data theft: What is Synthetic Identity Theft? - 02/20/20 08:37 AM
Identity theft is when a person steals another person’s private and personal information, generally to make money from it. You probably already knew this, but have you heard of synthetic identity theft? This is a bit different.
With synthetic identity theft, a person creates a new and very fake identity by combining the real information from a person with made-up information. You might not think this is a big deal, but it can be very bad for anyone who has their identity stolen.
Here are three ways that ID thieves can create synthetic identities:
Creating a New Credit Profile
The most common way to create … (17 comments)

data theft: DoorDash Admits 4.9 Million Affected by Data Breach - 11/07/19 05:03 AM
DoorDash has admitted that it has been the victim of a data breach, which has affected about 4.9 million merchants and people.
In a recent blog post, DoorDash announced that it noticed some odd activity early in September from a third-party service. After looking into it, the company found that an unauthorized third party was accessing user data from DoorDash on May 4, 2019. DoorDash immediately took steps to stop any future access and to improve security.
Those who were affected by this breach joined DoorDash on April 5, 2018 or before. Those who joined after that specific date were not part of … (14 comments)

data theft: The “Mother of All Data Breaches?” It Could Be Here… - 05/16/19 06:57 AM
You have probably heard of one data breach after another these days, but this is one that you should really pay attention to: more than 772 million unique emails, along with more than 21 million unique passwords, have been exposed.
Troy Hunt, who runs the website “Have I Been Pwned,” first reported this breach, and he says that a huge file (87 GB) was uploaded to MEGA, a cloud service. This data was then sent to a popular hacking site, and now hackers have access to all of these passwords and email addresses.
This data breach, known as “Collection #1,” is very serious. … (12 comments)

data theft: Second Hand USB’s Could Have Personal Info Still Inside - 04/25/19 12:08 PM
An unsurprising study was recently released that found even when a portable USB drive is erased, not all of the documents and images are always removed. That, of course, is frightening.
Here’s how the research was done:
Researchers went online to sites like eBay, to second-hand shops, and even auction stores. They bought 200 used USB drives, half from the US and half from the UK. Almost 2/3 of the devices had data on them! This data was, for the most part, personal data, and it can also be used by cybercriminals to steal someone’s identity. On top of that, these USB drives … (12 comments)

data theft: 2017 Was the Worst year for Data Breaches EVER! - 09/06/18 06:30 AM
It seems like 2017 broke records for all the wrong reasons…one of them being the worst year for data breaches in history.
According to reports, hacking was the most common way to collect this data, but almost 70% of exposures occurred due to accidental leaks or human error. This came down to more than 5 billion records. There were several well-known public leaks, too, including the Amazon Web Services misconfiguration. More than half of the businesses using this service were affected, including companies like Verizon, Accenture, and Booz Allen Hamilton. The scariest part of this, however, is the fact that the number … (2 comments)

data theft: Mainstream Email and Data Services Might Be Spying on You - 08/27/18 08:11 AM
The Internet nowadays flourishes on personal data. Many of the world’s largest companies rely on this intangible commodity that users have been too willing ‘donating’ as an exchange for a ‘free’ service.
As data replaces oil as the new premium commodity, buying and selling data is big business. While some companies do it legitimately, some entities do it illicit.
Let’s look at some stats:
Every day, there are more than 10 million hacker attacks Every hour, more than 228,000 data records are lost or stolen In 2017, thousands of data breaches exposed most everything from log-in names and passwords to Social Security numbers … (0 comments)

data theft: Three Quarters of a Billion Records breached - 04/20/16 12:07 AM
Last year, says the security firm Gemalto, over 700 million records were breached. Or, to put it another way, this translates to two million stolen or lost records every day.
2015 Breach Level Report
1,673 hacking incidents 398 were triggered from the inside of the attacked company: employees and even IT staff who were tricked (social engineering) by hackers into clicking on malicious links or attachments Government agencies suffered the greatest data leaks. Following that were nation states and healthcare enterprises (remember the big Anthem breach?) Gemalto also says that the U.S. is the leading target of cyber attacks, with the UK, … (3 comments)

