Feds Bust $2 Million Fraud Scam

Bank Insiders Key to Alleged ID Theft Scheme        

By Tracy Kitten, December 22, 2011

U.S. federal authorities have indicted 55 suspects for their alleged involvement in an identity-theft and financial crime ring that used insiders at banks, a non-profit institution, a high-end car dealership and a real-estate management company to steal personally identifiable information from more than 200 individuals and organizations.    
      

According to charges filed by the Manhattan District Attorney, stolen names, dates of birth, addresses, Social Security numbers and financial information were used through a variety of schemes to defraud victims and financial institutions. Between May 2010 and September 2011, the New York crime ring is accused of stealing more than $2 million from JPMorgan Chase Bank, TD Bank, Citibank, Discover and American Express. The charges include conspiracy to commit grand larceny, grand larceny, criminal possession of stolen property, identity theft and criminal possession of a forged instrument.

The 18-month investigation, which relied on court-ordered eavesdropping, physical surveillance, computer forensics and analysis of credit card, banking and phone records, remains open.

"Today's indictment reveals another tool of organized identity thieves - insiders who betray their employers and prey on clients," said Manhattan District Attorney Cyrus R. Vance in a statement about the case. "These insiders used their positions to gain access to client data, and then sold that data to make money for themselves and their accomplices."

To read the entire article, click here: http://www.bankinfosecurity.com/articles.php?art_id=4350&rf=2011-12-22-eb&elq=2089d9f1275c4a69a721677f9c7f3d06&elqCampaignId=1034

FTC: No Major PHR Breaches So Far

Only Incidents Listed Are Lost or Stolen Credentials
October 11, 2010 - Howard Anderson, Managing Editor, HealthcareInfoSecurity.com
 
In the year since the breach notification rule for personal health records took effect, no major breaches affecting 500 or more individuals have been reported, according to the Federal Trade Commission.

A personal health record is an "electronic record of identifiable health information on an individual that can be drawn from multiple sources and that is managed, shared and controlled by or primarily for the individual," according to the FTC.

Last year, the FTC issued a PHR breach notification rule, as called for under the HITECH Act. Under the rule, which took effect Sept. 24, 2009, major breaches must be reported to the FTC within 10 business days. PHR vendors, and certain companies with which they do business, must report any size breach to the individuals affected within 60 days. But they only have to report the smaller incidents to the FTC annually, 60 days after the start of the calendar year.

To read the entire article, click here - http://www.govinfosecurity.com/articles.php?art_id=2996&rf=2010-10-12-eg