Change Healthcare Breach Hits 100M Americans

Credit to Author: BrianKrebs| Date: Wed, 30 Oct 2024 13:34:08 +0000

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information.

Read more

The Global Surveillance Free-for-All in Mobile Ad Data

Credit to Author: BrianKrebs| Date: Wed, 23 Oct 2024 11:30:18 +0000

Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a powerful surveillance tool that should only be in the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites.

Read more

Identity Thieves Bypassed Experian Security to View Credit Reports

Credit to Author: BrianKrebs| Date: Mon, 09 Jan 2023 14:05:15 +0000

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number.

Read more

Senators Urge FTC to Probe ID.me Over Selfie Data

Credit to Author: BrianKrebs| Date: Wed, 18 May 2022 16:55:40 +0000

Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company ID.me for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service, which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me.

Read more

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Credit to Author: BrianKrebs| Date: Thu, 31 Mar 2022 22:54:45 +0000

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes.

Read more

IRS To Ditch Biometric Requirement for Online Access

Credit to Author: BrianKrebs| Date: Mon, 07 Feb 2022 20:56:52 +0000

The Internal Revenue Service (IRS) said today it will be transitioning away from requiring biometric data from taxpayers who wish to access their records at the agency’s website. The reversal comes as privacy experts and lawmakers have been pushing the IRS and other federal agencies to find less intrusive methods for validating one’s identity with the U.S. government online.

Read more

FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data

Credit to Author: BrianKrebs| Date: Fri, 28 Feb 2020 22:12:10 +0000

The U.S. Federal Communications Commission (FCC) today proposed fines of more than $200 million against the nation’s four largest wireless carriers for selling access to their customers’ location information without taking adequate precautions to prevent unauthorized access to that data. While the fines would be among the largest the FCC has ever levied, critics say the penalties don’t go far enough to deter wireless carriers from continuing to sell customer location data.

Read more