Yahoo has this story about a baby in Massachusetts.

WVCB NewsCenter 5's Amalia Barreda reported that the baby's mother discovered the theft when she went to open a savings account in her son's name and learned someone had used her child's Social Security number. The Central Massachusetts mother recently went to an Athol savings bank in her hometown of Barre to open up a savings account for her son. She said she was stunned when bank officials raised red flags about the baby's Social Security number.

Update 8/8/06:The receiver Thomas F. Lennon posted a 1 page letter updating the situation on July 17 2006. You can find that letter here (PDF file).

If you are a victim of 12 Daily Pro you need to know this. 12Daily Pro and Lifeclicks (the company behind it, run by Charis Johnson) were placed under the control of Thomas F. Lennon, a United States District Court appointed Receiver, at the request of the Securities and Exchange Commission, on March 1, 2006. On March 27 2006, the SEC appointed receiver made an announcement:

Court Modifies Permanent Injunction: 12Daily Pro investors are not prohibited from exercising rights provided under credit card agreements with respect to charges directed to 12Daily Pro.

This means you can call your credit card company and request a “charge back” and there’s a chance you might get some money back. People that used debit cards are not so lucky--you can NOT request a charge back on an ATM/debit card.

12 Daily Pro victims, here’s what you can do:

• Contact the Thomas F. Lennon, Inc., the Receiver. Questions should be sent in written form by e-mail to tfl@tlennonfor12dailypro.com or by facsimile to (619) 465-9288. You may also record your message at (619) 464-6691. To learn more go to the special website.  
• You should also file a complaint with the FBI at www.ic3.gov.
• Consider calling your credit card company and ask for a charge back for any charges that are fraudulent related to 12 Daily Pro (or via StormPay).
  

That is everything that we know at this time. (See updates at top of this post.)

Stars and Stripes is reporting that over 200,000 Marines may be at risk for identity theft after loss of portable drive.

A portable drive with personal information on more than 207,750 Marines was lost earlier this month, possibly jeopardizing those troops' credit records and privacy.

In a message sent out to Marines, officials said the information was encoded and so far they've seen no evidence the information is being abused. But, because the data could be used for criminal purposes, they are asking all Marines to be on guard for signs of identity theft.

According to officials from the Manpower Information Technology Branch, the portable drive was part of a Naval Postgraduate School research project. The information was being used in research about the effectiveness of re-enlistment bonuses, but it was lost in a computer lab on campus in Monterey, Calif.

The drive contained the names, Social Security numbers, marital status and enlistment contract details for enlisted Marines on active duty between January 2001 and December 2005.

Computerworld is reporting:

A U.S. House of Representatives committee has unanimously approved a bill that would create regulations for so-called data brokers, including a requirement that U.S. companies that traffic in personal data notify victims of breaches.

The House Energy and Commerce Committee's 41-0 approval of the Data Accountability and Trust Act comes a year after the beginning of a rash of data breaches at dozens of U.S. companies, starting with data brokers ChoicePoint Inc. and LexisNexis Group. The bill, which now goes to the full House for a vote, would require any company that "experiences reasonable risk of identity theft" to notify potential victims as well as the Federal Trade Commission (FTC).

Which local, state or federal agency has primary jurisdiction to investigate financial fraud involving FDIC insured banks, credit cards and identity fraud? Put your guess in the comments. Correct answer to be posted this weekend.

Update: The correct answer is...the US Secret Service. Which was part of the Treasury Department until 2003. It's now part of Homeland Security. So kudos to both people that answered!

The USSS was formed originally in 1865 to deal with the problem of counterfeit currency. Then when President McKinley was assassinated, Congress directed the USSS to protect the President. Their responsibilites have been expanded several times since then.

The NY Times is reporting today:

The Secret Service yesterday announced seven arrests in five states and the District of Columbia as part of a continuing crackdown on online forums where credit card data and other stolen consumer information is routinely traded. A total of 21 people have been arrested in the United States and Britain in the last three months in the undercover operation, the agency said.

It is the largest federal law enforcement action taken against the thriving online trade in credit card numbers, bank accounts, passwords, personal identification numbers and other data since an earlier effort, Operation Firewall, broke up the largest black market trading board, Shadowcrew.com, in 2004.

Computerworld provides further proof that signing up for free offers via the web is a bad idea.

New York State Attorney General Eliot Spitzer is suing Web site operator Gratis Internet Inc. for allegedly violating consumer confidentiality agreements by selling the personal information of millions of people to e-mail marketers, according to a statement issued Thursday by Spitzer's office.

Washington-based Gratis operates numerous Web sites, including FreeiPods.com, FreeCDs.com, FreeDVDs.com and FreeVideoGames.com. While Gratis informed users of its Web sites that it would not sell their personal information, Gratis owners Peter Martin and Robert Jewell in the past two years allegedly sold some 7 million consumers' e-mail addresses and other personal information to e-mail marketers. Those marketers used the information to distribute millions of e-mail solicitations, according to the statement.

CALPIRG’s blog has an post about a proposal the IRS is considering to allow tax preparers to sell your information (yes, with your approval). It points to a couple of recent newspaper editorials.

PENN PIRG (THE PENNSYLVANIA PUBLIC INTEREST RESEARCH GROUP) writes

The IRS is considering weakening consumer privacy rules by allowing tax preparers like H&R Block or your accountant to share the entire contents of your tax filings with corporations that want to market products or services to you. PennPIRG is urging the IRS to reject these rules, and will testify before the IRS on April 4th to advocate for better privacy protections.

I tried thinking of a reason why the IRS would even consider allowing this. I couldn’t think of one. It’s just a rotten idea. Your tax return may be the worst thing to have in the hands of a criminal. It has your social security number, name, telephone, address, employer, employer’s tax ID & address, financial account information, and more. Opening a conduit for this information to be pushed out to countless data brokers and service providers is hugely dangerous to everyone.

Ed Mierzwinski’s US PIRG blog says

The New York Times had a story by Damon Darlin Saturday on the issues around the need for strong security freeze laws and the threat to strong state privacy protections posed by Congressional meddling.

The piece goes on to describe how credit bureaus are making billions selling us credit-monitoring products -- a protection racket if I ever saw one, since their sloppy practices are the reason consumers need to purchase the product -- at $100 or more each year. While the piece quotes the credit bureaus whining about a patchwork quilt of different state laws, the bureaus simply don't want that credit monitoring profit spigot turned off. Neither credit monitoring nor fraud alerts (available only to victims and active-duty military personnel) are guaranteed to stop identity theft-- only a strong consumer-friendly security freeze can do that. Here's a link to a blog entry that includes a joint news release from PIRG and Consumers Union following passage of "the worst data security bill ever" by the US House Financial Services Committee Thursday.