Data Breaches – Page 4 – PossibleThreat Articles

Why You Should Opt Out of Sharing Data With Your Mobile Provider

March 20, 2023 0 Comments A Little Sunshine, AT&T, CCPA, cpni, custom experience plus, customer proprietary network information, Data Breaches, Electronic Privacy Information Center, enhanced relevant advertising program, FCC, Federal Communications Commission, gavin wright, maids, mashable, mobile advertising ids, T-Mobile, techtarget, verizon, verizon custom experience plus, verizon selects, Verizon Wireless

Credit to Author: BrianKrebs| Date: Mon, 20 Mar 2023 14:47:56 +0000

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer on why you might want to do that, and how. Certain questions might be coming to mind right now, like “What the heck is CPNI?” And, ‘If it’s so ‘customer proprietary,’ why is AT&T sharing it with marketers?” Also maybe, “What can I do about it?” Read on for answers to all three questions.

Independent Krebs Security

Two U.S. Men Charged in 2022 Hacking of DEA Portal

March 14, 2023 0 Comments A Little Sunshine, convict, Data Breaches, doxbin, emergency data request, kt, Ne'er-Do-Well News, nicholas ceraolo, ominus, phobia, ryan stevenson, sagar steven singh, u.s. drug enforcement agency, vile, Web Fraud 2.0, weep

Credit to Author: BrianKrebs| Date: Wed, 15 Mar 2023 01:25:20 +0000

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims.

Independent Krebs Security

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

February 28, 2023 0 Comments A Little Sunshine, allison nixon, Data Breaches, international computer science institute, minecraft, nicholas weaver, roblox, security keys, SIM swapping, T-Mobile, tmo up, unit 221b, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 28 Feb 2023 16:14:57 +0000

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Independent Krebs Security

Experian Glitch Exposing Credit Files Lasted 47 Days

January 25, 2023 0 Comments A Little Sunshine, Data Breaches, experian, experian breach, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 25 Jan 2023 19:58:46 +0000

On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month. This week, however, Experian acknowledged that the security failure persisted for nearly seven weeks, between Nov. 9, 2022 and Dec. 26, 2022.

Independent Krebs Security

New T-Mobile Breach Affects 37 Million Accounts

January 19, 2023 0 Comments 2023 t-mobile breach, Data Breaches, Latest Warnings, optus, t-mobile breach, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 20 Jan 2023 04:09:22 +0000

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

Independent Krebs Security

Identity Thieves Bypassed Experian Security to View Credit Reports

January 9, 2023 0 Comments A Little Sunshine, annualcreditreport.com, Data Breaches, experian, jenya kushnir, Ne'er-Do-Well News, sen. ron wyden, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 09 Jan 2023 14:05:15 +0000

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number.

Independent Krebs Security

The Equifax Breach Settlement Offer is Real, For Now

December 20, 2022 0 Comments Data Breaches, Equifax breach, equifax class action settlement, myprepaidcenter.com, other

Credit to Author: BrianKrebs| Date: Tue, 20 Dec 2022 20:08:40 +0000

Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money.

Independent Krebs Security

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

December 13, 2022 0 Comments A Little Sunshine, breached, Data Breaches, FBI, infragard, pompompurin, RaidForums, usdod, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 13 Dec 2022 23:54:21 +0000

InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.

Independent Krebs Security

How 1-Time Passcodes Became a Corporate Liability

August 30, 2022 0 Comments 0ktapus, christopher knauer, CloudFlare, Data Breaches, digitalocean, doordash, group-ib, klaviyo, mailchimp, matthew prince, security keys, security tools, signal, sitel group, T-Mobile, teleperformance, twilio, twitter, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 30 Aug 2022 14:53:39 +0000

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.

Independent Krebs Security

When Efforts to Contain a Data Breach Backfire

August 16, 2022 0 Comments A Little Sunshine, banorte breach, cloudsecurityalliance, cti league, Data Breaches, group-ib, kurt seifried, ohad zaidenberg, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 16 Aug 2022 17:06:00 +0000

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.