Copyright© 2006 - 2012 NextAdvisor.com - All rights reserved.
Disclosure: NextAdvisor.com is a consumer information site that offers free, independent reviews and ratings of online services. We receive advertising revenue from most of the services we review. Our editors thoroughly research and whenever possible test each service we review and offer their honest opinions about each one. We are independently owned and operated and all opinions expressed on this site are our own.