Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Identity Theft. Show all posts
Sensitive Data Leak
Cyber Attacks Cybersecurity measures Data exposed data security Identity Protection Identity Theft Patient Data Sensitive Data Leak

American Addiction Centers Cyberattack Exposes Sensitive Data of 422,424 Individuals

 


In September 2024, American Addiction Centers (AAC) experienced a significant cyberattack that exposed the personal and health-related information of 422,424 individuals. The breach involved sensitive data such as Social Security numbers and health insurance details, prompting AAC to take immediate action to address the situation and support those impacted.

The cyberattack occurred over three days, from September 23 to September 26, 2024. AAC identified the breach on September 26 and quickly launched an investigation. The organization engaged third-party cybersecurity experts and notified law enforcement to assess the extent of the attack. By October 3, investigators confirmed that unauthorized individuals had accessed and stolen data during the breach.

Data Compromised

The stolen information included:

  • Names, addresses, and phone numbers
  • Dates of birth
  • Social Security numbers
  • Health insurance details

AAC assured clients that no treatment information or payment card data was compromised during the incident. While the exposed data could be exploited for identity theft, the company emphasized that there is no evidence linking the breach to fraudulent activity at this time.

Response and Notifications

In December 2024, AAC began notifying affected individuals, with official letters sent out just before the holiday season. These notifications outlined the breach details, the steps AAC had taken to address the incident, and the measures implemented to prevent future occurrences.

To mitigate risks, AAC offered affected individuals complimentary credit monitoring services for 12 months. The organization partnered with Cyberscout, a TransUnion company, to provide identity protection services, including:

  • Alerts for credit report changes
  • Monitoring for suspicious activity
  • Fraud Assistance

Affected individuals are encouraged to enroll in these services by March 31, 2025, to ensure their data remains protected.

Beyond immediate support, AAC implemented enhanced security protocols to strengthen its cybersecurity defenses. The organization collaborated with leading cybersecurity experts to fortify its systems and continues to review and update its measures regularly. Additionally, AAC established a dedicated hotline to assist individuals with inquiries and provide guidance on protective measures.

Proactive Recommendations

Although AAC has found no evidence of identity theft linked to the breach, it urged affected individuals to take the following proactive measures:

  • Monitor financial accounts and credit reports
  • Place fraud alerts on credit files
  • Consider security freezes on credit accounts

AAC’s notification letters include detailed instructions on these steps to help individuals safeguard their personal information against potential threats.

AAC emphasized its dedication to protecting personal information and maintaining transparency with its clients. “We regret that this incident occurred and the concern it may have caused,” the company stated. “We take the confidentiality and security of personal information very seriously and will continue to take steps to prevent a similar incident from occurring in the future.

As investigations into the incident continue, AAC remains focused on strengthening its cybersecurity measures and rebuilding client trust. For further information, individuals can contact AAC’s dedicated hotline at 1-833-833-2770, available Monday through Friday from 8:00 a.m. to 8:00 p.m. Eastern Time.

This incident highlights the importance of robust cybersecurity measures and proactive data protection strategies to safeguard sensitive information in the digital age.

Read more »
KYC
Cyber Crime Financial Security Identity Theft IDS KYC

Cybercriminals Exploit Identity Verification Systems

 


Cybercriminals on the dark web have developed new ways to exploit identity verification systems. Rather than hacking or stealing personal information, they are purchasing it directly from individuals, as revealed by security researchers at iProov. This approach allows them to bypass Know Your Customer (KYC) processes used by businesses to verify customer identities. Researchers found that a criminal group in Latin America is gathering identity documents, such as passports and driver's licenses, along with corresponding facial images. 

In some cases, these criminals pay individuals for their personal data. While the exact amount paid remains unclear, this practice raises serious concerns. This group’s activities extend beyond Latin America, with similar tactics reported in Eastern Europe. Law enforcement agencies in these regions have been alerted to the threat. 
 
Why Is This Dangerous? 
 
