Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Data. Show all posts
My Digital Office
Cyberattacks Cybersecurity CyberThreat Data Data Breach Have I Been Pwned Hilton Hotel Chain Hyatt Marriott My Digital Office

Otelier Security Breach Leaks Sensitive Customer and Reservation Details

 


The International Journal of Security has revealed that some of the world's biggest hotel chains have had their personal information compromised following a threat actor's attack on a program provider that serves the industry. As part of a data breach on Otelier's Amazon S3 cloud storage system, threat actors were able to steal millions of guests' personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt after breaching the cloud storage. 

According to the threat actors, almost eight terabytes of data were stolen from Otelier's Amazon AWS buckets during the period July 2024 through October 2024, with continued access continuing to this date until October.   Hotelier, one of the world's leading cloud-based hotel management platforms, has reportedly confirmed a data breach affecting its Amazon S3 storage that exposed sensitive information from prominent hotel brands such as Marriott, Hilton, and Hyatt through the exposure of sensitive data from its Amazon S3 storage, according to reports. 

There were reports of unauthorized access to 7.8 terabytes of data from threat actors during this period. These threats were reported as starting in July 2024 and continuing until October 2024. There has been no report of any incident at Otelier as of now, but they have reportedly suspended their operations and have entrusted an expert team to investigate the incident. 

A freelance security expert, Stacey Magpie, speculates that the stolen data may contain sensitive data like email addresses, contact information, the purpose of the guest's visit, and the length of the stay, all of which could be utilized for phishing schemes and identity theft attacks. Telier, also formerly known as "MyDigitalOffice," has not yet made an official statement regarding the breach, but it is thought that a threat group is responsible for the attack. 

By using malware, the group may have been able to gain access to an employee's Amazon Web Services credentials and then transfer the stolen data to the company's servers. A spokesperson from the company has confirmed that no payment, employee, or operational data was compromised during this incident. An Otelier employee was recently reported to have had his Atlassian login credentials stolen by malicious actors using an information stealer. 

A user with this access is then able to scrape tickets and other data, which allows the attackers to get the credentials for S3 buckets, which is where the attackers obtained the credentials. As a result of this exfiltration, the hackers managed to get 7.8TB of data from these buckets, including millions of documents belonging to Marriott. The information contained in these buckets included hotel reports, shift audits, and accounting data, among other things. 

Among the data samples offered by Marriott were reservations, transactions, employee emails, and other internal data about hotel guests. There were instances where the attackers gained the names, addresses, phone numbers, and email addresses of hotel guests. The company confirmed that through Otelier’s platform, the breach indirectly affected its systems. A forensic analysis of the incident has been conducted by Otelier as a result of the suspension of the company's automated services with Otelier, which said it had hired cybersecurity experts to do so. 

Additionally, according to Otelier, affected accounts were disabled, unauthorized access had been terminated, and enhanced security protocols had been implemented to prevent future breaches from occurring. According to Otelier, affected customers have been notified of the breach. It is said that the hackers accessed Otelier's systems by compromising the login credentials of an employee who used malware to steal information. By using these credentials, they were able to access the Atlassian server on which the company's Atlassian applications were hosted. 

These credentials allowed them to gather additional information from the company, including credentials for Amazon S3 buckets. Based on their claims, they were able to extract data, including information regarding major hotel chains, using this access. In their initial attempt to get Marriott's data, the attackers mistakenly believed that the data belonged to Marriott itself. To avoid leaking data, they left ransom notes that demanded cryptocurrency payments. Otelier rotated their credentials in September, which eliminated the attacker's access. 

There are many types of data in the small samples, including hotel reservations and transactions, employee emails, and other internal files. In addition to information about hotel guests, the stolen data also includes information and email addresses related to Hyatt, Hilton, and Wyndham, as well as information regarding the properties owned by these companies. As Troy Hunt revealed during an interview for BleepingComputer, he has been given access to a huge dataset of data, which contains 39 million rows of reservations and 212 million rows of users in total. As a result of the substantial amount of data, Hunt tells us that he found 1.3 million unique email addresses, many of which appeared several times in the data. 

As a result of the recently discovered vulnerability, the exposed data is now being added to Have I Been Pwned, making it possible for anyone to examine if their email address appears to be a part of the exposed data. The breach affected a total of 437,000 unique email addresses which originated during reservations made with Booking.com and Expedia.com, thus resulting in a total of 1,036,000 unique email addresses being affected. 

A robust data protection strategy should be implemented by businesses in the hospitality sector to minimize risks, including the implementation of effective data continuity plans, the application of regular software updates, the education of staff regarding cybersecurity risks, the automation of network traffic monitoring for suspicious activity, the installation of firewalls to prevent threats, and the encryption of sensitive information.
Read more »
Volkswagen
Automobiles Car Data EV Technology Volkswagen

With Great Technology Comes Great Responsibility: Privacy in the Digital Age


In today’s digital era, data has become a valuable currency, akin to Gold. From shopping platforms like Flipkart to healthcare providers and advertisers, data powers personalization through targeted ads and tailored insurance plans. However, this comes with its own set of challenges.

While technological advancements offer countless benefits, they also raise concerns about data security. Hackers and malicious actors often exploit vulnerabilities to steal private information. Security breaches can expose sensitive data, affecting millions of individuals worldwide.

Sometimes, these breaches result from lapses by companies entrusted with the public’s data and trust, turning ordinary reliance into significant risks.

Volkswagen EV Concerns

A recent report by German news outlet Der Spiegel revealed troubling findings about a Volkswagen (VW) subsidiary. According to the report, private data related to VW’s electric vehicles (EVs) under the Audi, Seat, Skoda, and VW brands was inadequately protected, making it easier for potential hackers to access sensitive information.

Approximately 800,000 vehicle owners’ personal data — including names, email addresses, and other critical credentials — was exposed due to these lapses.

CARIAD, a subsidiary of Volkswagen Group responsible for software development, manages the compromised data. Described as the “software powerhouse of Volkswagen Group” on its official website, CARIAD focuses on creating seamless digital experiences and advancing automated driving functions to enhance mobility safety, sustainability, and comfort.

CARIAD develops apps, including the Volkswagen app, enabling EV owners to interact with their vehicles remotely. These apps offer features like preheating or cooling the car, checking battery levels, and locking or unlocking the vehicle. However, these conveniences also became vulnerabilities.

In the summer of 2024, an anonymous whistleblower alerted the Chaos Computer Club (CCC), a white-hat hacker group, about the exposed data. The breach, accessible via free software, posed a significant risk.

