Identity Theft, Information Security and Social Engineering

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Millions of customers were put at risk when their social security numbers, phone numbers, and other sensitive personal information were leaked.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Each faces two conspiracy counts and aggravated identity theft charges. Scattered Spider members are part of a broader cybercriminal community called “The Com,” where hackers brag about high-profile cyber thefts, typically initiated through social engineering tactics like phone, email, or SMS scams to gain access to corporate networks.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

A member of the Scattered Spider cybercrime group pleads guilty

Security Affairs

APRIL 7, 2025

Noah Urban, a 20-year-old from Palm Coast, pleaded guilty to conspiracy, wire fraud, and identity theft in two federal cases, one in Florida and another in California. A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” reported News4Jax.

Cybercrime

Cybercrime Identity Theft Social Engineering Hacking

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Security Affairs

SEPTEMBER 9, 2024

Card verification numbers (CVV) were not exposed, however, threat actors can obtain them from cardholders through social engineering attacks. ” The electronic payment gateway did not offer identity theft protection services to the impacted individuals. . ” concludes the notification.

Data breaches

Data breaches Identity Theft Computers and Electronics Social Engineering

National Social Security Fund of Morocco Suffers Data Breach

Security Affairs

APRIL 9, 2025

Similar to organizations in the US and EU, such funds store a significant amount of digital identity information relating to citizens. A data breach of such scale may have a negative, long-lasting impact on citizens’ personal data that could create risks of fraud and identity theft.

Data breaches

Data breaches Identity Theft Healthcare Social Engineering

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

Overlay Attacks: Checks for available overlays targeting installed applications, typically for credential theft. Notifications & Social Engineering: Posts fake push notifications to trick users. Data Theft: Captures Google Authenticator screen content to steal OTP codes.

Banking

Banking Mobile Identity Theft Malware

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

Nasab utilized the stolen identity of an actual individual to register a server and email accounts used in the attacks. “In addition to spearphishing, the conspirators utilized social engineering, which involved impersonating others, generally women, in order to obtain the confidence of victims. ” continues the DoJ.

Hacking

Hacking Identity Theft Social Engineering Accountability

New LinkedIn breach exposes data of 700 Million users

Security Affairs

JUNE 29, 2021

He claims the data was obtained by exploiting the LinkedIn API to harvest information that people upload to the site.” Data available for sale exposes 700+ million people at risk of cybercriminal activities, including identity theft, phishing and social engineering attacks, and account hijacking.

Identity Theft

Identity Theft Social Engineering Media Hacking

A threat actor is selling access to Facebook and Instagram’s Police Portal

Security Affairs

OCTOBER 21, 2023

Gal speculates that either Meta was the victim of a social engineered attack that tricked an employee into giving attackers access to the portal or the threat actor had credentials for a legitimate law enforcement account. ” Gal told Security Affairs. The access to the official META Law Enforcement Portal.

Social Engineering

Social Engineering Identity Theft Accountability Engineering

Don’t use AI-based apps, Philippine defense ordered its personnel

Security Affairs

OCTOBER 23, 2023

The order remarks that these AI-based applications pose significant privacy and security risks. This seemingly harmless and amusing AI-powered application can be maliciously used to create fake profiles that can lead to identity theft, social engineering, phishing attacks and other malicious activities,” Teodoro said.

Identity Theft

Identity Theft Social Engineering Data collection Risk

Data Breach at Britain JD Sports leaks 10 million customers

CyberSecurity Insiders

JANUARY 30, 2023

Accessed information includes data related to phone numbers, email accounts, addresses, names, the location where the order was delivered, and the final 4 digits of bank cards. JD Sports has assured that hackers accessed no passwords related to their accounts and issued an apology for failing to protect the customer info.

Data breaches

Data breaches Retail Identity Theft Social Engineering

Misconfigured WBSC server leaks thousands of passports

Security Affairs

SEPTEMBER 29, 2023

According to the team, having passport data exposed puts individuals at risk of identity theft. Since passports contain a significant amount of personal information, including full names, date of birth, and a unique passport number, cyber criminals could use them to impersonate victims and steal their identities,” the team said.

