Tagged: data breach Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 8:00 am on October 23, 2023 Permalink | Reply
    Tags: data breach, , , ,   

    New scam targets new iPhone users 

    New scam targets new iPhone users

    By Greg Collier

    Apple recently released the newest iteration of the iPhone, the iPhone 15. While it’s only an incremental upgrade from the iPhone 14, the most newsworthy feature of the new iPhone is it can now be charged by USB-C. Previously, Apple used its proprietary Lightning connector, even though USB-C charges and transfers data faster. However, the iPhone 15 has been very popular among the Apple faithful, and when something is that popular, scammers are bound to follow.

    In previous years, an iPhone scam would consist of scammers claiming to sell a brand-new iPhone online for well under market value. From there, a number of scams could take place, most likely just to take the buyer’s money without giving them an iPhone. This new scam, is trying to get the iPhone 15 out of the hands of people who already own one.

    According to tech news site Tom’s Guide, one of their own reporters was approached by a scammer after they purchased an iPhone 15. The scammer called the reporter, posing as a representative from Verizon. The scammer said that due to overheating issues, the reporter needed to return their iPhone 15 because it was dangerous. While the iPhone 15 did have an overheating issue, it was never dangerous and has since been fixed with an update.

    The reporter called Verizon and verified this was a scam, but the scammer had already sent FedEx to pick up their phone. When the reporter spoke with the FedEx driver, the address the phone was going to be sent to was not to Verizon.

    What’s concerning about this scam is the scammers had enough of the reporter’s personal information to initiate this scam. If this had happened to someone who was less informed about scams, there’s a good chance they would have fallen victim. It’s believed scammers got this information from a Verizon data breach which happened earlier this year.

    When a product is defective and poses a danger to users, companies will not call customers. Instead, a recall will be issued by releasing statements to the media. At best, a customer may receive a post card in the mail letting them know about the recall. If you’ll think back to the Samsung Galaxy Note 7 debacle when the batteries were catching fire, no one was calling Note users asking for their phones.

    If you’ve purchased an iPhone through Verizon in the past few years, you probably want to be on the lookout for this type of phone call. If you receive this type of call, hang up and whatever you do, don’t send the phone to the scammers. Odds are, if you do, you’ll never see it again.

  • Geebo 9:01 am on March 10, 2023 Permalink | Reply
    Tags: data breach, , payday loans,   

    Payday loan scams target the already vulnerable 

    By Greg Collier

    Payday loan companies are already a shady type of business. They target low-income neighborhoods and hope to keep their customers on a never-ending cycle of dependence through their predatory practices. The high-interest rates and fees make it difficult for borrowers to repay the loan and can result in a cycle of debt. Several states have banned the practice of payday loans, but some lenders have gotten around these bans by opening storefronts on Native-American reservations. However, payday lenders are not the scammers we’re talking about today. We’re talking about scammers who take advantage of the borrowers, even after they’ve paid the loans back.

    According to lifestyle blog Lifehacker, there are many scams that try to take advantage of borrowers. Most of these scams start when the payday lenders have a security breach. We can’t imagine such upstanding businesses having the best security practices when it comes to their customers. In one scam, the scammers will pose as the lending company and try to get the personal and financial information from the borrower under the promise of depositing the loan into the borrower’s bank accounts.

    Another scam is where the scammers pose as debt collectors, hoping the borrower has maybe lost track of some debts owed to a payday lender. Since they typically have the borrower’s personal information, they can make the scam seem more legitimate. Considering how much information payday lenders collect from their customers, this can be an extensive amount of the borrower’s personal history.

    There are also scams where the scammers will pose as payday lenders online and over the phone who either just want the victim’s information, or will ask for money upfront in exchange for a loan that never comes through.

    The best way to avoid these scams is to avoid payday lenders altogether. However, we also understand that not everyone has that luxury. If you’re contacted by someone claiming to collect a debt on behalf of a payday lender, ask them for a written explanation of the debt. Debt collectors are required by law to provide that to debtors.

    Also, if a lender asks for a fee in advance, they are a scammer. This is one of the variations of the advance fee scam is illegal for lenders to do.

    Lastly, even payday lenders will not reach out to prospective customers by phone, email, or text. If someone is offering you a loan through this method, the odds are almost certain they’re a scammer.