Data Exposed via Poor Cloud Storage

The CCC’s investigation revealed that the breach stemmed from a misconfigured Amazon cloud storage system. Gigabytes of sensitive data, including personal information and GPS coordinates, were publicly accessible. This data also included details like the EVs’ charge levels and whether specific vehicles were active, allowing malicious actors to profile owners for potential targeting.

Following the discovery, the CCC informed German authorities and provided VW Group and CARIAD with a 30-day window to address the vulnerabilities before disclosing their findings publicly.

This incident underscores the importance of robust data security in a world increasingly reliant on technology. While companies strive to create innovative solutions, ensuring user privacy and safety must remain a top priority. The Volkswagen breach serves as a stark reminder that with great technology comes an equally great responsibility to protect the public’s trust and data.

Read more »
User Data
Amazon Chrome Cookie Data Facebook Safari Technology User Data

No More Internet Cookies? Digital Targeted Ads to Find New Ways


Google Chrome to block cookies

The digital advertising world is changing rapidly due to privacy concerns and regulatory needs, and the shift is affecting how advertisers target customers. Starting in 2025, Google to stop using third-party cookies in the world’s most popular browser, Chrome. The cookies are data files that track our internet activities in our browsers. The cookie collects information sold to advertisers, who use this for targeted advertising based on user data. 

“Cookies are files created by websites you visit. By saving information about your visit, they make your online experience easier. For example, sites can keep you signed in, remember your site preferences, and give you locally relevant content,” says Google.

In 2019 and 2020, Firefox and Safari took a step back from third-party cookies. Following their footsteps, Google’s Chrome allows users to opt out of the settings. As the cookies have information that can identify a user, the EU’s and UK’s General Data Protection Regulation (GDPR) asks a user for prior consent via spamming pop-ups. 

No more third-party data

Once the spine of targeted digital advertising, the future of third-party cookies doesn’t look bright. However, not everything is sunshine and rainbows. 

While giants like Amazon, Google, and Facebook are burning bridges by blocking third-party cookies to address privacy concerns, they can still collect first-party data about a user from their websites, and the data will be sold to advertisers if a user permits, however in a less intrusive form. The harvested data won’t be of much use to the advertisers, but the annoying pop-ups being in existence may irritate the users.

How will companies benefit?

One way consumers and companies can benefit is by adapting the advertising industry to be more efficient. Instead of using targeted advertising, companies can directly engage with customers visiting websites. 

Advances in AI and machine learning can also help. Instead of invasive ads that keep following you on the internet, the user will be getting information and features personally. Companies can predict user needs, and via techniques like automated delivery and pre-emptive stocking, give better results. A new advertising landscape is on its way.

Read more »
Tech Industry
Cyberattacks CyberCriminal Cybersecurity CyberThreat Data Data Minimizations GDPR Privacy Tech Industry

Tech's Move Toward Simplified Data Handling

 


The ethos of the tech industry for a long time has always been that there is no shortage of data, and that is a good thing. Recent patents from IBM and Intel demonstrate that the concept of data minimization is becoming more and more prevalent, with an increase in efforts toward balancing the collection of information from users, their storage, and their use as effectively as possible. 

It is no secret that every online action, whether it is an individual's social media activity or the operation of a global corporation, generates data that can potentially be collected, shared, and analyzed. Big data and the recognition of data as a valuable resource have led to an increase in data storage. Although this proliferation of data has raised serious concerns about privacy, security, and regulatory compliance, it also raises serious security concerns. 

There is no doubt that the volume and speed of data flowing within an organization is constantly increasing and that this influx brings both opportunities and risks, because, while the abundance of data can be advantageous for business growth and decision-making, it also creates new vulnerabilities. 

There are several practices users should follow to minimize the risk of data loss and ensure an environment that is safer, and one of these practices is to closely monitor and manage the amount of digital data that users company retains and processes beyond its necessary lifespan. This is commonly referred to as data minimization. 

According to the principle of data minimization, it means limiting the amount of data collected and retained to what is necessary to accomplish a given task. This is a principle that is a cornerstone of privacy law and regulation, such as the EU General Data Protection Regulation (GDPR). In addition to reducing data breaches, data minimization also promotes good data governance and enhances consumer trust by minimizing risks. 

Several months ago IBM filed a patent application for a system that would enable the efficient deletion of data from dispersed storage environments. In this method, the data is stored across a variety of cloud sites, which makes managing outdated or unnecessary data extremely challenging, to achieve IBM's objective of enhancing data security, reducing operational costs, and optimizing the performance of cloud-based ecosystems, this technology has been introduced by IBM. 

By introducing the proposed system, Intel hopes to streamline the process of removing redundant data from a system, addressing critical concerns in managing modern data storage, while simultaneously, Intel has submitted a patent proposal for a system that aims to verify data erasure. Using this technology, programmable circuits, which are custom-built pieces of hardware that perform specific computational tasks, can be securely erased.

To ensure the integrity of the erasure process, the system utilizes a digital signature and a private key. This is a very important innovation in safeguarding data security in hardware applications, especially for training environments, where the secure handling of sensitive information is of great importance, such as artificial intelligence training. A growing emphasis is being placed on robust data management and security within the technology sector, reflected in both advancements. 

The importance of data minimization serves as a basis for the development of a more secure, ethical, and privacy-conscious digital ecosystem, as a result of which this practice stands at the core of responsible data management, offering several compelling benefits that include security, ethics, legal compliance, and cost-effectiveness. 

Among the major benefits of data minimization is that it helps reduce privacy risks by limiting the amount of data that is collected only to the extent that is strictly necessary or by immediately removing obsolete or redundant information that is no longer required. To reduce the potential impact of data breaches, protect customer privacy, and reduce reputational damage, organizations can reduce the exposure of sensitive data to the highest level, allowing them to effectively mitigate the potential impact of data breaches. 

Additionally, data minimization highlights the importance of ethical data usage. A company can build trust and credibility with its stakeholders by ensuring that individual privacy is protected and that transparent data-handling practices are adhered to. It is the commitment to integrity that enhances customers', partners', and regulators' confidence, reinforcing the organization's reputation as a responsible steward of data. 

Data minimization is an important proactive measure that an organization can take to minimize liability from the perspective of reducing liability. By keeping less data, an organization is less likely to be liable for breaches or privacy violations, which in turn minimizes the possibility of a regulatory penalty or legal action. A data retention policy that aligns with the principles of minimization is also more likely to ensure compliance with privacy laws and regulations. 

Additionally, organizations can save significant amounts of money by minimizing their data expenditures, because storing and processing large datasets requires a lot of infrastructure, resources, and maintenance efforts to maintain. It is possible to streamline an organization's operation, reduce overhead expenditures, and improve the efficiency of its data management systems by gathering and retaining only essential data. 

Responsible data practices emphasize the importance of data minimization, which provides many benefits that are beyond security, including ethical, legal, and financial benefits. Organizations looking to navigate the complexities of the digital age responsibly and sustainably are critical to adopting this approach. There are numerous benefits that businesses across industries can receive from data minimization, including improving operational efficiency, privacy, and compliance with regulatory requirements. 

Using data anonymization, organizations can create a data-democratizing environment by ensuring safe, secure, collaborative access to information without compromising individual privacy, for example. A retail organization may be able to use anonymized customer data to facilitate a variety of decision-making processes that facilitate agility and responsiveness to market demands by teams across departments, for example. 

Additionally, it simplifies business operations by ensuring that only relevant information is gathered and managed to simplify the management of business data. The use of this approach allows organizations to streamline their workflows, optimize their resource allocations, and increase the efficiency of functions such as customer service, order fulfillment, and analytics. 

Another important benefit of this approach is strengthening data privacy, which allows organizations to reduce the risk of data breaches and unauthorized access, safeguard sensitive customer data, and strengthen the trust that they have in their commitment to security by collecting only essential information. Last but not least, in the event of a data breach, it is significantly less impactful if only critical data is retained. 

By doing this, users' organization and its stakeholders are protected from extensive reputational and financial damage, as well as extensive financial loss. To achieve effective, ethical, and sustainable data management, data minimization has to be a cornerstone.
Read more »
Ransomware
Backups Cyber Security Data Ransomware

Ransomware Attacks Expose Gaps in Backup Practices: The Case for Modern Solutions

 


Ransomware attacks are becoming increasingly sophisticated and widespread, posing significant risks to organizations worldwide. A recent report by Object First highlights critical vulnerabilities in current backup practices and underscores the urgency of adopting modern solutions to safeguard essential data.

Outdated Backup Systems: A Growing Concern

Nearly every organization still relies on outdated backup technologies, leaving them exposed to cyberattacks. According to the survey, 34% of respondents identified outdated backup systems as a severe vulnerability, emphasizing their inability to combat modern ransomware tactics devised by malicious actors.

Another alarming gap is the lack of encryption in backup processes, noted by 31% of IT professionals. Encryption is essential for the secure storage and transfer of sensitive data. Without it, backup files are vulnerable to breaches. Additionally, 28% of respondents reported experiencing backup system failures, which can significantly impede recovery efforts and prolong downtime following an attack.

Backup data, once considered the last line of defense against ransomware, has become a primary target for attackers. Cybercriminals now focus on corrupting or deleting backup files, rendering traditional approaches ineffective. This underscores the necessity of adopting advanced solutions capable of withstanding such tampering.

Immutable storage has emerged as a powerful defense against ransomware. This technology ensures that once data is stored, it cannot be altered or deleted. The report revealed that 93% of IT professionals consider immutable storage critical for ransomware protection. Furthermore, 97% of organizations are planning to incorporate immutable storage into their cybersecurity strategies.

Immutable systems align with the Zero Trust security model, which operates on the principle that no user or system is inherently trustworthy. This approach minimizes the risk of unauthorized access or data manipulation by continuously validating access requests and limiting permissions.

Challenges in Adopting Modern Solutions

Despite their effectiveness, implementing advanced backup systems is not without challenges. Approximately 41% of IT professionals acknowledged a lack of the necessary skills to manage complex backup technologies. Budget constraints also pose a significant hurdle, with 69% of respondents admitting they cannot afford to hire additional security experts.

The growing threat of ransomware demands immediate action. Businesses must prioritize upgrading their backup systems and investing in immutable storage solutions. At the same time, addressing skill shortages and overcoming financial barriers are crucial to ensuring robust, comprehensive protection against future attacks.

Read more »
User Tracking
Data DEA FBI FTC Location Privacy surveillance User Tracking

FTC Stops Data Brokers from Unlawful User Location Tracking

FTC Stops Data Brokers from Unlawful User Location Tracking


Data Brokers Accused of Illegal User Tracking

The US Federal Trade Commission (FTC) has filed actions against two US-based data brokers for allegedly engaging in illegal tracking of users' location data. The data was reportedly used to trace individuals in sensitive locations such as hospitals, churches, military bases, and other protected areas. It was then sold for purposes including advertising, political campaigns, immigration enforcement, and government use.

Mobilewalla's Allegations

The Georgia-based data broker, Mobilewalla, has been accused of tracking residents of domestic abuse shelters and protestors during the George Floyd demonstrations in 2020. According to the FTC, Mobilewalla allegedly attempted to identify protestors’ racial identities by tracing their smartphones. The company’s actions raise serious privacy and ethical concerns.

Gravy Analytics and Venntel's Accusations

The FTC also suspects Gravy Analytics and its subsidiary Venntel of misusing customer location data without consent. Reports indicate they used this data to “unfairly infer health decisions and religious beliefs,” as highlighted by TechCrunch. These actions have drawn criticism for their potential to exploit sensitive personal information.

Unlawful Data Collection Practices

The FTC revealed that Gravy Analytics collected over 17 billion location signals from more than 1 billion smartphones daily. The data was allegedly sold to federal law enforcement agencies such as the Drug Enforcement Agency (DEA), the Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI).

Samuel Levine, Director of the FTC’s Bureau of Consumer Protection, stated, “Surreptitious surveillance by data brokers undermines our civil liberties and puts servicemembers, union workers, religious minorities, and others at risk. This is the FTC’s fourth action this year challenging the sale of sensitive location data, and it’s past time for the industry to get serious about protecting Americans’ privacy.”

FTC's Settlements

As part of two settlements announced by the FTC, Mobilewalla and Gravy Analytics will cease collecting sensitive location data from customers. They are also required to delete the historical data they have amassed about millions of Americans over time.

The settlements mandate that the companies establish a sensitive location data program to identify and restrict tracking and disclosing customer information from specific locations. These protected areas include religious organizations, medical facilities, schools, and other sensitive sites.

Additionally, the FTC’s order requires the companies to maintain a supplier assessment program to ensure consumers have provided consent for the collection and use of data that reveals their precise location or mobile device information.

