Red Cross Employee Terminated after Identity Theft Discovery

A telephone blood-drive recruiter for the Missouri-Illinois Blood Services Region of the American Red Cross was terminated last March, when four identity theft incidents were linked to her.

The former worker had access to 8,000 blood donors in a database she used in her job, all of whom were notified by mail of possible identity theft problems on March 17, according to the agency. But after the original warning letters went out, the Red Cross decided to expand the identity theft warnings to all 1 million donors in the Missouri-Illinois region because of concerns that she may have accidentally accessed other records in the larger group.

The former employee, 20-year-old Lonnetta Shanell Medcalf of St.Louis is scheduled for trial on June 19. Medcalf has been indicted on three felony counts of aggravated identity theft, which carries a mandatory two years in prison if convicted. She was also indicted on one count of credit card fraud with a maximum penalty of 10 years in prison and/or a fine of $250,000.

Those who may have been affected by this incident should visit the site setup by the Red Cross for more information.

Source: Computerworld

Written by MCruz on May 26th, 2006 with no comments.
Read more articles on Employees and Identity Theft and Organizations.

M&T Bank Data Breach Notification Letter

Earlier this week I posted an entry about an M&T Bank customer who received a letter disclosing an information security incident. With her permission, I am attaching a faxed copy of the notification advising Portfolio Architect Account holders of what to do next.

In the letter to customers, M&T Bank is offering free membership to PrivacyGuard. They also suggest customers closely monitor their accounts for the next 24 months.

There are still open questions about where and when the theft took place. The number of accounts involved was never disclosed.

If you are affected by this breach and know any additional information, please leave a comment below.

Additional facts:

• All Portfolio Architect accounts opened on or before Sept 30, 2005 were exposed. (Thanks Patricia!)

Written by MCruz on May 26th, 2006 with 4 comments.
Read more articles on Banks and Customers and Identity Theft.