Posts Tagged ‘id theft’

Four Tips to Protect your Data

Data breaches from cyber attacks are all over the news today. Although these types of security breaches are becoming more common, and more devastating, to the organizations and people involved, there is another kind of breach that is just as alarming.

Often times, informal transportation or improper storage of end-of-life electronics are the culprit. In untrained hands, sensitive information can be leaked, stolen or lost on the way to recycling centers or can be forgotten in dusty storage areas.

Consumers and businesses alike should be aware that electronic waste that is not disposed of properly poses a threat to sensitive data left on the devices. Finding a responsible electronics recycler will eliminate the risk of data breaches and grant the much-needed peace of mind that companies and individuals need.

Implementing a positive plan to combat electronic waste data breaches is the only realistic way to ensure that sensitive information remains safeguarded for end-of-life electronics.

Here are four tips to protect the valuable data contained on devices within your home, organization or business:

1. Get the best third party data destruction provider available

Laws and regulations ban dumping e-Waste into landfills and require specific methods for collection and disposal based on government guidelines.

When electronics devices reach end-of-life or are no longer wanted, relying on disposal plans managed by employees and staff for data destruction and e-Waste disposal is not effective, and leaves companies open to liability for breaches.

Instead, rely on a responsible R2/RIOS certified company with secure measures in place to handle the proper recycling of e-Waste and secure destruction of the information on hard drives and other data devices.

2. Avoid long-term storage of end-of-life devices

Long-term storage can increase the risk of loss or theft, which leads to serious data breaches. In fact, many data breach cases are the result of computers left to sit in off-site storage facilities with little or no regulation or supervision of the information contained on hard drives and storage devices.

Rather than choosing to place end-of-life devices in storage, creating an electronic waste disposal plan is the better choice. The plan should ensure that storage time is minimal or completely eliminated, thereby decreasing the risk of theft, loss or inadvertent exposure of sensitive information.

3. Know the laws on data destruction

Here in the U.S., most states with electronic recycling laws also require vendors to follow government regulations to ensure that consumer information remains safe. It is important to be aware of which guidelines apply to your organization and to organize an electronic waste disposal plan around them.

4) The best tip of all is too choose a responsible, certified electronics recycler who provides secure data destruction. This is the most effective way to ensure proper management and secure destruction of sensitive information contained on the hard drives of electronic drives.

Destruction means business!

Reprint: Boston Globe
Jonathan Wiggs/Globe Staff

PCS co-owner Lisa Bacewicz with “The Green Monster.”
By Paul E. Kandarian, Globe Correspondent February 15, 2015

Got unwanted high-tech gear laying about, such as old computers, printers, cellphones, and hard drives, and not sure what to do with them? PCS of Massachusetts (PCS MASS), a Weymouth company started in 2005 by Lisa Bacewicz and her husband, Charles, shreds old equipment to recycle the material, and also specializes in data destruction. We talked with Lisa Bacewicz for this story.

Q. Why did you start doing this?

A. We were involved in the resale of old electronic equipment, which was a big industry before 2005. But the industry changed rapidly, and obsolete and surplus equipment doesn’t hold the value it used to. That’s why we went to the next stage of responsible recycling.

Q. What do you do?

A. We’re a certified responsible recycler of all electronic waste, including secure and compliant on-site hard drive and data destruction. We take in e-waste from companies. We bring a shredder on a 26-foot box truck, a big green box we call “The Green Monster.” We take custody of the data and provide a videotaped seven-step destruction process. Anything with encrypted data can be shredded, and we can reduce hard drives to pieces the size of your pinky finger. The metal can be refined into new products. We also have a drop-off at our office for people to drop off office-related waste for free, though there is a charge for computer terminals.

Q. Who are your customers?

A. We work all over New England with hospitals, health care facilities, attorneys, major corporations. Everyone in this day and age with an office will have electronics that eventually become obsolete: phone systems, printers, fax machines, power supplies, cords, batteries. Everything can be destroyed and recycled. Any company with regard for client information or personal information should be reaching out to a certified recycler. Most recently, we earned our R2/RIOS certification from Sustainable Electronics Recycling International.