Read more »
Vladimir Putin mansions
bodyguard data leak Cyber Security Data heatmap data location tracking sensitive location exposure Strava app privacy Vladimir Putin mansions

Strava's Privacy Flaws: Exposing Sensitive Locations of Leaders and Users Alike

 



Strava, a popular app for runners and cyclists, is once again in the spotlight due to privacy concerns. Known for its extensive mapping tools, Strava’s heatmap feature can inadvertently expose sensitive locations, as recently highlighted by a report from French newspaper Le Monde. The report claims Strava data revealed the whereabouts of high-profile individuals, including world leaders, through activity tracking by their bodyguards.

Unlike a vague location like “the White House” or “Washington, D.C.,” Le Monde discovered Strava's data might pinpoint undisclosed meeting places and hotels used by these leaders. In one example, activity by Vladimir Putin’s bodyguards near properties he allegedly owns could reveal his movements. Additionally, the location history of bodyguards connected to Melania Trump, Jill Biden, and secret service agents from two recent assassination attempts on Donald Trump was reportedly exposed.

Strava's global heatmap, built from user-contributed data, tracks common running and cycling paths worldwide. Premium users can view detailed street-level data, showing where routes are popular, even in rural or isolated areas. If used carefully, the heatmap and location-based features like Segments are mostly safe. However, in low-traffic areas, routes can reveal too much.

Determining someone’s identity from Strava data isn’t difficult. By analyzing heatmaps and repeated routes, investigators—or even stalkers—can identify users and match their profiles to real-world identities. If an account continually shows up in a particular area where a leader is known to be, patterns can be drawn.

Despite privacy concerns, Strava remains popular because of its social features. Users enjoy sharing achievements and compete on Segments—specific road or trail sections where the fastest earn titles like CR (Course Record) or KOM/QOM (King or Queen of the Mountain).

For those concerned about privacy, Strava offers several settings to limit data exposure. In Privacy Controls, users can opt out of adding data to heatmaps, restrict their profile to followers, and hide activity start and end points.
Read more »
Yutaka Sejiyama
Cyber Security Data Japanese security researcher Safety Sonic Wall Yutaka Sejiyama

Ransomware Groups Exploiting SonicWall VPN Vulnerability for Network Breaches

 

Ransomware operators Akira and Fog are increasingly gaining unauthorized access to corporate networks by exploiting SonicWall VPN vulnerabilities. The attackers are believed to be targeting CVE-2024-40766, a critical flaw in SonicWall's SSL VPN access control, to breach networks and deploy ransomware.

SonicWall addressed this vulnerability in August 2024. However, within a week, reports indicated that it was already being actively exploited. According to Arctic Wolf security researchers, Akira ransomware affiliates have been observed using this flaw to establish an initial foothold in victim networks. In their latest findings, Arctic Wolf disclosed that at least 30 network intrusions involving Akira and Fog ransomware began with unauthorized VPN access through SonicWall accounts.

Of the incidents reported, Akira affiliates accounted for 75% of breaches, with the remainder linked to Fog ransomware. Notably, the two groups appear to use shared infrastructure, suggesting ongoing collaboration, a trend previously noted by cybersecurity firm Sophos.

Although researchers can't confirm the vulnerability was exploited in every case, all breached systems were running unpatched versions susceptible to the flaw. In most attacks, ransomware encryption followed initial access within about ten hours, with some cases taking as little as 1.5 to 2 hours. The attackers often connected through VPNs or VPSs to mask their IP addresses.

Arctic Wolf highlights that many targeted organizations had unpatched endpoints, lacked multi-factor authentication for their VPN accounts, and were running services on default port 4433. In cases where firewall logs were available, events indicating remote user logins (message IDs 238 or 1080) were observed, followed by SSL VPN logins and IP assignments.

The ransomware groups moved swiftly, targeting virtual machines and backups for encryption. Stolen data mainly included documents and proprietary software, though files older than six months were often disregarded, with more sensitive files retained up to 30 months.

Fog ransomware, active since May 2024, typically uses compromised VPN credentials for initial network access. Meanwhile, the more established Akira ransomware has recently faced some downtime with its Tor site, though access has been gradually restored.

Japanese security researcher Yutaka Sejiyama reports approximately 168,000 SonicWall endpoints remain vulnerable to CVE-2024-40766. Sejiyama also suggested that the Black Basta ransomware group might be exploiting this flaw in recent attacks.
Read more »
Unauthorized
Breach Casio Cyber Attacks Cyberattack Cybersecurity Data Disruption losses restructuring services Unauthorized

Casio Hit by Cyberattack Causing Service Disruption Amid Financial Challenges

 

Japanese tech giant Casio recently experienced a cyberattack on October 5, when an unauthorized individual accessed its internal networks, leading to disruptions in some of its services.

The breach was confirmed by Casio Computer, the parent company behind the iconic Casio brand, recognized for its watches, calculators, musical instruments, cameras, and other electronic products.

"Casio Computer Co., Ltd. has confirmed that on October 5, its network was accessed by an unauthorized third party," the company revealed in a statement today. Following an internal review, the company discovered the unauthorized access led to system disruptions, which have caused some services to be temporarily unavailable. Casio mentioned it cannot provide further details at this stage, as investigations are still ongoing. The company is working closely with external specialists to assess whether personal data or confidential information was compromised during the attack.

Although the breach has disrupted services, Casio has yet to specify which services have been impacted.

The company reported the cyber incident to the relevant data protection authorities and quickly implemented measures to prevent further unauthorized access. BleepingComputer reached out to Casio for more information, but a response has not yet been provided.

So far, no ransomware group has claimed responsibility for the attack on Casio.

This attack comes nearly a year after a previous data breach involving Casio's ClassPad education platform, which exposed customer data from 149 countries, including names, email addresses, and other personal information.

The recent cyberattack adds to the company's challenges, as Casio recently informed shareholders of an expected $50 million financial loss due to significant personnel restructuring.
Read more »
Ransomware
American Water Works Cyber Attacks Data HMI IT system Ransomware

American Water Works faces Cyberattack





American Water Works, the country's largest provider of water services to 14 states, recently reported that it was cyber attacked on its information technology system. The current report has indicated that operational technology systems that control delivery of water within the company are not affected. As reported by Bloomberg, the company disclosed to shareholders in a filing with the U.S. Securities and Exchange Commission which forced the company to temporarily suspend billing and limit customer support.

