Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Privacy Invasion. Show all posts

Data Broker Tracked Visitors to Jeffrey Epstein’s Island, New Report Reveals

 

The saga surrounding Jeffrey Epstein, a convicted sex offender with ties to numerous wealthy and influential figures, continues to unfold with alarming revelations surfacing about the extent of privacy intrusion. Among the latest reports is the shocking revelation that a data broker actively tracked visitors to Epstein’s private island, Little Saint James, leveraging their mobile data to monitor their movements. This discovery has ignited a firestorm of controversy and renewed concerns about privacy rights and the unchecked power of data brokers. 

For years, Epstein's island remained shrouded in secrecy, known only to a select few within his inner circle. However, recent investigations have shed light on the island's dark activities and the prominent individuals who frequented its shores. Now, the emergence of evidence suggesting that a data broker exploited mobile data to monitor visits to the island has cast a disturbing spotlight on the invasive tactics employed by third-party entities. 

The implications of this revelation are profound and far-reaching. It raises serious questions about the ethical boundaries of data collection and surveillance in the digital age. While the practice of tracking mobile data is not new, its use in monitoring individuals' visits to sensitive and controversial locations like Epstein’s island underscores the need for greater transparency and accountability in the data brokerage industry. 

At its core, the issue revolves around the fundamental right to privacy and the protection of personal data. In an era where our every move is tracked and recorded, often without our knowledge or consent, the need for robust data protection regulations has never been more pressing. Without adequate safeguards in place, individuals are vulnerable to exploitation and manipulation by unscrupulous actors seeking to profit from their private information. 

Moreover, the revelation highlights the broader societal implications of unchecked data surveillance. It serves as a stark reminder of the power wielded by data brokers and the potential consequences of their actions on individuals' lives. From wealthy elites to everyday citizens, no one is immune to the pervasive reach of data tracking and monitoring. 

In response to these revelations, there is a growing call for increased transparency and accountability in the data brokerage industry. Individuals must be empowered with greater control over their personal data, including the ability to opt-out of invasive tracking practices. Additionally, regulators must step up enforcement efforts to hold data brokers accountable for any violations of privacy rights. 

As the investigation into the tracking of visitors to Epstein’s island continues, it serves as a sobering reminder of the urgent need to address the growing threats posed by unchecked data surveillance. Only through concerted action and meaningful reforms can we safeguard individuals' privacy rights and ensure a more ethical and responsible approach to data collection and usage in the digital age.

Critical Cybercrime Hub's Hacked Data Emerges for Sale on Underground Markets

 


The notorious 'Breached' cybercrime forum's database has been offered for sale and shared with Have I Been Pwned. This is the website that collects information on cybercrime victims. While consumers worry about data breaches, hackers are now likely to do the same. 

Have I Been Pwned, a service that notifies data breaches, has recently released an update. This allows visitors to check if their personal information has been exposed in a breach of Breached, a cybercrime forum. It is worth noting that Breached is a forum dedicated to hacking and data leaks. There are several hacking companies and governments across the world that steal financial, legal, and corporate data. They have put it up for sale. 

Known for hosting, leaking, and selling stolen companies, government entities, and organizations' data worldwide that had been hacked, Breached was a large hacking and data leak forum. It was after Pompompurin, the site administrator, was arrested in March 2023 that the forum was shut down by the remaining administrator, Baphomet.

The site's servers were also believed to be accessible to law enforcement, as he believed they had access to them. After the Breached Forums clone was launched, Baphomet opened another data breach seller known as Shiny Hunters in collaboration with another Breached Forums clone. This release, BFv2, is called BFv2. 

 An Invaluable Source of Information 


A threat actor called "breached_db_person" is currently selling the Breached database. This threat actor told BleepingComputer they shared the database with Have I Been Pwned to prove to potential buyers its authenticity. There has also been confirmation from BleepingComputer that the shared member's table contains a list of known Breached accounts that have been identified.

According to a previous Breached administrator named Baphomet, the database was also authentic, warning that it was part of the ongoing campaign to destroy the Breached community. According to the threat actor, he or she sells the breached database to only one person for between $100,000 and $150,000. It contains a snapshot of the entire database taken on November 29th, 2022. This indicates that the database has already been compromised. 

The database is over 2 GB in size and includes all tables that are needed, including the ones that deal with private messaging, payment process transactions, and the membership database, according to BleepingComputer. There is plenty of schadenfreude to be had at the moment. However, you still would not pay someone to steal from you despite the obvious opportunity. 

There are still several valuable data sets that are potentially of use to cybersecurity researchers and other threat actors. This is even though the FBI has already stated that they gained access to the breached database after seizing servers. 

There is incriminating information about forum members in the private message tables of the website owned by breached_db_person, the seller. Furthermore, it can be seen that in the 'members' database is a list of IP addresses showing that the majority of threat actors are using residential IP addresses to avoid adhering to effective operational security. 

Private messages are a useful tool as they contain messages that have been sent privately between members of the forum and that are intended for their eyes only. Information about previous attacks, the identity of the attacker, and other helpful information can be revealed in such a way. 

It was shared with BleepingComputer some samples of the payment table which contain information on the payments made by members to upgrade their ranks (an additional level of membership that offers enhanced benefits) and credits (a currency used on the forum).

To process these payments, CoinBase Commerce or Sellix were used. A Coinbase transaction includes links to an order confirmation that contains sensitive information, like cryptocurrency addresses and Coinbase payment IDs, including links to order confirmations that contain sensitive information. 

Blockchain analytics companies can use this cryptocurrency data to link criminal activity to cryptocurrency addresses. This can be useful to companies that track cryptocurrency data and analyze threat actors. 

Many companies have been hacked by Breached, its members, extortion attempts, ransomware attacks, and other breaches that were caused as a result of Breached and its members. Many of these companies have suffered security breaches, including DC Health Link, Twitter, Robin Hood, Acer, and Activision, among others. 

Thus, it is conceivable that researchers could benefit greatly from private messages. Sellers stated that several cybersecurity firms had already contacted them to ask for a copy of the data to conduct research of their own on it. 

In addition, the seller reports that there has been interest from other threat actors, with an offer of $250,000 being received from the seller. Even though it is too early to tell whether or not the database will eventually be sold, it would not be surprising if it is ultimately sold at some point, and if it is, the entire database could be leaked for free at some stage in the future. 

Data breaches are often purchased privately, and then released later to build a reputation in the data thieves community. There have been numerous recent data breaches in the Industry, including the seized RaidForums forum, which has also had its database compromised, and the newly launched BreachedForums clone (BFv2) which has also had its database compromised.