Q. Why is data destruction important?

A. For years, people lacked understanding of what happens to data on hard drives, tapes, or other memory material. Breaches have brought awareness to the point they’re looking for viable, secure ways to destroy data so it doesn’t get into the wrong hands.

Q. Business is good?

A. Extremely. We’re hiring more people, and by the middle of the year will move to a larger facility on the South Shore.

Paul E. Kandarian can be reached at pkandarian@ aol.com.

NEWS

AT&T Fined $52 Million for Dumping E-Scrap

Telecommunications giant AT&T has reached a $52 million settlement with the state of California for illegally dumping scrap electronics in state landfills.
The settlement was announced on Nov. 20 by California’s attorney general and was described by state officials as their first e-scrap management enforcement action against a telecom company.

“This settlement holds AT&T accountable for unlawfully dumping electronic waste. The illegal disposal of hazardous waste can lead to serious environmental and health risks for California communities. AT&T will be required to implement strict compliance measures at its facilities that set an example for other companies to safeguard our communities against hazardous waste.” The settlement calls for the company to pay $23.8 million in fines.

Please call PCS MASS to discuss Responsible Electronics/Components Recycling and Secure On-Site Hard Drive Data Destruction Solutions!

PCS MASS is R2:2013 Certified!

R2/RIOS™ certification is solely for electronics recyclers to demonstrate to customers that electronics equipment is being recycled with the highest standards for environmental protection, worker health and safety, and data privacy, and facility security. A facility that has invested R2/RIOS™ certification has upgraded to the highest, most responsible standards in recycling.

Green thought for the day: Spring is a great time to start your businesses Spring cleaning and get organized for Summer. This means clearing out all those old PC’s that have accumulated over the past few months. Please call PCS of MA today to discuss “Green” Recycling Solutions and Secure On-Site Hard Drive Data Destruction services!

News: Target Woes Continue After Data Security Breach

It keeps getting worse for retailer chain Target. After the loss of account information for over 40 million people, it has know been revealed that thieves managed to gain secret PIN code numbers in addition to the previous security breach. In an article on the Huffington Post, it was revealed that Target’s reputation among consumers has taken a huge hit.

The company’s “Buzz score,” a measurement of brand popularity developed by polling site YouGov, dropped by 35 points to -9 on Dec. 20, the day after Target announced that hackers may have gotten access to 40 million customers’ credit and debit card information. On Monday it fell even further to -19. Scores range from 100 to -100.

Currently, the Justice Department is investigating the data breach. Customers affected by the Target breach complained that they had to cancel credit and debit cards just as they were rushing to buy holiday gifts. Millions of others faced bank-imposed limits on how much cash they could take out at ATMs or spend on their debit cards.

In the wake of the recent revelation that the Target data breach was worse than first reported, many customers have started to take legal action against the retailer. According to a report by CNN Money, Target is facing lawsuits from almost two dozen consumers.

Customers in from California, Oregon and Washington to Louisiana, Massachusetts and Rhode Island have filed would-be class actions in federal courts, alleging Target was negligent and did not protect their card information.

Plaintiffs in several states alleged Target “failed to implement and maintain reasonable security procedures and practices.”

Robert Ahdoot, a lawyer for the California plaintiffs, said he spoke to customers who claimed unauthorized ATM withdrawals had been made from their accounts.

“Target has an obligation to provide adequate security for the financial information they collect,” Ahdoot said.

Some suits also alleged negligence, and claimed customers would not have purchased from Target if they knew of the breach, which lasted from Black Friday through mid-December but was not disclosed until last week.

Snyder, the Target spokeswoman, said the company doesn’t “comment on pending litigation.”

In related news, the New York Times reported last week Brian Krebs, the security blogger who first broke the news that Target had been breached, said he believed he had identified a Ukranian man who he said was behind one of the primary black market sites now selling Target customers’ credit and debit card information for as much as $100 a piece.

If customers do return to Target after this massive security lapse, I can assume many will be using cash.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your data.  PC Survivors of Massachusetts, L.L.C.  (R2) Certified,  86 Finnell Drive Unit 6,Weymouth, MA 02188 /Cell: 781-635-6281 /Office: 781-335-1220 / Fax: 781-335-1499 / www.pcsmass.com

30

12 2013

10 tips to protect yourself against identity theft

With identification theft becoming more common and ID thieves becoming more ingenuous, protecting yourself is more important than ever. Over at AZCentral, Robert Anglen and Russ Wiles compiled a handy list for keeping your private information private.
With identification theft becoming more common and ID thieves becoming more ingenuous, protecting yourself is more important than ever. Over at AZCentral, Robert Anglen and Russ Wiles compiled a handy list for keeping your private information private.- Routinely check credit reports. Look for unauthorized activity or accounts that you did not open.

– Safeguard hard copies of sensitive documents (including those from family members). Shred documents, including bills and payment stubs, before throwing them away. Drop outgoing mail in secure mailboxes only.

Set up automatic transaction alerts on bank and credit-card accounts. That way, you will learn quickly if someone is attempting to use one of your accounts.

Avoid clicking on e-mail attachments from strangers. Phishing scams use unsolicited e-mail messages aimed at encouraging recipients to respond and divulge sensitive information. The messages are becoming more targeted, often involving a reference to somebody you know or an activity you’re engaged in. Phishing scams are also used to plant computer viruses.

Use strong passwords. They should involve a mix of numbers, special characters and both upper- and lowercase letters. Protect smartphones with passwords and anti-virus or malware software.

Don’t provide personal information to telephone solicitors. Phone callers promise trips, computer service or winning prize offers to get you to divulge personal information.

Be cautious with social media. Interactions on Facebook, Twitter and other sites can be used to target you.Seemingly innocent information that consumers or employees post on these websites can provide insights that criminals can then exploit.

Verify information anytime someone asks you to pay them using a wire transfer. Thieves use wire transfers in scams far more often than credit cards.

Protect your computers and laptops. Don’t leave laptops with sensitive customer records unattended. Don’t click on suspicious computer attachments.

Check your children’s credit. ID thefts involving the personal information of children often go undetected for years. Victims might not discover a problem until they are old enough to apply for a car or student loan.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your dataPC Survivors of Massachusetts, L.L.C.  (R2) Certified,  86 Finnell Drive Unit 6,Weymouth, MA 02188 /Cell: 781-635-6281 /Office: 781-335-1220 / Fax: 781-335-1499 / www.pcsmass.com

08

12 2013

Data Security News: Is Your Personal Online Information Safe?

Data thieves are becoming smarter and harder to track every year. Recently, a school district in Arizona reported a major security breach in which 2.4 million people were affected. If that wasn’t bad enough, it took the Maricopa County Community College District seven months to notify those individuals.

According to a report from AZCentral.com, those impacted were current and former students as well as employees and vendors. Here are a few snippets from the article:

The district’s governing board has already approved several million dollars for repairs, which are still being made, and on Tuesday agreed to spend up to $7 million more to notify everyone who is potentially affected, spokesman Tom Gariepy said Wednesday.

Letters will be sent to current and former students, employees and vendors of the district’s 10 colleges going back at least several years to alert them that their information could have been seen, Gariepy said.

Among the vulnerable data were employees’ Social Security numbers, driver’s-license numbers and bank-account information, he said.

Students’ academic information also may have been exposed, but not their personal information.

There is no evidence that any information actually was looked at or stolen, Gariepy said.

According to the article, the district was notified by the FBI when they discovered a website that was advertising personal data from the districts database for sale.  Measures were taken immediately to stop the spread of the information (the site was shut down), but their reasoning for it taking so long to report was that the district wanted to investigate the extent of the exposure.