On its website, the American Water Works explained its statement in announcing that certain systems were turned off in an attempt to prevent more damages on its customers' information. Its MyWater online service has been temporarily halted, thus stopping billing processes until the systems can be brought back online. The company assured that water quality is not affected and safe for drinking. Whether the customers' information was accessed remains a determination to be made.

Response to the Incident

The company cannot yet fully assess the impact of the incident but confirms that its water and wastewater operations are unaffected. American Water Works first detected unauthorised activity in its networks on October 3. Upon discovery, the company activated its cybersecurity response protocols and sought the assistance of third-party cybersecurity specialists to help contain and investigate the incident. Law enforcement was notified promptly and are actively involved in ongoing inquiries.

The company's IT teams are scrambling to protect data by isolating some systems that might prevent any possible damage. The exact nature of the attack is still unknown, but such cases of ransomware attacks scare cybersecurity experts, who have noted recent instances in which hackers carried out ransomware attacks. The separation of the IT network from the OT networks by the company, a critical step in cybersecurity for critical infrastructures, may have allowed it to contain the spread of the attack that did not penetrate the core operations.


Cyber Threats Against Water Utilities

The incident is part of a worrying trend of cyberattacks on water utilities. Just two weeks back, a Kansas water utility fell under similar attacks, reviving the renewed debate on protection of critical services. According to a report by Cyble, a cybersecurity firm, groups such as Russia-linked People's Cyber Army are increasingly threatening the water sector through cyber attacks. The report has identified significant vulnerabilities and pointed out that many US water utilities are using outdated systems and those lacking in their cybersecurity practices.

Notably, a similar alarm is sounded by the latest GAO report against the Environmental Protection Agency, which presses for better cybersecurity requirements in water utility providers. A review of the water utilities through inspections reported that almost 70% of them don't comply with basic cybersecurity guidelines, which puts it at the risk of a potential disruption in its operations or even contamination. Cyble's research calls out for contemporary security measures such as network segmentation and strengthening of controls over control systems, among others.


Experts recommend network segmentation for water utilities to separate IT from OT systems; also HMIs that can lock down their monitoring systems. As more and more water utilities bring their systems onto the internet, the chance of cyber threats increases continually. Even as American Water Works works through its recent cyber incident, pressure is growing throughout the industry to harden its defences and protect critical infrastructure in a manner that ultimately protects public health.

Recently, the American Water Works was attacked via a cyber attack that portrays a need for stronger cybersecurity practices in the water industry. As attacks increase in terms of frequency and complexity, companies must implement strong security measures to protect the essentials and assure the public regarding the safety of delivering water.


Read more »
Security
Cyber Attacks Data Data Safety data security perso Safety Security

Cyberattack on Maui's Community Clinic Affects 123,000 Individuals in May

 

The Community Clinic of Maui, also known as Mālama, recently notified over 123,000 individuals that their personal data had been compromised during a cyberattack in May. Hackers gained access to sensitive information between May 4 and May 7, including Social Security numbers, passport details, financial account information (such as CVV codes and expiration dates), and extensive medical records.

In addition to this, hackers obtained routing numbers, bank names, financial account details, and some biometric data. A total of 123,882 people were affected by the breach, which resulted in the clinic taking its servers offline.

Local reports suggested the incident was a ransomware attack, sparking public frustration as Mālama was forced to close for nearly two weeks. Upon reopening at the end of May, the clinic operated with limited services, and nurses had to rely on paper charts due to system-wide computer outages.

Following the attack, Mālama worked with law enforcement and cybersecurity experts to investigate the breach, with the findings confirmed on August 7. 

In a statement on its website, the clinic offered complimentary credit monitoring to those whose Social Security numbers may have been exposed, although a regulatory filing in Maine indicated that identity theft protection services were not provided. The organization has not responded to requests for clarification, and a law firm is reportedly exploring potential lawsuits against Mālama related to the breach.

The ransomware group LockBit, which was taken down by law enforcement earlier this year, claimed responsibility for the attack in June. On Tuesday, Europol and other agencies announced a coordinated effort to target the gang, resulting in four arrests and the seizure of servers critical to LockBit's operations in France, the U.K., and Spain.

In 2024, healthcare providers across the U.S. have been increasingly targeted by cyberattacks, disrupting services and threatening public safety. Notably, McLaren Health Care and Ascension, two major health systems, have faced severe ransomware incidents, and last week, one of the region's only Level 1 trauma centers had to turn away ambulances following a cyberattack.

Read more »
X
AI Algorithm Chatbot copyright Data FTC Grok Linkedin personalization Privacy Snapchat Social Media Technology training user content X

Social Media Content Fueling AI: How Platforms Are Using Your Data for Training

 

OpenAI has admitted that developing ChatGPT would not have been feasible without the use of copyrighted content to train its algorithms. It is widely known that artificial intelligence (AI) systems heavily rely on social media content for their development. In fact, AI has become an essential tool for many social media platforms.

For instance, LinkedIn is now using its users’ resumes to fine-tune its AI models, while Snapchat has indicated that if users engage with certain AI features, their content might appear in advertisements. Despite this, many users remain unaware that their social media posts and photos are being used to train AI systems.

Social Media: A Prime Resource for AI Training

AI companies aim to make their models as natural and conversational as possible, with social media serving as an ideal training ground. The content generated by users on these platforms offers an extensive and varied source of human interaction. Social media posts reflect everyday speech and provide up-to-date information on global events, which is vital for producing reliable AI systems.

However, it's important to recognize that AI companies are utilizing user-generated content for free. Your vacation pictures, birthday selfies, and personal posts are being exploited for profit. While users can opt out of certain services, the process varies across platforms, and there is no assurance that your content will be fully protected, as third parties may still have access to it.

How Social Platforms Are Using Your Data

Recently, the United States Federal Trade Commission (FTC) revealed that social media platforms are not effectively regulating how they use user data. Major platforms have been found to use personal data for AI training purposes without proper oversight.

For example, LinkedIn has stated that user content can be utilized by the platform or its partners, though they aim to redact or remove personal details from AI training data sets. Users can opt out by navigating to their "Settings and Privacy" under the "Data Privacy" section. However, opting out won’t affect data already collected.

Similarly, the platform formerly known as Twitter, now X, has been using user posts to train its chatbot, Grok. Elon Musk’s social media company has confirmed that its AI startup, xAI, leverages content from X users and their interactions with Grok to enhance the chatbot’s ability to deliver “accurate, relevant, and engaging” responses. The goal is to give the bot a more human-like sense of humor and wit.

