Author: Crown Information Managment

Thieves are using unsecured wireless networks to infiltrate smartphones . . .

Imagine this:  You’ve been invited to deliver a speech, to the United States Treasury Department, on Identity Theft.  The Conference will be held at Disney World, so you take your family along to enjoy the resort and parks.  When you return home you find you have become a victim of identity theft.  Likely, the thief used a smartphone to snap a picture of you purchasing an item, when you pulled out your credit card and ID for verification.

Thieves are also, now using unsecured wireless networks and infiltrating smartphones through Bluetooth technology.  Experts say it is best to have updated virus software, and to encrypt sensitive data and never type passwords or credit card number over an unsecured wireless network.  They also recommend that you keep your phone’s Bluetooth turned off unless you are actively using it and monitoring it, to prevent unauthorized access to the phone.

Info provided by Sarrelson Law

Identity Theft may have reached an all time low!

Crystal Thorne, 23, who worked as a coordinator at the Jewish Community Services of South Florida Office, in North Miami, was arrested on charges of selling “Holocaust Survivors” identity information, for a sum of $1,000. Thorne’s job gave her direct access to the personal information of client’s who regularly seek assistance from the Holocaust Survivor’s Assistance Program.

Information used to open credit cards and bank accounts. . .

Jonathan Morris II, the owner of St. Augustine-based cleaning company Mr. Janitor, was arrested for allegedly stealing personal information from some Eagle Harbor Country Club members.

According to the Clay County Sheriff’s Office, Morris used that information to open credit cards and bank accounts in alleged victims’ names.  Morris is scheduled for a pre-trial hearing in January.  His charge is listed as identity theft of more than twenty persons or $50,000.

Customer account information included in breach . . .

Recently, the records of the large on line store Zappos.com were compromised. This breach affected 24 million customers. Included in the breach was customer account information, including names, email addresses, billing and shipping addresses, phone numbers and the last four digits of credit card numbers and encrypted passwords.

The questioned posed by some would be ” Why was Zappos holding on to this information? If the answer is they needed it , then why wasn’t it stored elsewhere and encrypted rather than stored in plain text, except for the initial passwords for access.”

A professor from Indiana University’s Maurer School of Law urges organizations to carefully review whether they are collecting and storing more data than they need and put a retention schedule in place. The simple rule is this, “The more data you have the more you are responsible for, which exponentially increases your risk.”

HITECH rule an important enforcement tool . . .

BlueCross-BlueShield of Tennessee has agreed to pay a$1.5 million settlement and carry out a corrective action plan in the wake of a 2009 breach that affected more than 1 million individuals. In addition to the $1.5 million payment, the settlement calls for the health insurer to review, revise and maintain its privacy and security policies and procedures; conduct “regular and robust” training for all employees on their responsibilities under the HIPAA privacy and security rules; and perform reviews to ensure compliance with the corrective action plan, according to anHHS announcement.

“This settlement sends an important message that OCR expects health plans and health-care providers to have in place a carefully designed, delivered and monitored HIPAA compliance program,” says Leon Rodriguez, director of the HHS Office for Civil Rights. “The HITECH breach notification rule is an important enforcement tool, and OCR will continue to vigorously protect patients’ right to private and secure health information.”

What to do if you might be a victim of identity theft . . .

Those of us in the information security business talk about identity theft all the time. Identity Theft has risen 13% from 2010 to 2011. We thought it might be a good idea for our clients to have a check list of things to do if you feel you have become a victim. Remember: “THIS IS NOT LEGAL ADVICE”. It’s just a suggestion on where you can start when you feel victimized!

Call the IRS and inform them you believe you are a victim of identity theft. (Often the way you will find out that something is amiss is when you don’t receive your refund check. It may have been issued to the thief who has assumed your identity).

Fill out IRS Form 14039 and fax or mail back to IRS.

Contact the Social Security Administration ( If you go to their website they have an Identity Theft webpage). If you contact them by phone they will tell you to contact the Federal Trade Commission.

Contact the Federal Trade Commission (877-438-4338). After you contact them by phone, you will be sent an Identity Theft Complaint Affidavit.

Contact your local police department and tell them you have been a victim of identity theft. Make sure you get a case number and follow up in a few days to get the full police report. Make sure you put that police report in your Credit bureau file.

Contact one of the three credit bureaus: Equifax at 800-525-6285, Trans Union at 800-680-7289, or Experian at 888-397-3742.Tell them you are entitled to make a victim-of-fraud statement that will be put into your credit history along with your police report.

Save storage space, keep your business legally secure . . .

Retention schedules are one of the most important aspects of a documents life cycle. Different documents have different legal requirements and these requirements may be as short as a month or as long as twenty five years.

Retention schedules are important for several reasons, such as saving you storage space, but most importantly it keeps your business legally secure. In the event of a lawsuit, Federal Rule 26 requires that each party provide all relevant records to the opposing counsel. By destroying records according to a set schedule, your company can appropriately limit the amount of materials it must search through to comply with this law.

Business should also be aware of the documents discarded on a daily basis. This trash often contains information that could be used against the company or worse, private information belong to your clients. Discarded daily records include phone messages, memos, and misprinted forms, drafts of bids and drafts of correspondence.

Crown Shredding and Records Storage can work with you to develop a secure document destruction program that’s best for your business.

707 Avenue K Southwest, Winter Haven, Florida 33880 . . .

WE HAVE A NEW HOME!
707 Avenue K Southwest
Winter Haven, Florida 33880

CROWN SHREDDING is growing!
We are proud to share a few photos of our new facility, with our friends. VIEW PHOTOS . . .

Looking forward to the future, we will begin providing document storage and records management services, along with our current shredding services. We invite you to stop by and take a tour!

We also want to take this time to thank you for being a partner with CROWN SHREDDING. We could not continue to expand our services without your trust and support.

5 ways to protect your phone today . . .

SECURITY TIPS for SMART PHONES

Your smartphone holds all of your personal information and in the wrong hands can cause damages that you may never recover from. Does yours even have the lock activated?

Here are 5 ways to protect your phone today:
Don’t leave your phone unattended.
Install a password on your phone.
Activate tracking and remote wiping.
Be cautious when downloading unknown Apps.
Avoid FREE WI-FI, ask your provider about tethering.