The mmfhoh blog has an interesting post about organized crimes impact or influence on Internet-based crime. No question in my mind here that organized crime, especially the Russian mob, plays a huge part in fraud and scams. Some that spring to mind immediately are work at home scams (where your job is to wire cash to Russia after cashing fraudulent checks) and phishing attacks.

The blog Make Money Fast Hall of Humiliation points to a story in the Consumerist that reports insurance company Aetna has an employee’s laptop stolen.

The New Bern Sun Journal has an article on public forums in North Carolina to educate citizens on common scams and ID theft. There will be 24 of the Scam Jams held in NC through November. The Scam Jams will also provide information for consumers that want to learn how to put a freeze on their credit report. Any North Carolina resident wishing to freeze their credit report can find more info at the NC Department of Justice web site. Here’s an article I wrote recently about credit freezes.

About.com had a valuable writeup on security breaches called Understanding Data Breach Disclosure. In it, Brian Koerner, has some super links with detailed and up to date state laws on data breaches, which are worthwhile linking to directly. Definitely check out Brian’s article above, though. Vigilant Minds has a very detailed matrix in their writeup called “State Security Breach Legislation.” (PDF). There’s also a link to National Conference of State Legislatures which is down right now. And Crowell Moring LLP has a detailed writeup called State Laws Governing Security Breach Notification, which is quite good.

WXOW TV-19 reports Wisconsin Governor is proposing a new ID theft law which would include an ID theft passport, which sounds similar to what Iowa is proposing. It will be interesting to see how this plays out, in light of the battle going on in the US Congress over new laws that weaken protection for consumers. Wisconson also opened a new office of privacy protection (www.privacy.wi.gov).

CNET News.com has this story:

Lawmakers in Iowa are proposing a special "passport" meant to protect victims of identity theft against false criminal action and credit charges. The "Identity Theft Passport" will be a card or certificate that victims of identity fraud can show to police or creditors to help demonstrate their innocence, Tom Sands, a state representative of the Iowa House and supporter of the proposal, said in an e-mail interview Tuesday.

SANS NewsBites - Vol: 8, Issue: 34 talks about this interesting insight from a company responsible for a major data breach last year.

Speaking at the Infosec Europe 2006 conference in London, LexisNexis senior director for information security Leo Cronin said his company's decision to be up front about a data security breach that took place in early 2005 was definitely the best approach to the situation. A social engineering email attack exposed personal data belonging to as many as 300,000 people at Seisint, a data broker acquired by LexisNexis in fall 2004. The company decided to inform all those affected, using California's data security breach notification law as a guideline. LexisNexis also took a number of steps to better protect the data it holds. Cronin believes the company's forthright approach minimized the damage to its reputation.

CNET News.com says “Fraudsters stole the credit card details of 2,000 MasterCard holders in a major security breach last week.” This appears to effect card holders in the U.K. only.

Computerworld has the story on a new data breach at the University of Texas.

In another reminder of the vulnerability of university networks, the University of Texas at Austin over the weekend announced that someone had broken into a computer at its McCombs School of Business and gained access to a database containing confidential information on about 197,000 people.

The break-in was discovered on Friday after university officials noticed “unusual activity” on the database server, said Dan Updegrove, vice president of IT at the school. Citing an ongoing investigation, he did not say what the unusual activity was, nor would he elaborate on how the break-in might have occurred. But Updegrove did say that the IP addresses involved in the attack are in the Far East, suggesting that the hacking was performed externally.

Click2Houston.com has an article on fraud and ID theft in Houston: “HPD records show in the last year, only 2 percent of forgery and counterfeiting cases and only 12 percent of fraud cases were actually solved.”