Identity Theft

Identity Theft Social Engineering Banking Risk

Nude photo theft offers lessons in selfie security

Malwarebytes

FEBRUARY 12, 2021

A man from New York has pleaded guilty to one count of aggravated identity theft, and one count of computer intrusion causing damage. The maximum term and fine for one count of aggravated identity theft is 2 years and $250,000. Securing your nudes : A good rundown of where to start locking down your most sensitive files.

Identity Theft

Identity Theft Social Engineering Passwords Accountability

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

According to Bleeping Computer , the hackers used an internal T-Mobile application to target up to 400 customers in SIM swap attack attempts, the security breach did not impact business customers. Impacted T-Mobile customers are recommended to change their password, PIN, and security questions.

Mobile

Mobile Data breaches Telecommunications Accountability

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

By: Craig Debban , Chief Information Security Officer, QuSecure, Inc. In a typical SNDL attack, the attacker gains access to encrypted data by intercepting network traffic, accessing data stores, or by using techniques such as social engineering or malware to gain access to critical information.

CISO

CISO Identity Theft Encryption Social Engineering

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Security Affairs

APRIL 8, 2021

Particularly determined attackers can combine information found in the leaked files with other data breaches in order to create detailed profiles of their potential victims. Next steps.

Identity Theft

Identity Theft Passwords Social Engineering Phishing

350 million decrypted email addresses left exposed on an unsecured server

Security Affairs

AUGUST 27, 2020

They can then conduct elaborate phishing and social engineering attacks to gain access to the victims’ accounts on other digital services such as entertainment and shopping platforms or even online banking.

Social Engineering

Social Engineering Passwords Marketing Phishing

Nurturing Our Cyber Talent

IT Security Guru

SEPTEMBER 25, 2023

Attacks such as hacking, phishing, ransomware and social engineering are on the rise. Businesses and other organisations are being pushed both by customers and regulators to evidence how they are keeping their information secure. Ransomware, identity theft, and other cybercrime is on the rise.

CISO

CISO Identity Theft Cybercrime Cybersecurity

Top Cybersecurity Companies for 2022

eSecurity Planet

JUNE 7, 2022

It is used to avoid unauthorized data access, cyber-attacks, and identity theft. Application security, information security, network security, disaster recovery, operational security, etc. are the different parts of cybersecurity. The benefits of cybersecurity software.

Cybersecurity

Cybersecurity Identity Theft Encryption Antivirus

Penetration Testing Remote Workers

SecureWorld News

JUNE 28, 2020

The information can then be used to access other accounts associated with the individual, install malware, initiate a ransomware infection, or conduct identity theft impacting the business. SMishing is social engineering in the form of SMS text messages. Remote access. Remote Access.

Penetration Testing

Penetration Testing Social Engineering VPN Phishing

Cybercriminals Are Targeting AI Conversational Platforms

Security Affairs

OCTOBER 9, 2024

This vector may be especially effective in fraudulent and social engineering campaigns when the adversary focuses on acquiring payment information from the victim using some pretext of KYC verification or technical support from a specific financial institution or payment network.

Social Engineering

Social Engineering Risk Identity Theft Technology

More than 737 million medical radiological images found on open PACS servers

Security Affairs

SEPTEMBER 18, 2019

Identity Theft

Identity Theft Social Engineering Healthcare Internet

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Since these documents also leaked information about the court case that only lawyers, insurance companies, and other officials should have access to, like dossier number, accident details, client details, as well as phone numbers; always be sceptical about people calling you about your past court cases and asking for money or information.

Data breaches

Data breaches Insurance Identity Theft Education

Doxing in the corporate sector

SecureList

MARCH 29, 2021

Most of these breaches occur with Amazon AWS Simple Cloud Storage (AWS S3) due to the widespread popularity of this system as well as the apparent simplicity of its configuration, which does not require any special knowledge of information security. Identity theft.

