Accountability, Identity Theft and Information Security

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

The chief information security officer for a large academic healthcare system affected by the breach told KrebsOnSecurity they participated in a call with the FBI and were told a third party partner managed to recover at least four terabytes of data that was exfiltrated from Change by the cybercriminal group. Last month, Sens.

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Millions of customers were put at risk when their social security numbers, phone numbers, and other sensitive personal information were leaked.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

Nigerian man Sentenced to 26+ years in real estate phishing scams

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing millions by compromising the email accounts of real estate businesses. for phishing scams that resulted in the compromise of millions of email accounts. million in restitution.

Scams

Scams Phishing Identity Theft Accountability

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

.” Victims often realize too late that malware has infected their devices, leading to ransomware or identity theft. If users fall victim to this scam, immediately contact their financial institutions, secure their accounts, and change all passwords using a trusted device. The FBI urges reporting to IC3.gov.

Malware

Malware Scams Identity Theft Antivirus

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed. Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Identity Theft

Identity Theft Passwords Malware Banking

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Each faces two conspiracy counts and aggravated identity theft charges. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts. ” reads the press release published by DoJ. In July, law enforcement in the U.K.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Identity theft is number one threat for consumers, says report

Malwarebytes

FEBRUARY 27, 2024

The German Federal Office for Information Security (BSI) has published a report on The State of IT Security in Germany in 2023 , and the number one threat for consumers is… identity theft. Set up identity monitoring. Take your time.

Identity Theft

Identity Theft Data breaches Artificial Intelligence Passwords

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

Security Affairs

APRIL 6, 2025

Musielak warned of the rising threat of mass identity theft, fraudulent credit applications, and fake account creation, which are now more scalable with generative AI.

Identity Theft

Identity Theft Insurance Banking Authentication

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Sensitive Data Theft and Exposure: Cybercriminals have reportedly stolen up to 120 TB of data in 2024 from healthcare providers alone. This stolen data is often exposed on both the clear and dark web, heightening risks of identity theft and further perpetuating cybercrime. Louis, Missouri.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Security Affairs

MARCH 21, 2021

Department of Justice announced that Swiss hacker Till Kottmann, 21, has been indicted for conspiracy, wire fraud, and aggravated identity theft. A group of US hackers recently claimed to have gained access to footage from 150,000 security cameras at banks, jails, schools, healthcare clinics, and prominent organizations.

Identity Theft

Identity Theft Computers and Electronics Surveillance Hacking

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Impacts vary depending on users’ browsers, cookies, and third-party account activity. ” The potential exposed data includes IP addresses, third-party identifiers/cookies, and, in some cases, information about a patient’s treatment or provider if included in a URL or button text. added Atrium Health.

Data breaches

Data breaches Identity Theft Accountability Technology

Prominent US law firm Wolf Haldenstein disclosed a data breach

Security Affairs

JANUARY 16, 2025

The law firm recommends individuals to monitor accounts and credit reports for identity theft or fraud. Customers can also place free fraud alerts on their credit files, requiring businesses to verify identity before extending credit. Victims of identity theft are eligible for a seven-year extended fraud alert.

Data breaches

Data breaches Identity Theft Consumer Protection Data collection

PlayStation Network outage has been going on for over 24 hours

Security Affairs

FEBRUARY 8, 2025

Account management, gaming and social, PlayStation Video and the PlayStation store are experiencing issues. The PSN breach exposed the data of millions of users, costing Sony $15 million in settlements and a year of identity theft protection for subscribers.

Identity Theft

Identity Theft Hacking Cyber Attacks Accountability

USPS Site Exposed Data on 60 Million Users

Krebs on Security

NOVEMBER 21, 2018

Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. A USPS brochure advertising the features and benefits of Informed Visibility. Image: USPS.com.

Accountability

Accountability Authentication Identity Theft Advertising

Sprint revealed that hackers compromised some customer accounts via Samsung site

Security Affairs

JULY 16, 2019

US telecommunications company Sprint revealed that hackers compromised an unknown number of customer accounts via the Samsung.com “add a line” website. “On June 22, Sprint was informed of unauthorized access to your Sprint account using your account credentials via the Samsung.com “add a line” website.”

