ITAC Press Coverage as Part of Javelin Report
Last week, the Javelin Strategy & Research issued its 2010 Identity Fraud Study, which showed that identity theft is on the rise. Anne Wallace, President of ITAC, was featured in the following stories:

New York Times
Dallas Morning News
Dark Reading
IT Business Edge
MyStateline.com
Creditcards.com

Shell Hit By Massive Data Breach
A database containing contact details of 170,000 workers of controversial oil giant Royal Dutch Shell has been emailed to campaigning groups opposed to the company’s activities. Seven non-governmental groups – including human rights groups and environmental campaigners such as Greenpeace – plus anti-Shell campaigning website royaldutchshellplc.com received the database, which is thought to have been sent by a disaffected former employee of the company. Read the full article from IT Pro News here.

Facebook Denies ‘All Wrongdoing’ in ‘Beacon’ Data Breach
Facebook is denying it illegally breached the privacy of its users in a proposed $9.5 million settlement to a class action challenging its program that monitored and published what users of the social-networking site were buying or renting from Blockbuster, Overstock and other locations. To settle allegations that the social networking site’s “Beacon” program breached federal wiretap and video-rental privacy laws, Facebook is agreeing to seed what the agreement is calling a “Digital Trust Fund” that would issue more than $6 million in grants to organizations to study privacy. Facebook would have a seat on the fund’s three-member board — a move raising some eyebrows in the privacy community. Read the full Wired story here.

Why Data Breaches Can Go Unnoticed by Their Victims
An analysis of data breaches by Trustwave found just 9 percent were uncovered internally by the companies that were breached. The report mirrors other studies and underscores the importance of having visibility into your IT environment as well as being able to correlate disparate events on a network. You might expect an enterprise to be the first to notice its records had been breached. But as a report from Trustwave illustrates, that is rarely the case. Read the full eWeek story here.

Obama Administration Tweaks its Cybersecurity Plans
When it comes to cybersecurity, the Obama administration is taking the same approach to the policies of the Bush administration as it has in so many other areas: there are differences, but they’re mainly matters of subtle emphasis and focus. Take the Trusted Internet Connection initiative, which the Bush administration launched in late 2007, and which is aimed at securing the government’s network infrastructure by routing all of its network traffic through a smaller number of access points. Read the full Ars Technica article here.

House Passes Cybersecurity Bill
Last week, the House overwhelmingly passed a bill aimed at building up the United States’ cybersecurity army and expertise, amid growing alarm over the country’s vulnerability online. The bill, which passed 422-5, requires the Obama administration to conduct an agency-by-agency assessment of cybersecurity workforce skills and establishes a scholarship program for undergraduate and graduate students who agree to work as cybersecurity specialists for the government after graduation. As officials puzzle over how to defend the nation from enemies that are often impossible to pinpoint, the lawmakers behind the bill said education and recruitment are crucial. Read the full post here.

Hospitality Industry Hit Hardest By Hacks
Hackers checked into hotel networks more than any other in 2009, and all organizations hit by attacks didn’t discover breaches for an average of 156 days, according to a new report based on real-world attacks worldwide. Nicholas Percoco, senior vice president of Trustwave’s SpiderLabs, announced at Black Hat DC this week these and other findings the company compiled in 218 data breach investigations in organizations across 24 countries. Financial services companies accounted for about 19 percent of the breaches, but that was far fewer than in the hospitality industry, where 38 percent of all breaches took place. Retail (14.2 percent) and food and beverage (13 percent) also suffered a fair chunk of attacks, according to Trustwave’s data. Read the full Dark Reading article here.

Hacker Attacks Ceridian; Data from 27,000 at Risk
A hacker attack at payroll processing firm Ceridian Corp. of Bloomington has potentially revealed the names, Social Security numbers, and, in some cases, the birth dates and bank accounts of 27,000 employees working at 1,900 companies nationwide. In a Jan. 29 letter to an affected worker obtained by the Star Tribune, Ceridian said a hacker attacked its Internet payroll system Dec. 22 and 23. Spokesman Keith Peterson said the breach was reported to the FBI and local authorities immediately, but affected consumers weren’t notified until this week that they were at financial risk. Read the full Minneapolis Star Tribune article here.

SF Man Charged with $9.7 Million Condo Swindle
Armed only with a pen, a San Francisco man allegedly forged grant deeds transferring three condominiums worth $7.5 million from the woman who owned them to himself, then took out $2.2 million in loans against the properties. The San Francisco District Attorney’s office announced today that they’ve charged Winston Lum, 45, with 16 felony counts, including grand theft, identity theft, offering false or forged instruments for record and attempted grand theft. Authorities accuse Lum of recording with the San Francisco Assessor’s Office three forged grant deeds to real property located at the One Rincon Hill condominiums, worth approximately $7.5 million, that fraudulently transferred titles to himself in Jan. 2009. The defendant was then able to successfully take out $2.2 million in loans against those properties. Read the full Examiner article here.

Happy Monday!