data theft: How much is your Data worth online? - 02/08/16 09:36 PM
Cyber crime sure does pay, according to a report at Intel Security blogs.mcafee.com. There’s a boom in cyber stores that specialize in selling stolen data. In fact, this is getting so big that different kinds of hot data are being packaged—kind of like going to the supermarket and seeing how different meats or cheeses are in their own separate packages.
Here are some packages available on the Dark Net:
Credit/debit card data Stealth bank transfer services Bank account login credentials Enterprise network login credentials Online payment service login credentials This list is not complete, either. McAfee Labs researchers did some digging and … (23 comments)

data theft: Data security policies need teeth to be effective - 02/08/16 09:29 PM
Bottom line: If you have a data security policy in place, you need to make sure that it’s up to date and contains all of the necessary elements to make it effective. Here are 10 essential items that should be incorporated into all security policies:
1. Manage employee email
Many data breaches occur due to an employee’s misuse of email. These negligent acts can be limited by laying out clear standards related to email and data. For starters, make sure employees do not click on links or open attachments from strangers because this could easily lead to a ransomware attack.
2. Comply with software licenses and … (1 comments)

data theft: Company for sale includes your Data - 08/13/15 11:45 PM
When you subscribe to an online service, be careful of how much information you give out about yourself.
Most businesses in their terms and conditions, say they “respect your privacy.” But what if these companies go under or are sold? An article from the online New York Times explores this concept. Today’s market-data-hungry-businesses can gather lots of data about subscribers. This data can be transferred to third parties in the event the company is sold or goes belly up.
The New York Times recently analyzed the top 100 U.S. websites, and the revelation is that it’s par for the course for companies to … (2 comments)

data theft: Tips to destroy and shred - 05/29/15 11:03 PM
You can’t be too neurotic about shredding sensitive documents to smithereens. For example, some people make a career out of “dumpster diving,” digging through trash in search of bank account information, credit card preapprovals, medical bills, mortgage statements, etc., and then they commit fraud, including creating new accounts with the found information—accounts in the victim’s name.
And by the way, anything with your signature can be a gem to the dumpster diver, as your signature can be forged.
Diving for Dollars
Dumpster diving is legal if the trash can is in a public spot including the big trash bin at your apartment complex. … (4 comments)

data theft: What is private Information and what is not? - 02/22/15 02:07 AM
Data Privacy Day was Wednesday, January 28, and these days the concept of “privacy” can be ambiguous, generic or confusing. What you might think of as private actually isn’t. The definition of personal identifying information, by the U.S. privacy law and information security, is that of data that can be used to contact, identify or locate an individual, or identify him in context.
This means that your name and address aren’t private, which is why they can be found on the Internet (though a small fee may be required for the address, but not always). Even your phone and e-mail aren’t … (3 comments)

data theft: Online Data less safe than ever - 02/16/15 08:48 PM
It’ll get worse before it gets better: online data safety. It’s amazing how many people think they’re “safe” online, while one huge business or entity after another keeps getting hacked to the bone.
And “safety” doesn’t necessarily mean the prevention of your computer getting infected with a virus, or falling for an online scam that results in someone getting your credit card information. It’s also a matter of privacy. While targeted advertising (based on websites you’ve visited) may seem harmless, it’s the benign end of the continuum—that someone out there is tracking you.
So, do you still think you’re hack-proof?
That … (3 comments)

data theft: Data Breach Aftermath - 02/02/15 09:59 PM
Haste certainly doesn’t make waste if you’ve suffered from an entity getting hacked resulting in a data breach. Don’t waste a single minute delaying notifying affected accounts! In the case of a credit card company, they will investigate; you won’t have to pay the fraudulent charges. The breached card will be closed, and you’ll get a new one. And there is more.
All sounds simple enough, but the experience can be a major hassle. Below is what you should do upon learning your card has been breached:
If a SSN is breached, place a credit freeze or fraud alert with the … (2 comments)

data theft: Cloud Data Breaches mo' Money - 11/17/14 09:41 PM
IT people need to beef up their opinions about cloud security, says a recent report by the Ponemon Institute called “Data Breach: The Cloud Multiplier Effect.”

Yes, data breaches occur in the cloud. In fact, it can be triple the cost of a data breach involving a brick and mortar medium.
The report put together data from the responses of over 600 IT and IT security people in the U.S. The report has three observations:
Many of the respondents don’t think that their companies are adequately inspecting cloud services for security. The cost of a data breach can be pricey. … (3 comments)

data theft: 7 ways to prevent Data Theft when traveling - 10/09/14 10:55 PM
The threat of data theft follows travelers; there’s never a vacation from hackers. So what should the traveler do? Anticipate snooping by hackers. This way, you can prepare for the worst.

If you must bring a laptop, use it as a shell to access data remotely. Leave private information behind. If this is not possible, bring it with you in the form of an encrypted memory stick or have it stored online to download later. Always use comprehensive security software whenever connecting online. If you anticipate bringing your laptop or other devices along, have an IT expert install on it … (5 comments)

data theft: Mailroom Error, Big Data Breach - 08/22/14 10:23 PM
Data breaches need not be launched maliciously in order to be very troublesome, as was the case involving about 3,700 Medicare Advantage members. Freedom Blue and Security Blue members received risk assessment results that actually belonged to other individuals. The addresses, birthdates, member ID numbers and medical information of some members ended up in the hands of other members.

And how? An innocent mistake committed by a mailroom employee. Though there was no evidence of malicious use of this personal information, it just goes to show you how easily a person’s private information can end up in a stranger’s hands. … (0 comments)

data theft: Data Breaches May Result in Board Breakups - 08/06/14 11:16 PM
The ripple effect continues to haunt Target: It’s expected that seven of its board of directors members may be replaced because they failed to provide effective oversight into the corporation’s data-protection risks. Boards simply need to be more proactive in safeguarding their companies against data breaches.

Institutional Shareholder Services (ISS) prepared a report on the Target data breach and aftermath. The report states that Target’s board members should have been kept in the loop pertaining to protection of sensitive information and what a breach could mean to brand reputation and customer loyalty.
"The company acknowledged the need for more stringent … (0 comments)

data theft: How to Prepare a Storage Device for Resale - 07/01/14 10:44 PM
If you want to sell a storage device, first back everything up on it with a flash drive, external drive or automated backup service. For Android or iOS, activate the Google Auto Backup service or Apple’s iCloud.

Next, wipe the device. No, not with a rag, but wipe out the data, completely. Reformatting the hard drive can still leave data. Hitting “delete” won’t work, either.
To wipe a Mac, use WipeDrive or the OS X Disk Utility. For Windows PCs, use Active KillDisk or McAfee Shredder. For most recent smartphones, do a factory reset, but also remove the SIM card. … (0 comments)

data theft: Data Breaches: How To Protect Your Business From Internal Threats - 05/19/14 10:49 PM
The biggest threat to your data may not come from external hackers. Find out how to guard against intentional or accidental internal cyber breaches.

The NSA leaks we keep hearing about are a constant reminder of just how vulnerable data is and how this vulnerability can result in data breaches by organization insiders. As Reuters reported, “Edward Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator.” It's … (0 comments)

 
Robert Siciliano, Realty Security and Identity Theft Expert Speaker (IDTheftSecurity.com Inc) Rainmaker large

Robert Siciliano

Realty Security and Identity Theft Expert Speaker

Boston, MA

More about me…

IDTheftSecurity.com Inc

Address: PO Box 15145, Boston, MA, 02215

Office: (617) 329-1182

Email Me



Listings

Links

Archives

RSS 2.0 Feed for this blog