Selling personal data equips fraudsters with real identity "kits," which combine authentic documents with matching biometrics. This makes it challenging to identify the kits as counterfeit. According to iProov Chief Scientific Officer Andrew Newell, these kits enable criminals to execute sophisticated impersonation scams, putting victims’ financial security and personal identities at risk. 
  
What Can Be Done? 
 
Classic verification methods have proven inadequate against such advanced attacks. iProov recommends implementing multi-layered security measures to combat these threats. Key steps include:
  • Real-Time Authentication: Verifying that the user is a human being in real-time.
  • Identity Verification: Ensuring the user matches the rightful owner of the presented identity.
These layered methods significantly hinder cybercriminals, even when they possess convincing identity data. iProov notes that even sophisticated attackers struggle to bypass such systems while maintaining realistic interactions.
  • Never sell or share your personal information, regardless of incentives.
  • Be cautious of schemes offering money for personal data, as they can fuel large-scale fraud.
  • Stay vigilant and report any suspicious activity to relevant authorities.
As cybercriminals continue to innovate, businesses must invest in robust security systems, and individuals must take proactive steps to safeguard their sensitive information.
Read more »
Sensitive data
Builder.ai Data Breach database Identity Theft Sensitive data

Builder.ai Data Breach Exposes Sensitive Information of Over 3 Million Users

 

A huge data security breach has come to light, with the data platform Builder.ai. It's a service that lets organizations build their own proprietary, custom software applications, which don't need heavy programming. According to a blog post by a security researcher, sensitive information from more than three million users' accounts was inadvertently leaked to the internet, leaving an open question of what now?

Jeremiah Fowler, a cybersecurity expert known for discovering unsecured online databases, found a Builder.ai archive with over 3 million records. This archive reportedly contained 1.29 terabytes of data, including very sensitive materials such as invoices, NDAs, email screenshots, and tax documents.

Worryingly, files contained access keys and configurations of two cloud storage systems. These keys, in the wrong hands, could grant hackers access to even more sensitive data.  


What Was Exposed

The exposed database included the following:  

337,434 invoices: The documents comprised transactions between Builder.ai and its clients.

32,810 master service agreements: Most agreements included user names, e-mail addresses, IP details and project estimations of the cost associated with a particular project giving a holistic overview of their sensitive information.  


Such data left unprotected poses grave risks. This information could be used for phishing scams, identity theft, or even financial fraud by criminals. Phishing is the art of making people give up their personal information by claiming to be a trusted person. The presence of cloud storage keys in the database further increases the worry, as this may also open access to more sensitive files elsewhere.

Fowler quickly notified the company, Builder.ai. However, the company, in its defense, showed that it could not tighten the database security due to "complexities with dependent systems." It is already a month, and nobody knows if the problem persists.  

Misconfigured databases are one of the constant problems of the digital era. Companies don't realize they have a shared responsibility to secure the data when it comes to cloud services, leaving large repositories of information exposed unintentionally. 

For businesses, this is an important wake-up call regarding comprehensive cybersecurity practices- periodic checks and ensuring the databases are properly secured for users' data protection.

For users, vigilance is key. Anyone who's interacted with Builder.ai should keep an eye out on their accounts for anything weird and be on their toes for phishing scams.

And in this hyperconnected world, security breaches such as this remind us that vigilance is key, too, for companies as much as it is for their users.



Read more »
Payment Scams
AI Scams Cyber Fraud deepfake scams Financial Fraud Identity Theft Online Safety Online Security Payment Scams

Protect Yourself from AI Scams and Deepfake Fraud

 

In today’s tech-driven world, scams have become increasingly sophisticated, fueled by advancements in artificial intelligence (AI) and deepfake technology. Falling victim to these scams can result in severe financial, social, and emotional consequences. Over the past year alone, cybercrime victims have reported average losses of $30,700 per incident. 

As the holiday season approaches, millennials and Gen Z shoppers are particularly vulnerable to scams, including deepfake celebrity endorsements. Research shows that one in five Americans has unknowingly purchased a product promoted through deepfake content, with the number rising to one in three among individuals aged 18-34. 