In the meantime the Maricopa Community Colleges Faculty Association released a statement saying they will do what is necessary to adequately protect students and MCCCD employees, now and in the future. Last week, a $7 million notification process was approved by the district governing board Tuesday night.

The money will go to an outside consultant, who will send the notification letters to everyone whose information was exposed. It just goes to show how severe a breach can be in relation to data exposure and cost of cleanup and repair.  Ongoing risk assessments and audits would have caught the obvious weak points in their network and could have avoided all of this.  Also, being properly insured for this type of disaster would have helped to offset the $7 million+ it will cost to rectify this situation.

If you’re looking for a reliable asset disposal service, PCS of Massachusetts is ready and willing to help you recycle your electronics and destroy your dataPC Survivors of Massachusetts, L.L.C.  (R2) Certified,  86 Finnell Drive Unit 6,Weymouth, MA 02188 /Cell: 781-635-6281 /Office: 781-335-1220 / Fax: 781-335-1499 / www.pcsmass.com

08

12 2013

12 Ways to Prevent Identity Theft

Last year, upwards of 16 million households were victims of identity theft. With much of our personal information readily available online, it’s becoming easier for thieves to use your information for their gain. Recently, AARP released a handy list of things you can do to cut down the likelihood you’ll be an ID theft victim.

1. Get off mailing lists for pre-approved credit cards offers – a gold mine for identity thieves. Visit optoutprescreen.com or call toll free 888-567-8688. To stop other junk mail go to dmachoice.org.

2. Enroll for free alerts from your bank and credit card issuers to flag unusual activity on your accounts.

3. Ask your credit card provider to issue you new “smart cards” with safer EMV chip technology. If they’re unavailable, request replacement plastic with your photograph.

4. To safeguard personal data on your electronic devices, use a smartphone password that isn’t 1234, 0000, 2580, 1111, 0r 5555 – some of the most easily hacked. Set your smartphone on auto-lock, Make computer passwords at least 12 characters long. Use uppercase and lowercase lertters, numbers, and symbols such as # and %. Use different passwords on different accounts and change them every few months.

5. If you don’t plan to apply for new credit, loans, insurance or utility services, freeze your report so crooks can’t get new accounts in your name. Rules vary by state, but most have a $5 to $20 fee and is often waived if you are 65 or older or provide proof of past identity theft. Type “security freeze” at the websites of Experian, Equifax and Transunion for instructions. A fraud alert is always free but not as effective.

6. Mail outgoing payments from a U.S. Postal Service mailbox or the post office, not from your more vulnerable home mailbox.

7. Shred unneeded documents that contain personal information. Most major cities have reputable companies that provide free shredding days. These shredders are far superior to any home models, as most will cross-shred and dump into a liquid solution.

8. Ask if your Internet provider offers free antivirus software. Set it for automatic security updates and a weekly full scan.

9. Set up your Internet service so that it does not broadcast your connection, also known as stealth mode. This prevents scammers from finding your connection when scanning. They can’t hack it if they can’t find it.

10. Never click on links in emails from strangers, or those purporting to be a government agency or your bank warning of a “problem.” The likely result is that identity-stealing malware will be installed on your computer. The more prudent thing to do is, if you receive an email from someone you don’t know and it has links trash it. If it’s from someone you do know, call him or her and ask if they sent the email with the link before clicking on the link.

11. Only carry your social security card for visits to the Social Security offices. If you have Medicare (not to be confused with Medicaid), only carry that card for planned doctor or hospital visits. Don’t worry, you’ll get emergency treatment without it, but if you’re a worry-wart, then photocopy it with several of the digits blacked out.

12. Never provide personal information such as Social Security number to anyone unless you initiate contact.

Most of these steps were provided courtesy of Sid Kirchheimer, the author of Scam-Proof Your Life, published by AARP Books/Sterling. 

 

10

09 2013