Identity Theft

Identity Theft Phishing Accountability Banking

19 petabytes of data exposed across 29,000+ unprotected databases

Security Affairs

MAY 7, 2021

Such lapses in database security can (and often do) lead to hundreds of millions of people having their personal information exposed on the internet, allowing threat actors to use that data for a variety of malicious purposes, including phishing and other types of social engineering attacks , as well as identity theft.

Passwords

Passwords Authentication Identity Theft Engineering

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Security Affairs

MAY 13, 2023

One of them is identity theft. Fraudsters may exploit the exposed personal information to impersonate the affected individuals and gain access to their financial accounts or other sensitive information. Threat actors might also exploit La Malle Postale’s credibility among its clients in social engineering attacks.

Passwords

Passwords Identity Theft Scams Social Engineering

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

Security Affairs

JULY 29, 2022

Reduce identity theft from phishing and other social engineering schemes. MFA allows you to: Protect against the compromise made possible by weak passwords. With MFA, a password alone is insufficient to grant access, so credential stuffing and brute force attacks are rendered useless.

Authentication

Authentication Passwords Data privacy Identity Theft

Gamblers’ data compromised after casino giant Strendus fails to set password

Security Affairs

NOVEMBER 15, 2023

Storing personal information in logs should be avoided, as it elevates their sensitivity level. User security log. Source: Cybernews The information exposed in this data leak could have been exploited for fraud, identity theft, phishing attempts, or as a source of data for meticulously targeted cyberattacks.

Passwords

Passwords Identity Theft Social Engineering Spyware

Online marketing company exposes 38+ million US citizen records

Security Affairs

SEPTEMBER 3, 2020

Because we were initially unable to identify the owner of the unsecured bucket, we contacted Amazon on July 27 to help them secure the database. What happened to the data?

Marketing

Marketing Media Advertising Identity Theft

The High Stakes of Cybersecurity in Online Gambling

SecureWorld News

SEPTEMBER 12, 2024

Using strong, unique passwords, enabling multi-factor authentication when available, and being cautious about sharing personal information are crucial steps in protecting oneself. The risks are also pretty obvious: Identity Theft: Personal and financial data can be compromised if a gambling site is breached.

Cybersecurity

Cybersecurity Scams Phishing Mobile

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

Security Affairs

JANUARY 3, 2024

In the case of Australia, the actors impersonated the “my.gov.au” portal, luring victims into providing their personal information, which was then maliciously collected. This tactic underscores their commitment to identity theft and the exploitation of unsuspecting individuals through deceptive online means.

Artificial Intelligence

Artificial Intelligence Banking Scams Cybercrime

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

The Last Watchdog

MAY 28, 2024

Cary, NC, May 28, 2024, CyberNewsWire — If there is a single theme circulating among Chief Information Security Officers (CISOs) right now, it is the question of how to get stakeholders on board with more robust cybersecurity training protocols. Human error remains one of the leading causes of security breaches.

CISO

CISO Cybersecurity Data breaches Cyber threats

Stay Safe Online: 5 Essential Tips for World Wide Web Day

Security Boulevard

AUGUST 1, 2024

As our digital lives increasingly intertwine with our real-world identities, we leave a trail of personal information on the internet. Cyber threats such as phishing, identity theft, and malware attacks are ever-present dangers that can compromise our privacy and security.

Identity Theft

Identity Theft Cyber threats Passwords Authentication

Popular apps left biometric data, IDs of millions of users in danger

Security Affairs

JANUARY 27, 2022

Millions of customers of large businesses have been left vulnerable to identity theft, thanks to a security flaw that exposes their personal data to illicit download. Threat actors can abuse PII to conduct phishing and social engineering attacks. Looming dangers. Having your personal data leaked poses many hazards.

Identity Theft

Identity Theft Accountability Data breaches Social Engineering

Stay Safe Online: 5 Essential Tips for World Wide Web Day

Thales Cloud Protection & Licensing

JULY 31, 2024

As our digital lives increasingly intertwine with our real-world identities, we leave a trail of personal information on the internet. Cyber threats such as phishing, identity theft, and malware attacks are ever-present dangers that can compromise our privacy and security.

