Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label identity theft protection. Show all posts
zero-day exploit
Dark Web Monitoring Data Breach Higher Education Cyberattack identity theft protection Oracle EBS Vulnerability Ransomware Regulatory Disclosure SSN Data Leak zero-day exploit

3.5 Million Students Impacted in US College Data Breach


Several significant cyber security breaches have prompted a growing data security crisis for one of the largest private higher education institutions in the United States. University of Phoenix, an established for-profit university located in Phoenix, Arizona, has suffered an extensive network intrusion.

It was orchestrated by the Clop ransomware group, a highly motivated cybercriminal syndicate that was well known for extorting large sums of money from their victims. During the attack, nearly 3.5 million individuals' personal records, such as those belonging to students, faculty, administrative staff, and third-party suppliers, were compromised, resulting in the compromise of the records. 

Established in 1976, the university has grown over the last five decades into a major national educational provider. The university has enrolled approximately 82,700 students and is supported by a workforce of 3,400 employees. 

Of these, nearly 2,300 are academics. This breach was officially confirmed by the institution through a written statement posted on its website on early December, while Phoenix Education Partners' parent organization, which filed a mandatory 8-K filing with the U.S. Securities and Exchange Commission, formally notified federal regulators of the incident in early December. 

In this disclosure, the first authoritative acknowledgment of a breach that experts claim may have profound implications for identity protection, financial security, and institutional accountability within the higher education sector has been made. There is a substantial risk associated with critical enterprise software and delayed threat detection, highlighting how extensive the risks can be. 

The breach at the University of Phoenix highlights this fact. The internal incident briefing indicates that the intrusion took place over a period of nine days between August 13 and August 22, 2025. The attackers took advantage of an unreported vulnerability in Oracle's E-Business Suite (EBS) - an important financial and administrative platform widely used by large organizations - to exploit the vulnerability.

During the course of this vulnerability, the threat actors were able to gain unauthorized access to highly sensitive information, which they then exfiltrated to 3,489,274 individuals, including students, alumni, students and professors, as well as external suppliers and service providers. The university did not find out about the compromise until November 21, 2025, more than three months after it occurred, even though it had begun unfolding in August. 

According to reports, the discovery coincided with public signals from the Cl0p ransomware group, which had listed the institution on its leaked site, which had triggered its public detection. It has been reported that Phoenix Education Partners, the parent company of the university, formally disclosed the incident in a regulatory Form 8-K filing submitted to the U.S. Securities and Exchange Commission on December 2, 2025, followed by a broader public notification effort initiated on December 22 and 23 of the same year. 

It is not unusual for sophisticated cyber intrusions to be detected in advance, but this delayed detection caused significant complications in the institution's response efforts because the institution's focus shifted from immediate containment to ensuring regulatory compliance, managing reputational risks, and ensuring identity protection for millions of people affected. 

A comprehensive identity protection plan has been implemented by the University of Phoenix in response to the breach. This program offers a 12-month credit monitoring service, dark web surveillance service, identity theft recovery assistance, and an identity theft reimbursement policy that covers up to $1 million for those who have been affected by the breach. 

The institution has not formally admitted liability for the incident, but there is strong evidence that it is part of a larger extortion campaign by the Clop ransomware group to take over the institution. A security analyst indicates Clop took advantage of a zero-day vulnerability (CVE-2025-61882) in Oracle's E-Business Suite in early August 2025, and that it has also been exploited in similar fashion to steal sensitive data from other prominent U.S universities, including Harvard University and the University of Pennsylvania, in both of whom confirmed that their students' and staff's personal records were accessed by an unauthorized third party using compromised Oracle systems. 

The clone has a proven history of orchestrating mass data theft, including targeting various file transfer platforms, such as GoAnywhere, Accellion FTA, MOVEit, Cleo, and Gladinet CentreStack, as well as MFT platforms such as GoAnywhere. The Department of State has announced that a reward of up to $10 million will be offered to anyone who can identify a foreign government as the source of the ransomware collective's operations. 

The resulting disruption has caused a number of disruptions in the business environment. In addition to the wave of incidents, other higher-education institutions have also been victimized by cyberattacks, which is a troubling pattern. 

