Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 


Threat Of Identity Theft Looms - New Cyber-Assaults

Media Release

Threat Of Identity Theft Looms As Business Cyber-Assaults Take New Form

20 February 2013

The ramping up of efforts by fraudsters to go after Australian businesses holding personal information could contribute to a greater risk of identity theft and subsequent credit fraud for Australian consumers, warns a consumer advocate for accurate credit reporting.

Yesterday new Attorney-General, Mark Dreyfus QC advised that recent national survey results for more than 250 major businesses show cyber-crime is becoming increasingly targeted and coordinated, with one in five businesses experiencing one in the last year.

Mr Dreyfus said that cyber assaults have shifted from being indiscriminate and random to being more coordinated and targeted for financial gain. Most occur from outside the business, although it appears internal risks are also significant. [i]

The 2012 Cyber Crime and Security Survey Report commissioned by CERT Australia and conducted by the Centre for Internet Safety at the University of Canberra revealed that most serious assaults involved the use of malicious software, theft or breach of private information and denial-of-service.

In one case, an organisation reported the theft of 15 years' worth of critical business data.

A third of instances involved the theft of notebooks, tablets or mobile devices.

CEO of MyCRA Credit Rating Repair, Graham Doessel says Australians should feel concerned about where their personal information could be exposed to potential company data breaches, as personal information has become a valuable commodity used to commit identity theft and potentially ruin the victim’s credit rating and their financial future.

“We can’t take lightly the possibility that any company that keeps data on its customers could be at risk of cyber-crime. Identity theft is becoming more prevalent, and personal information is lucrative for fraudsters,” Mr Doessel says.

Last week the Australian Taxation Office (ATO) announced the identities of four tax agents were stolen and used to fraudulently obtain AUSkeys giving access to specialist tax agent online services.

Whilst the ATO was able to contain the threat, and cancel the AUSkeys, it said in a statement to the media that doing business online has benefits, but also comes with risks.

“People looking to commit identity fraud constantly look for ways to profit so it is critical to remain vigilant regarding your personal information and online security,” the ATO statement said. [ii]

Mr Doessel says this instance is one of a long line of assaults on Australian businesses and government entities in recent years.

“Unfortunately it seems everywhere people turn one entity or another has been hacked – and it seems everyone with a computer is at risk. It is still extremely scary the level of risk peoples’ personal information undergoes these days when it is stored online,” he says.

Personal information in the wrong hands can lead not only to identity theft but credit fraud, which involves the use of the victim’s credit rating, which can have significant long term consequences.

“Basically, a lot of identity fraud is committed by piecing together enough personal information from different sources in order for criminals to take out credit in the victim’s name. Often victims don’t know about it right away – and that’s where their credit file can be compromised,” he says.

He says once the victim’s credit rating is damaged due to defaults from this ‘stolen’ credit, they are facing some difficult times repairing their credit rating in order to get their life back on track.

“These victims often can’t even get a mobile phone in their name. It need not be large-scale fraud to be a massive detriment to their financial future - defaults for as little as $100 will stop someone from getting a home loan,” he says.

Once an unpaid account goes to default stage, the account may be listed by the creditor as a default on a person’s credit file. Under current legislation, defaults remain on the credit file for a 5 year period.

“What is not widely known is how difficult restoring a credit file can be – even if the individual has been the victim of identity theft, there is no assurance the defaults can be removed from their credit file. The onus is on the victim to prove their case and provide copious amounts of documentary evidence,” he says.

Changes to the Privacy Act 1988 should help consumers collectively when businesses experience cyber-crime which leads to a data breach. [iii]

From March 2014, increased powers of the Privacy Commissioner will force organisations that experience a breach to do something about it. Previously, the Commissioner could investigate and make recommendations as to what the organisation should do, but it had no way of requiring the organisation to take action.

The Commissioner can also issue civil penalties to organisations that experience a breach and either fail to take reasonable steps to protect the information entrusted to them, or fail to adequately respond.

Mr Doessel says consumers need to be insisting that the companies who hold their personal information have adequate tools to prevent a data breach, but he says despite this, the changing nature of cyber-crime means it can be difficult to keep up with the technology of fraudsters.

“Despite our best efforts to keep our details safe, we don’t have control over the IT systems of the company which holds our information, so we have to place a lot of trust in them to stay one step ahead of fraudsters. With most organised crime gangs now placing identity theft on their repertoire, more damaging and more frequent assaults are probably imminent in the future,” Mr Doessel says.

He says as a matter of routine, consumers should check their bank and credit card statements thoroughly when they come in, and should also order a copy of their credit report regularly – which would indicate if their credit file had been misused.

Under current legislation a credit file report can be obtained at no cost every 12 months from the major credit reporting agencies Veda Advantage, Dun and Bradstreet and TASCOL (if in Tasmania) and is sent to the owner of the credit file within 10 working days.

-- www.mycra.com.au www.mycra.com.au/blog


[i] http://www.attorneygeneral.gov.au/Mediareleases/Pages/2013/First%20quarter/18February2013-CyberattacksonAustralianbusinessmoretargetedandcoordinated.aspx

[ii] http://www.ato.gov.au/corporate/content.aspx?doc=/content/00345567.htm

[iii] http://www.oaic.gov.au/privacy-portal/resources_privacy/Privacy_law_reform.html#whats_changed

ENDS

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

I Sing The Highway Electric: Charge Net NZ To Connect New Zealand

BMW is turning Middle Earth electric after today announcing a substantial contribution to the charging network Charge Net NZ. This landmark partnership will enable Kiwis to drive their electric vehicles (EVs) right across New Zealand through the installation of a fast charging highway stretching from Kaitaia to Invercargill. More>>

ALSO:

Watch This Space: Mahia Rocket Lab Launch Site Officially Opened

Economic Development Minster Steven Joyce today opened New Zealand’s first orbital launch site, Rocket Lab Launch Complex 1, on the Mahia Peninsula on the North Island’s east coast. More>>

Earlier:

Marketing Rocks!
Ig Nobel Award Winners Assess The Personality Of Rocks

A Massey University marketing lecturer has received the 2016 Ig Nobel Prize for economics for a research project that asked university students to describe the “brand personalities” of three rocks. More>>

ALSO:

Nurofen Promotion: Reckitt Benckiser To Plead Guilty To Misleading Ads

Reckitt Benckiser (New Zealand) intends to plead guilty to charges of misleading consumers over the way it promoted a range of Nurofen products, the Commerce Commission says. More>>

ALSO:

Half A Billion Accounts, Including Xtra: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>

ALSO:

Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>

ALSO:

Get More From Scoop

 
 
 
 
 
 
 
 
 
Business
Search Scoop  
 
 
Powered by Vodafone
NZ independent news