Tech Analysts Say Elgin Data Breach May Prove “Devastating” for Those Vulnerable to Identity Fraud

Richard Marley
May 16, 2022
3 minutes read
1675

Technology experts raise questions about the lack of transparency of the municipality in dealing with the cases of theft of personal data in Elgin County which might prove to be devastating for the victims.

A cyber-security incident in Elgin County has raised concerns about the lack of municipality in dealing with the situation of data breaches which may prove to be “devastating” for those affected, as said by the technology analysts.

Information about 330 individuals, constituting 33 cases of highly sensitive data was knocked on the website and email system of Elgin’s County for almost a month states a County official. Moreover, personal and employment information of the workers of the County was dumped into the “dark web”, a digital domain accessed only through special browsers allowing users to anonymously share information.

Julie Gonyou, Elgin’s chief administrative officer expressed that the information included details about the performance appraisal putting the reputations of multiple affected employees at risk.

“This incident can be devasting in various ways, damaging the financial, reputational and emotional aspects. Since it may contain health records, job appraisals all is at a threat of going public” warned Michael Katchabaw, a teacher of computer science at Western University.

Ann Cavoukian, executive director of Global Privacy and Security By Design Centre showed resentment towards the municipality while delivering “very little transparency” of waiting for a month in disclosing the case. In addition to this, she agreed that this breach could lead to identity theft while causing a serious impact on the lives of people.

Carmi Levy, a technology analyst in London, makes it evident by saying “The municipal delayed in addressing the issue while having knowledge about the incident from April 1st and setting the network offline till April 27th”.

The officials of the County were notified on May 3, while a release was released on Friday notifying the public about the cyber-security incident. The issue is still being examined by the investigators. No significant details are provided yet Gonyou asserted that it was not linked to ransomware.

Elgin is offering one year of credit security and identity fraud services for the victims. Any suspicious activity needs to be reported as per the recommendation of the police on the official website of the Canadian Anti-Fraud Centre.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Interpol Seizes $130M Worth of Virtual Assets from Cybercriminals Worldwide
The International Criminal Police Organization Interpol has seized $130 million worth of virtual assets that are linked to money laundering operations and different cybercrimes worldwide.

The “HAECHI III” law enforcement operation, which lasted between June 28 and November 23, 2022, enabled INTERPOL to arrest nearly a thousand suspects.

“In total, the operation resulted in the arrest of 975 individuals and allowed investigators to resolve more than 1,600 cases,” reads Interpol’s announcement. “In addition, almost 2,800 bank and virtual-asset accounts linked to the illicit proceeds of online financial crime were blocked.”

The various cybercrimes that contributed to the aforementioned sum include voice phishing, investment fraud, romance scams, sextortion, and money laundering linked to illegitimate online gambling.

Due to the activity, Interpol also produced 95 alerts and diffusions and identified 16 novel crime trends that would enable law enforcement agencies all around the world to concentrate on their efforts against cybercriminals more effectively.

The latest scams include types of financial fraud and romantic scams that criminals are continually improving to maintain novelty.

Additionally, Interpol noticed an increase in the usage of encrypted messaging applications by scammers to communicate with their victims in investment schemes.

Interpol’s statement also highlights the success of its fresh Anti Money Laundering Rapid Response Protocol (ARRP) mechanism, which was first put to the test during the organization’s prior operation, known as “Operation Jackal.”

Scammers had $1,250,000M returned to them due to ARRP, an Irish firm that was the victim of the Business Email Compromise (BEC). This was the total sum that the business lost to the BEC fraudsters, who ARRP assisted in identifying and seizing.

Since the beginning of ARRP’s pilot testing phase in January 2022, the technology has assisted in the recovery of $120M in cybercriminal proceeds.

Suggested Read: Interpol Warns of the Rise in Romance Scams as Valentine’s Day Approaches

Recent Posts

Blog
Customer Risk Assessment - A Landmark Approach to Fight Identity Fraud
Identity theft is the most prominent cybercrime which has raised alarms for global law enforcement authorities. Masterminds behind these scams are targeting all digital platforms, including e-commerce, ride-hailing apps, social media, and online gambling, which has made users vulnerable to risks of financial losses. The severity of identity fraud increases as criminals use stolen data to take over users’ accounts, make fake bank accounts, and carry out illicit financial transactions. The results remain disastrous for the affected persons as they lose their earnings without knowing about it.

The issue’s intensity can be judged by the fact that in the US alone, 42 million citizens became victims of identity theft, costing $52 billion in total losses. While onboarding any digital platform, users are asked to input their confidential details, which are further exploited by fraudsters. In fact, the service provider must secure their users’ information, but most platforms have inadequate screening measures, which ultimately aids bad actors in abusing the system. In such a situation, customer risk assessment is the most feasible approach, which can help businesses identify their users by applying strict checks and verifying their origins.

