Recent Comments

    Blogroll

    Search

    Archive for Identity Theft

    Q&A Site “Quora” exposed 100 Million accounts

    December 5th, 2018 by

    100 Million Quora users affected by massive data breach

    Have you noticed that the latest breeches tend to be 100 Million Plus? Anyway, if you use the site, be sure to change the password and any other sites that are linked (e.g., social networks).

    Quora Security Update

    For approximately 100 million Quora users, the following information may have been compromised:

    • Account information, e.g. name, email address, encrypted password (hashed using bcrypt with a salt that varies for each user), data imported from linked networks when authorized by users
    • Public content and actions, e.g. questions, answers, comments, upvotes
    • Non-public content and actions, e.g. answer requests, downvotes, direct messages (note that a low percentage of Quora users have sent or received such messages)

    Questions and answers that were written anonymously are not affected by this breach as we do not store the identities of people who post anonymous content.

    The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious.

    Posted in Identity Theft, Security Breeches | No Comments »

    Jared & Kay Jewelers left customer data exposed

    December 3rd, 2018 by

    Jared, Kay Jewelers Parent Fixes Data Leak

    “The parent firm of bling retailers Jared and Kay Jewelers has fixed a bug in the Web sites of both companies that exposed the order information for all of their online customers.”

    It apparently does not affect other retailers owned by Signet Jewelers (like Zales and Piercing Pagoda).

    Posted in Identity Theft, Security Breeches | No Comments »

    Starwood Guest Reservation Database Hacked

    November 30th, 2018 by

    Starwood Guest Reservation Database Security Incident

    Posted in Identity Theft, Security Breeches | No Comments »

    USPS: User account information exposed

    November 22nd, 2018 by

    USPS Site Exposed Data on 60 Million Users

    U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf.”

    Posted in Identity Theft, Security Breeches | No Comments »

    Yet another phishing scam. This time it’s PayPal!

    November 14th, 2018 by

    PayPal phishing scam using Conditional CSS tricks and Google Captcha

    Posted in Identity Theft, Phishing | No Comments »

    Expired Domains being used to steal credit cards

    November 14th, 2018 by

    That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

    Don’t let an expired domain be used for criminal purposes.

    Posted in Identity Theft | No Comments »

    USPS’s Mail Scanning Service: Another tool to steal your identity?

    November 8th, 2018 by

    U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

     

    Posted in Identity Theft | No Comments »

    Be careful with the USP “Informed delivery”

    November 2nd, 2018 by

    Brian Krebs warned about this back in October, 2017

    USPS ‘Informed Delivery’ Is Stalker’s Dream

    Looks like its happening… 🙁

    Postal Service aware ‘Informed Delivery’ used fraudulently

     

    Posted in Identity Theft, Security Breeches | No Comments »

    Yet another breech affecting 9 Million Customers

    October 30th, 2018 by

    Cathay Pacific Breach Hits Over 9 Million Customers

    Posted in Identity Theft, Security Breeches | No Comments »

    No/Trivial router password? You can be hacked!

    October 2nd, 2018 by

    GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

    This is one of those hacks that should never happen. All it takes is to have a non-trivial password set on your router. Unfortunately, there are still a lot of folks who are just too lazy. My favorite is “What happens if I forget the password?”. My advice has always been to paste a label on the router with the name and password. If someone malicious has physical access to your router, that’s the least of your problems!

    Posted in Identity Theft, Malware, Security Breeches | No Comments »

    « Previous Entries Next Entries »