Sharif Abuadbba, a deepfake expert at CSIRO’s Data61 team, explains how scammers leverage AI to create realistic imitations of influencers. “Deepfakes can manipulate voices, expressions, and even gestures, making it incredibly convincing. Social media platforms amplify the impact as viewers share fake content widely,” Abuadbba states. 

Cybercriminals often target individuals as entry points to larger networks, exploiting relationships with family, friends, or employers. Identity theft can also harm professional reputations and financial credibility. To counter these threats, experts suggest practical steps to protect yourself and your loved ones. Scammers are increasingly impersonating loved ones through texts, calls, or video to request money. 

With AI voice cloning making such impersonations more believable, a pre-agreed safe word can serve as a verification tool. Jamie Rossato, CSIRO’s Chief Information Security Officer, advises, “Never transfer funds unless the person uses your special safe word.” If you receive suspicious calls, particularly from someone claiming to be a bank or official institution, verify their identity. 

Lauren Ferro, a cybersecurity expert, recommends calling the organization directly using its official number. “It’s better to be cautious upfront than to deal with stolen money or reputational damage later,” Ferro adds. Identity theft is the most reported cybercrime, making MFA essential. This adds an extra layer of protection by requiring both a password and a one-time verification code. Experts suggest using app-based authenticators like Microsoft Authenticator for enhanced security. 

Real-time alerts from your banking app can help detect unauthorized transactions. While banks monitor unusual activities, personal notifications allow you to respond immediately to potential scams. The personal information and media you share online can be exploited to create deepfakes. Liming Zhu, a research director at CSIRO, emphasizes the need for caution, particularly with content involving children. 

Awareness remains the most effective defense against scams. Staying informed about emerging threats and adopting proactive security measures can significantly reduce your risk of falling victim to cybercrime. As technology continues to evolve, safeguarding your digital presence is more important than ever. By adopting these expert tips, you can navigate the online world with greater confidence and security.
Read more »
Ransomware
Business Cyber Crime Finance Sector Identity Theft Ransomware

Ransomware Gangs Target Weekends and Holidays for Maximum Impact

 


A new report by cybersecurity firm Semperis reveals that ransomware gangs are increasingly launching attacks during weekends and holidays when organisations are less equipped to respond. The study found that 86 percent of ransomware incidents occurred during off-peak times as companies often scale back their security operations centre (SOC) staffing. While most organisations claim to run 24/7 SOCs, 85% admit to reducing staff by up to half on weekends and holidays, leaving critical systems more exposed. According to Dan Lattimer, an area vice president at Semperis, many organisations cannot afford the high cost of maintaining full SOC coverage each day. He noted, for example, that some organisations assume they are less exposed to risk during weekends because fewer employees are online to fall prey to phishing attacks. Others perceive their exposure being low because they have never had a threat in the past, further reducing the monitoring effort.


Why Cybercriminals Prefer Off-Peak Hours

Attackers leverage these openings to elevate the chances of their success. Performing attacks during weekends or holidays gives them a relatively longer timeframe to conduct an operation secretly so they can encrypt files and steal sensitive information with little hope of interfering soon. According to Lattimer, this tactic increases the chances of receiving ransom money because the organisations are willing to regain control at any critical downtime.

The report also showed that finance and manufacturing were among the most often targeted sectors, with 78 percent and 75 percent of organisations in the respective sectors reporting attacks on weekends or holidays. Furthermore, 63 percent of respondents said the ransomware related to major corporate events such as mergers or layoffs, which often cause additional diversion for IT teams. 


Identity Security Lapses Continue

Another concerning result of the report is that too many companies feel too confident about their identity security. While 81% said to have sufficient defences against identity-related attacks, 83% experienced successful ransomware incidents in the past year. This discrepancy is largely due to lack of budget and resources to properly protect identity systems like AD, a part of core infrastructure.