  • Geebo 9:01 am on December 30, 2021 Permalink | Reply
    Tags: data breach, , , ,   

    Phone hacking rises out of data breach 

    Phone hacking rises out of data breach

    By Greg Collier

    This past August, it was reported that major cell phone carrier T-Mobile had a massive data breach. That breach is said exposed the information of up to 40 million customers. Now, it seems we’re starting to see the fallout from that breach. Tech experts are saying that cases of SIM-swapping are on the rise. By its name, you might think that SIM-swapping involves a scammer having physical possession of your phone so they can steal your phone’s SIM card. However, that’s not the case. SIM-swapping can happen without you even noticing.

    SIM-swapping works when a scammer or identity thief uses your information to deactivate your cell phone and transfer your service to the scammer’s phone. This is done when a bad actor calls your cell phone carrier and convinces the carrier to change service to the scammer’s phone. The reason scammers do this is that so many of us have our security safeguards routed through our phones. Many of us who use two-factor authentication do so through text messaging.

    For example, let’s say you have 2FA enabled on your bank account. No one can enter your bank account if they don’t receive the text message for your bank account’s authority. If a scammer SIM-swaps your phone, they now have access to those security measures. Not only could SIM-swappers access your accounts, but they could also lock you out of any of your accounts that you access through your phone. They could essentially take over your identity completely through the phone, and you may not notice for a while.

    If your phone stops receiving service all of a sudden, that could be a sign you’ve might have been SIM-swapped. There are ways to protect yourself, though. Sharing too much information on social media could lead scammers and identity thieves to the answers to your security questions. You can also contact your cell phone carrier and instruct them to not allow any device switching on your account. You’d be surprised how often scammers are contacting cell phone carriers for one scam or another.

  • Geebo 8:00 am on October 7, 2021 Permalink | Reply
    Tags: data breach, , , , , Twitch   

    Major social media platform experiences historic data breach 

    Data breach exposed most American families

    By Greg Collier

    If we had to hazard a guess, we’d assume that most of our readership do not use livestreaming platform Twitch. If you’re not familiar with Twitch, it’s most famous for its users who stream themselves playing video games, although it does have other content such as musicians and talk shows. Yesterday, Twitch was the victim of a massive data breach of epic proportions, which has left some of its top users vulnerable to potential cyberattacks.

    Yesterday, hackers released a veritable cornucopia of Twitch’s inside information. This was a 128 GB file that contained the platform’s source code. In layman’s terms, hackers released all the code that the platform runs on to the public. Some of this code contained information such as how much some of Twitch’s top earners make, which for some is in the millions of dollars. Twitch streamers make a lot of their money through monthly subscriptions and viewer donations.

    What’s more concerning to the average Twitch user is that it’s been alleged that usernames and passwords have been exposed. If this is true, this could lead to a rash of identity theft if Twitch users use the same password elsewhere online. While this breach may not affect the majority of our readership, it could affect your kids, as Twitch is massively popular among a younger audience.

    This data breach could be used to teach your kids a lesson in online security. Find out if they have a Twitch account and if they use their Twitch password anywhere else online. Recommend that they not only change their password to Twitch, but also to change it if they use the same password anywhere else. You should also recommend to them that they should not use the same password on multiple platforms. It’s never too early to have your children learn the value of internet security.

  • Geebo 8:00 am on September 15, 2021 Permalink | Reply
    Tags: , data breach, , ,   

    Pharmacy data breach exposes millions of customers’ data 

    Pharmacy data breach exposes millions of customers' data

    By Greg Collier

    When someone entrusts a billion-dollar company with their medical information, you might assume that they take security seriously. After all, HIPAA violations are no joke. The largest HIPAA fine so far was $18 million paid by a major health insurance company after they feel for a phishing attack, exposing client data in the process. So, say you’re the largest pharmacy chain in the nation. You’ve also tested countless customers for COVID-19. You must have some kind of impenetrable security in place to keep all that information private, right? Maybe not according to security experts.

    A security consultant had his family tested for COVID-19 back in March at a local Walgreens. While getting his family’s test results, he discovered a flaw in Walgreens’ website that exposed customer information related to the COVID-19 tests. This information is said to have contained name, date of birth, phone number, address, and email along with other sensitive information. The consultant tried to get in touch with Walgreens to warn them about the flaw, but they allegedly ignored him. Tech news site, Recode, also investigated the flaw and notified Walgreens about it. Recode even gave Walgreens time to fix the vulnerability before they published their report, but according to Recode, the vulnerability still hasn’t been fixed.