As a result of breaches involving voice phishing, some universities have revealed that their development, alumni, and administrative systems have been accessed unauthorized and donor and community information has been exfiltrated. Furthermore, this incident is similar to other recent instances of Oracle E-Business Suite (EBS) compromises across U.S. universities that have been reported. 

These include Harvard University and the University of Pennsylvania, both of whom have admitted that unauthorized access was accessed to systems used to manage sensitive student and staff data. Among cybersecurity leaders, leadership notes the fact that universities are increasingly emulating the risk profile associated with sectors such as healthcare, characterized by centralized ecosystems housing large amounts of long-term personal data.

In a world where studies of student enrolment, financial aid records, payroll infrastructure and donor databases are all kept in the same place, a single point of compromise can reveal years and even decades of accumulated personal and financial information, compromising the unique culture of the institution. 

Having large and long-standing repositories makes colleges unique targets for hacker attacks due to their scale and longevity, and because the impact of a breach of these repositories will be measured not only in terms of the loss of records, but in terms of the length of exposure as well as the size of the population exposed. 

With this breach at University of Phoenix, an increasing body of evidence has emerged that U.S colleges and universities are constantly being victimized by an ever more coordinated wave of cyberattacks. There are recent disclosures from leading academic institutions, including Harvard University, the University of Pennsylvania, and Princeton University, that show that the threat landscape goes beyond ransomware operations, with voice-phishing campaigns also being used as a means to infiltrate systems that serve to facilitate alumni engagement and donor information sharing. 

Among the many concerns raised by the developments, there are also concerns over the protection of institutional privacy. During an unusual public outrage, the U.S. Department of State has offered an unusual reward of $10 million for information that could link Clop's activities to foreign governments. This was a result of growing concerns within federal agencies that the ransomware groups may, in some cases, intersect with broader geopolitical strategies through their financial motivations. 

University administrators and administrators have been reminded of the structural vulnerability associated with modern higher education because it highlights a reliance on sprawling, interconnected enterprise platforms that centralize academic, administrative, and financial operations, which creates an environment where the effects of a single breach can cascade across multiple stakeholder groups. 

There has been a remarkable shift in attackers' priorities away from downright disrupting systems to covertly extracting and eradicating data. As a result, cybersecurity experts warn that breaches involving the theft of millions of records may no longer be outliers, but a foreseeable and recurring concern. 

University institutions face two significant challenges that can be attributed to this trend-intensified regulatory scrutiny as well as the more intangible challenge of preserving trust among students, faculty, and staff whose personal information institutions are bound to protect ethically and contractually. 

In light of the breach, the higher-education sector is experiencing a pivotal moment that is reinforcing the need for universities to evolve from open knowledge ecosystems to fortified digital enterprises, reinforcing concerns.

The use of identity protection support may be helpful in alleviating downstream damage, but cybersecurity experts are of the opinion that long-term resilience requires structural reform, rather than episodic responses. 

The field of information security is moving towards layered defenses for legacy platforms, quicker patch cycles for vulnerabilities, and continuous network monitoring that is capable of identifying anomalous access patterns in real time, which is a key part of the process. 

During crisis periods, it is important for policy analysts to emphasize the importance of institutional transparency, emphasizing the fact that early communication combined with clear remediation roadmaps provides a good opportunity to limit misinformation and recover stakeholder confidence. 

In addition to technical safeguards, industry leaders advocate for expanded security awareness programs to improve institutional perimeters even as advanced tools are still being used to deal with threats like social engineering and phishing. 

In this time of unprecedented digital access, in which data has become as valuable as degrees, universities face the challenge of safeguarding information, which is no longer a supplemental responsibility but a fundamental institutional mandate that will help determine the credibility, compliance, and trust that universities will rely on in years to come.

Read more »
Third Party Risk
API security Automotive Cybersecurity Consumer Data Exposure Credit Monitoring Data Breach identity theft protection phishing threats Supply Chain Attack Third Party Risk

Credit Monitoring Provider Discloses Breach Impacting 5.6 Million Users


A data breach usually does not lend itself to straightforward comparisons, as each occurrence is characterized by distinctive circumstances and carries different consequences for those involved. It is common for headlines to emphasize the scale of an attack, the prominence of the organization that was affected, or the attack method used by the attacker, but in reality, the real significance of a breach lies in the sensitivity of the compromised data, along with the actions that are taken to correct it. 

