H&R Block Tax Preparer Steals US Customer Data

A former H&R Block employee is charged with stealing the identities of dozens of clients and collecting hundreds of thousands of dollars in refunds after fraudulently filing income tax returns in the customers’ names without their knowledge.   A search of the car she was in uncovered a treasure-trove of evidence: a file box full of H&R Block client information, numerous blank W-2 forms, more than 100 debit cards and yellow legal pads with columns of Social Security numbers, PIN numbers, dates of tax filings and whether the returns had been accepted or rejected.

Coming at the height of tax season, the arrests of Francesca Foster, who worked at an H&R Block office in East Chicago, and a second woman illustrate the dangers faced when filing tax returns and the ease with which scammers can use electronic filing to steal identities.  IRS officials said citizens need to have the same level of trust with their tax preparer as they do with their own doctor before giving out personal information.

DataLossDB

Advertisements

Pwn2Own Contest Winner Tells Vendors Find Your Own Bugs

Charlie Miller, now a 3-time winner of the Pwn2Own hacking contest will not share 20 vulnerabilities with commercial software vendors like Apple, Microsoft and Adobe.  He is discouraged with the lack of progress being made to securely code popular applications, and says the vendors need to get off the pot and do their own testing.

 Miller “threw together” a logic fuzzer with a “few lines of code” and started finding vulnerabilities in Apple’s OS X 10.6, aka Snow Leopard, Safari browser, Microsoft’s PowerPoint, Adobe Reader, and OpenOffice.org’s productivity suite.  Miller was to take the floor at CanSecWest, the Vancouver, British Columbia-based security conference that also hosts Pwn2Own, to demonstrate how he found the vulnerabilities, hoping vendors would listen to what he has to say.

Good on you, Charlie, give a man a fish and you will feed him for a day.  Teach a man to fish and he will quickly forget you as he amasses his fortune…

ComputerWorld