38 Million Record Data Leak Serves as Reminder to Check All Cloud Database Configuration Settings

Default settings in Microsoft’s Power Apps portal left 38 million records exposed across more than 1,000 web apps, impacting state government agencies, American Airlines, Ford and others. The exposed records varied by organization and web app but included address, phone numbers, COVID-19 vaccination records, employee and applicant databases to include Social Security numbers.

Read More

T-Mobile Data Breach Compromises Millions of Consumer Records, Including SSNs

T-Mobile is currently investigating the extent of a data breach before officially disclosing the number of customers impacted. This follows news first reported from Vice.com that the personally identifiable information of 100 million people was for sale on the darkweb, with the data coming from T-Mobile. According to the hacker selling the data, it includes 30 million unique Social Security Numbers.

Read More

Number of Disclosed Data Breaches Down 50% but Exposed Records Up 400% in First Half of 2020

While there are some questions around the number of data breaches thus far, 2020 is shaping up to be a record year in terms of number of records compromised at least. According to a study on data breaches and compromised data during the first six months of the year, there have been just over 2,000 data breaches but 27 billion records exposed, which is 12 billion more than the number of records compromised in all of 2019.

Read More

More than 1-in-10 Ransomware Attacks Involve Threat of Releasing Consumer or Client Data

Turning ransomware attacks into data breaches if the ransom isn’t paid, what’s being called exfiltration+encryption attacks, can be damaging on multiple levels. In the first half of this year 11 percent of ransomware attacks have adopted this tactic.

ID Ransomware, a website and free tool that allows ransomware victims to upload a ransom note or sample encrypted file to identify the ransomware used against them, had over 100,000 submissions between January 1 and June 30, 2020.

Read More

State Unemployment Systems Battered With Breaches and Identity Fraud

The state of Arkansas shut down their unemployment application website which exposed the PII of nearly 30,000 applicants and Illinois faced a similar issue. Meanwhile, the U.S. Secret Service reports that hundreds of mules are being used to funnel unemployment benefits to an organized fraud ring in Nigeria falsely filing for benefits with stolen identity information.

Read More

How to Secure Your Video Chats and Meetings to Protect Against “Zoombombing”

Keeping unwanted parties out of business meetings can range from important to imperative depending on the topics and focus of the video call. There has been a sudden increase in employees working from home and requiring the use of Zoom or other services. While many media reports have discussed the threat of “Zoombombing,” there are several measures video chat users can take to greatly reduce these occurrences and their impacts.

Here are steps anyone can take to reduce the likelihood of falling victim to e-meeting eavesdropping in Zoom.

Read More

Massive Wawa Data Breach Puts Unknown Number of Cards in Hands of Fraudsters

Wawa announced a large-scale malware compromise breaching payment cards processed at the pump or inside between March 4 and December 12, 2019, also admitting that the company “does not have sufficient information to determine” how many payment cards were exposed. The gas station and convenience store has more than 850 locations along the east coast with $10.6 billion in annual revenue.

Read More