    As of the time of this post, there has been no confirmation that any bad actor has come into possession of any customer information. However, that doesn’t necessarily mean they haven’t. If you used Walgreens for COVID-19 testing since July 2020, you may want to keep an eye on your credit report. This breach could be a potential treasure trove for identity thieves. The information could also be used by scammers to sound more legitimate since they have some personal details of your life.

  • Geebo 8:04 am on August 20, 2021 Permalink | Reply
    Tags: data breach, ,   

    Millions of customers exposed in phone carrier data breach 

    By Greg Collier

    It seems like it’s been a while since we’ve heard of a massive data breach, and believe us when we say this one is massive. T-Mobile is one of the largest cell phone providers in the United States. They recently announced that a data breach took place that exposed the data of around 40 million customers. We’re talking about a lot of vital information, too.

    According to T-Mobile themselves, the data breach included Social Security numbers, birthdates, names and driver license information. However, T-Mobile has also pointed out that the breach did not include credit card or payment information. If that’s what they’re patting themselves on the back for, they may want to rein it in for a moment.

    A lot of potential damage can be done to anyone’s identity if an identity thief has just one of the items exposed. But if they have your Social Security number, your driver’s license info, and your date of birth, that’s like having a skeleton key to your entire life.

    If you’re a T-Mobile customer, it is recommended that you change your account password and PIN. It’s also recommended that you put a freeze on your credit, which is a free service. You would need to contact each of the three major credit bureaus to do so. This would prevent any identity thieves from opening credit in your name. T-Mobile is also offering a free 2-year credit protection service as well.

    The one thing you shouldn’t do if you’re a T-Mobile customer is to ignore the problem, as it has the potential to damage not only your credit, but your personal finances as well. Don’t let someone else’s actions negatively impact your financial well-being.

  • Geebo 8:00 am on April 15, 2020 Permalink | Reply
    Tags: , data breach, virtual classrooms, virtual meetings, Zoom   

    Half a million Zoom accounts for sale 

    Half a million Zoom accounts for sale

    With so many of us now working from home, a great many of us have had to attend virtual meetings. The most popular app to accomplish these meetings has been Zoom. While Zoom has been a blessing to help keep many businesses running, it has not been without its problems. A slew of internet pranksters have been able to gain access to live Zoom meetings. While some of the pranks have been harmless, others have seen explicit or violent imagery shared. There have even been instances of hate speech being spouted during some of these meetings. Considering that Zoom has also been used for virtual classrooms, the potential for abuse becomes even more disturbing.

    [youtube https://www.youtube.com/watch?v=JaecW3jEBZk%5D

    To compound problems for Zoom, over 500,000 Zoom account credentials are being put up for sale on the dark web and in hacker forums. Hackers won’t be using them for just internet pranks as the credentials contain user email addresses and passwords. If the passwords are one a user has for multiple other accounts then that user can have their accounts on multiple platforms hacked. This could not only lead to the user’s identity being stolen but could also lead to financial losses if the user’s security isn’t stable enough.

    Thankfully, Zoom already has security measures in place that users can enable to better secure their meetings and information. A list of those features can be found here but the main ones you should enable for every meeting are the ‘waiting room’ feature and the ‘lockdown’ feature. The former will allow you to screen participants in the meeting before you allow them to enter the meeting while the latter will allow you to eject unwelcome visitors. However, the best way to keep unwanted guests out of your meetings or classrooms is to not share the meeting information publicly.

  • Geebo 9:00 am on March 3, 2020 Permalink | Reply
    Tags: data breach, , medical privacy,   

    Major pharmacy leaks customer data 

    Major pharmacy leaks customer data

    Out of all your personal information that could be potentially exposed, it’s probably your medical history that you would least want to be public knowledge. After all, your medical information is the most personal information you have. It’s so personal, in fact, that Congress passed a monumental law back in 1996 to better protect patient privacy. That law was the Health Insurance Portability and Accountability Act, otherwise known as HIPAA. The government has been known to level heavy fines against medical providers when patient privacy has been. One of the nation’s leading pharmacies may now be getting ready to be on the receiving end of one of those record fines.