Semperis noted that without proper funding for identity threat detection and response (ITDR), many organisations are leaving themselves open to attacks. Around 40% of companies either lacked the resources or were unsure about their ability to secure these systems. 


Takeaway

SEMPERIS 2024 RANSOMWARE HOLIDAY RISK REPORT states that businesses must immediately address the vulnerability of weekends. Strengthening cybersecurity measures over holidays, investing in such robust identity protection, and maintaining consistent monitoring can help mitigate such growing risks for organisations. Cybercrime has become so dynamic, and hence organisations must adapt constantly to stay one step ahead.



Read more »
Spam Calls
Cyber Security Data Brokers Data Removal data security Data Theft Identity Theft online data risks Spam Calls

How Incogni Helps Protect Your Digital Privacy and Reduces Spam

 

Managing unwanted spam messages, calls, and emails has become a necessary part of online life today. Beyond annoyance, these can lead to identity theft, financial fraud, and other issues. Much of this activity is driven by advertisers and marketing companies, which rely on data brokers who collect, store, and sell personal data for profit. In response, data removal services like Incogni have emerged to protect online privacy. Developed by Surfshark, Incogni uses automation to simplify and expedite the process of deleting personal data from these brokers’ databases. 

Incogni is designed for ease of use and requires minimal user intervention. Users authorize Incogni to handle the data removal requests with just a few initial steps. Once signed up, Incogni handles the technical legwork of filing removal requests with data brokers on the user’s behalf. It also regularly re-checks databases to ensure that data brokers don’t re-acquire the user’s information, providing ongoing protection. Incogni then tracks and organizes each request through a clean, user-friendly dashboard that categorizes requests by status, such as “sent,” “in progress,” or “completed.” The demand for Incogni reflects growing concerns over the security of personal information. When sensitive data is leaked or accessed by malicious actors, the consequences can be severe, ranging from identity theft to financial fraud.

For many, manually contacting data brokers is too complex and time-consuming. Incogni’s automation offers an efficient alternative, saving users considerable effort while giving them peace of mind about their digital privacy. Incogni is available as a standalone service, but it can also be bundled with Surfshark’s other cybersecurity tools, such as real-time data breach alerts, antivirus software, and an ad blocker, under the Surfshark One+ plan. Incogni’s appeal is in its accessibility and price. Competing data removal services like DeleteMe, Optery, Kanary, and Privacy Bee offer similar features but are often more expensive or complex. DeleteMe, for example, tracks a larger list of brokers but is more costly. Incogni balances affordability with essential functionality, making it a practical choice for users who want effective, no-frills data removal. 

This service is ideal for people who receive excessive spam or have concerns about personal information being exposed in a data breach. Additionally, for anyone who has already faced cybercrime, Incogni helps reduce ongoing risks by limiting the spread of their personal data online. While Incogni lacks some detailed tracking features offered by its competitors, it remains highly effective at what it does, making it a convenient option for most users. With an emphasis on simplicity, Incogni lets users reclaim privacy without extensive technical knowledge, automating much of the process. By reducing users’ digital footprint and preventing misuse of their information, Incogni offers an efficient layer of security in a landscape where personal data is frequently at risk.
Read more »
Personal Information
comcast Data Breach FBCS Identity Theft Personal Information

Comcast Data Breach Impacts Thousands, Sensitive Information Compromised

 



Comcast Cable Communications LLC reports that it is a victim of a data breach compromising personal information of more than 237,000 individuals, including 22 residents of Maine. According to an investigation, the breach is traced back to Financial Business and Consumer Solutions, Inc., a third-party with which Comcast has associated in the past.

The data breach began on February 14, 2024, when an unauthorised third party gained access to FBCS's computer network. Access to this unauthorised party had led to a ransomware attack where cybercriminals downloaded and encrypted sensitive data. Initially, on March 13, 2024, FBCS had communicated to Comcast that customer information did not appear to have been compromised. However, months later, on July 17, 2024, it came to be known that sensitive customer data had indeed been affected.


