Security Affairs

FEBRUARY 19, 2024

The Raccoon stealer is written in C++ by Russian-speaking developers who initially promoted it exclusively on Russian-speaking hacking forums. The malware is now promoted on English-speaking hacking forums, it works on both 32-bit and 64-bit operating systems. The price of the Raccoon service is $200 per month to use.

Identity Theft 96

Identity Theft Cryptocurrency Cybercrime Hacking 96

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. The exposed information could enable malicious actors to carry out identity theft, phishing attacks, unauthorized access to users’ accounts, and other nefarious actions. “In

Mobile 107

Mobile Identity Theft Passwords Phishing 107

Security Affairs

NOVEMBER 18, 2021

Threat actors have launched a phishing campaign targeting more than 125 TikTok ‘Influencer’ accounts in an attempt to hijack them. Researchers from Abnormal Security uncovered a phishing scam aimed at hijacking at least 125 TikTok ‘Influencer’ accounts. ” reads the report published by Abnormal Security.

Accountability 101

Accountability Phishing Media Scams 101

Security Affairs

OCTOBER 21, 2023

The portal allows law enforcement agencies to request data relating to users (IP, phones, DMs, device info) or request the removal of posts and the ban of accounts. The threat actor is offering access for $700, and it appears it can have more than one existing account for the portal. ” Gal told Security Affairs.

Social Engineering 135

Social Engineering Identity Theft Accountability Engineering 135

Security Affairs

JANUARY 31, 2024

Direct Trading Technologies, an international fintech company, jeopardized over 300K traders by leaking their sensitive data and trading activity, thereby putting them at risk of an account takeover. The leak poses a variety of risks, expanding from identity theft to takeover and cashing-out accounts of traders.

Technology 119

Technology Identity Theft Backups Passwords 119

Security Affairs

JANUARY 10, 2024

District Court in Seattle to three years in prison and more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft. Raoult and two other co-conspirators were charged with having hacked into protected computers of corporate entities and for the theft of stolen proprietary information.

Identity Theft 107

Identity Theft Hacking Cryptocurrency Advertising 107

Security Affairs

OCTOBER 23, 2023

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The City of Philadelphia announced it is investigating a data breach after attackers that threat actors broke some of City email accounts containing personal and protected health information.

Data breaches 112

Data breaches Identity Theft Accountability Scams 112

Security Affairs

NOVEMBER 22, 2021

Below are the recommendations included in the notice of Data Security Incident published by the company: You should always remain vigilant for incidents of fraud and identity theft by reviewing credit card account statements and by monitoring your credit report for suspicious or unusual activity. Pierluigi Paganini.

Data breaches 91

Data breaches Identity Theft Healthcare Insurance 91

Security Affairs

JANUARY 22, 2024

“The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,” the researchers said.

Identity Theft 129

Identity Theft Data breaches Accountability Phishing 129

Security Affairs

JULY 16, 2019

US telecommunications company Sprint revealed that hackers compromised an unknown number of customer accounts via the Samsung.com “add a line” website. “On June 22, Sprint was informed of unauthorized access to your Sprint account using your account credentials via the Samsung.com “add a line” website.”

Accountability 77

Accountability Identity Theft Telecommunications Data breaches 77

Security Affairs

DECEMBER 11, 2023

The company told them that threat actors gained access to full names, residence addresses, contract information, lease-purchase details, and IBAN (International Bank Account Number). Toyota Financial Services warns its German customers to remain vigilant and contact their bank to take additional security precautions.

Financial Services 115

Financial Services Data breaches Identity Theft Banking 115

Security Affairs

JUNE 29, 2021

The exposed records include email addresses full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experience/background, genders, and other social media accounts and usernames. SecurityAffairs – hacking, LinkedIn). Passwords are not included in the archive.

Identity Theft 145

Identity Theft Social Engineering Media Hacking 145

Security Affairs

JULY 14, 2020

The company confirmed that the an investigation into the hack is still ongoing. In response to the incident, the bidding portal has forced a password reset for all users’ accounts, both bidder and auctioneer ones. Unfortunately stolen data are already available for sale on the dark web, security researchers at CloudSEK reported.

