LegalShield Independent Associate - James Brown

08/18/2022

The hands and feet of Jesus.

12/04/2018

Espionage, ID Theft? Myriad Risks From Stolen Marriott Data
By The Associated Press
• Dec. 1, 2018
•
o
•
•
• • NEW YORK — The data stolen from the Marriott hotel empire in a massive breach is so rich and specific it could be used for espionage, identity theft, reputational attacks and even home burglaries, security experts say.
Hackers stole data on as many as 500 million guests of former Starwood chain properties over four years including credit card and passport numbers, birthdates, phone numbers and hotel arrival and departure dates.
It is one of the biggest data breaches on record. By comparison, last year's Equifax hack affected more than 145 million people. A Target breach in 2013 affected more than 41 million payment card accounts and exposed contact information for more than 60 million customers.
But the target here — hotels where high-stakes business deals, romantic trysts and espionage are daily currency — makes the data gathered especially sensitive.
The affected reservation system could be extremely enticing to nation-state spies interested in the travels of military and senior government officials, said Jesse Varsalone, a University of Maryland cybersecurity expert.
"There are just so many things you can extrapolate from people staying at hotels," he said.
And because the data included reservations for future stays, along with home addresses, burglars could learn when someone wouldn't be home, said Scott Grissom of LegalShield, a provider of legal services.
Help us break the next big story.
The affected hotel brands were operated by Starwood before it was acquired by Marriott in 2016. They include W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Méridien and Four Points. Starwood-branded timeshare properties were also affected. None of the Marriott-branded chains were threatened.
Email notifications for those who may have been affected begin rolling out Friday and the full scope of the breach was not immediately clear.
Marriott was trying to determine if the purloined records included duplicates, such as a single person staying multiple times.

Security analysts were especially alarmed to learn of the breach's undetected longevity. Marriott said it first detected until Sept. 8 but was unable to determine until last week what data had possibly been exposed — because the thieves used encryption to remove it in order to avoid detection.
Marriott said it did not yet know how many credit card numbers might have been stolen. A spokeswoman said Saturday that it was not yet able to respond to questions such as whether the intrusion and data theft was committed by a single or multiple groups.
Cybersecurity expert Andrei Barysevich of Recorded Future said Saturday he believed the breach was financially motivated.
A cybercrime gang expert in credit card theft such as the eastern European group known as Fin7 could be a suspect, he said, noting that a dark web credit card vendor recently announced that 2.6 million cards stolen from an unnamed hotel chain would soon be available to the online criminal underworld.
"We will have to wait until an official forensic report, although, Marriott may never share their findings openly," he said.
Marriott said the stolen credit card information was encrypted but the hackers may have obtained the "two components needed to decrypt the payment card numbers." It said it cannot "rule out the possibility that both were taken."
For as many as two-thirds of those affected, the exposed data could include mailing addresses, phone numbers, email addresses and passport numbers. Also dates of birth, gender, reservation dates, arrival and departure times and Starwood Preferred Guest account information.
A spotlight on the people reshaping our politics. A conversation with voters across the country. And a guiding hand through the endless news cycle, telling you what you really need to know.
The breach of personal information could put Marriott in violation of new European privacy laws, as guests included European travelers.
Marriott set up a website and call center for customers who believe they are at risk.
The FBI would not say whether it is investigating, but said in a statement that anyone contacted by Marriott should "take steps to monitor and safeguard their personally identifiable information and report any suspected instances of identity theft to the FBI's Internet Crime Complaint Center at www.ic3.gov."
Passport numbers have previously been part of a hack, though it's not common. They were among records on 9.4 million passengers of Hong Kong-based airline Cathay Pacific obtained in a breach announced in October.
Combined with names, addresses and other personal information, passport numbers are a greater concern than stolen credit card numbers because thieves could use them to open fraudulent accounts, said analyst Ted Rossman of CreditCards.com.
The data purloining highlights just how dangerous hotels can be for people worried about their privacy.
"Hotels have long been important government sources of local information for tracking foreigners: reservation systems and loyalty programs took the surveillance global and made it easier for us to give up our privacy," said Colin Bastable, CEO of Lucy Security.
Intelligence agencies including the U.S. National Security are well plugged into the global travel industry "by fair means or foul," he said, non-government cybercriminals now have the same hacking tools.
"Consumers have become collateral damage," he said. "And we are all consumers." He advises providing hotels with as little information as possible when making reservations and checking in.
Last year, the cybersecurity firm FireEye highlighted an effort in which Russian state agents allegedly tried to infiltrate the reservation systems of hotels in Europe and the Middle East.
When its acquisition by Marriot was first announced in 2015, Starwood had 21 million people in its loyalty program. The company manages more than 6,700 properties across the globe, most in North America.
Marriott, based in Bethesda, Maryland, said in a regulatory filing that it was too early to say what financial impact the breach might have on the company. It said it has cyber insurance and is working with its carriers to assess coverage.
Elected officials were quick to call for action.
The New York attorney general opened an investigation.
Virginia Sen. Mark Warner said the U.S. needs laws that limit the data companies can collect on customers and ensure that companies account for security costs rather than making consumers "shoulder the burden and harms resulting from these lapses."

The IC3 accepts online Internet crime complaints from either the actual victim or from a third party to the complainant. We can best process your complaint if we receive accurate and complete information from you. Therefore, we request you provide the following information when filing a complaint:

07/31/2017

Tonight at 9pm ET one of LegalShield's Executive Directors, NVPs, Ring Earners, or Millionaire Club Members share a 15-20 min overview of the LegalShield Opportunity.

DIAL 605-475-4120 pin 3135625 #

Then at 9:30pm ET there's a 20 min Getting Start Call that covers:

*Welcome to LegalShield and the company support
*Main goal right now is to LevelUp and explanation of what that means
*Reason to make a list
*Strategy on exposing the list USING 3rd party and the system

06/11/2017

Live Conference Call Tonight
This is a tremendous opportunity for you to hear about the opportunity from our national leaders!
SUNDAYS 9:30 pm EST
(712) 432-2815 pin number 66373 #

05/07/2017

What is a living will? Should I have one?
A Living Will gives instructions to your family and physicians on whether you wish to be medically treated if you are ever in a physical condition in which there is no hope of recovering. It allows you to control decisions relating to your own medical care, including the decision to have life-sustaining procedures withheld or withdrawn in a situation in which you might be diagnosed as having a terminal and irreversible condition. The law is very specific as to the form and contents required of a valid living will. It is wise to consult an attorney to ensure that your living will is proper. Whether you should have a living will is a very personal decision and you may wish to discuss this decision with your physician and an attorney.

09/23/2016

Reducing Your Risk of ID Theft Pt. 1

1. The crime of identity theft

Using a variety of methods, criminals steal Social Security numbers (SSNs), driver's licenses, credit and debit card numbers, and other pieces of individuals' identities such as date of birth. They use this information to impersonate their victims, spending as much money as they can in as short a time as possible before moving on to someone else's name and identifying information.

There are two types of identity theft:

"Existing account fraud" or "account takeover fraud" occurs when a thief acquires your credit or debit card information and purchases products and services using either the actual card, a counterfeit card, or the account number and expiration date. Victims may not learn of account takeover until they receive their monthly account statement.

"New account fraud" or "application fraud" occurs when a thief uses your SSN and other identifying information to open new accounts in your name. Victims are not likely to learn of application fraud for some time, because the monthly account statements are mailed to an address used by the imposter.

This guide discusses strategies for reducing the risk of both types of fraud.

Generally, victims of credit card fraud are liable for no more than the first $50 of the loss. In most cases, the victim will not be required to pay any part of the loss. But debit card users have less protection against fraud. Not only are individuals' checking accounts wiped out, debit card users could be liable for the total amount of the loss depending on how quickly they report the loss to the financial institution.

Even though victims are usually not saddled with paying their imposters' bills, they are often left with a bad credit report and must spend months and even years regaining their financial health. In the meantime, they have difficulty getting credit, obtaining loans, renting apartments, and even getting hired. Victims of identity theft find limited help from the authorities as they attempt to untangle the web of deception that has allowed another person to impersonate them.

Identity thieves obtain SSNs, driver's licenses, credit card numbers and other pieces of identification through a variety of means:

Sending email messages that look like they are from your bank or credit card company, asking you to visit a web site that looks official in order to obtain account information. This is called "phishing."
Hacking into data files of financial institutions, retailers, and credit card transaction processing companies.
Accessing unsecured websites that contain sensitive personal information such as Social Security numbers and financial account numbers.
"Dumpster diving" in trash bins for unshredded credit card and loan applications and documents containing SSNs.
Stealing wallets and purses.
Stealing mail from unlocked mailboxes to obtain newly issued credit cards, bank and credit card statements, pre-approved credit offers, investment reports, insurance statements, benefits documents, or tax information.
Accessing your credit report fraudulently, for example, by posing as an employer, loan officer, or landlord.
Obtaining names and SSNs from personnel or customer files in the workplace.
"Shoulder surfing" at ATM machines in order to capture PIN numbers.
"Skimming" your credit or debit card information at a point of sale terminal or ATM machine.

12/24/2015

Tip of the Day.
You may have free Wi-Fi access at your favorite coffee shop, but you might not want to use it to check the balance in your savings account. If you're using an open wireless network, it's easier for hackers to intercept online transactions, passwords and other private business. "It's not the time to do financial business, your online banking or your shopping," says Marian Merritt, a Norton Internet safety advocate at Symantec, a manufacturer of security software.

That goes for websites that start with HTTP and HTTPS as well because you don't know how securely the coffee shop, hotel or other free Internet access point is set up. Hackers can set up "man in the middle" attacks to grab your passwords, card number and other information while you're on the public network. So enjoy the latte and save checking your credit card statement for later.