It was apparent from a disclosure issued by 700Credit, a U.S.-based company that provides consumer information, preliminary credit checks, identity verifications, fraud detections, and compliance solutions for auto, recreational, powersport, and marine dealerships. As a result of a third-party supply-chain attack that occurred late in October 2025, the company confirmed that personally identifiable information had been accessed by unauthorized people through the use of a third-party supply chain. 

It has been revealed that the exposed data includes names, residential addresses, dates of birth, and Social Security numbers, all collected between May and October of the year. Based on the information provided by the agency, approximately 5.6 million people are expected to have been affected by the incident, making it one of the most substantial credit-related data breaches of the year, emphasizing the risks associated with retaining data for a long period of time and relying on external service providers. 

A 700Credit representative confirmed that the compromised information was the result of a breach of a database provided by auto dealerships between May and October 2025 as a result of regular credit verification and identity verification processes. 

Despite acknowledging that the precise technical details of how the intrusion was conducted have not yet been fully determined, the company has attributed the incident to an unidentified threat actor. Although there is no official word on who is affected, it has been revealed that those individuals whose personal data was processed by 700Credit for dealership clients have been brought into focus as data-handling risks arise across the entire automotive retail ecosystem. 

There are broader concerns raised about supply-chain exposures and the downstream impact of such events on consumer confidence, particularly when it comes to sensitive financial and identity-related information that has been disclosed. 

A Michigan Attorney General said that recipients of breach notification letters should not dismiss the letters in response to the disclosure, stressing that taking swift protective measures, such as freezing the credit history and enrolling in credit monitoring services, was critical to reducing the risk of identity theft and fraud that can result from the exposure to the breach. 

However, despite moving quickly to disable the exposed application programming interface (API), 700Credit acknowledged that, in spite of taking steps to prevent threats from accessing consumer records, threat actors were able to extract a significant percentage of them. The company estimates that approximately 20 percent of the affected datasets were accessed, which comprised extremely sensitive data such as names, addresses, birthdates, and Social Security numbers. 

In spite of the fact that 700Credit confirmed that its internal systems, payment platforms, and login credentials were unhacked, cybersecurity experts noted that the stolen data, in both quantity and nature, could still be utilized by phishing and social engineering companies to conduct highly convincing scams. 

Because of this, consumers and dealership clients have been advised to be vigilant when receiving unsolicited communications, especially those that appear to be from 700Credit or its partners, as well as any messages purported to have originated with the company. In addition to the details reported by CBTNews, it is clear that the breach is the result of a compromised integrated partner not alerting 700Credit in a timely manner after they became aware of the breach. 

Researchers have determined that attackers exploited vulnerabilities in the API validation process, which allowed malicious requests to be masked as legitimate partner traffic by exploiting vulnerabilities in the API validation process. An independent forensic analysis confirmed that the intrusion did not extend into 700Credit's internal network or core operational infrastructure, but rather was confined to the application layer through third-party API integration. 

Furthermore, experts concluded that attackers had been able to carry out the majority of the damage without compromising internal systems, underscoring the persistency of security gaps in API-driven architectures, particularly in modern times. 

According to 700Credit, in response, its API inspection controls have been strengthened, the validation framework is now more secure, the insurance coverage for cybersecurity has been expanded, and external cybersecurity firms have been engaged to assess residual risks and mitigate them, all while maintaining uninterrupted service to dealership clients throughout the investigation. 

Additionally to the technical remediation, 700Credit began a coordinated regulatory notification and response involving multiple authorities as well. For compliance with federal Safeguards Rule requirements, the company reported the incident to the Federal Bureau of Investigation and the Federal Trade Commission and also notified the FTC a consolidated breach notification on behalf of the affected dealer clients. 

Upon receiving written notifications of a breach of the Federal Safeguards Rule beginning December 22, 2025, impacted individuals were offered a 12-month free credit monitoring program from TransUnion and identity restoration services as part of the offer. Moreover, as part of the ongoing efforts to resolve consumer and dealer concerns, the company has also been in touch with the National Automobile Dealers Association and has notified state attorneys general throughout the country. 

A dedicated hotline was also established to address the concerns of consumers and dealers. In addition, the Michigan Attorney General issued a public consumer alert after an estimated 160,000 Michigan residents were identified as being affected by the fraud. They advised recipients to not ignore notification letters and to take immediate precautionary measures, such as putting a credit freeze on their credit report, signing up to a monitoring service, updating their passwords and enabling multifactor authentication, as soon as possible. 