To opt out of this, users need to visit the "Data Sharing and Personalization" tab in the "Privacy and Safety" settings. Under the “Grok” section, they can uncheck the box that permits the platform to use their data for AI purposes.

Regardless of the platform, users need to stay vigilant about how their online content may be repurposed by AI companies for training. Always review your privacy settings to ensure you’re informed and protected from unintended data usage by AI technologies
Read more »
Security
Cybersecurity Data Data Breach Data Safety data security Safety Security

Fortinet Confirms Data Breach Involving Limited Number of Customers, Linked to Hacker "Fortibitch"

 

Fortinet has disclosed a data breach impacting a "small number" of its clients after a hacker, using the alias "Fortibitch," leaked 440GB of customer information on BreachForums. The hacker claimed to have accessed the data from an Azure SharePoint site, following the company's refusal to meet a ransom demand. This incident emphasizes the need for companies to secure data stored in third-party cloud services, cybersecurity experts have noted.

In a statement released on September 12, Fortinet reported that the breach involved unauthorized access to files stored on its cloud-based shared file drive. The company did not confirm the exact source of the breach but reassured that the affected data represented less than 0.3% of its over 775,000 customers—approximately 2,300 organizations. Fortinet also stated that no malicious activity had been detected around the compromised data, and no ransomware or data encryption was involved. The company has since implemented protective measures and directly communicated with impacted customers.

Dark Reading noted that the hacker also leaked financial and marketing documents, product information, HR data from India, and some employee records. After unsuccessful attempts to extort the company, the hacker released the data. There was also a mention of Fortinet’s acquisitions of Lacework and NextDLP, as well as references to a Ukrainian threat group, though no direct connections were identified.

This breach highlights the growing risk of cloud data exposure. A recent analysis by Metomic revealed that more than 40% of sensitive files on Google Drive were vulnerable, with many shared publicly or with external email addresses. Experts stress the importance of using multifactor authentication (MFA), limiting employee access, and regularly monitoring cloud environments to detect and mitigate potential security lapses. They also recommend encrypting sensitive data both in transit and at rest, and enforcing zero-trust principles to reduce the risk of unauthorized access.
Read more »
Ransomware
Cyber Security Data Data Leak data security Ransomware

Planned Parenthood Cyberattack: How Bad Actors Are Targeting Medical Institutions

Planned Parenthood Cyberattack: How Bad Actors Are Targeting Medical Institutions

The healthcare sector has become an increasingly attractive target for cybercriminals. The latest victim in this alarming trend is Planned Parenthood of Montana, which recently fell prey to a ransomware attack by a group known as RansomHub. This incident not only underscores the vulnerabilities within healthcare organizations but also highlights the broader implications of such breaches on public health and safety.

About the Attack

On September 1, 2024, Planned Parenthood of Montana announced that it had been targeted by a ransomware attack. The hackers, identified as the RansomHub group, claimed to have stolen approximately 93GB of sensitive data. They are now threatening to release this data unless a ransom is paid by September 11. The stolen data reportedly includes patient records, financial information, and internal communications, making this breach particularly concerning.

The Bigger Picture

The timing of this attack is especially significant. It comes at a moment when abortion rights advocates in Montana have successfully gathered enough signatures to put the issue on the ballot in November. This has raised suspicions that the attack may have political motivations, aiming to influence public opinion and voter behavior. Regardless of the hackers’ intentions, the breach has created a climate of fear and uncertainty among patients and staff alike.

What is the damage?

The immediate impact of the breach is multifaceted. For patients, the exposure of sensitive medical information can lead to severe emotional distress and potential discrimination. For the organization, the financial and reputational damage can be devastating. Planned Parenthood of Montana now faces the daunting task of securing its systems, notifying affected individuals, and potentially paying a hefty ransom to prevent the release of the stolen data.

How Can Organizations Stay Safe?

1. Invest in Advanced Security Technologies

Healthcare organizations must invest in cutting-edge security technologies such as artificial intelligence (AI) and machine learning (ML) to detect and respond to threats in real-time. These technologies can analyze vast amounts of data to identify unusual patterns and potential security breaches before they cause significant damage.

2. Implement Multi-Factor Authentication (MFA)

Multi-factor authentication adds an extra layer of security by requiring users to provide two or more verification factors to gain access to systems and data. This can significantly reduce the risk of unauthorized access, even if login credentials are compromised.

3. Data Encryption

Encrypting sensitive data ensures that even if it is stolen, it cannot be easily read or used by unauthorized individuals. Healthcare organizations should implement encryption protocols for data both at rest and in transit to protect patient information.

Read more »
RansomHub
cyber attack Data Halliburton organisations RansomHub

Halliburton Hit by Cyberattack, Data Stolen


 

Halliburton, one of the world’s largest energy companies, has confirmed that it was the victim of a cyberattack. Hackers infiltrated the company’s systems and stole sensitive information. The attack occurred last week, and Halliburton is still determining the extent of the data that was taken.

In a recent filing with government regulators, Halliburton acknowledged the breach but has yet to disclose the full details of what was stolen. The company is currently investigating the incident and deciding what legal notifications are required. In response to the attack, Halliburton took certain systems offline as a precaution and is working to restore normal operations, especially for its oil and fracking businesses. 

When approached for additional comments, company spokesperson Amina Rivera declined to elaborate further, stating that Halliburton would not provide more information beyond what was mentioned in its official filing.

Although Halliburton has not officially confirmed it, there are signs that the cyberattack may have been part of a ransomware campaign. TechCrunch obtained a ransom note related to the incident, which claims that hackers encrypted Halliburton’s files and stole sensitive data. A group known as RansomHub is believed to be behind the attack. This gang is notorious for carrying out similar cyberattacks, using stolen data as leverage to demand ransom payments. 

RansomHub typically publishes stolen files on its dark web platform when victims refuse to pay. So far, Halliburton has not been listed as one of RansomHub’s victims, but this could change if negotiations fail. RansomHub has been responsible for over 210 attacks since its rise to prominence earlier this year, and it has targeted other large organisations, including Change Healthcare.

Halliburton, with around 48,000 employees spread across various countries, is a major player in the global energy industry. In the past, the company gained notoriety due to its role in the Deepwater Horizon oil spill disaster in 2010, for which it paid over $1 billion in fines.

The recent cyberattack is expected to have financial repercussions for the company, though the exact costs are yet to be determined. In 2023, Halliburton reported $23 billion in revenue, with CEO Jeff Miller earning $19 million in total compensation. Halliburton has noted that it will continue to bear costs related to the cyberattack as they work on restoring systems and resolving the situation.