Identity Theft

Identity Theft Cyber threats Passwords Authentication

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

Making matters worse, the cameras employ facial recognition technology, which leads to questions as to whether an attacker could actually identify individuals caught on camera and then pursue them as targets for social engineering schemes or something even more nefarious. When surveillance leads to spying.

Surveillance

Surveillance IoT Accountability Passwords

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Dangerous permissions detected in top Android health apps

Security Affairs

SEPTEMBER 15, 2023

Leading Android health apps expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. Access to Contacts: Apps with access to your contacts may misuse this information for spamming, social engineering, or selling your contact details to third parties without your consent.

Accountability

Accountability Mobile Surveillance Information Security

Keyavi Data Shares Best Practices for Keeping Data Private as a Champion of Data Privacy Week

CyberSecurity Insiders

JANUARY 28, 2022

Minichillo, Keyavi’s chief information security officer and VP of cyber threat & intelligence. Another report from The Identity Theft Resource Center states that the number of security compromises increased more than 68% in 2021, setting a new record. million per incident.

Data privacy

Data privacy Data breaches Technology Passwords

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

SecureWorld News

DECEMBER 27, 2024

Mo Wehbi, VP, Information Security & PMO, Penske Automotive Group: The Good and the Bad "The Good: Widespread Adoption of AI and Machine Learning for Threat Detection: AI will become more sophisticated and integral in identifying threats in real-time, reducing response times and mitigating risks faster than ever before.

Cybersecurity

Cybersecurity Education Risk CISO

The dark web index 2021, report

Security Affairs

JUNE 4, 2021

Hacked social media accounts’ prices are decreasing across all platforms. Again, it’s a numbers game, so a few precautions will go a long way in improving your security. Preventing Identity Theft. Keeping yourself safe is not rocket science. Avoid unsecured WiFi.

Accountability

Accountability Marketing Hacking Cryptocurrency

Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

AUGUST 25, 2024

env) International Press – Newsletter Cybercrime The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for New U.N. million to $459.8

Cybercrime

Cybercrime Malware Hacking Identity Theft

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Trending Sources

A member of the Scattered Spider cybercrime group pleads guilty

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

National Social Security Fund of Morocco Suffers Data Breach

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

U.S. authorities charged an Iranian national for long-running hacking campaign

New LinkedIn breach exposes data of 700 Million users

A threat actor is selling access to Facebook and Instagram’s Police Portal

Don’t use AI-based apps, Philippine defense ordered its personnel

Data Breach at Britain JD Sports leaks 10 million customers

Misconfigured WBSC server leaks thousands of passports

Nude photo theft offers lessons in selfie security

T-Mobile customers were hit with SIM swapping attacks

Today’s CISO Insights – How to Tackle the Quantum Threat

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

350 million decrypted email addresses left exposed on an unsecured server

Nurturing Our Cyber Talent

Top Cybersecurity Companies for 2022

Penetration Testing Remote Workers

Cybercriminals Are Targeting AI Conversational Platforms

More than 737 million medical radiological images found on open PACS servers

Data Breach: Turkish legal advising company exposed over 15,000 clients

Doxing in the corporate sector

19 petabytes of data exposed across 29,000+ unprotected databases

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

Gamblers’ data compromised after casino giant Strendus fails to set password

Online marketing company exposes 38+ million US citizen records

The High Stakes of Cybersecurity in Online Gambling

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

Stay Safe Online: 5 Essential Tips for World Wide Web Day

Popular apps left biometric data, IDs of millions of users in danger

Stay Safe Online: 5 Essential Tips for World Wide Web Day

Camera tricks: Privacy concerns raised after massive surveillance cam breach

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Most Common Types of Malware in 2021

Dangerous permissions detected in top Android health apps

Keyavi Data Shares Best Practices for Keeping Data Private as a Champion of Data Privacy Week

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

The dark web index 2021, report

Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected