COVID-19 ‘Breach Bubble’ Waiting to Pop?

Credit to Author: BrianKrebs| Date: Tue, 30 Jun 2020 15:00:48 +0000

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse.

Read more

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Credit to Author: BrianKrebs| Date: Mon, 22 Jun 2020 04:33:21 +0000

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable via a new website by the same name, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals online.

Read more

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Credit to Author: BrianKrebs| Date: Thu, 18 Jun 2020 22:07:37 +0000

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Read more

When Security Takes a Backseat to Productivity

Credit to Author: BrianKrebs| Date: Wed, 17 Jun 2020 23:37:52 +0000

“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” -CIA’s Wikileaks Task Force. So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division. The analysis highlights a shocking series of security failures at one of the world’s most secretive organizations, but the underlying weaknesses that gave rise to the breach also unfortunately are all too common in many organizations today.

Read more

Hackers Were Inside Citrix for Five Months

Credit to Author: BrianKrebs| Date: Wed, 19 Feb 2020 15:55:04 +0000

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.

Read more

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Credit to Author: BrianKrebs| Date: Tue, 11 Feb 2020 03:25:52 +0000

The U.S. Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. DOJ officials said the four men were responsible for carrying out the largest theft of sensitive personal information by state-sponsored hackers ever recorded. 

Read more

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Credit to Author: BrianKrebs| Date: Tue, 28 Jan 2020 20:12:16 +0000

In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. Now, fraud experts say the first batch of card data stolen from Wawa customers is being sold at one of the underground’s most popular crime shops, which claims to have 30 million records to peddle from a new nationwide breach.

Read more