Identity Theft News

As identity theft news and commentaries become available, they are posted in this section for your quick access. Identity theft analysis and commentaries regarding current news are posted when necessary or requested. From time to time, interesting and important news become available that relate to identity theft, which I find worthy of posting in this section. If I miss any important piece of identity theft news, please contact me with a link and I’ll consider posting them here.

Latest search engine news

The Latest Identity Fraud Related News In Yahoo!

Major news and commentaries

Data Breaches Are Up 69% This Year, Nonprofit Says Hacking was the least-cited cause of data breaches in the first six months of this year. Instead, lost or stolen laptops and other digital storage media remain the most frequently cited cause of data breaches, accounting for more than 20 percent of all reported cases, the center found. The inadvertent posting of personal and financial data online prompted roughly 15 percent.

Identity theft news analysis - I completely agree with the need for a Federal security breach notification law to strengthen the current State requirements and standardize the process. Notice that insider involvement and unencrypted personal information are major threats to the consumer identity protection. Besides the reasons given in this article for the increase of the incidents, I also think that corporate cost cutting and less focus on information security are also major contributors to the rise in security breach incidents.



Identity Theft News Posted in June 2008

US bank loses unencrypted data on 4.5m people Couriers lost magnetic tapes containing the personal details of 4.5 million people who had dealt with the Bank of New York Mellon, it has emerged. The incident happened three months ago, but has only surfaced after legal papers were filed in the state of Connecticut.

Identity Theft News Posted in May 2008

Wealthy Londoners are most at risk as cases of identity theft soar Victims are typically aged between 26 and 45 and are home-owners. Those employed at director level or running their own business and those earning in excess of £50,000 a year are almost three times as likely as other people to have their identities stolen, the report says.

Identity theft news analysis - This news partially confirms what I have been saying for a while that high target identities are much more likely to become a victim of identity theft than others.

Connecticut state residents' customer data lost in transit Connecticut Attorney General Richard Blumenthal warned Wednesday that hundreds of thousands of state residents' Social Security numbers and bank account information may have been compromised when unencrypted computer back-up tapes disappeared on their way to a storage facility in February.

NY Governor signs Idenitty Theft Legislation The bill would restrict the ability of employers to use an employee's personal information, including prohibiting employers from posting or displaying more than the last four digits of an employee's social security number, or placing social security numbers in files with open access.

College student accused of stealing people’s credit Authorities charged that they stole the identity of neighbors in their building and at least twice broke into other units. Detectives showed off a table full of fake ID cards and driver’s licenses they had seized, along with computers, printers, a machine that makes ID cards, $17,000 in cash and several neighbor’s keys.

Identity theft news analysis - This is a good example and reminder to never let good looks, innocence and friendly neighbors fool you into blind trust and compromise the protection of your identity.

Tower Club leaks alumni members' social security numbers Tower Club is taking steps to protect 103 of its alumni in the classes of 2006 and 2007 after a spreadsheet listing their names and social security numbers was e-mailed to current club members early Wednesday morning.

Identity theft news analysis - According to Tower, the accidental spreadsheet attachment was due to "a technical glitch", but, can it also have been due to a "human glitch". Tower officers sent another e-mail to the club asking members to delete the message from their mailboxes "out of respect for ’07." I think officials should have instead stated that in a proven case whereby anyone forwards the attached document to anyone else, lawsuits would be filed against that person in addition to disciplinary actions available to the Tower Club officials.

News Corp manager knew of hacking claim The lawsuit alleges NDS hired hackers to steal information from satellite TV company DISH Network Corp and post it online, costing the company up to $US900 million. NDS has denied the allegations.

Identity theft news analysis - It'll be interesting to learn about the results of the jury deliberations but I concluded my analysis about the case in this article.

Identity Theft News Posted in April 2008

Chrysler Financial admits possible breach Chrysler's lending arm has admitted a courier service may have lost a data tape with sensitive personal information of thousands of Canadian auto customers.

Computer containing data on 16,000 Buffalo State students is stolen (www.buffalonews.com) - "The risk I would say is not that high, but that doesn’t matter," Innus said. "There are steps we need to take because of what happened."

Identity theft news analysis - I agree with the above statement. If the information is disclosed due to the lack of encryption or some other reasons, then preventive and corrective steps should be taken to reduce future incidents and avoid identity fraud and privacy disclosure regardless of the initial reasons for which the laptop was stolen. Sometimes, the initial objective of a crime changes due to additional information and discoveries. For example, the initial objective of a car theft might be to benefit from the sale of the car parts but may subsequently lead to identity theft due to a wallet found in the stolen car.

Stolen NIH Laptop Held Social Security Numbers Social Security numbers for more than 1,200 participants in a National Institutes of Health study were stored on a stolen laptop containing their medical records, putting those patients at risk of identity theft, agency officials said yesterday.

WellPoint says Personal Data of 128,000 customers Exposed WellPoint Inc., the largest health insurer by membership in the U.S, reported yesterday that personal data of about 128,000 of its customers was exposed online over the past year.

Identity theft news analysis - According to WellPoint, the problem was originated in two Internet servers maintained by third-party vendors. Transferring services to third party service providers is a real challenge that requires strengthened and continuous monitoring to ensure compliance with agreed upon controls.

Identity Theft News Posted in March 2008

National Institutes of Health or NIH researcher loses laptop with data on 2,500 patients “The laptop contained no additional medical information on participants beyond the MRI reports and no additional information such as Social Security numbers, addresses, phone numbers or any financial information,” Nabel’s statement said.

Identity theft news analysis - Well, the Institute strengthened its controls to require encryption on all of its laptops ONLY after this incident. This is another example of companies not learning from other incidents, or news and commentaries posted on this web site. Also, NIH information technology officials believe it’s unlikely that the patients will be victims of identity theft or financial loss. I wonder how they came up with this assessment! Are they making this baseless comment to avoid paying for any identity monitoring services? Not only there was a privacy violation of personal health information, but various identity components can also be collected from multiple sources and put together to commit fraud, especially medical fraud.

Chains Report Stolen Card Data Last year Hannaford Bros. upgraded the encryption system for its credit-card and computer networks to one that is more difficult for outsiders to crack. The system is recommended by major credit-card associations, and the upgrade was completed about a week before the incident is believed to have taken place, Ms. Eleazer said.

