According to USA Today, computer hackers continue to steal hotel guests’ credit-card data more than any other industry. Nicholas Percoco, an Internet expert who investigates corporate data breaches, says that after hotels, restaurants were the next-most-investigated industry for breaches.

Part of the problem for hotels is that hackers have been creating more sophisticated software. The new breed of software can sit undetected inside a hotel’s network for months until an expert seeks it out, said Percoco.

“Once installed on the hotel reservations system, (the hacker) is able to go through all the data on that system and pull out the credit card information,” he said. “They can look not only at historic data on that system, but also the data being input at the same time.”
Typically, hotel breaches are detected only after a credit card company notices a trend over time, he said. The credit card companies may see a pattern where credit cards are legitimately used at a particular hotel – and then fraud appears on those cards “some time after,” Percoco said.

Fortunately, some of the larger hotel companies are starting to spend money to combat hotel hackers.

In an attempt to persuade Virginia to take sensitive personal data off state Web sites Betty Ostergren created her own site and then posted public records that included the Social Security numbers of government officials, according to the Washington Times. Now, a federal appellate court in Virginia ruled that Ostergren can keep those records on her site, The Virginia Watchdog. The court found that a 2008 law outlawing publishing Social Security numbers violates Americans’ constitutional right to free speech.

“The unredacted SSNs on Virginia land records that Ostergren has posted online are integral to her message. Indeed, they are her message,” Judge Allyson K. Duncan wrote for the panel of the U.S. Court of Appeals for the 4th Circuit. “Displaying them proves Virginia’s failure to safeguard private information and powerfully demonstrates why Virginia citizens should be concerned.”

According to court papers, Virginia officials unsuccessfully argued that Ostergren’s posting of the documents isn’t protected speech. The Social Security numbers posted on Ostergren’s site, they said, facilitate “identity theft and are no essential part of any exposition of ideas.”

According to the Washington Times, schools are putting children at risk of identity fraud by obtaining their Social Security numbers when it is not required by law and often unnecessary.

The Social Security Administration’s Office of Inspector General says that some school systems in at least 26 states collect the nine-digit identifiers when students from kindergarten through high school register for classes, even though the states don’t legally require them to do so.

Seven states require school systems to collect Social Security numbers as their primary means to track and identify students. However, officials say that other methods are just as good.

In one case, an elementary school poster contest asked students to put their Social Security numbers on entry forms attached to the backs of posters.

“We believe such practices increase the risk of SSN misuse and unnecessarily subject students to the possibility of identity theft,” investigators said in the report, which noted the growing number of identity theft victims who are under the age of 19. “Identity thieves often target children because they have clean credit histories, and their records may be used for years before they realize their identity has been used for criminal activities.”

According to the East Valley Tribune, a Phoenix woman who was fired from her credit union job for running unlawful credit checks on four clients has been arrested for allegedly committing identity theft. She was busted when a bank customer reported that she received a call from a bank thanking her for applying for a credit card she didn’t apply for.

When the victim saw the address on the credit card application, she searched the county assessor’s website. She saw the name of the bank employee and recognized it as the woman who had assisted her with a home refinance loan in November 2009. When she reported the incident, the bank investigated and found that the employee had been fired from her job for running unlawful credit checks.

The Better Business Bureau issued a warning about the latest Facebook “phishing” scam, which is designed to steal your personal information reports the Salisbury Post. This scam is spread via status updates which say fast food chain McDonald’s is closing and encourage users to click a link to find out why.

Here is an example of what a status update might look like: “OMG!! McDonald’s might soon shut down because of this! Warning: Your jaw will drop to the floor! Follow the two easy steps below to see why McDonald’s might soon shut down! Step one is to click on the link that says ‘Like This Page!’ and then click on the ‘Like’ button to continue.”

If you click on the link, you’re asked to fill out a survey that asks you for personal information. The link might also infect your computer with spyware, malware or viruses designed to steal any personal information or passwords stored on your computer.

To protect your identity from such scams, never click on suspicious links online disguised as sensational information, even if the link comes from one of your Facebook friends. Also, never give out personal information online unless you’re positive it’s safe to do so.