    [youtube https://www.youtube.com/watch?v=FKTHncn-5Vs%5D

    Walgreens recently announced that their mobile app had a flaw that could have potentially exposed customer’s names along with the medication they’re taking and other health-related information. According to Walgreens

    The bug allowed “a small percentage of impacted customers” to view one or more personal messages containing limited health-related info of other app users “between January 9, 2020, and January 15, 2020.”

    However, they say that no customers’ financial information has been released. That’s not to say that medical information can’t be used for nefarious purposes. In the past, medical information that was made public has been used to blackmail people.

    Walgreens is said to be sending letters to those affected in the breach but they have also been quiet on the number of customers who have been affected. This isn’t the first time Walgreens has run afoul of HIPAA. In 2013, they were fined $1.4 million when a pharmacist inappropriately shared a customer’s medical data. Imagine how much the fine could potentially be now with a nationwide breach.

    Unfortunately, there’s not much a patient can do once their medical information is out in the wild. At best, they can sue the medical provider for damages but once medical information falls into the wrong hands it’s out there for good.

  • Geebo 9:00 am on January 29, 2020 Permalink | Reply
    Tags: , data breach, LabCorp, , , Wawa   

    Recent data breaches can affect your money, health, and privacy! 

    Recent data breaches can affect your money, health, and privacy!

    If you’ve ever been to the East Coast especially the Pennsylvania and South Jersey areas you may be familiar with the convenience store chain Wawa. They recently had a data breach that could have exposed up to 30 million payment cards of its customers. Reportedly, hackers had installed malware into the payment processors at multiple stores at both the register area and their gas pumps. Some of the payment card information has even ended up on the web for sale to malicious actors. If you used a debit or credit card at a Wawa store in the past couple of months you’ll want to keep an eye on your account for unauthorized purchases.

    [youtube https://www.youtube.com/watch?v=qyT4SabnV2w%5D

    LabCorp is one of the nation’s largest medical testing companies. They recently had a flaw in their website that allowed 10,000 patient records to be exposed. This information included dates of birth, Social Security numbers, and lab results among other medical data. This is the second breach for LabCorp in the past year as their payment system was exposed back in June which resulted in the compromise of close to 8 million payment records. This latest breach could result in heavy fines for LabCorp under the Health Insurance Portability and Accountability Act (HIPAA). LabCorp has said that they will be notifying patients who had their data exposed.

    Lastly, it seems we can’t talk about data breaches without talking about Ring. While Ring’s most recent incident may not be a data breach per se, it does show how your information can be put at risk. The internet privacy advocates at the Electronic Frontier Foundation (EFF) claim they have discovered that the Android version of the Ring camera app sends user information to several third-parties. One of those third-parties is said to be Facebook and it doesn’t matter if you have a Facebook account or not. Some of the information sent to these third-parties include users’ full names, email addresses, and app settings including the number of locations they have Ring devices installed in.

  • Geebo 9:00 am on January 23, 2020 Permalink | Reply
    Tags: , data breach, , Personal Data Protection Fund, , US Trading Commission   

    Can you get paid for data breaches? 

    Can you get paid for data breaches?

    Sadly, data breaches are just a part of our way of digital life anymore. It’s not a matter of if some of our data will be exposed, it’s a matter of when. Some of the more egregious data breaches have even landed companies in legal trouble such as the infamous Equifax leak. Some of these have resulted in class action lawsuits which while costing the companies large sums of money, consumers affected by the leaks can only claim a very small part of that settlement. Some scammers are now using that fear of exposure and a little bit of consumer greed to try to trick people into giving up their personal information.

    Security experts Kaspersky Labs recently came across a website that promises to send you money if your data has been exposed in one of these corporate leaks. The website claims to be from the ‘Personal Data Protection Fund’ that was created by the ‘US Trading Commission’. There is no governmental office known as the US Trading Commission. The site asks you to enter your information including your Social Security information to see if your data has been leaked. Of course, it tells you that it has and promises you a payout of $2,500. All you have to do is give them your bank number in order to collect the payout. As you might have expected, there is no payout and now some overseas scammer has all the information they need to steal your identity or worse.

    As always, you should never give your personal or financial information to just anyone who asks on the internet. Don’t be lured in by promises of money where you don’t have to do anything for it. Also, the government doesn’t hand out payments for people who have had their data breached. If you’re afraid your data may have been breached you can check at haveibeenpwned.com which is one of the more trustworthy places online.

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc