2023, Cybercrime and Identity Theft - Cyber Security Informer

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Who Stole 3.6M Tax Records from South Carolina?

Krebs on Security

APRIL 16, 2024

KrebsOnSecurity examined posts across dozens of cybercrime forums around that time, and found only one instance of someone selling large volumes of tax data in the year surrounding the breach date. The AP says South Carolina paid $12 million to Experian for identity theft protection and credit monitoring for its residents after the breach.

Identity Theft

Identity Theft Banking Cybercrime Hacking

NationalPublicData.com Hack Exposes a Nation’s Data

Krebs on Security

AUGUST 15, 2024

On July 21, 2024, denizens of the cybercrime community Breachforums released more than 4 terabytes of data they claimed was stolen from nationalpublicdata.com, a Florida-based company that collects data on consumers and processes background checks. billion rows of records — they claimed was taken from nationalpublicdata.com. .”

Hacking

Hacking Data breaches Identity Theft Accountability

2023: A Year of Record-Breaking Data Breaches

Identity IQ

DECEMBER 20, 2023

2023: A Year of Record-Breaking Data Breaches IdentityIQ This past year has been an eye-opening year in the realm of digital security. Data breaches reached an all-time high, leaving a trail of identity theft cases. Protecting yourself from the damages of data breaches and identity theft is paramount.

Data breaches

Data breaches Identity Theft Cybercrime Social Engineering

Ransomware attack on Singing River Health System impacted 895,000 people

Security Affairs

MAY 14, 2024

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and other medical facilities operated by Singing River Health System (SRHS) were hit by a Rhysida ransomware attack.

Identity Theft

Identity Theft Ransomware Data breaches Insurance

New T-Mobile Breach Affects 37 Million Accounts

Krebs on Security

JANUARY 19, 2023

That breach came to light after a hacker began selling the records on a cybercrime forum. Data stolen and exposed in this breach may also be used for identity theft. Last year, T-Mobile agreed to pay $500 million to settle all class action lawsuits stemming from the 2021 breach.

Mobile

Mobile Accountability Data breaches Identity Theft

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

The Last Watchdog

SEPTEMBER 24, 2024

The breach was initially caused by a third-party malicious actor who infiltrated NPD’s systems in December 2023. This drives public awareness of the risks associated with identity theft. Related: Class-action lawsuits pile up in wake of NPD hack So what’s the connection? NPD reported the exposure of over 2.7 billion records.

Authentication

Authentication Identity Theft Banking Data breaches

T-Mobile suffered the second data breach in 2023

Security Affairs

MAY 1, 2023

T-Mobile disclosed the second data breach of 2023, threat actors had access to the personal information of hundreds of customers since February. T-Mobile suffered the second data breach of 2023, threat actors had access to the personal information of hundreds of customers starting in late February 2023.

Data breaches

Data breaches Mobile Identity Theft Accountability

IDIQ Executive Leadership Joins San Diego Cyber Center of Excellence Board of Directors

Identity IQ

OCTOBER 31, 2023

31 , 2023 – IDIQ ®, a leader in financial and identity protection, today announced it has joined the board of the Cyber Center of Excellence (CCOE), a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all. Scheumack began his career serving in the U.S.

Identity Theft

Identity Theft Education Scams Marketing

Ohio Lottery data breach impacted over 538,000 individuals

Security Affairs

MAY 11, 2024

“On or about December 24, 2023, the Ohio Lottery detected unauthorized access to our internal office network as a result of a cybersecurity incident that resulted in the exposure of the data we maintain. ” Ohio Lottery is providing impacted individuals free credit monitoring and identity theft protection services through IDX. .

Data breaches

Data breaches Identity Theft Cybercrime Cyber Attacks

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. AD," of College Station, Texas; Noah Michael Urban, 20, a.k.a.

Phishing

Phishing Identity Theft Cryptocurrency Cybercrime

Infosys McCamish Systems data breach impacted over 6 million people

Security Affairs

JUNE 29, 2024

Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. The investigation determined that threat actors gained access to the company systems between October 29, 2023, and November 2, 2023. ” reads a press release published by the company.

Data breaches

Data breaches Identity Theft Insurance Ransomware

Healthcare firm WebTPA data breach impacted 2.5 million individuals

Security Affairs

MAY 19, 2024

WebTPA discovered suspicious activity on its network on December 28, 2023 and launched an investigation with the help of third-party cybersecurity experts. The investigation revealed that an unauthorized actor may have obtained personal information between April 18 and April 23, 2023. The company also notified federal law enforcement.

Data breaches

Data breaches Healthcare Insurance Identity Theft

October ransomware attack on Dallas County impacted over 200,000 people

Security Affairs

JULY 11, 2024

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas County, Texas, and added the city to its Tor leak site claiming the theft of sensitive documents from multiple departments.

Ransomware

Ransomware Identity Theft Data breaches Insurance

Sav-Rx data breach impacted over 2.8 million individuals

Security Affairs

MAY 27, 2024

Prescription service company Sav-Rx disclosed a data breach after 2023 cyberattack. The investigation conducted by the company with the help of external cybersecurity experts revealed that threat actors first gained access to the IT System on or around October 3, 2023. million people in the United States.

Data breaches

Data breaches Identity Theft Insurance Technology

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

Security Affairs

APRIL 8, 2024

The data breach occurred on May 30, 2023, and was discovered on February 7, 2024. “On May 30, 2023, we detected unusual activity on our internal network, and we promptly took steps to mitigate the incident. The company announced that it deleted DOJ data from its systems after the incident.

Data breaches

Data breaches Identity Theft Insurance Hacking

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data. As of the first three quarters of 2024, there were already 264 ransomware incidents affecting healthcare providers—nearly matching all of 2023's figures.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Bank of America customer data compromised after a third-party services provider data breach

Security Affairs

FEBRUARY 13, 2024

The bank has sent notification letters to 57,000 customers, informing them that their personal information has been compromised Infosys disclosed the security breach on November 3, 2023, in a filing with SEC the company reported it was the victim of a cyberattack that resulted in the non-availability of certain applications and systems.

Data breaches

Data breaches Banking Identity Theft Ransomware

McLaren Health Care revealed that a data breach impacted 2.2 million people

Security Affairs

NOVEMBER 10, 2023

The company became aware of anomalous activity on or about August 22, 2023, and immediately launched an investigation with the help of third-party forensic experts. The investigation revealed that threat actors gained unauthorized access to McLaren’s network between July 28, 2023, and August 23, 2023.

Data breaches

Data breaches Identity Theft Insurance Ransomware

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft

Identity Theft VPN Malware Ransomware

MediSecure data breach impacted 12.9 million individuals

Security Affairs

JULY 19, 2024

The incident impacted individuals who received services from MediSecure between March 2019 and November 2023. million Australians who used the MediSecure prescription delivery service during the approximate period of March 2019 to November 2023 are impacted by this Incident based on individuals’ healthcare identifiers. .”

Data breaches

Data breaches Unstructured Data Healthcare Identity Theft

A TrickBot malware developer sentenced to 64 months in prison

Security Affairs

JANUARY 26, 2024

Dunaev pleaded guilty on November 30, 2023, he admitted to conspiring to engage in computer fraud and identity theft, as well as conspiring to commit wire fraud and bank fraud. ” reads the press release published by DoJ. million via ransomware deployed by Trickbot.”

Malware

Malware Identity Theft Banking Ransomware

Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 11, 2024

Now Cybersecurity expert says the next generation of identity theft is here: ‘Identity hijacking’ Were 3 Million Toothbrushes Really Used for a DDoS Attack? Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Spyware

Spyware Surveillance DDOS Identity Theft

Oregon Zoo Hit by Payment Card Data Breach

SecureWorld News

AUGUST 22, 2024

An investigation subsequently determined that an unauthorized actor had been redirecting customer transactions from the third-party vendor processing online ticket purchases since December 23, 2023. Maintaining the confidentiality, privacy, and security of customers' information is our priority," the zoo stated in its notice.

Data breaches

Data breaches Identity Theft Risk Accountability

ShinyHunters member sentenced to three years in prison

Security Affairs

JANUARY 10, 2024

District Court in Seattle to three years in prison and more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft. Sebastien Raoult (also known as “Seyzo Kaizen”), is a French national that has been extradited from Morocco to the United States in January 2023.