Accountability

Accountability Identity Theft Telecommunications Data breaches

A member of the Scattered Spider cybercrime group pleads guilty

Security Affairs

APRIL 7, 2025

Noah Urban, a 20-year-old from Palm Coast, pleaded guilty to conspiracy, wire fraud, and identity theft in two federal cases, one in Florida and another in California. Prosecutors revealed that Urban and co-conspirators stole victims’ personal info and used SIM swapping to reset crypto account passwords and drain funds.

Cybercrime

Cybercrime Identity Theft Social Engineering Hacking

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

Security Affairs

NOVEMBER 4, 2024

Now the City of Columbus determined that the ransomware attack compromised the personal and financial information of 500,000 individuals. “To date, the City is unaware of any actual or attempted misuse of your personal information for identity theft or fraud as a result of this Incident.”

Ransomware

Ransomware Identity Theft Data breaches Cyber threats

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Security Affairs

SEPTEMBER 9, 2024

“Additionally, Slim CD is providing impacted individuals with guidance on how to better protect against identity theft and fraud, including advising individuals to report any suspected incidents of identity theft or fraud to their credit card company and/or bank.” ” concludes the notification.

Data breaches

Data breaches Identity Theft Computers and Electronics Social Engineering

Ransomware attack on Singing River Health System impacted 895,000 people

Security Affairs

MAY 14, 2024

Potentially compromised information includes name, date of birth, address, Social Security number, medical information, and health insurance information. SRHS is offering impacted individuals access to credit monitoring services provided by IDX identity theft protection for twelve months at no cost.

Identity Theft

Identity Theft Ransomware Data breaches Insurance

Phishing campaign targets Tiktok influencer accounts

Security Affairs

NOVEMBER 18, 2021

Threat actors have launched a phishing campaign targeting more than 125 TikTok ‘Influencer’ accounts in an attempt to hijack them. Researchers from Abnormal Security uncovered a phishing scam aimed at hijacking at least 125 TikTok ‘Influencer’ accounts. ” reads the report published by Abnormal Security.

Accountability

Accountability Phishing Media Scams

Data Breach at Legal Service Provider May Have Compromised Health Info of 36,000 Patients in Pittsburgh

Hot for Security

FEBRUARY 9, 2021

CJH) is alerting more than 36,000 UPMC patients that some of their personal data may have been inappropriately accessed as the result of an information security breach at the company,” the notice reads. “This event did not occur at UPMC or affect the security of its electronic patient records or other computer systems.”

Data breaches

Data breaches Identity Theft Computers and Electronics Insurance

Chinese man charged for spear-phishing against NASA and US Government

Security Affairs

SEPTEMBER 17, 2024

” The man, who remails at large, used fake email accounts posing as US-based researchers and engineers to target government personnel to obtain software and source code created by the National Aeronautics and Space Administration (“NASA”), research universities, and private companies. Air Force, Navy, Army, and the FAA.”

Phishing

Phishing Government Identity Theft Engineering

Travel leisure company Carnival Corporation discloses data breach

Security Affairs

MARCH 6, 2020

. “It now appears that between April 11 and July 23, 2019, an unsanctioned third party gained unauthorized access to some employee email accounts that contained personal information regarding our guests.” For some clients, credit card and financial account information might have been exposed. .

Data breaches

Data breaches Identity Theft Advertising Scams

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.” In one case, the hackers successfully compromised an administrator email account associated with a defense contractor. ” continues the DoJ. ” concludes DoJ.

Hacking

Hacking Identity Theft Social Engineering Accountability

Utah Imaging Associates data breach impacts 583,643 patients

Security Affairs

NOVEMBER 22, 2021

Below are the recommendations included in the notice of Data Security Incident published by the company: You should always remain vigilant for incidents of fraud and identity theft by reviewing credit card account statements and by monitoring your credit report for suspicious or unusual activity. Pierluigi Paganini.

Data breaches

Data breaches Identity Theft Healthcare Insurance

US cancer center City of Hope: data breach impacted 827149 individuals

Security Affairs

APRIL 4, 2024

. “While the investigation remains ongoing, the impacted personal information identified thus far varies by individual but may have included name, contact information (e.g., email address, phone number), date of birth, social security number, driver’s license or other government identification, financial details (e.g.,

Data breaches

Data breaches Identity Theft Insurance Banking

North Korea-linked IT workers infiltrated hundreds of US firms

Security Affairs

MAY 18, 2024

Chapman faces charges of conspiracy to defraud the United States, wire fraud, bank fraud, aggravated identity theft, identity fraud, money laundering, operating an unlicensed money transmitting business, and unlawful employment of aliens. Didenko allegedly ran a multi-year scheme creating accounts on U.S.

Identity Theft

Identity Theft Accountability Government Technology

US DoJ dismantled remote IT worker fraud schemes run by North Korea

Security Affairs

AUGUST 13, 2024

US authorities accuse Knoot of aiding North Korean IT workers in using a stolen identity to impersonate a U.S. citizen, hosting company laptops at his home, unauthorized software installation to facilitate access, and laundering payments for the remote work through accounts linked to North Korean and Chinese individuals. The non-U.S.

Identity Theft

Identity Theft Accountability Software Technology

New LinkedIn breach exposes data of 700 Million users

Security Affairs

JUNE 29, 2021

The exposed records include email addresses full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experience/background, genders, and other social media accounts and usernames. Passwords are not included in the archive. ” reported RestorePrivacy.

Identity Theft

Identity Theft Social Engineering Media Hacking

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

PSEA is updating policies, boosting security, and enhancing monitoring to prevent breaches and strengthen data protection. ” continues the notification.

Education

Education Data breaches Identity Theft Insurance

U.S. authorities seized cybercrime marketplace Rydox

Security Affairs

DECEMBER 13, 2024

Todays takedown reinforces our steadfast message that the Western District of Pennsylvania and our domestic and international law enforcement partners will use every available tool to hold accountable those who pursue illicit profit at the expense of ordinary citizens around the world.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Hacking

Data leak exposes users of car-sharing service Blink Mobility

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. The exposed information could enable malicious actors to carry out identity theft, phishing attacks, unauthorized access to users’ accounts, and other nefarious actions. “In

Mobile

Mobile Identity Theft Passwords Phishing

Australian Firstmac Limited disclosed a data breach after cyber attack

Security Affairs

MAY 13, 2024

“It is important to note that our systems are secure. We already have robust security processes in place for any account access changes, which will require you to confirm your identity using either Biometrics or Two Factor Authentication.” ” continues the notice.

Data breaches

Data breaches Cyber Attacks Identity Theft Banking

US Bitcoin ATM operator Byte Federal suffered a data breach

Security Affairs

DECEMBER 12, 2024

The company responded to the incident by shutting down its platform, locking out the attacker, and securing the compromised server. The incident response included enhanced security, a hard reset on customer accounts, and the update of internal passwords and network keys.

Data breaches

Data breaches Identity Theft Cryptocurrency Accountability

Raccoon Infostealer operator sentenced to 60 months in prison

Security Affairs

DECEMBER 20, 2024

FBI identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) In October, Sokolovsky was charged with computer fraud, wire fraud, money laundering and aggravated identity theft. in the stolen data.

Cryptocurrency

Cryptocurrency Cybercrime Identity Theft Malware

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

The data accessed by the hackers did not include account credentials and full payment card data. Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Identity Theft Advertising

A threat actor is selling access to Facebook and Instagram’s Police Portal

Security Affairs

OCTOBER 21, 2023

The portal allows law enforcement agencies to request data relating to users (IP, phones, DMs, device info) or request the removal of posts and the ban of accounts. The threat actor is offering access for $700, and it appears it can have more than one existing account for the portal. ” Gal told Security Affairs.

Social Engineering

Social Engineering Identity Theft Accountability Engineering

Infosys McCamish Systems data breach impacted over 6 million people

Security Affairs

JUNE 29, 2024

Now, victims’ names, Social Security numbers, financial information, and medical information may be in the hands of criminals, putting victims at a greater risk of identity theft and other frauds.” ” reads a press release published by the company. ” concludes the notification.

Data breaches

Data breaches Identity Theft Insurance Ransomware

City of Philadelphia suffers a data breach

Security Affairs

OCTOBER 23, 2023

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The City of Philadelphia announced it is investigating a data breach after attackers that threat actors broke some of City email accounts containing personal and protected health information.

Data breaches

Data breaches Identity Theft Accountability Scams

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

Data Theft: Captures Google Authenticator screen content to steal OTP codes. Camera Access: Starts front camera streaming for potential identity theft or surveillance. Crocodilus steals OTP codes from Google Authenticator via Accessibility Logging, enabling account takeovers.

Banking

Banking Mobile Identity Theft Malware

Credential Flusher, understanding the threat and how to protect your login data

Security Affairs

SEPTEMBER 18, 2024

Why and how to protect ourselves Once the credentials are stolen, hackers can use them to access various online accounts, including banking, e-mail, and social media accounts. This can lead to identity theft, financial losses, and other serious consequences for the victim. Education improves awareness” is his slogan.

Passwords

Passwords Identity Theft Education Authentication

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Security Affairs

DECEMBER 28, 2023

It will inevitably result in them facing a host of adverse effects, such as account takeovers (ATO), business email compromises (BEC), identity theft, and financial fraud. Ironically, this display of generosity among cybercriminals is far from a cause for celebration for victims globally.

Identity Theft

Identity Theft Data breaches Hacking Government

Credential stuffing attack targeted 300K+ Spotify users

Security Affairs

NOVEMBER 24, 2020

Researchers uncovered a possible credential stuffing campaign that is targeting Spotify accounts using a database of 380 million login credentials. Security experts from vpnMentor have uncovered a possible credential stuffing operation that affected some Spotify accounts. ” reads the post published by vpnMentor.

Identity Theft

Identity Theft Accountability Passwords Phishing

Data leak at fintech giant Direct Trading Technologies

Security Affairs

JANUARY 31, 2024

Direct Trading Technologies, an international fintech company, jeopardized over 300K traders by leaking their sensitive data and trading activity, thereby putting them at risk of an account takeover. The leak poses a variety of risks, expanding from identity theft to takeover and cashing-out accounts of traders.

Technology

Technology Identity Theft Backups Passwords

Change Healthcare Breach Hits 100M Americans

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webinars

Trending Sources

Nigerian man Sentenced to 26+ years in real estate phishing scams

Webinars

FBI warns of malicious free online document converters spreading malware

International law enforcement operation dismantled RedLine and Meta infostealers

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Identity theft is number one threat for consumers, says report

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

Healthcare Now Third-Most Targeted Industry for Ransomware

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

New Atrium Health data breach impacts 585,000 individuals

Prominent US law firm Wolf Haldenstein disclosed a data breach

PlayStation Network outage has been going on for over 24 hours

USPS Site Exposed Data on 60 Million Users

Sprint revealed that hackers compromised some customer accounts via Samsung site

A member of the Scattered Spider cybercrime group pleads guilty

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Ransomware attack on Singing River Health System impacted 895,000 people

Phishing campaign targets Tiktok influencer accounts

Data Breach at Legal Service Provider May Have Compromised Health Info of 36,000 Patients in Pittsburgh

Chinese man charged for spear-phishing against NASA and US Government

Travel leisure company Carnival Corporation discloses data breach

U.S. authorities charged an Iranian national for long-running hacking campaign

Utah Imaging Associates data breach impacts 583,643 patients

US cancer center City of Hope: data breach impacted 827149 individuals

North Korea-linked IT workers infiltrated hundreds of US firms

US DoJ dismantled remote IT worker fraud schemes run by North Korea

New LinkedIn breach exposes data of 700 Million users

Pennsylvania State Education Association data breach impacts 500,000 individuals

U.S. authorities seized cybercrime marketplace Rydox

Data leak exposes users of car-sharing service Blink Mobility

Australian Firstmac Limited disclosed a data breach after cyber attack

US Bitcoin ATM operator Byte Federal suffered a data breach

Raccoon Infostealer operator sentenced to 60 months in prison

Staples discloses data breach exposing customer order data

A threat actor is selling access to Facebook and Instagram’s Police Portal

Infosys McCamish Systems data breach impacted over 6 million people

City of Philadelphia suffers a data breach

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Credential Flusher, understanding the threat and how to protect your login data

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Credential stuffing attack targeted 300K+ Spotify users

Data leak at fintech giant Direct Trading Technologies

Stay Connected