As the investigation unfolds, much of Halliburton’s online services remain down, and the company is assessing the full impact of the breach. Halliburton has been tight-lipped about its cybersecurity efforts, declining to provide information on who is currently overseeing their response.

This attack is a reminder of how large corporations remain vulnerable to cyber threats. Halliburton's situation underscores the importance of investing in strong cybersecurity measures to safeguard sensitive data and avoid disruptions in critical operations. The company will likely provide more updates as it works to recover from this breach.


Read more »
Protonmail
AI Assistant AI tools Data Emails Languages Privacy Protonmail

Emailing in Different Languages Just Got Easier— This AI Will Amaze You


 


Proton, a company known for its commitment to privacy, has announced a paradigm altering update to its AI-powered email assistant, Proton Scribe. The tool, which helps users draft and proofread emails, is now available in eight additional languages: French, German, Spanish, Italian, Portuguese, Russian, Chinese, and Japanese. This expansion enables users to write emails in languages they may not be proficient in, ensuring that their communications remain accurate and secure. Proton Scribe is particularly designed for those who prioritise privacy, offering a solution that keeps their sensitive information confidential.

What sets Proton Scribe apart from other AI services is its focus on privacy. Unlike many AI tools that process data on external servers, Proton Scribe can operate locally on a user’s device. This means that the data never leaves the user's control, offering an added layer of security. For users who prefer not to run the service locally, Proton provides a no-logs server option, which also ensures that no data is stored or shared. Moreover, users have the flexibility to disable Proton Scribe entirely if they choose. This approach aligns with Proton’s broader mission of enabling productivity without compromising privacy.

The introduction of these new languages follows overwhelming demand from Proton’s user base. Initially launched for business users, Proton Scribe quickly gained traction among consumers seeking a private alternative to conventional AI tools. By integrating Proton Scribe directly into Proton Mail, users can now manage their email communications securely without needing to rely on third-party services. Proton has also expanded access to Scribe, making it available to subscribers of the Proton Family and Proton Duo plans, in addition to Proton Mail Business users who can add it on as a feature.

Proton’s commitment to privacy is further emphasised by its use of zero-access encryption. This technology ensures that Proton itself has no access to the data users input into Proton Scribe. Unlike other AI tools that might be trained using data from user interactions, Proton Scribe operates independently of user data. This means that no information typed into the assistant is retained or shared with third parties, providing users with peace of mind when managing sensitive communications.

Eamonn Maguire, head of machine learning at Proton, underlined the company's dedication to privacy-first solutions, stating that the demand for a secure AI tool was a driving force behind the expansion of Proton Scribe. He emphasised that Proton’s goal is to provide tools that enable users to maintain both productivity and privacy. With the expansion of Proton Scribe’s language capabilities and its availability across more subscription plans, Proton is making it easier for a broader audience to access secure AI tools directly within their inboxes.

Proton continues to set itself apart in the crowded field of AI-driven services by prioritising user privacy at every step. For those interested in learning more about Proton Scribe and its features, Proton has provided additional details in their official blog announcement.


Read more »
US semiconductor manufacturer
Breach Data Microchip Technology attack Play ransomware ransomware cyberattack US semiconductor manufacturer

Play Ransomware Claims Attack on US Semiconductor Manufacturer Microchip Technology

 

The Play ransomware group has claimed responsibility for last week's cyberattack on the American semiconductor company Microchip Technology. On Tuesday, the group added Microchip Technology to its data leak site, as noted by multiple cybersecurity researchers. Play is notorious for its use of custom tools and double-extortion tactics, which involve both encrypting victims' files and threatening to release stolen data.

Microchip Technology reported last week that intruders had disrupted "certain servers and some business operations." Upon discovering the breach, the company took immediate steps to isolate the affected systems, shut down some services, and initiate an investigation.

Microchip Technology has not commented on the Play gang's involvement in the attack. The company produces products such as microcontrollers, embedded security devices, and radio frequency devices, which it supplies to sectors including automotive, industrial, aerospace, and defense. In 2024, its sales reached $7.6 billion.

The Play group typically gives its victims 72 hours to pay a ransom before making stolen data public. However, Kevin O’Connor, a researcher at U.S.-based cybersecurity firm Adlumin, noted that in this case, the timeline was extended, with Play claiming responsibility a week after Microchip Technology reported the incident to the SEC (Securities and Exchange Commission). O'Connor added that while it's not uncommon for ransomware groups to delay data release, it often indicates ongoing negotiations.

Adlumin's research suggests that the Play ransomware operation has significantly expanded over the past year, likely due to its shift to an affiliate model, complicating the attribution of attacks. O'Connor also mentioned that it's still unclear whether the core group or its affiliates were behind the attack on Microchip Technology.

Play ransomware was first identified in June 2022. The Cybersecurity and Infrastructure Security Agency (CISA) has reported that the group typically encrypts systems after data exfiltration, impacting various businesses and critical infrastructure organizations across North America, South America, Europe, and Australia. According to Trend Micro's research published in July, the majority of Play's attacks this year have been concentrated in the United States.
Read more »
Technology
Bitcoin Data Decentralization Nostr Technology

Bitcoin and Nostr: What Lies Beyond Decentralization and Freedom

Bitcoin and Nostr: What Lies Beyond Decentralization and Freedom

In today's digital expanse, in some countries governments and corporations wield immense power, two remarkable projects—Bitcoin and Nostr—have emerged as champions of decentralization. Their stories are quite similiar, revealing their struggle for financial autonomy, censorship resistance, and individual empowerment.

Bitcoin: The Genesis of Digital Gold

The Mysterious Creator

In 2009, an enigmatic figure known as Satoshi Nakamoto introduced Bitcoin to the world. Nakamoto's true identity remains shrouded in mystery, but their creation sparked a revolution. Bitcoin wasn't just a currency; it was a paradigm shift—a departure from centralized financial systems.

The Decentralized Ledger

At its core, Bitcoin operates on a decentralized ledger called the blockchain. Imagine a vast, incorruptible book where every transaction is recorded. Miners—individuals who dedicate computational power—verify these transactions, ensuring transparency and security. No central authority governs Bitcoin; it thrives on collective trust.

Digital Gold and Pseudonymity

Bitcoin's scarcity—capped at 21 million coins—gives it a unique allure. Investors liken it to digital gold, a store of value immune to inflation. Yet, unlike gold, Bitcoin transactions occur in the digital realm. Users remain pseudonymous, their identities veiled behind cryptographic addresses.