Identity Theft

Identity Theft Hacking Cryptocurrency Advertising

Nurturing Our Cyber Talent

IT Security Guru

SEPTEMBER 25, 2023

The IT Security Guru caught up with Tarnveer Singh a CISO and finalist in the Security Serious Unsung Heroes Awards 2023 for his thoughts on how to get more professionals involved in the cybersecurity industry: There are many ways we can inspire new cybersecurity professionals to join our industry. Our industry needs all types of people.

CISO

CISO Identity Theft Cybercrime Cybersecurity

Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Security Affairs

SEPTEMBER 30, 2024

Mālama has no evidence that any personal information has been or will be misused for identity theft as a direct result of this incident.” In November 2023, the Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. ” reads the notice of breach published by Malama.

Data breaches

Data breaches Ransomware Healthcare Identity Theft

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

On November 17, 2023, the Medusa ransomware gang claimed responsibility for the attack and threatened to leak the purportedly stolen data if the company doesn’t pay the ransom. Impacted customers are at risk on fraudulent activities, including identity theft and financial fraud.

Financial Services

Financial Services Data breaches Identity Theft Banking

Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach

Security Affairs

AUGUST 14, 2023

“While HCPF confirmed that no other HCPF systems or databases were impacted, on June 13, 2023, the investigation identified that certain HCPF files on the MOVEit application used by IBM were accessed by the unauthorized actor on or about May 28, 2023. state of Colorado. CDHE did not disclose the number of impacted individuals.

Identity Theft

Identity Theft Data breaches Ransomware Education

State of Malware 2024: What consumers need to know

Malwarebytes

FEBRUARY 6, 2024

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. Sadly, there’s not a lot you can do to prevent incidents like these yourself, other than stay on top of the news and protect yourself against identity theft. This is changing.

Malware

Malware Passwords Identity Theft Banking

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

Security Affairs

JANUARY 3, 2024

Resecurity has uncovered a cybercriminal faction known as “ GXC Team “, who specializes in crafting tools for online banking theft, ecommerce deception, and internet scams. Around November 11th, 2023, the group’s leader, operating under the alias “ googleXcoder “, made multiple announcements on the Dark Web.

Artificial Intelligence

Artificial Intelligence Banking Scams Cybercrime

LockBit leaks data stolen from the South Korean National Tax Service

Security Affairs

APRIL 1, 2023

On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.

Identity Theft

Identity Theft Ransomware Scams Education

Yum! Brands, the owner of KFC, Taco Bell and Pizza Hut, discloses data breach

Security Affairs

APRIL 11, 2023

On January 13, 2023, Yum! Brands pointed out that they have no evidence of identity theft or fraud involving exposed data. experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. “As we announced publicly in mid-January, Yum!

Data breaches

Data breaches Identity Theft Education Ransomware

Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals

Security Affairs

MAY 29, 2023

According to the notification filed with the Office of the Maine Attorney General, the company discovered unauthorized access to its computer systems on March 6th, 2023, and immediately launched an investigation into the incident. “On March 6, 2023, MCNA became aware that an unauthorized party was able to access certain MCNA systems.

Ransomware

Ransomware Insurance Data breaches Identity Theft

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

Security Affairs

FEBRUARY 27, 2023

The Dutch police announced the arrest of three men as the result of an extensive investigation into computer trespass, data theft, extortion, extortion, and money laundering The suspects were arrested by the Amsterdam police arrested on January 23, 2023. ” reported The Register.

Cybercrime

Cybercrime Identity Theft Hacking Scams

The ‘Mother of all Breaches’: Navigating the Aftermath and Fortifying Your Data with DSPM

Security Affairs

FEBRUARY 4, 2024

The leaked information includes a staggering amount of sensitive personal details, making users susceptible to identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts. According to a recent report, in 2023, cloud-based data breaches made up 45% of all breaches.

Data breaches

Data breaches Identity Theft Risk Cybersecurity

PharMerica breach impacts almost 6 million people

Malwarebytes

MAY 16, 2023

The investigation showed that an unauthorized party accessed PharMerica computer systems on March 12-13, 2023, and that this party may have had access to certain personal information. The notice will include information on steps individuals can take to protect themselves against potential fraud or identity theft.

Identity Theft

Identity Theft Ransomware Data breaches Passwords

SIEM for Small and Medium-Sized Enterprises: What you need to know

Security Affairs

SEPTEMBER 19, 2024

Research from the Identity Theft Resource Center (ITRC) recently found that 73% of US small business owners experienced a cyberattack in 2023. So, let’s look at how SIEM solutions can help protect SMEs from cybercrime – without breaking the bank.

Threat Detection

Threat Detection Identity Theft Banking Small Business

Cyberattacks on SMBs Reach Record Highs Despite Confidence in Defenses

SecureWorld News

OCTOBER 26, 2023

A new report from the Identity Theft Resource Center (ITRC) reveals cyberattacks and data breaches targeted at small and medium-sized businesses (SMBs) continue to climb, reaching their highest levels in the three years of the study.

Small Business

Small Business Identity Theft Data breaches Authentication

Security Roundup May 2023

BH Consulting

MAY 23, 2023

Repetition can lead people to over-disclose information, that could then put them at risk of identity theft and cybercrime. Sign up here The post Security Roundup May 2023 appeared first on BH Consulting. Now, a new study from the University of East Anglia has uncovered a fresh twist: ask them twice.

Artificial Intelligence

Artificial Intelligence Identity Theft Social Engineering InfoSec

Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election

Security Affairs

JANUARY 12, 2024

Evidence supporting this was gathered around December 2023, when it was discovered that at least two employees had fallen victim to common password-stealing programs – Nexus Stealer and Lumma, which are readily available on the Dark Web. A database containing over 2.3

Identity Theft

Identity Theft Cyber threats Marketing Risk

Dark Web Data Markets: The Alarming Trade of Stolen Social Media Information

Hacker's King

OCTOBER 3, 2024

Introduction to Dark Web Data Markets The dark web is a hidden part of the internet that has become a major concern for cybersecurity, especially regarding dark web identity theft. In about recent years 9 million identities experienced identity theft, showing the urgent need for awareness and protective measures against these threats.

Media

Media Identity Theft Marketing Data breaches

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Trending Sources

Who Stole 3.6M Tax Records from South Carolina?

NationalPublicData.com Hack Exposes a Nation’s Data

2023: A Year of Record-Breaking Data Breaches

Ransomware attack on Singing River Health System impacted 895,000 people

New T-Mobile Breach Affects 37 Million Accounts

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

T-Mobile suffered the second data breach in 2023

IDIQ Executive Leadership Joins San Diego Cyber Center of Excellence Board of Directors

Ohio Lottery data breach impacted over 538,000 individuals

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

Infosys McCamish Systems data breach impacted over 6 million people

Healthcare firm WebTPA data breach impacted 2.5 million individuals

October ransomware attack on Dallas County impacted over 200,000 people

Sav-Rx data breach impacted over 2.8 million individuals

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

Healthcare Now Third-Most Targeted Industry for Ransomware

Bank of America customer data compromised after a third-party services provider data breach

McLaren Health Care revealed that a data breach impacted 2.2 million people

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

MediSecure data breach impacted 12.9 million individuals

A TrickBot malware developer sentenced to 64 months in prison

Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION

Oregon Zoo Hit by Payment Card Data Breach

ShinyHunters member sentenced to three years in prison

Nurturing Our Cyber Talent

Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Toyota Financial Services discloses a data breach

Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach

State of Malware 2024: What consumers need to know

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

LockBit leaks data stolen from the South Korean National Tax Service

Yum! Brands, the owner of KFC, Taco Bell and Pizza Hut, discloses data breach

Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

The ‘Mother of all Breaches’: Navigating the Aftermath and Fortifying Your Data with DSPM

PharMerica breach impacts almost 6 million people

SIEM for Small and Medium-Sized Enterprises: What you need to know

Cyberattacks on SMBs Reach Record Highs Despite Confidence in Defenses

Security Roundup May 2023

Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election

Dark Web Data Markets: The Alarming Trade of Stolen Social Media Information

Stay Connected