This identity theft news actually led to identity fraud. Rarely does a data security breach lead to identity fraud, as the initial motive is about stealing the device and not the data. In this case however, based on the 1800 identified fraud cases and lack of stolen device, it is apparent that the initial motive might have been to gain access to card information for the purposes of committing fraud.

HealthNow data goes missing as laptop vanishes HealthNow New York has alerted 40,000 members in Western and Northeastern New York that they may be at risk for identity theft, after a former employee’s laptop computer went missing with confidential information several months ago.

Another missing and unsecured laptop? How many months ago did it go missing? Is it possible that we have a case of a laptop that was not encrypted and tracked to detect its absence much earlier?

O’Toole Renews Call For Immediate Investigation Of Horizon Blue Cross/Blue Shield Data Breach Horizon responded to the theft by saying that security procedures meant to prevent the theft of company laptops and confidential data apparently were not followed in this instance.

I have a problem with the above response given by the company; was the main objective the prevention of the laptop theft or should it have been the protection of the personal information stored on the laptop? In our efforts to protect confidential information, we have to assume the theft or loss of a laptop is inevitable. Once that assumption is established, what can the company do to protect the information that is stored on the lost or stolen laptop? If the laptop were encrypted, they would not be talking about preventing the laptop loss. Companies can not always monitor and ensure that employees follow the rules one hundred percent, and must assume and prepare for the inevitable.

Identity Theft News Posted in February 2008

GAO Finds Data Protection Lagging In 2006, identity theft of all varieties accounted for $49.3 billion in losses to people and organizations nationwide, according to the GAO report.

Health data storage sites might not be secure Personal health records are a growing market, and non-health-care companies, such as Microsoft, are starting to offer services based on the idea that consumers should be in charge of their own health information. Meanwhile, both the state and the federal government are working toward networked health information.

Google to Store Patients' Health Records SAN FRANCISCO (AP) - Google Inc. will begin storing the medical records of a few thousand people as it tests a long-awaited health service that's likely to raise more concerns about the volume of sensitive information entrusted to the Internet search leader.

Identity theft news analysis - Good idea and may result in reduced number of security breach incidents by consolidating health records into a single database, however, affected identities per incident is sure to multiply.

Woman sues Best Buy for lost laptop A US woman has sued Best Buy to the tune of $54 million for losing her laptop

California Senate strengthens breach notification requirements, toughens ID theft prosecution rules The State Senate in California has passed measures by wide margins that require a) more extensive notification to consumers of data breaches, b) establish a central reporting center for breaches, and c) permit local prosecution of identity theft.

Identity Theft News Posted in January 2008

GE Money Lost on 650,000 Credit Card Holders The information was on a backup computer tape that was discovered missing last October. Once again, this identity theft news validates the dangers of placing confidential information on unprotected computers.

Twice bitten: acts of stupidity can lead to identity theft Soghoian's Law of Identity Theft Stupidity: Anyone who publishes their own private financial details in a public discussion of identity theft will eventually find that information used for fraud.

Information security breaches quadrupled in 2007 The TJX breach was by far the worst breach of 2007. Other major breaches of last year include the loss by the UK government of two unencrypted CDs containing the records of 25m child benefit claimants.

Almost half of all records lost worldwide occurred in the United States of America. Lost laptops, unencrypted discs and insecure systems and communication channels mostly contributed to the information protection problems.

Identity Theft News Posted in December 2007

Pension details sent to wrong addresses Serco, the company which handles pension statements on behalf of the county council, sent 1,400 statements for staff, former staff and councillors to the wrong destinations because of an "administrative error".

Personal details of 16,000 children lost in hospital data disks blunder A computer disc containing the data was sent to St Leonard's Hospital in Hackney but failed to reach the right department - even though it was signed for by hospital staff.

DOE Lab Hacked Oak Ridge National Laboratory, a U.S. Department of Energy facility, said on Thursday that its computer network had been comprised by a spear-phishing attack.

Blood donors' personal data stolen along with laptop Personal information, including the Social Security numbers of more than a quarter-million Minnesota and Wisconsin donors to Memorial Blood Centers, is in the hands of a thief.

Forrester Loses Laptop Containing Personnel Data Forrester "Chief People Officer" Elizabeth Lemons said in the letter that the hard drive is password-protected but made no mention of encryption.

Websites sell secret bank data and PINs Without paying a single penny, The Times downloaded banking information belonging to 32 people, including a High Court deputy judge and a managing director. The private account numbers, PINs and security codes were offered as tasters by illegal hacking sites in the hope that purchases would follow.

TJX to Shell Out $41M in Data Breach Settlement TJX will pay $40.9 million through Visa and Visa USA to cover the costs associated with issuing new cards and other means of ensuring that Visa cardholders whose accounts may have been compromised in the breach did not become victims of fraud and identity theft.

The latest identity theft news confirm the soaring cost of corporate data security breach, which ultimately gets passed on to consumers and shareholders. As such, corporate Board of Directors and shareholders must pay closer attention to their internal security safeguards and practices to limit losses related to data security breach and place the information security function at the highest level possible within the corporate organization structure, preferably having information security reporting to the CEO and the Board. The tone at the top defines the importance and effectiveness of the information security function and the reporting level and careful placement of the function within the organization is the most critical step in safeguarding corporate confidential data and avoiding appearance in the identity theft news.

Identity Theft News Posted in November 2007

Lost in the post - 25 million at risk after data discs go missing MPs gasped when the chancellor, Alistair Darling, told the Commons that discs containing personal details from 7.25 million families claiming child benefit had been lost. They went missing in the internal post after a junior official at HM Revenue & Customs in Washington, Tyne and Wear, breached all government security rules by sending them by courier to the National Audit Office in London.

Once again, unencrypted information was sent from point A to point B. What's worse in this case is that the information was sent via an unsecured channel.

UK data-loss scandal could force banks to close accounts U.K. banks could be forced to close the accounts of all child benefit claimants affected by an HMRC "operational failure" that resulted in the loss of 25 million records stored on discs, a Gartner analyst has warned. Its loss, moreover, proves to at least one fraud expert that that the British government can't be trusted with biometric information, and that the U.K. national ID scheme is untenable.

VA notifies veterans affected by data loss Three computers, printers and other computer equipment were taken from the Roudebush VA Medical Center in Indianapolis in a theft discovered Monday that is believed to have occurred on Saturday, Schuda said.

New Laws for Organizations that Accept Online Payments Regulatory bodies and U.S. states have reacted to the identity theft crisis by creating rules and laws governing how personal information is to be protected and when organizations are obligated to publicly report a data breach.

Alicia Keys MySpace Scam The buttons to play Keys' songs were clearly marked — and clean — but almost every other image on the site, including the full-sized background photo of the diva herself, had been hacked in such a way that merely clicking on it could infect visitors' computers with malware.

15,000 Standard Life customers' data put at risk Her Majesty's Revenue and Customs (HMRC)has admitted a CD, which contained data relating to 15,000 Standard Life pensions customers including their names, National Insurance numbers and pension plan reference numbers was lost in transit from the Revenue office in Newcastle to the company's headquarters in Edinburgh by an external courier.

The Hartford Loses Tapes With Data on 237,000 People Backup tapes have been missing since September 27 and include data from customers, employees, and others.

Vanished computer tape highlights dangers facing some residents Within the past week, one out of every eight West Virginians received a letter from the state alerting them to some big and potentially dangerous identity theft news when a computer tape containing personal information such as their names, addresses, Social Security numbers, spouse's names and maiden names got lost while being shipped to Pennsylvania.

Identity Theft News Posted in October 2007

University update on possible student data breach A University employee recently reported losing a portable USB or flash drive containing an electronic file with names and social security numbers for nearly 16,000 current and former students.

Identity theft news analysis - unencrypted USBs continue to be used. Not only portable drives pose a great security risk, but unencrypted ones with thousands of individual information can be devastating for the University or any other entity if lost or unaccounted for.

All data must be encrypted, the TSA orders, after the loss of laptops holding hazmat driver data. Following the loss and possible theft of two laptops containing the personal data of 3,930 truckers who handle hazardous materials, the Transportation Security Administration has mandated that contractors must encrypt any and all data on top of any deletion policies they have in place.

Identity theft news analysis- To suggest that "any and all data must be encrypted" following the incident sounds a bit reactionary to me. Not all data needs to be encrypted unless it poses a privacy or identity fraud risk based on a risk assessment.

Mortgage Office Manager Charged With Identity Theft and Grand Larceny Investigators said they found a common link: all six had applied for loans at the same local mortgage office. Further investigation found still more victims, and fraud estimated to total more than $1 million, the police said.

Identity theft news analysis - This is a good example of linking identity fraud to the source as I explained in the Discovery section of DIP consumer notification process.

Woman convicted of identity thefts Aretha Germaine Elcock Antione has been convicted of stealing the identity of two women in Illinois and taking more than $100,000 from their accounts.

TJX Revises Consumer Settlement, Agrees to Pay Cash TJX plans to offer cash as an alternative to vouchers in order to settle data breach litigation.

HMRC loses a laptop The laptop was stolen from a boot of an HMRC car last month.

Semtech faces identity-theft threat Semtech has notified its U.S. employees of a potential breach of their personal data.

Once more, loss of laptop may lead to data disclosure.

Ransomware victims wait for the worst The malware research company Prevx discovered, and decrypted, a 257MB file on a remote site containing peoples' files, personal details and browser sessions - including details from "secure" (SSL) sessions that people usually think are safe. However, in the browser itself, they are plain text and hence can be captured.

As I always say, identity theft risks can never be 100% eliminated. Even a secure Internet communication can be compromised to steal information you place in that session like when applying for a job online or checking your account balances.

Business Data Lost in Laptop Theft The recent theft of a state laptop loaded with banking information on 1,600 businesses has highlighted an increasing problem in a wired age - business identity theft.

Is business identity fraud becoming a serious issue? I think good to excellent credit always provides a better value when stealing an identity to commit fraud. Why steal an identity that provides no value but some debt collectors! Successful businesses have great existing credit lines and high credit credibility for new account offers and thus provide better value to fraudsters. Watch this segment to rise in the near future.

ID theft victims, retailers split on bill The legislation, awaiting Gov. Schwarzenegger, would force retailers and financial institutions to adopt national standards to protect shoppers' data they disclose.

Third-party vendor exposes information on 800,000 job applicants at the Gap. A vendor managing job applicant data for clothing retailer Gap lost personal information, including Social Security numbers for some 800,000 U.S. and Canadian job seekers, the company admitted in a press release.

Again, confidential information like social security number is stored on laptops, which are then stolen from the office, home, car or the driveway. I guess companies and people never learn. This will happen over and over unless a) we stop storing information on devices, which are in demand and easily stolen or lost, and b) devices, which are encrypted if confidential information must be stored on them. Most of the time, the devices are stolen for the device itself and not because of the stored information. Thieves are after the device and not the information within most of the time.

Identity Theft News Posted in September 2007

TJX Data Breach Settlement Has Strings Attached Company offers credit monitoring, store credit and discounts as compensation for losses.

TJX agrees to settle class action suits TJX, pending court approval, has said they will begin settling most of the class action lawsuits that were filed after a breach of company security.

Study Says Veterans' Data Are at Risk Veterans' personal data and health information remain at risk of identity theft because the Veterans Affairs Department has yet to implement several safety measures, government investigators say.

Medical identity theft remains problematic When Providence Health System lost 365,000 patient records on unencrypted back up tapes, it cost the provider $3 million just to notify those affected. It was fined $95,000 under the state's consumer protection laws, took a direct blow to its reputation, and now faces a class action lawsuit.

Attorney General Suing Consulting Company Over Lost Data - courant.com - The state of Connecticut is suing a technology services and consulting company over the loss of confidential information for 58 Connecticut taxpayers and hundreds of state bank accounts.

Hacker Gained Access To Data On Millions Of TD Ameritrade Customers Online brokerage TD Ameritrade Holding Corp. announced today that a hacker broke into one of its databases and stole personally identifying information for some of its 6.3 million customers.

I am one of the victims and was notified of this breach by TD Ameritrade in a letter received this Saturday, September 15, 2007. The letter actually confirmed the inclusion of the code into their systems but indicated no social security numbers were stolen to their knowledge. TD Ameritrade has contracted an external party to assess the breach. The initial results of the assessment state no indication of identity theft risks however; they continue to research the incident.

Gov. M. Jodi Rell orders confidential data on state laptops encrypted or purged Attorney General Richard Blumenthal criticized the Department of Revenue Services for its "inadequate" response to the Aug. 17 theft, which he characterized as a "massive security breach" in a letter sent Monday to DRS Commissioner Pam Law.

Why should it take an identity theft accident to implement a simple and logical security measure that should have been in place in the first place? Second, providing a credit freeze as suggested by Mr. Blumenthal is a good idea but it should be clearly communicated to the taxpayers that such measures will have consequences on the taxpayers part to apply and receive credit in a speedy manner.

Personal data stolen from Pfizer exposes 34,000 UK employees to risk of identity theft More than 34,000 Pfizer employees in the UK are at risk of identity theft after a security breach exposed their personal data.

Ex-worker sues hospital in data loss Steven Shields, who was a Providence Health System information systems analyst, says in his lawsuit that he was told to take the records to his Milwaukie home. The records were on 10 computer disks and data tapes in a bag that Shields left in his van when he parked it in his driveway Dec. 30, 2005.

Pfizer admits to third major data breach The data was stolen by a former employee of the company last year, but Pfizer only found out about the breach in July.

Connecticut taxpayers at risk of identity theft At least two prominent Democratic legislators and more than 70 state tax department employees are among Connecticut taxpayers at risk of identity theft because their Social Security numbers were on a stolen tax-department laptop computer.

Judge throws out lawsuit by two OU alums related to IT security breach In their suit, which they had asked Judge J. Craig Wright to certify as a class-action suit, the two demanded that OU pay for a court-administered credit-monitoring program for all victims of the data breach.

Johns Hopkins believes identity theft of patient information was averted Officials at Johns Hopkins reportedly recovered a stolen computer containing patient information and believe it is highly unlikely any information was accessed or compromised.

Child identity stolen after her mother was murdered But yet another challenge has been added on. Roughly two weeks after Brandy's death, her younger child, 15-year-old Cody, learned his identity had been stolen.

This is especially sad because the people contributing to the "Jessica and Cody Lambertsen Benevolent Fund" were no longer able to find the account as a result of actions taken following the identity theft.

State laptop containing personal data is stolen A Maryland Department of the Environment laptop computer stolen from an employee's car last weekend held personal information, including Social Security numbers, for 10,000 residents registered with one of four state boards.

Two major problems; laptop was left in the car and was unencrypted. Two other potential problems; was the confidential information supposed to be stored on the laptop and did the laptop leave the business building following proper authorization, proper protocols and for good business reasons?

Man accused of stealing his blind aunt's identity The 41-year-old Islandia resident was arrested Monday at his home on charges of grand larceny and identity theft after a nearly two-month investigation, Suffolk county police said.

Identity Theft News Posted in August 2007

Identity Theft Ring Targeted Forbes 400 A Russian man who allegedly stole the identities of people on the Forbes 400 list of wealthy Americans was the leader of an identity theft ring, the Manhattan district attorney's office charged yesterday.

I've always stressed that rich and famous identities provide better value for identity thieves because they have better credits with huge credit lines. Why would thieves want identities that get rejected for new credit lines or have little or no existing accounts to tap into?

25 charged in N.C. identity theft investigation United States Attorney George E. B. Holding announced today (August 28) that his office has obtained criminal complaints charging 25 individuals with identity theft and various immigration violations.

Sister jailed for identity theft Jeannie Smith, 45, from Denny, near Falkirk, pretended to be her sister Linda Cowan, 35, obtaining £123,000 of goods in the process.

It's nice to have siblings but you still need to keep an eye on your identity components and carefully assess your actions when sharing and discussing personal matters with close family members and friends.

Illegal Immigrants Face ID Theft Charges All but four of the 29 illegal immigrants arrested last week in a raid targeting workers at the world's largest hog processing plant had stolen the identities of American citizens, federal prosecutors said Tuesday as they announced identity theft charges.

This identity theft news begs the need for improved and extensive background check procedures on the part of the companies that hire new employees.

Federal Court Slaps Data Theft Victims The three-judge panel of the circuit, mirroring decisions of federal courts in Ohio, Minnesota, Arizona and Michigan, ruled (.pdf): "Without more than allegations of increased risk of future identity theft, the plaintiffs have not suffered a harm that the law is prepared to remedy."

The ruling is very specific. If the data theft did not result in actual economic losses, then victims of data theft have nothing to claim. If the victims of identity theft had become victims of identity fraud resulting in economic or financial losses, then the court might have granted remedies for the victims.

Girard Gibbs LLP Announces Class Action Lawsuit Against Certegy The case was brought by a Los Angeles, California resident who, prior to the public announcement by Certegy and FIS of the data breach, started noticing an influx of direct marketing and promotional offers as well as phone calls to his home. After subsequently receiving a letter from Certegy informing him that his personal data may have been compromised by one of its employees, the plaintiff engaged a credit monitoring service.

3 accused of identity theft MANCHESTER - Three people were arrested over the weekend on charges that they stole the identity of a 74-year-old Torrington man and attempted to take out loans in his name, according to police.

The elderly, young and even dead people are not immune to identity fraud.

South Africa: Identity Theft for Fraud 'Costs Billions' Identity theft has become the fastest growing commercial crime in the world and costs governments worldwide billions of dollars a year to control.

I’ve always said that identity theft prevention has low priority in the fight against identity crime. Companies continue to collect, share, and create more personal information without proper risk assessment and education for their employees and clients. Prevention should be part of an overall strategy to reduce the cost of endless investigations and remedial actions.

TSA agents can spot terrorists just by looking at them Miamiherald.com - New airport agents have been trained to check for bad intentions in travelers' facial expressions.

Looking for suspicious body language is a good idea if it is applied consistently throughout the airport population. My concern is, as proven in the past, that initial focus might be primarily on identities that look middle eastern and thus ignore analyzing the behavior of identities that are not suspicious to the agents. Terrorists don’t all look alike.

President of San Diego chapter of a military charity gets 120 days in identity theft Christine Mandilakis admitted that she obtained a credit card in the name of her brother-in-law about a year ago, then ran up bills totaling roughly $12,000.

Identity theft prevention bill signed in Massachusetts Governor Deval Patrick signed into law comprehensive identity theft prevention legislation requiring businesses and governments to notify consumers when their data is lost or stolen and sets standards for the disposal of records containing personal information.

ISPs suspected of massive identity theft in Korea The two companies, KT and Hanaro Telecom Inc, are suspected of signing up more than seven million customers for services without their permission, according to police sources cited by local media today.

Lawsuit Says Apple Store Receipts Raise Risk of Identity Theft A class action lawsuit against the company was filed yesterday in a Florida federal court alleging violations of the Fair Credit Reporting Act (FCRA) that put Apple customers at risk for identity theft.

Foreigner sentenced for identity theft U.S. District Judge Richard W. Story Sarp on Tuesday sentenced Sarp Yaman, 27, to three and a half years in prison. After he serves his time, he will be turned over to U.S. Immigration and Customs Enforcement to face deportation proceedings. Yaman pleaded guilty to the charges on May 15.

Monitoring account activities on line can detect unauthorized charges even if mails are diverted to another address.

A-List Stars Targeted In Phila. ID Theft Ring Police said the list of targeted victims includes celebrity names like Donovan McNabb, his mother Wilma, Jennifer Lopez, Paris Hilton, Whitney Houston, Patti LaBelle, Michael Vick and Microsoft founder Paul Allen.

It is reported the information was potentially stolen from the IRS. We won't get into the security practices of the IRS but my question is how did the mail diversion affect the victims' overall mail delivery and whether it was a noticeable change.

State accused of overreacting Theft of ID data now cost $3M The tape, which backed up files from the state's new payroll and accounting system, was stolen out of an intern's car in June. It contained the names, Social Security numbers, and banking information for roughly 1.1 million individuals, businesses and other entities.

Indeed, addressing the potential risks of identity fraud resulting from the theft of personal information can cost companies and the government immensely if they are negligent with the safeguard of the information. For the State to claim "overreaction" is merely an overstatement because they were negligent when they allowed an intern to store sensitive information in a car and they have to pay the price when they act as such. What should consumers and citizens do in such situations? Should they have paid the cost of fraud prevention because of others actions? Or, should they have just prayed and wait for the State to locate the information? The State was negligent to allow an intern, probably without proper security education and identity theft awareness, to store an unencrypted tape in the car. I wonder if the intern ever visited this site!

Local Doctor Arrested For DUI, Identity Theft A local doctor has been arrested for driving on drugs. What’s worse, police say other doctors may have been helping her get high without even knowing it.

Nice! Doctor using another doctor's pad to prescribe drugs for herself. I wonder if she did that without the other doctor's authorization!

Identity Theft News Posted in July 2007

Symantec Seeks to Disrupt Identity Theft Market Symantec researchers have developed 'Dark Vision', a system that searches underground Web sites and chat rooms for sensitive data being sold.

It's really nice that this product searches for personal information being sold on the Internet according to this identity theft news, but it would be even nicer if Symantec researchers can refine the product to look for ANY personal information floating around in the Internet whether or not they are being sold. Personal information that we as consumers share with companies or the government agencies is not to be available to the World Wide Web visitors, period.

Congress gets a chance to combat identity theft The measure also would prohibit businesses, schools and government agencies from displaying the numbers on the Internet or on checks, employee identification cards, student IDs or any other card used to gain access to goods and services.

This identity theft news illustrates how important it is to make it difficult to guess one's "identifier" which happens to be our social security number in some cases. But more importantly, the "authenticator" which also happens to be our social security number in some cases, must be protected even more than the identifier because it proves who we say we are just like our PINs at the ATMs.

Security expert's ID stolen Todd Davis was so confident that his company, LifeLock, could protect customers against identity theft that he publicized his own Social Security number as proof.

Subsequently, his social security number was used to commit identity fraud on the Internet according to this identity theft news. Mr. Davis freely publicized his own social security number on his web site. Identity theft prevention controls include privacy of social security numbers and other personal information.

Ex-Pfizer Employee Sues for Data Breach A former Pfizer employee who was among the 17,000 workers who had their personal information posted online is suing the world's largest drug maker, saying the data breach caused "fear and apprehension of fraud, loss of money and identity theft."

Bush administration wants tougher ID theft laws Washington Post 7/19/07 - The Bush administration on Thursday proposed legislation to toughen existing U.S. laws against identity theft and expand the amount of money victims could recover.

The 2 major elements of the legislation in this identity theft news include the inclusion of the identity of companies in the scope in addition to the individuals and increase the victim recovery of financial losses to include time spent to resolve identity fraud. This is a big item because time spent to resolve identity fraud can be very lengthy and thus can be a huge amount.

Brits are 'risking identity theft' A survey conducted by Capital One found that 46 million Brits - 93 per cent of the adult population - typically have sufficient data in their possession to allow a criminal to steal their identities.

This identity theft news goes back to the heart of my identity KAOS system which advocates owning and carrying less information while knowing what we carry with us at all times. Owning and carrying less will reduce our vulnerability and overall risk to identity theft and identity fraud while knowing what we carry at all times will help with immediate damage control.

Identity Theft Ring Arrested in Baton Rouge area, La. Four former employees of Ted's Meds Pharmacy, located in Zachary, La., were illegally using the personal identity information of their customers to apply for loans and other forms of credit without the customer's knowledge. Ted's Meds is a national mail order pharmacy based in Florida with telemarketing sales offices located throughout the country.

This identity theft news proves once more that employees with access to sensitive and valuable information and/or careless actions are more dangerous to the companies they work for than external forces attempting to penetrate a company's defenses to steal the same information. Employees assigned to sensitive information must be checked before hire, trained, and monitored.

Privacy experts push for breach law Privacy advocates (in Canada) have asked Parliament to enact legislation that will require organizations to report and notify their customers if protection of their personal information has been breached.

Canada is on the right track yet so far behind identity protection according to this identity theft news.

California disclosure law is better that the Federal law. President’s Identity Theft Task Force recommended federal legislation permitting companies involved in data breaches to determine whether consumers are at risk before notification. Such a law would overturn California's much stricter law, which requires companies to notify everyone whose personally sensitive information was stolen or lost in an electronic breach.

I agree with this identity theft news basic idea of notifying the consumers whose identities are stolen as part of a data breach and let the consumers be the judge and owner of their own risks, which seems to be fair. But this should be done only when the company is unbale to determine the facts of the case within a reasonable period of time. Why create public panic when the data breach in question is determined to be a non-risk to consumers? One example is lost encrypted personal data which is useless. What worries me most is insider complicity. When personal information is sold by insiders for the sole purpose of identity theft, the risks are much higher because 1) it can go undetected for longer period, and 2) the original purpose is identity theft and identity fraud. In other cases of data breach, the initial purpose may not be identity theft but rather other reasons such as stealing a laptop computer.

No one knows how frequently security lapses lead to ID fraud That's primarily because links are so hard to find that nobody knows how frequently security lapses lead to fraud, the Government Accountability Office said late last week.

Many things contribute to the linking problem addressed in this identity theft news. First, victims may be reluctant to report their identity theft cases for many reasons including they have nothing to gain from reporting their cases, in other words there is no motivation. Second, data is not being tracked, traced back and analysis is not being performed to link "known" data breaches to potentially related identity theft and fraud cases. The question is who should be doing that. Is the FTC the right entity since they collect consumer complaints reported on identity theft? Should privacy advocacy groups do that and let FTC be the legal arm? Or, should businesses be forced to track any fraud cases related to their own data breaches since their actions initially led to identity theft? Any ideas?

Update on 2.3M lost consumer records Fidelity National Information Services unit Certegy Check Services Inc. said Tuesday that credit, bank account and other personal information on 2.3 million consumers had been stolen, but none of the data were used for identity theft or other financial fraud.

John Joyce, a spokesman for the U.S. Secret Service in Tampa, said "on the surface, it appears that way."

Few breaches lead to identity theft, GAO finds fcw.com 7/5/07 - Although data breaches in the public and private sectors are frequent, few incidents of identity theft have occurred as a result of the loss or unauthorized exposure of personal information, the Government Accountability Office said.

2.3 million consumer financial records stolen Fidelity National Information Services, a financial processing company, said Tuesday a worker at one of its subsidiaries stole 2.3 million consumer records containing credit card, bank account and other personal information.

Although, there is no immediate concern for identity fraud due to the underlying reason for stealing and selling the information which was for marketing purposes, this identity theft news indicates that stolen personal information of the people involved can be abused in other ways than just for fraud purposes.

South Floridians increasingly victimized by medical identity theft Medical ID theft occurs in a couple of different forms as explained in this identity theft news. One is when someone uses another person's data, such as name, Social Security number or insurance information, to get medical services without the victim's knowledge. Another is when the thief uses someone's identity to falsify insurance claims.

Health identity theft is on the rise nationally and this identity theft news is not limited to just Florida. As this identity theft news article suggests, it is extremely difficult to detect health identity theft which can turn out to be very deadly also. The primary reason this type of identity fraud is not detected is because record keeping for health identity theft is not centralized and health record monitoring is not performed regularly like the monitoring of our credit reports to detect credit fraud.

Identity Theft News Posted in June 2007

FBI Warns Of Jury Duty Identity Theft Scam FBI officials are warning people about scammers who are using jury duty and the fear of going to jail as a way to commit identity theft.

Identity theft news alert - Never share your personal information over the phone or any other communication media without first validating the person's identity before sharing your information. Be smart and know that companies and government agencies, well aware of these scams, will not put you in this kind of situation to confuse you. And, if in doubt, hang up the phone and call them yourself. If they have a problem with you, I'm sure you will be red flagged in their system and someone can help you.

Nurse charged with identity theft A Charlottesville nurse was arrested Thursday and charged with stealing a patient’s identity to obtain $10,000 worth of jewelry, CDs and home appliances, police said.

3 indicted in conspiracy to commit bank fraud, aggravated identity theft A band of three Baltimore residents bought more than $500,000 worth of imported cars and other luxury goods by using personal information culled from stolen mortgage application files, according to a federal court indictment handed up yesterday.

California Bill Would Put Data Breach Responsibility On Retailers The bill in this identity theft news would require retailers to follow Payment Card Industry (PCI) data security standards to ensure proper retention and protection of credit and debit card information.

Hackers Make Off With Personal Info On Applicants At UC Davis Officials are investigating the possible theft and misuse of records containing information on about 1,120 aspiring veterinarians who'd applied to UC Davis School of Veterinary Medicine.

Interestingly enough, the majority of the applicants were rejected by the University as stated in this identity theft news.

3 charged in identity theft scam On June 15, fraud investigator for Alltel Communications Michael Relyea reported to police that multiple prepaid cell phone accounts were fraudulently activated in the Moultrie area with stolen credit card numbers resulting in a $10,000 loss to Alltel. Authorities said Applebee’s restaurant is the source for the stolen credit card numbers.

Couple suspected in identity theft Ohio Beacon Journal - A Uniontown woman and her husband are accused of stealing her 74-year-old mother's identity to purchase several thousands of dollars worth of merchandise.

Isn't it nice to have a daughter? You spend years and money to raise kids, and what do they do to thank their parents for the hard work? They steal their parents' identity and commit fraud. That's nice!

Bank warns of possible identity theft Texas First Bank is notifying about 4,000 customers that their personal information could have been compromised when thieves last month stole a laptop computer during a car theft in Dallas.

One bank-fraud suspect was actually identity-theft victim "one of the five suspects being sought in a bank-fraud investigation is the victim of identity theft and is not connected to the crime."

Former Celebrity Bodyguard Sentenced for Identity Theft Morillo unlawfully assumed another person's identity and obtained a U.S. passport. With the assumed identity, Morillo gained state licensing to carry a firearm and worked as an armed bodyguard in the U.S. and internationally. He provided dignitary protection services to several notable celebrities and international figures.

Do you trust your bodyguard? It's sad but sometimes the people we hire to protect us, our kids or our elderly parents are fake and untrustworthy. If they can steal someone else's identity and commit various frauds, they can also inflict harm on the people who hired them. Extensive background checks can help validate certain aspects of one's identity and are needed for sensitive positions. I can only assume that the celebrities in this identity theft news relied on their agents to hire the right people and somehow they failed to do so.

Data on 64,000 Ohio state workers stolen Chron.com - A data storage device with the Social Security numbers and other personal information on all 64,000 Ohio state employees was stolen from a state intern's car last weekend.

I guess the intern did not read my car security tips. Never, ever, leave valuables in your car, period. Valuables may include your computer, printed documents, passport, and jewelry. That way, you may lose your car but not the stuff you leave inside.

Breaches often don't lead to ID theft "If you are a victim and have been exposed to a security breach, in most situations there's no way to absolutely connect the dots between the breach and the ID theft," said Paul Stephens, director of policy and advocacy for Privacy Rights Clearinghouse, a San Diego consumer group.

Well, the breach may and may not have an impact and yes, it is hard to connect the dots when stolen data becomes the source for the identity fraud. This is because; most laptops and hard drives are stolen for the device itself and not for the information within. Second, most devices include data that is encrypted or is pass code protected, so it is harder to extract the data. Now, I disagree that if data was stolen and extracted to commit fraud, it would take years. In fact, the fraud can be committed fairly quickly if sufficient personal data was available to execute the fraud plan. In order to connect the fraud dots to the data breach, there has to be a pattern, but it the pattern can be tracked and dots can be connected. That's my 2 cents on this identity theft news.

Former Best Buy clerk admits aiding identity-theft scam A former Best Buy clerk admitted Friday to taking part in a widespread identity theft scam by helping her half-brother and his then-girlfriend buy thousands of dollars worth of merchandise at the north Jackson store with stolen checks, credit cards and debit cards.

The crime in identity theft news is the result of collusion, which is when two parties come together with their special access and assets to commit fraud.

Miss New Mexico speaks on identity theft "When I was 19, a girl in Farmington stole my identity," Hall said. "She was able to easily accomplish this with my driver's license information."

Immigrant accused of identity theft An illegal immigrant working for a Town of Lisbon landscaping business was charged May 30 in Waukesha County Circuit Court after he allegedly purchased the identity of a New Jersey man for $500 from an employment agency in Milwaukee.

Identity theft news alert - Identities for sale by an employment agency! What surprises me in this identity theft news is not what the employment agency did but rather a) why "the agency was not named in the criminal complaint", and b) why Lisbon Police Chief would not disclose the name of the agency. The police would not file a criminal complain against an agency that sold the identity of one of its clients and yet it is the poor immigrant that gets charged and must appear in court. Is this justice? If a health care company or a bank did this, the company would be fined, its executives charged, and the company name would be in the front pages of the Wall Street Journal.

Piggybacking roils credit industry Instead of spending several years repairing his credit rating, which he said was marred by two forgotten cell phone bills and identity theft, the 37-year-old real estate agent paid $1,800 to an Internet-based company to bump up his score almost overnight.

This identity theft news has many risk components for all parties involved, including the good credit holder, the borrower and the lender.

Identity theft may become a crime: justice minister Identity theft is currently not a crime in Canada, which has sparked numerous calls for government action. Offences involving identity theft are prosecuted under several other Criminal Code sections, such as fraud and personation, but there is nothing that outlaws someone from possessing another person's information.

Identity Theft News Posted in May 2007

Ex-waitress allegedly swiped identities She would make quick visits to the restroom after picking up customers' charge cards, apparently to swipe them through a palm-sized device that recorded the confidential numbers.

Every time we lose control of our credit card, even for a few minutes to pay for our restaurant bills, we risk losing its control for a longer period of time. As technology evolves, identity theft and identity fraud acts become more sophisticated and faster, expanding the period between identity fraud and its detection leading to increased number of fraud cases as well as fraud dollars involved. The fraud goals are not only to steal the personal information but also to commit the fraud faster, thus lengthening the time it takes to detect the fraud.

Kingston woman faces identity theft charge A former home health aide was arrested on a federal warrant for allegedly stealing an elderly patient’s identity and charging $30,000 in her name.

It's really a depressing identity theft news when a person that you hire and trust to come into your house to help you or your loved one steals money in the name of the person who is in need of personal help, especially when the victim is an elderly 77 year old.

AFGE Sues TSA for Reckless Violation of Privacy Act The American Federation of Government Employees (AFGE) which represents employees throughout the Department of Homeland Security, including the Transportation Security Administration filed a class action lawsuit against the TSA yesterday.

Did I say more identity theft news to follow? AFGE is advocating what I mentioned earlier, the government needs to look into its own information security practices. The government is like a giant corporation with millions of employees like TSA and millions of customers like us and their personal information. The latest identity theft news suggests careless personal information safeguards and actions. In one case, social security number of a farmer was disclosed on the Internet by the Department of Agriculture. This is careless and avoidable.

TSA employee records in computer hard-drive lost The U.S. Transportation Security Administration said on Friday that personal data on 100,000 of its employees contained in a computer hard-drive are missing.

The TSA doesn't know if the hard drive with the personal data was stolen or lost, but it disappeared from a secured area within the TSA building. First, how could it be lost in a secured area if the hard drive is not taken out of the building, second, how secure is TSA security practices while they are charged with the security of our airports and commercial planes? TSA is not unique in the latest identity theft news, there have been reported cases of lost, stolen or disclosed personal data at FEMA, Census Bureau, and the Department of Agriculture. Maybe, the government should start looking into their own security practices! One more thing, apparently, there were personal air marshal information in the data in question. Although, TSA claims the air marshal data can not be separated from the rest of the pack without additional information, it could have serious security consequences if that data gets into the hands of evil people. More identity theft news on the subject to follow.

Texas Attorney General Greg Abbott took legal action Tuesday against Texas-based EZCORP Inc. Investigators with the Office of the Attorney General discovered that several San Antonio EZPAWN stores exposed customers’ personal identifying information by discarding business records in easily accessible trash cans behind the stores.

This is another careless identity theft news where dumping personal information in open trash cans is a daily and routine practice. These practices are easily avoidable and can cost the violating companies a great deal if not corrected before being detected such as in this case.

JetBlue Workers Charged In Identity Theft Scam Investigators became suspicious after one traveler left his card on a Jet Blue counter at JFK airport. They later traced his card to $500 in unauthorized purchases.

The story reported in this identity theft news suggests travelers left their credit cards at the airline counter as they hurried to their planes. The airline workers then used and shared the credit cards left behind.

Identity Theft News Posted in April 2007

Cyber Security Industry Alliance (CSIA) - endorses recommendations of Identity Theft Task Force report but notes key deficiency This identity theft news report outlines improvements that are needed in four key areas including: keeping sensitive consumer data safe through better data security and more accessible education; making it more difficult for identity thieves who obtain consumer data to use it to steal identities; assisting the victims of identity theft in recovering from the crime; and deterring identity theft through more aggressive prosecution and punishment of those who commit the crime.

President's ID theft task force gets mixed review

CVS latest retailer cited for identity theft violation According to a press release issued by Attorney General Greg Abbott's office on Tuesday, employees at a CVS store in Liberty, Texas, chucked hundreds of customer records into a dumpster behind the storefront. Left in the trash were documents including customers' names, addresses, Social Security numbers, credit card numbers, prescriptions and doctors, according to the release.

Data on 6,000 DCH employees is missing A disk and documents containing the Social Security numbers and personal information of 6,000 DCH Health System employees are missing, raising concerns about identity theft.

International identity theft Identity theft operations may involve innocent people without their knowledge while they even lose money financing the operations.

A letter fills local customer with fear of identity theft A customer receives a letter from a store where she used her credit card. The letter informed her that her name, address and driver's license number might have been compromised in an intrusion into its computer system.

You can be a good citizen and take all the precautions to safeguard your personal information but as you can see, you’re at the mercy of the people and companies you share your information with as this identity theft news illustrates.

Texas Cites RadioShack for Potential Identity Theft The investigation was launched after reports indicated company employees dumped bulk customer records in garbage containers behind the store.

Obviously, the root cause of the problem in this piece of identity theft news is basically one of these: 1) RadioShak staff did not follow the existing policies and procedures, 2) there are no policies and procedures, or 3) staff were not properly trained on the existing policies and procedures. Either way, this is a reckless mistake and could have easily been prevented.

Identity Theft News Posted in March 2007

At least 45.7M card numbers stolen More than two months after first disclosing that hackers accessed customers' financial data from its computers, discount retailer TJX Cos. (NYSE:TJX) has revealed that information from at least 45.7 million credit and debit cards was stolen over an 18-month period.

Pa. passport clerk faces 18 counts of identity fraud Will this identity theft news make you be suspicious of the person who handles your passport applications next time?

Illinois transit agency hit with identity theft concerns The title of this article uses the words identity theft which may make you think personal information was stolen, which is not the case. OK, they need to improve their security controls to avoid identity fraud, but there was no identity theft let alone any fraud. Learn why the term identity term is misleading.

Identity-theft protection bill moving forward A bill that seeks to help identity theft victims appears close to becoming law, but some say it protects businesses more than citizens.

If Senate Bill 3034 becomes law, residents cannot freeze their credit files without a police report showing they were a victim of identity theft. They would have to pay credit agencies $10 to lift freezes, said the bill's author, Sen. Nolan Mettetal, D-Sardis.

The identity theft laws are becoming increasingly complicated and confusing and they differ from State to State. As this identity theft news article points out, these laws, in some cases, may even create an additional source of revenue for credit reporting agencies. But to be fair to the companies, some laws such as FCRA and FACTA, which require a free copy of a credit report be provided to consumers, had affected their bottom lines in a negative way. We need a national law providing a comprehensive solution and guidance for dealing with identity theft. Current laws address the identity theft issue in piecemeal and vary from State to State.

Identity Theft News Posted in February 2007

Identity theft bill heads to House Under the bill, companies that lose personal information must notify the people who could be harmed. Also, consumers could place freezes on their credit reports to help prevent identity theft. And identity theft victims could clear their names more quickly by having a judge list them in a database of identity theft victims.

Identity Theft Of Business Executives As I have mentioned in my KAOS identity management system, high value identities such as the rich and famous provide better value. This gets even better when control breakdowns in the company facilitate the entire identity theft process. In this identity theft news, it is evident that companies that allow their employees to open credit lines in the company's management name in order to perform their business functions open themselves up to some serious identity theft risks.

FBI loses laptops with classified information The FBI lost at least 10 laptop computers containing classified information during a four-year period ending in 2005, the Justice Department's inspector general has found.

Leahy introduces new bill to combat identity theft Among its provisions, the new legislation would increase criminal penalties for identity theft and require institutions that maintain personal data to disclose when they suffer a breach affecting personal security information.

Identity Theft News Posted in January 2007

Identity theft victim did not harm N.Y. police officer. This identity theft news is a case of both financial and criminal identity theft inflicted on one person at the same time.

Feinstein offers 2 identity theft bills. This is not merely enough to stop and reduce identity theft. These laws will not solve the problem of identity theft because not only they just address part of the problem but also they don't address them fully. Sorry but we'll have to wait until there is better solution which includes controls around validating the identity and each transaction.

Passport applicants find they're not Canadian. This identity theft news is just another example of why owning a passport and/or citizenship of any country is a privilege and can rightly or wrongly be taken away. Prevent identity theft in a case of lost or stolen passport.

ICE uncovers large scale identity theft scheme used by illegal aliens to gain employment at nationwide meat processor This identity theft news is not an isolated case by the way.

Identity theft and key logging main security threats for 2007. As the internet has evolved, this trend (identity theft) has now moved into the online space where we are now seeing people falling victim to email phishing asking for personal details.

American Passports Found on Bodies of Al Qaeda Fighters in Somalia. I just wrote an article about passport identity theft and how terrorists can use stolen passports to enter their desired country for various terrorism acts. Read the article and protect yourself against identity theft.

Identity Theft News Posted in December 2006

Russian bank chief jailed for identity theft. A Russian bank chief, who coordinated an international identity theft operation, has been jailed for six years. Despite being handcuffed, Kostap managed to jump up and flick an electrical switch that wiped a computer database that could have held more records of the criminal group's activities, said police. How convenient!

Boeing laptop with employee data stolen. This identity theft news is the third such incident at Boeing in just over a year. As I have said, people are the weakest link in the security and identity theft prevention chain because they make mistakes, do not consistently follow best practices, and have a short memory. Read the article on laptop security.

Identity Theft News Posted in November 2006

Compulinx CEO Arrested, Charged With Identity Theft From His Own Employees. This identity theft news illustrates why you should not blindly trust the people you trust when it comes to your personal information. Read about why crook employers behave as such and how to stop them.

Identity Theft News Posted in October 2006

Experts Warn Catalog Users Of Identity Theft Threat. Senior citizens are not the only victims in this area. Every one who receives such mails risks disclosure of sensitive information about their identity. Learn about the risks of pre printed inserts and labels on magazines, newspapers and catalogues.

Tumwater police crack huge identity theft case. This identity theft news is another indication how easy it is to obtain a person's personal information and with just a few dollars and equipment, steal that person's identity. As I stated in one of my articles about mailbox security, keep an eye on your mailbox and either lock it or collect the mail timely and frequently.

Charges filed in HP spy probe. Identity theft and pretexting were used in the corporate spy case in this identity theft news. The funny thing is that this was done by professionals who get paid for their services. They must have known they were being unethical when they employed these unlawful methods to spy and gather information about the board members.

Mishandled luggage hits record in August 2006. As I mention in my travel security section, it is not prudent to include your identity components or personal information in your luggage which you check. This identity theft news is just another reason that transferring control of your personal belongings to the airport or the airlines is not a very good idea.