Hacking 102

Hacking Data breaches Identity Theft Advertising 102

Security Affairs

JANUARY 4, 2024

Health EC is recommending that impacted individuals remain vigilant against possible identity theft and fraud attacks. The company suggests reviewing account and benefits statements, explanation of benefits statements, and monitoring free credit reports for suspicious activity and detecting errors. ” concludes the notice.

Data breaches 115

Data breaches Healthcare Artificial Intelligence Identity Theft 115

Security Affairs

APRIL 10, 2024

In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems. “To the best of our knowledge, personal financial information and call history were not included. .”

Data breaches 103

Data breaches Telecommunications Identity Theft Hacking 103

Security Affairs

OCTOBER 6, 2022

The City is also providing impacted individuals with guidance on how to better protect against fraudulent activities, such as identity theft and fraud. SecurityAffairs – hacking, City of Tucson). ” states the letter. . ” states the letter. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches 85

Data breaches Identity Theft Cyber Attacks Hacking 85

Security Affairs

JANUARY 20, 2023

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised between December 6 and December 8. ” reads the letter sent by the company to the affected customers.

Data breaches 91

Data breaches Identity Theft Accountability Passwords 91

Security Affairs

DECEMBER 21, 2023

The team discovered that the now-closed database contained details such as: Names Emails Phone numbers Scanned copies of receipts, checks, contracts, and IDs The team believes that malicious actors could employ this type of data for identity theft, phishing attacks, or even commit financial fraud.

Identity Theft 110

Identity Theft Scams Phishing Accountability 110

Security Affairs

NOVEMBER 10, 2023

The company recommends impacted individuals to remain vigilant and monitor their bank account activity. “In addition, we are offering identity theft protection services through IDX, a data breach and recovery services expert. . million people appeared first on Security Affairs. ” continues the notice.

Data breaches 111

Data breaches Identity Theft Insurance Ransomware 111

Security Affairs

MAY 6, 2024

The virtual currency exchange received criminal proceeds from various illegal activities, including computer intrusions, ransomware attacks, identity theft, corruption, and drug distribution. Vinnik set up numerous such shell companies and financial accounts across the globe to allow BTC-e to conduct its business.”

Cryptocurrency 99

Cryptocurrency Computers and Electronics Identity Theft Hacking 99

Security Affairs

AUGUST 31, 2023

We have no evidence to suggest your information has been misused for purposes of fraud or identity theft as a result of this incident – and no reason to believe that it will be.” ” reads the data breach notification letter sent to the impacted individuals.

Retail 123

Retail Data breaches Identity Theft Banking 123

Security Affairs

FEBRUARY 13, 2024

According to our records, deferred compensation plan information may have included your first and last name, address, business email address, date of birth, Social Security number, and other account information.”

Data breaches 111

Data breaches Banking Identity Theft Ransomware 111

Security Affairs

SEPTEMBER 29, 2023

According to the team, having passport data exposed puts individuals at risk of identity theft. Since passports contain a significant amount of personal information, including full names, date of birth, and a unique passport number, cyber criminals could use them to impersonate victims and steal their identities,” the team said.

Identity Theft 120

Identity Theft Social Engineering Banking Risk 120

Security Affairs

JANUARY 8, 2024

file exposed information that attackers could employ for lateral movement within the ministry’s systems, potentially escalating to anything from account takeover to a ransomware attack. Risky business The implications of leaking such information are far and wide, as attackers could perform account takeover attacks.

Government 126

Government Identity Theft Social Engineering Encryption 126

Security Affairs

MARCH 14, 2024

The remaining 90% of individuals being notified have had some other form of personal information impacted; including copies of loan-related transaction statements for loan accounts, employment or salary information or general information such as dates of birth.”

Data breaches 96

Data breaches Identity Theft Financial Services Cybercrime 96

Security Affairs

DECEMBER 19, 2023

The file contained credentials for various business accounts throughout India, including 19 other dealerships, logins to the platform to send marketing-related SMS, tokens, and API keys that give access to internal systems and their own WhatsApp account. Cybernews has no information on how the companies are connected.

Risk 102

Risk Identity Theft Data breaches Accountability 102

Security Affairs

NOVEMBER 5, 2021

US defense contractor Electronic Warfare Associates (EWA) was hit by a cyber attack, threat actors stole personal information from its email system. US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system. SecurityAffairs – hacking, EWA).

Data breaches 94

Data breaches Identity Theft Cyber Attacks Hacking 94

Security Affairs

APRIL 1, 2023

On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. At the time of this writing the group has yet to publish the stolen data, however, if the hack was real, the stolen data poses a severe risk to the privacy and security of South Korean citizens.

Identity Theft 89

Identity Theft Ransomware Scams Education 89

Security Affairs

NOVEMBER 12, 2023

The State of Maine was the victim of the large-scale hacking campaign that targeted organizations using the MOVEit file transfer tool. Threat actors exploited the zero-day vulnerability CVE-2023-34362 to hack the file transfer platform and steal the data of the organization. . based organizations account for 83.9

Data breaches 112

Data breaches Insurance Identity Theft Education 112

Security Affairs

MARCH 6, 2020

. “It now appears that between April 11 and July 23, 2019, an unsanctioned third party gained unauthorized access to some employee email accounts that contained personal information regarding our guests.” For some clients, credit card and financial account information might have been exposed. .

Data breaches 116

Data breaches Identity Theft Advertising Scams 116

Security Affairs

FEBRUARY 26, 2023

Initial investigation into the hack revealed that the attack was carried out by a nation-state actor for cyber espionage purposes. “Our investigation indicates that this activity does not appear to be focused on exploiting personal information.” Not all of this information was impacted for each affected individual.

Identity Theft 90

Identity Theft Data breaches Insurance Hacking 90

Security Affairs

SEPTEMBER 4, 2023

The bad actors attributed to Chinese-speaking cybercriminals are leveraging a package tracking text scam sent via iMessage to collect personal (PII) and payment information from the victims with the goal of identity theft and credit card fraud. Further technical details are available in the report published by ReSecurity.

Identity Theft 117

Identity Theft Scams Banking Phishing 117

Security Affairs

SEPTEMBER 14, 2020

The data accessed by the hackers did not include account credentials and full payment card data. Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams. SecurityAffairs – hacking, Staples). Pierluigi Paganini.

Data breaches 137

Data breaches Retail Identity Theft Advertising 137

Security Affairs

SEPTEMBER 22, 2020

A United Kingdom national, member of ‘The Dark Overlord’ hacking group was sentenced to five years in federal prison, announced the US DoJ. The United Kingdom national Nathan Wyatt (39), a member of ‘The Dark Overlord’ hacking group, was extradited to the United States in December 2019. The man was charged by U.S. On Monday, in a U.S.

Identity Theft 111

Identity Theft Accountability Hacking Advertising 111

Security Affairs

JANUARY 8, 2024

In 2016 the service was offering up to 70,000 hacked servers for as little as $6, and with 416 registered sellers in 173 countries, the platform was operating a highly successful global business model. The duo face charges of conspiracy to commit wire fraud and aggravated identity theft. At the time, the domain (xdedic[.]biz)

Cybercrime 104

Cybercrime Identity Theft Government Hacking 104

Security Affairs

SEPTEMBER 17, 2020

US Department of Justice announced indictments against 5 Chinese nationals alleged members of a state-sponsored hacking group known as APT41. They have been also charged with identity theft, access device fraud, wire fraud, money laundering, and violations of the Computer Fraud and Abuse Act (CFAA). Pierluigi Paganini.

Identity Theft 102

Identity Theft Advertising Government Technology 102

Security Affairs

APRIL 11, 2023

The data breach notification letter sent to potentially impacted individuals states that personal information was exposed, including names, driver’s license numbers, Non-Driver Identification Card Number, and other types of personal identifiers. Brands pointed out that they have no evidence of identity theft or fraud involving exposed data.

Data breaches 95

Data breaches Identity Theft Education Ransomware 95