Nostr: A Community's Rebellion

The Rise of Nostr

Enter Nostr, a lesser-known but equally significant tech. Nostr's story diverges from Bitcoin's, emphasizing community governance and censorship resistance.

Community-Driven Governance

Nostr's strength lies in its community. Decisions—upgrades, proposals, and network changes—are made collectively. No central authority dictates terms; instead, users shape the network's destiny. Transparency prevails, and the community guards against undue influence.

Censorship Resistance

Nostr's architecture is a fortress against censorship. Content creators, developers, and users participate without fear of suppression. In a world where platforms silence dissenting voices, Nostr stands firm—a bastion of free expression.

Proof of Reputation (PoR)

While Bitcoin relies on proof-of-work (PoW) and proof-of-stake (PoS), Nostr pioneers a different path: Proof of Reputation (PoR). Reputation is earned through contributions, expertise, and positive interactions. It's a nod to meritocracy, where influence aligns with genuine value.

Why They Matter

1. Evading State Repression

In regions where there is censorship on data, Bitcoin and Nostr offer escape routes. Citizens preserve wealth and communicate freely, shielded from state interference. Nostr's community-driven model ensures that no single entity can silence dissent.

2. Financial Inclusion

Both projects empower the unbanked. Bitcoin's global accessibility and Nostr's community-driven ethos allow participation in the global economy. No longer bound by traditional banking, individuals find newfound freedom.

3. Hedging Against Fiat Devaluation

As governments print money, inflation erodes fiat currency value. Bitcoin's scarcity and Nostr's stability provide a hedge. They're shields against economic uncertainty.

4. Technological Pioneering

Bitcoin's Lightning Network accelerates transactions, while Nostr experiments with consensus mechanisms. Both drive technological progress, shaping the future of finance.

Bitcoin and Nostr- although they can be different yet intertwined—remind us that decentralization isn't a mere buzzword. It's a way forward, heading the way toward financial sovereignty and individual empowerment.

Read more »
Vulnerabilities and Exploits
Data Flaws Patch Safety Security flaw Vulnerabilities and Exploits

CISA Issues Warning on Critical Vulnerabilities in Vonets WiFi Bridge Devices, No Patch Released

 

The Cybersecurity and Infrastructure Security Agency (CISA) has released a security advisory highlighting several critical vulnerabilities discovered in Vonets WiFi Bridge devices. These vulnerabilities present significant risks, including the potential for attackers to execute arbitrary code, access sensitive data, or disrupt device operations.

This poses a serious threat to the security of industrial and commercial networks that depend on these devices. Despite the gravity of these issues, Vonets has not responded to CISA’s outreach for collaboration on mitigation efforts, leaving users at risk.

Key Vulnerabilities and Their Impacts:

The vulnerabilities identified in the Vonets devices vary in severity and include:

  • CVE-2024-41161 (CVSSv4 8.7): This flaw involves the use of hard-coded credentials, allowing unauthorized users to bypass authentication and gain full device access using pre-set administrator credentials that cannot be disabled. This makes it a particularly dangerous vulnerability.
  • CVE-2024-29082 (CVSSv4 8.8): An issue with improper access control permits attackers to bypass authentication and perform a factory reset on the device through unprotected endpoints, leading to potential service disruptions and loss of configuration data.
  • CVE-2024-41936 (CVSSv4 8.7): A directory traversal vulnerability that enables attackers to read arbitrary files on the device, bypassing authentication and exposing sensitive information.
  • CVE-2024-37023 (CVSSv4 9.4): OS command injection vulnerabilities allow authenticated attackers to execute arbitrary operating system commands on the device, potentially giving them control over its operation.
  • CVE-2024-39815 (CVSSv4 8.7): A flaw in the handling of exceptional conditions could lead to a denial-of-service (DoS) scenario when attackers send specially crafted HTTP requests to the device.
  • CVE-2024-39791 (CVSSv4 10): The most severe vulnerability, a stack-based buffer overflow, allows remote attackers to execute arbitrary code, potentially gaining full control of the device without needing authentication.
  • CVE-2024-42001 (CVSSv4 6.1): An issue with improper authentication enables attackers to bypass authentication by sending specially crafted requests during an active user session.

CISA’s Recommendations

In light of Vonets' lack of response, CISA has issued several recommendations to help organizations mitigate the risks associated with these vulnerabilities:

  • Minimize Network Exposure: Ensure that control system devices and networks are not directly accessible from the internet to reduce the risk of unauthorized access.
  • Isolate Control Systems: Position control system networks and remote devices behind firewalls and separate them from business networks to prevent cross-network attacks.
  • Secure Remote Access: When remote access is necessary, use secure methods like Virtual Private Networks (VPNs). However, it's crucial to keep VPNs updated and ensure the security of connected devices.
CISA stresses the importance of conducting thorough impact analysis and risk assessments before implementing any defensive measures to avoid unintended operational disruptions.

While no public exploitation of these vulnerabilities has been reported yet, the critical nature of these issues demands immediate attention. Organizations and individuals must act swiftly to safeguard their networks and reduce the risk of potential attacks
Read more »
User Security
Data Data Breach Safety Security User Data User Privacy User Safety User Security

Massive Data Leak Exposes Sensitive Information for Millions

 


A significant data breach has compromised the personal information of millions of individuals across the United States, United Kingdom, and Canada. The leaked data, obtained from a company called National Public Data, includes highly sensitive information such as names, mailing addresses, and social security numbers.

The leaked database, consisting of nearly 2.7 billion records, was reportedly offered for sale on the dark web. While the exact scope of the breach is still being investigated, numerous individuals have confirmed the presence of their personal data within the leaked files.

The exposed information poses a serious risk of identity theft and other malicious activities. Scammers may use this data to target individuals with phishing attempts or fraudulent transactions.

To protect yourself:

1. Be wary of suspicious emails: Avoid clicking on links or opening attachments in unsolicited emails, even if they appear to be from legitimate sources.
2. Verify the sender: Double-check the sender's email address to ensure it is authentic.
3. Use strong, unique passwords: Create complex passwords for all your online accounts and avoid reusing them across different platforms.
4. Monitor your accounts: Regularly check your bank statements, credit reports, and online accounts for any unauthorized activity.

If you believe your personal information may have been compromised in this data breach, it is recommended to take steps to protect your identity and report the incident to the appropriate authorities.

Read more »
Subscribe to: Posts (Atom)