Forwarded by: "Jay D. Dyson" <jdysonat_private> -----BEGIN PGP SIGNED MESSAGE----- Courtesy of Cryptography List. Two words: Oh ****. - ---------- Forwarded message ---------- Date: Thu, 26 Jul 2001 10:59:38 -0400 From: "R. A. Hettinga" <rahat_private> To: cryptographyat_private Subject: Huge identity theft uncovered http://www.msnbc.com/news/604496.asp Huge identity theft uncovered Files with Social Security and driver's license numbers pasted in chat room; possible link to cell phone applications By Bob Sullivan MSNBC July 25 - Key personal data belonging to hundreds of individuals have been shared in an Internet chat room, in what one expert says could become one of the largest identity theft cases ever. The data include Social Security numbers, driver's license numbers, date of birth and credit card information - everything a criminal would need to open an online bank account, apply for a credit card, even create the paperwork necessary to smuggle illegal immigrants. It is still unclear how the data ended up in the chat room, but an MSNBC.com investigation has revealed common threads among the victims - including the purchase of a cell phone online from VerizonWireless.com or an AT&T Wireless reseller. ACCORDING TO A SOURCE who requested anonymity, the customer data started flowing July 14 and continued at least through July 22. It's unknown just how many records were published, but at one point new records were flying by at a rate of two per minute. The source provided MSNBC.com with a two-hour slice of log files from the chat containing information from about 50 people. MSNBC.com attempted to talk with all of the people named and interviewed 29. Of those, 17 said they had ordered wireless services online, using the Web site of Verizon Wireless, a joint venture of Verizon Communications Inc. and Vodafone Group PLC. In each case, the victims had ordered service between December and April, and in almost every case, the victims lived in Illinois or Indiana. The form of the data pasted into the chat room connected to those 17 victims exactly matches the form used by potential customers on VerizonWireless.com when they fill out the credit check application. Detailed information, such as driver's license and Social Security number, is necessary so the company can perform a credit check before issuing a phone. Verizon Wireless spokesman Jeff Nelson said the company was investigating the incident, but declined to offer further details. "We take the security of our customers' information extremely seriously," he said. "Whenever we hear about a remote possibility that there has been any kind of intrusion into our system, we quickly move to investigate and work with our customers to rectify any possible damage." Nelson declined to say which credit agency Verizon Wireless uses to verify applications filled out on the company's Web site. Eight other chat room victims interviewed by MSNBC.com said they had ordered AT&T Wireless services in the past year. Several of the database entries pasted into the chat room included the line "I agree to a one year {sic} contract with AT&T Wireless Services." Four of the eight remember ordering the service through URDigital.com or its parent, Advanced Digital Solutions, which once operated mall-based sales booths. AT&T Wireless spokesperson Danielle Perry confirmed that in at least two of the cases, the customers had signed up for AT&T Wireless service through Advanced Digital Solutions, which she described as an "unauthorized subagent's subagent that has gone bankrupt." She could not offer an explanation for the others. The chat room logs also point toward URDigital.com as a potential culprit. Several times, one poster publishes a directory listing specifically pointing to a folder named "URDigital." URDigital.com is now operated by Simply Wireless Inc. A spokesman for Simply Wireless said his company had no connection with URDigital.com or Advanced Digital Solutions 18 months ago when the chat room victims indicate they signed up for their AT&T Wireless service. But not every victim ordered cell phone service online in recent months, suggesting the data may have originally been taken from some other agency that logs customer driver license and Social Security data. Five of the victims interviewed by MSNBC.com said they didn't remember ordering a cell phone online and don't recall entering their Social Security numbers or driver's license numbers into any Web site. FRAUDULENT CHARGES SHOW UP Experts say the victims could be dealing with the potential identity theft for years; unlike credit card numbers, Social Security numbers and date of birth information cannot be canceled and reissued. That's what distinguishes this theft from other computer break-ins like the January 2000 theft from CDUniverse.com, when criminals stole 300,000 credit card numbers from that e-commerce site. Theft of customer databases full of credit card numbers has been fairly common since the CDUniverse incident, but there have been no widespread reports of stolen databases that include social security numbers and drivers' licenses. In the most famous identity theft incident to date, a New York City restaurant worker managed to impersonate famous personalities like Steven Spielberg, Warren Buffett, Martha Stewart and Oprah Winfrey, and in some cases stole money from their brokerage accounts. But the driver had to steal each identity one at a time, via imposter telephone calls and other "social engineering" tricks. The data which appeared in the chat room, which in some cases even includes employer and job title, is already in active circulation among the Internet's underground. About half of the victims contacted by MSNBC.com had already discovered fraudulent charges on their credit cards within the past week, soon after the stolen data was posted in the chat room. But several others indicated their cards had been loaded with bad charges two months ago, suggesting the data may have originally been stolen in April or May. Computer criminals armed with a full set of personal data, including Social Security numbers and date of birth, can wreak havoc on a victim's credit history by signing up for credit cards or opening online bank accounts. "Oh man, this is not good," said Maribell Ruiz of Chicago. She claims the only place she ever entered her license or Social Security number online was at VerizonWireless.com. "They are supposed to be a secured site." Local police have already opened investigations into the incident in Rancho Cucamonga, Calif., and Kiowa County, Okla. Another Chicago-based victim, who asked to have her name withheld, has already contacted attorney Jed Weissbluth, an expert in identity theft, to investigate. "I never enter my Social Security number online," said Maria Zeller of Farragut, Ill. In fact, she didn't remember ever doing so until asked if she had ever purchased a cell phone contract online. "The cell phone is the only thing I purchased that I would have," Zeller said. Adam Feign of Crystal Lake, Ill., ordered his Verizon Wireless phone in December using the company's Web site; then two months ago there were $4,000 in false charges on his Visa card. "Most of the charges were at Network Solutions," he said. Cory Johnston of Indianapolis, Ind., was called by his bank Monday and told a criminal had charged $1,000 on his card over the weekend at Network Solutions. "I'm going to change my driver's license number right away," he said. One expert, who requested anonymity, called the victims who had their data published in the chat room "the lucky ones," since they can be warned about what has happened. Criminals often publish only a small slice of the data that's been stolen. It's possible a much larger database of personal dossiers has been taken, and since authorities don't yet know where the data came from, other victims can't be warned. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBO2CPedCClfiU/BIVAQHNwQQAj8zJ8FJ05UuO4C740NXh7CqaAu+6WnZr rC8ranBNUpEN7I+3cbgh9aDxKfh22c1ExT9zs7yZLAnBPqo2NQX/Izg6RKoBgs9Z 4zhOlBK85iFoDaVSLkPchQUxv2eGOsOLzHyD/ZitGKoFK63wnzEZnL57QS4Z6vNT zdby44s5sHI= =soP4 -----END PGP SIGNATURE----- - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Sun Jul 29 2001 - 06:08:03 PDT