Identity Theft – A Looming Threat for Digital Businesses

Since the COVID-19 pandemic, the concept of using remote services has picked up the pace, and users prefer to visit digital platforms instead of going to offices. A large number of banks have introduced mobile apps for all types of transactions which has further provided attractive opportunities for criminals to steal someone’s identity, take over their account and transfer money to somewhere else. The majority of service providers have incorporated stringent checks like biometric authentication, two-factor authentication, and many others, but crime is still prevalent and increasing every year. The screening system based on the principles of customer risk assessment could be the most appropriate solution for online businesses as it can track the complete history of the users.

Account takeover is one of the leading issues that is increasing due to identity theft. The criminals use the stolen details of customers to log in to their bank or e-commerce accounts, further carrying out financial transactions. During the pandemic, a huge surge of 307% was witnessed in account takeover cases. Even now, when the effects of COVID-19 have almost diminished, criminals are involved in fraudulent activities in the same way. The Financial Action Task Force (FATF), the leading global organization fighting money laundering, has also suggested that online businesses should go for customer risk screening which is quite an ideal verification process.

How Law Enforcement Authorities are Countering Cybercriminals

Law enforcement authorities across the globe are facing the challenge of identity theft, and with time, criminal cases are increasing. Recently, several cases of identity fraud have been witnessed where cases were registered against criminals. Although countering the bad actors involved in online scams is quite gruesome, implementing customer risk assessment techniques can serve the purpose.

Let’s have a look at some of the high-profile cases of identity fraud:

Gang Members Sentenced to 60 Months in Prison for Identity Theft

The US Department of Justice has sentenced gang members to 60 months in prison who were involved in several online scams, including identity theft and wire fraud. It has been established during the investigation that they had been carrying out fraudulent activities for more than a year and during this time, they managed to steal $300,000 from the users. Court has further mentioned that no group or individual in the US will be allowed to defraud the users through online scams.

Criminals Jailed Over Multi-Million Identity Fraud in Spain

Spanish Police have arrested a gang that was involved in providing fake identities and forged documents to customers. The investigation revealed that criminals were stealing users’ data from different online platforms and further selling it in the black market. Police have stated that it was a multi-million scam, and all the criminals have been sent to jail.

Fighting Identity Fraud Through Customer Risk Assessment

Customer risk assessment is a set of extreme measures which are generally used by businesses to verify the identities of their customers when some new professional relationship is formed. B2B companies are also using customer risk screening methods to authenticate the documents and identities of other businesses before making any contract with them. It is an ideal process for all digital service providers as it provides in-depth knowledge about the other party and makes a record of their information. Customer risk assessment is not only a feasible solution against identity theft but also a valuable tool to counter money laundering.

Although several identity verification services are efficient enough to counter criminals, customer risk assessment is more advanced and modern, providing the best verification options to digital businesses. It involves various security checks, including checking customers’ identity, background, area of origin, business, and criminal record. All these parameters have remained quite productive in countering cybercriminals and helped many organizations comply with global regulations.

How Customer Risk Assessment Screening is Carried Out

Customer risk assessment is a technical process that involves multiple security checks, and users have to pass all of them to avoid being reported to authorities. All these screening measures have been recommended by the FATF, and companies with customer risk assessment models are following them to comply with the global guidelines.

Here are some of the prominent risk factors:

Customer’s Identity

Customer risk screening verifies the true identities while making a thorough background check. Corrupt politicians and business tycoons usually get more chances of laundering money or carrying out other financial crimes, so the system should be efficient enough to track users’ history to get updated knowledge about their economic activities in the past.

Geography

There are few regions in the world that have weak AML and other cyber laws, which ultimately help criminals to carry out crimes without much trouble. FATF has placed a large number of countries on grey or black lists, which means that all such states are vulnerable to financial crimes. The customer risk assessment process verifies the origin of the users and determines how stronger AML regulations are there.

Industry/Business

Some businesses are notorious for corrupt practices, like gold, art & antiquities, and other luxury items. The customer risk screening method verifies the business of the users and makes a thorough investigation in case the customer is involved in some vulnerable business.

What Shufti Pro Offers?

Combating identity fraud is crucial for the digital sector and is the most appropriate time for companies to invest in screening measures. The customer risk assessment is an ideal solution for online service providers which will help them in countering financial criminals.

Shufti Pro is offering customer risk screening solutions which is the perfect solution for online businesses. It will not only help them in ensuring global regulatory compliance but will also secure their users’ identities. Shufti Pro’s Customer Risk Assessment (CRA) verifies the identities of users through the toughest parameters which will never let the criminals onboard the system. It is efficient enough to generate results in seconds with a ~99% accuracy.

Want to know more about customer risk assessment for digital businesses?

Talk to CRA Expert

Tech Analysts Say Elgin Data Breach May Prove “Devastating” for Those Vulnerable to Identity Fraud

Identity Theft – A Looming Threat for Digital Businesses

How Law Enforcement Authorities are Countering Cybercriminals

Gang Members Sentenced to 60 Months in Prison for Identity Theft

Criminals Jailed Over Multi-Million Identity Fraud in Spain

Fighting Identity Fraud Through Customer Risk Assessment

How Customer Risk Assessment Screening is Carried Out

Customer’s Identity

Geography

Industry/Business

What Shufti Pro Offers?

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.