New Comcast Hacking Findings

As soon as the breach was discovered, FBCS reached out to the FBI and hired some private cybersecurity firms to comprehend the full dimension of the breach. The investigation revealed names, addresses, Social Security numbers, birth dates, and Comcast account numbers accessed. The acquired information is of a very sensitive nature that encompasses substantial risk factors for identity theft and even financial frauds.

Still, FBCS has maintained that, to date, there is nothing known to be ill-gotten from the stolen data. Only the records starting 2021 are affected, as in 2020, FBCS terminated its contract with Comcast.


Support for Victims

Comcast began notifying the victims on 16 August 2024 and is providing them with free identity theft protection for 12 months. Comcast is partnering with CyEx Identity Defense Complete for credit monitoring and additional support services.

The notification stated that the breach had occurred only in FBCS systems and was unrelated to Comcast's networks themselves. To reach out to the affected customers, the company, Comcast, geared efforts towards helping them manage the fallout of the breach. It provided direct communication and access to a support service. Outside legal counsel for Comcast, Michael Borgia noted, "We are committed to helping our customers navigate the aftermath of this incident and ensuring they have the resources necessary to protect themselves."

Watching Your Back: Protection of Consumer Data End

The Comcast breach highlights the kinds of current risks facing consumers whose data is managed by third-party vendors. In response to this, Comcast is counselling its consumers to be on their guard. Protecting measures include: reviewing account statements for suspicious transactions, reviewing credit reports, and registering for the identity protection services Comcast is offering. Moreover, Comcast is suggesting the enabling of two-step verification for Xfinity accounts in order to increase security to its fullest potential.

This incident underlines the critical need to protect information while ensuring greater caution with regard to personal information in light of more prudent cyber attacks.



Read more »
SIM card cloning
BSNL data breach cyberattack on BSNL dark web forum Data Breach Extortion Identity Theft kiberphant0m sensitive user information SIM card cloning

BSNL Reportedly Suffers Major Data Breach: Sensitive User Information at Risk

 

Bharat Sanchar Nigam Limited (BSNL) has reportedly experienced a significant data breach, with the responsible threat actor claiming to have acquired sensitive user and operational data. The government-owned telecom provider's servers were attacked, resulting in the hackers obtaining SIM card details, home location register data, and critical security keys. This stolen data could potentially be used for criminal activities such as SIM card cloning, identity theft, and extortion.

According to a report by digital risk management firm Athenian Tech, cited by News18, the cyberattack was carried out by a threat actor using the dark web forum username “kiberphant0m”. It remains unclear if the attack was executed by an individual or a group of hackers.

The report states that approximately 278GB of data from BSNL's telecom operations was compromised. This data includes not only user information but also server snapshots that could be exploited for further attacks, posing severe security risks. The threat actor claims to have obtained critical details such as International Mobile Subscriber Identity (IMSI) numbers, SIM card details, PIN codes, authentication keys, and snapshots of BSNL's SOLARIS servers.

The hacker has reportedly offered the stolen data for sale at $5,000 (roughly Rs. 4.18 lakh). Discussions on the dark web forum suggest potential misuse of the data for activities like SIM cloning, identity theft, and extortion.

Kanishk Gaur, CEO of Athenian Tech, explained that while the specific vulnerabilities exploited by “kiberphant0m” are not publicly disclosed, access to critical systems such as the Home Location Register (HLR) and SOLARIS server snapshots indicates a deep penetration. This likely involved exploiting software vulnerabilities or sophisticated social engineering techniques. The server snapshots suggest possible exploitation of known vulnerabilities within BSNL's server infrastructure, highlighting the need for rigorous patch management and security updates.

The alleged data breach poses a serious threat to millions of BSNL users whose sensitive information may have been compromised. Notably, BSNL experienced a similar data breach in December 2023. Gadgets 360 has reached out to BSNL for a comment and will update the story once a response is received.
Read more »
Subscribe to: Posts (Atom)