Earlier this month, Michigan Attorney General Dana Nessel sent a consumer advisory explaining why people should not shrug off correspondence from 700Credit, emphasizing that taking prompt action can significantly reduce the risk of downstream fraud occurring as a result of this situation. 

According to her, victims should consider placing a credit freeze on their credit cards or registering for credit monitoring services, as these can serve as effective first-line defenses against identity theft, so that they may be able to protect themselves effectively. 

Moreover, Nessel emphasized the importance of being alert to potential phishing attempts, strengthening or changing passwords, removing unnecessary data stored on devices and enabling multi-factor authentication across all online services and devices. To be able to identify any suspicious activity as soon as possible, she also advised regularly reviewing credit reports from TransUnion as well as Equifax and Experian. 

As security expert Hill pointed out, the investigation revealed that the automotive retail sector was not adequately prepared in terms of cybersecurity, as highlighted by several industry perspectives. It has been discovered that several large dealerships have well-established security frameworks in place, including continuous monitoring and internal "red team" exercises which test defenses. However, smaller and mid-sized businesses lack the resources necessary to implement the same level of security measures. 

The author warned that these gaps can result in systemic risks within shared data networks, and advised dealerships to increase security awareness, better understand emerging threats, and evaluate the cybersecurity posture of third party partners that may have access to consumer information in a more detailed manner. 

As a whole, the 700Credit breach indicates how cyber risk is distributed across multiple interconnected industries, where vulnerabilities in one partner can ripple outward so that millions of individuals and hundreds of businesses are affected. 

As investigations and notifications continue, it will probably prompt an increased focus on third-party risk management, particularly in sectors which are heavily dependent on the sharing of data and the integration of real-time data. It is important for consumers to maintain vigilance, even after taking initial measures to prevent identity-based fraud, as identity-based fraud often emerges well after the original attack has been made. 

For dealerships and service providers, the breach serves as an alarming example of the need for cybersecurity governance to extend beyond internal systems to include vendors, integrations, and data lifecycle controls, in addition to internal systems. 

In addition to proactive investments in security assessments, employee training, and transparency, analysts note that proactive investments can help minimize both technical exposure and reputational damage in the automotive industry.

It is ultimately up to whether the lessons learned from the incident translate into stronger safeguards and more resilient data practices in the credit monitoring industry as well as automotive retail to determine the long-term impact of the incident.
Read more »
Prosper hack
Data Breach data breach September 2025 identity theft protection Prosper Prosper customer data leak Prosper hack

Prosper Data Breach Exposes 17.6 Million Users’ Personal Information — Company Offers Free Credit Monitoring

 

Prosper, the popular peer-to-peer lending platform that connects borrowers with investors, suffered a major data breach on September 2nd. According to details shared on the company’s official FAQ page, the incident was caused by “unauthorized queries made on company databases that store customer and applicant data,” which allowed attackers to gain access to sensitive personal information.

The compromised data reportedly includes names, Social Security numbers, government-issued IDs, employment and credit details, income levels, birth dates, home addresses, IP addresses, and browser user-agent information. However, Prosper confirmed that no customer accounts or funds were accessed, and the company’s operations remained unaffected.

While Prosper has not revealed the total number of affected users, cybersecurity outlet BleepingComputer reported that as many as 17.6 million unique email addresses were involved in the breach.

This stolen data presents a serious risk of phishing scams and identity theft, as cybercriminals could use it to impersonate victims or gain unauthorized access to financial accounts. Prosper is currently offering free credit monitoring to affected users and encourages both current and former customers to reach out for further details on what specific information was exposed.

Experts recommend that affected users immediately update passwords for their Prosper account and any connected financial platforms. Choosing strong, unique passwords for each account—and using a password manager to store them securely—is strongly advised.

Additionally, users should enable two-factor or multi-factor authentication wherever possible, as it provides an essential layer of defense against unauthorized access. Remain cautious of phishing attempts, particularly emails or texts requesting personal information or prompting unexpected downloads.

Finally, individuals concerned about potential misuse of their data should consider enrolling in identity theft monitoring services. These tools can alert you to suspicious activity related to your Social Security number, financial accounts, or other sensitive personal details.
Read more »
SSN leak
Data Breach Experian credit monitoring financial data exposure Healthcare HSGI cyberattack identity theft protection SSN leak

Over 624,000 Impacted in Major Healthcare Data Breach: SSNs, Financial Data, and Identity Theft Risks

 


A massive healthcare data breach has exposed the sensitive information of more than 624,000 individuals, putting Social Security numbers, financial details, and account credentials at risk.

The breach targeted Healthcare Services Group Inc. (HSGI), a Pennsylvania-based company that manages dining, housekeeping, and laundry services for hospitals across 48 U.S. states. According to BleepingComputer, HSGI has begun notifying impacted individuals through official letters.

Hackers infiltrated HSGI’s network in late September 2024, but the intrusion wasn’t discovered until October 7, 2024. An investigation revealed that a wide range of personal data may have been compromised, including:
  • Full names
  • Social Security numbers
  • Driver’s license and state ID numbers
  • Financial account details
  • Login credentials

The type of data exposed varies for each victim. Some may only have had their names leaked, while others also had SSNs and financial data exposed.

If you receive a data breach notification letter from HSGI, it will outline exactly what information of yours was exposed. The company is offering affected individuals free identity theft protection services from Experian, though the coverage period (12 months vs. 24 months) has not been confirmed.

Even though there’s no evidence yet of misuse of stolen data, experts warn that hackers could use the information for phishing attacks, fraud, or identity theft. Victims are urged to:
  • Monitor bank and credit card accounts closely
  • Watch for suspicious emails or texts
  • Avoid clicking unknown links or downloading attachments
  • Use trusted antivirus software on all devices

The healthcare industry has become a prime target for cybercriminals due to the high value of medical and financial records. Analysts believe this will not be the last attack of its kind, as similar breaches have been reported throughout the past year.

While individuals cannot control a company’s cybersecurity, they can take proactive measures once a breach occurs. As experts warn: You may not stop the breach, but you can protect yourself from becoming the next victim of identity fraud.
Read more »
Password Manager
cybersecurity tips Data Breach delete old accounts identity theft protection Online Security Password Manager

Why It’s Critical to Delete Old Online Accounts Before They Endanger Your Security

 

Most people underestimate just how many online accounts they’ve signed up for over the years. From grocery delivery and fitness apps to medical portals and smart home devices, every service requires an account—and almost all require personal information.

Research by NordPass last year revealed that the average person manages close to 170 passwords for different accounts. For anyone who has spent a significant part of their life online, that figure is likely much higher.

Abandoned or forgotten accounts still hold sensitive data—your name, email, address, birthdate, and payment information. All this information is exactly what shows up in massive data breaches and is precisely what cybercriminals look for.

In an era where data leaks often compile older breaches into vast collections of stolen personal details, inactive accounts lacking updated protections like strong passwords or two-factor authentication become major security liabilities.

Once hackers gain access to your information, they can leverage it in countless ways. For example, if they compromise your email or social media, they can impersonate you to launch phishing attacks or send scams to your contacts. They might also try to trick your friends and colleagues into downloading malware.

Dormant accounts can hold even more sensitive material, such as scans of IDs or insurance documents, which can be exploited for identity theft or fraud. Accounts with saved financial information are an even bigger risk since attackers can drain funds or resell the details on dark web marketplaces.

Deleting old accounts is one of the simplest yet most effective ways to strengthen your online security. It may seem tedious, but it’s something you can easily do while catching up on your favorite shows.

Start by searching your email inbox for common registration keywords like “welcome,” “thank you for signing up,” “verify account,” or “validate account.” A password manager can also help you see which logins you’ve saved over time.

Check the saved password lists in your browser:
  • Chrome: Settings > Passwords
  • Safari: Preferences > Passwords
  • Firefox: Preferences > Privacy & Security > Saved Logins
  • Edge: Settings > Profiles > Passwords > Saved Passwords
Many services let you sign in with Google, Facebook, Twitter, or Apple ID. Review the list of connected apps and services—while disconnecting them doesn’t automatically delete accounts, it shows what you need to remove.

Visit Have I Been Pwned? to check if your email has been involved in breaches. This resource can remind you of forgotten accounts and alert you to which passwords should be changed immediately.

If you spot apps you no longer use on your phone or laptop, log in, close the accounts, and delete the apps from your device. Some antivirus tools, such as Bitdefender, offer features to find all accounts you’ve created using your email with a single click.

Certain platforms intentionally make deletion difficult. If you’re struggling, search the site’s name along with “delete account,” or use justdelete.me, a helpful directory with step-by-step removal guides. If that fails, reach out to the site’s support team.

If you cannot fully delete an account, take steps to minimize the risk:

  • Remove saved payment information.
  • Delete personal details such as your name, birthdate, and shipping address.
  • Clear any stored files or sensitive messages.
  • Use a fake name and a disposable email like Mailinator.

Before creating new accounts in the future, consider whether you can use a guest checkout or a dedicated email address just for sign-ups.

For accounts you decide to keep, always update your passwords, store them securely in a password manager, and enable multi-factor authentication or passkeys to strengthen security.
Read more »
stolen employee data
Cybersecurity Incident Data Breach Hunters International leak IdeaLab identity theft protection Ransomware attack stolen employee data

IdeaLab Data Breach Exposes Sensitive Employee Information: Hackers Leak 137,000 Files Online

 

IdeaLab has begun notifying individuals whose personal data was compromised in a cybersecurity incident that occurred last October, when malicious actors infiltrated the company’s network and accessed confidential information.

Although the company did not specify the precise nature of the attack, the breach was claimed by the Hunters International ransomware group, which later published the stolen files on the dark web.

Founded in 1996, IdeaLab is a prominent California-based technology incubator known for launching over 150 companies, including GoTo.com, CitySearch, eToys, Authy, Pet.net, Heliogen, and Energy Vault. As one of the most established venture capital firms in the United States, IdeaLab has driven substantial economic growth, job creation, and investment returns over nearly three decades.

Suspicious activity was first detected on IdeaLab’s systems on October 7, 2024. A subsequent investigation revealed that unauthorized access began three days earlier. To respond, the company engaged external cybersecurity experts to conduct a thorough assessment, which concluded on June 26, 2025.

Investigators confirmed that data belonging to current and former employees, support service contractors, and their dependents had been stolen. In regulatory disclosures, IdeaLab stated that the compromised records included names along with various other sensitive details, though the exact types of data were not fully disclosed.

On October 23, 2024, after what appears to have been a failed extortion attempt, Hunters International published approximately 137,000 files—totaling 262.8 gigabytes. While the download link has since become inactive, security analysts believe other cybercriminals likely retrieved the files prior to removal.

Earlier today, the threat actor announced it was shutting down Hunters International operations, deleting all extortion-related data and offering free decryption keys to victims. However, cybersecurity researchers at Group-IB previously reported that the group had already begun transitioning to a new extortion-focused platform named World Leaks, suggesting this shutdown could be a strategic rebrand.

To help mitigate potential harm, IdeaLab is providing affected individuals with complimentary 24-month access to credit monitoring, identity theft protection, and dark web surveillance services through IDX. Impacted parties must enroll by October 1 to take advantage of these resources.
Read more »
stolen personal data
Data Breach identity theft protection Kelly Benefits data breach notification payroll security breach protect financial information stolen personal data

Kelly Benefits Data Breach Balloons to Over Half a Million Victims—What You Need to Know

 

When a business experiences a significant data breach, understanding the full impact can take a long time. That’s exactly the situation Kelly Benefits is now facing.

According to a report by BleepingComputer, Kelly & Associates Insurance Group—widely known as Kelly Benefits—has disclosed that a cybersecurity incident from December 12–17 last year has affected far more people than initially believed.

Originally, the company reported in April that 32,234 individuals had been impacted after hackers infiltrated its systems and accessed sensitive information. Over the past three months, however, the number has continued to climb. The latest figures show that 553,660 people are now at risk because of this breach.

In a public notice, Kelly Benefits explained that 46 companies relying on its services were caught up in the incident. Even if you haven’t worked directly with Kelly Benefits, you may still be affected if your employer or insurance carrier uses their benefits consulting, payroll management, or enrollment technology.

Some of the prominent organizations named in the breach notification include:

  • Wawa
  • United Healthcare
  • Aetna Life Insurance Company (CVS Health)
  • Humana Insurance ACE
  • CareFirst BlueCross BlueShield
  • Mutual of Omaha Insurance Company
  • The Guardian Life Insurance Company of America

To help people understand the risks, Kelly Benefits has sent personalized letters outlining exactly what data was exposed. The compromised information varies by person but could include full names, Social Security numbers, tax ID numbers, birth dates, health and medical insurance details, and financial account information.

As BleepingComputer highlighted, criminals armed with this data could attempt phishing scams, identity theft, or other fraudulent schemes. Under U.S. law, companies must notify you about what specific information was stolen. These notices typically arrive via postal mail, not by email or text. So if your employer works with Kelly Benefits, keep an eye on your mailbox in the coming weeks.

To mitigate the damage, Kelly Benefits is providing affected individuals with a year of complimentary identity theft protection from IDX. The notification letters include an enrollment code to activate this service. If you receive one, it’s highly recommended you sign up—it can help you recover your identity or reclaim stolen funds if fraud occurs.

In the meantime, be proactive:
  1. Monitor all your financial accounts for suspicious activity
  2. Consider placing a credit freeze with Equifax, Experian, and TransUnion to prevent new loans from being opened in your name
  3. Watch for phishing attempts targeting your stolen information

Even if you do everything right, you can still become a victim of a data breach simply because a company you trust relies on a third party. That’s why it’s essential to take immediate action if your personal or financial data has been compromised.

With cyberattacks and security incidents becoming more frequent, early vigilance and continuous monitoring are your best defenses against identity theft and fraud.
Read more »
secure VPN
Customer Data customer data privacy Cyber Security Identity Fraud Identity Theft identity theft protection NordVPN secure VPN

NordVPN Introduces £5,000 ID Theft Recovery Coverage for UK Users on Ultimate Plan

 

NordVPN has launched a new identity theft recovery benefit for its UK subscribers, offering up to £5,000 in reimbursement to help users recover from the financial and emotional toll of identity fraud. This latest addition to its cybersecurity toolkit is exclusively available to customers subscribed to the NordVPN Ultimate plan, priced at £5.09 per month, paid annually at £137.43. 

This move comes amid growing concerns over online threats, especially following recent data breaches involving major UK retailers like Marks & Spencer, Harrods, and Co-op. In these incidents, attackers managed to access sensitive customer data, highlighting the increasing risk faced by consumers today. NordVPN’s ID theft recovery feature complements its existing scam loss protection and is designed to ease the burden of recovering one’s identity after it has been compromised. 

Covered expenses include restoring credit ratings, resolving issues with bank accounts or loans, and even reclaiming lost wages if a victim had to take time off work to deal with the aftermath of identity theft. Additionally, this protection can help victims clear their names in cases where their identities are used for malicious purposes. For those who fall prey to scams—whether through phishing, AI-driven deepfake schemes, or romance fraud—NordVPN offers up to 12 months to file a claim if their bank or financial institution cannot provide assistance. 

These benefits are not limited to the UK alone. NordVPN’s coverage also extends to users in countries like France, Germany, Italy, Sweden, and the Netherlands, with 24/7 access to support services. While NordVPN Basic remains the more affordable option at £2.39 per month, the Ultimate plan’s added layer of financial security could be a worthwhile upgrade for users seeking peace of mind. In comparison, NordVPN users in the United States receive broader coverage through the NordProtect service, which includes cyber extortion and fraud protection with coverage up to $1 million—either through NordVPN Prime or as a standalone service.  

Although the UK plan doesn’t offer the same level of compensation as its U.S. counterpart, the £5,000 coverage still represents a meaningful step toward consumer protection. In an age where cyberattacks are common and even large companies struggle to safeguard data, investing in robust protection is becoming increasingly important. Whether or not users choose to upgrade, staying informed about digital security best practices remains the first line of defence.
Read more »
Social media identity theft
Costa Rica cybercrime Cyber Fraud Cybercrime Prevention Digital Security identity theft protection Online fraud Social media identity theft

Costa Rican Authorities Issue Warning as Social Media Identity Theft Cases Double

 

With the rapid evolution of technology, there has been a concerning rise in cybercrime, particularly in the realm of identity theft on social media platforms. The Cybercrime Unit of the Public Prosecutor's Office has observed a significant surge in such cases, prompting heightened attention to this growing threat.

Esteban Aguilar, the lead prosecutor of the Cybercrime Unit, shed light on the methods employed by cybercriminals to carry out identity theft. He explained that these crimes often target individuals, corporations, and even trademarks, using social networks, websites, or other digital platforms as their primary vehicles. Aguilar highlighted the severity of this issue, noting that identity theft has become the second most rapidly increasing form of cybercrime in the country, trailing only behind cyber fraud in its expansion.

The prosecutor emphasized the gravity of the situation by discussing the legal repercussions associated with identity theft. According to Aguilar, the Cybercrime Unit frequently receives reports of false profiles on social networks, which can lead to serious legal consequences, including imprisonment for up to three years. He stressed the importance of educating young people, who are the most active users of social media, on the legal and ethical responsibilities they must uphold online. Aguilar warned that any involvement in such illicit activities could result in severe penalties.

Statistical data from the Public Prosecutor's Office further underscore the growing concern. Since 2019, the number of identity theft cases has nearly doubled, rising from 449 reported incidents that year to 950 cases in 2023. This sharp increase reflects the escalating nature of cyber threats and the need for stronger measures to combat them.

The Costa Rican Penal Code specifically addresses the crime of identity theft, prescribing imprisonment ranging from one to three years for offenders. The law is clear: anyone who impersonates the identity of a natural person, legal entity, or trademark on any social network, website, or digital platform will face serious legal consequences.

The impact of identity theft has not been limited to individuals. Businesses, too, have been affected, with several high-profile companies falling victim to this crime. For instance, Pozuelo, a well-known cookie brand, has issued warnings to the public about fraudulent schemes where criminals have misappropriated the company's identity. Similarly, financial institutions, including banks, have alerted their customers to various scams designed to exploit their trust.

In a particularly alarming development, the country recently reported its first case of identity theft involving social networks. The case involves a man accused of accessing his ex-girlfriend's social media accounts and business profiles without her permission. According to the Prosecutor's Office, the accused had knowledge of her passwords and used them to infiltrate her personal and business accounts, raising serious concerns about privacy and the misuse of personal information.

This case serves as a stark reminder of the far-reaching consequences of cybercrime, particularly identity theft, and the urgent need for vigilance, both online and offline. As technology continues to advance, so too must the efforts to protect individuals and businesses from the growing threat of cybercriminals.

Read more »
Social Engineering
Caesars data breach cybersecurity insurance Data Breach identity theft protection MGM hack Ransomware attack Social Engineering

Major Caesars Data Breach: 41,000+ Individuals' Information Compromised

 

Casino powerhouse Caesars disclosed a significant data breach in September, preceding a similar incident at MGM later that month. The breach impacted over 41,000 patrons, primarily from the state of Maine, with cybercriminal group Scattered Spider identified as the perpetrators.

Caesars clarified that the breach primarily targeted its loyalty program, compromising personal information like names, driver's licenses, and ID card details of customers in Maine. 

Fortunately, no financial data was compromised. To mitigate the impact, Caesars is offering affected individuals complimentary two-year cybersecurity and identity fraud insurance. The exact tally of victims is still being determined, as per a filing with the Maine Attorney General's office. 

Caesars also mentioned in a letter to affected residents that efforts were made to delete the stolen data, although this outcome can't be guaranteed. Speculation suggests Caesars may have paid a reduced ransom amount of $15 million, down from an initial demand of $30 million.

Notably, it's been revealed that Caesars paid the ransom just days before Scattered Spider targeted MGM. This underscores the widely held belief that yielding to ransom demands only emboldens cybercriminals to strike again.

Caesars detailed the breach's origin, stating it was a result of a social engineering attack on an outsourced IT support vendor, leading to unauthorized network access on August 18, 2023, and data exfiltration from around August 23, 2023.

In response, Caesars is equipping affected Mainers with two years of identity theft protection through IDX, a third-party provider. This includes credit and dark web monitoring, as well as coverage of up to $1 million in case of identity theft.

While Caesars and MGM are prominent targets of Scattered Spider, cybersecurity firm Mandiant, a subsidiary of Google, has indicated that the group's recent ransomware campaign may have affected numerous industries beyond hospitality and entertainment, potentially numbering in the hundreds. This sequence of events serves as a stark reminder that capitulating to cybercriminal demands doesn't lead to a favourable outcome.
Read more »
Subscribe to: Comments (Atom)