• 888-966-4827
Menu

Category Archives:
Data Breach

Home / Blog / Data Breach
Alert Fatigue Got You Hitting Snooze?

Alert Fatigue Got You Hitting Snooze?

Bzzzzzzz. Bzzzzzzzzzz. Bzzzzzzzzzzzzz. Before you even open your eyes in the morning, your phone is vibrating nonstop. Is it your mom asking you if you made it home okay from your trip? Your car reminding you that you forgot to lock her doors before making your way to bed? Your building manager telling you they’re spraying for insects this morning?

Another buzz. And then another. Geezles! You feel guilty, but not enough to feel bad turning your phone off completely. You took work off this morning to actually sleep in. Jet lag stinks!

Ends up that all of those buzzes weren’t from family, your landlord or co-workers needing a lift. (Your car was legitimate though making sure you both were safe and sound … she’s so sweet).

While you snoozed, you continued to receive a series of urgent security alerts. A breach notification. A password reset request. A text from your bank. Unreal! The coffee hasn’t even had a chance to start brewing yet! Fatigue sets in.

In 2025 data breaches and scams are at record highs:

– IT Pro reported that credential theft has surged 160% this year.

– Identity-related breaches now make up 1 in 5 incidents.

– Each case of suspected identity fraud can take hours (most of which during business hours) and sometimes days and weeks to properly investigate and resolve. Federal Trade Commission survey data estimates that victims of identity theft spent on average 30 hours resolving related problems with more severe cases jumping to around 60 hours or more.

That means more alerts than ever are landing in your inbox or on your phone. Some are indeed legitimate. Your bank warning asking about the legitimacy of a transaction…legitimate. A credit card alert asking if you are in Jamaica buying lottery tickets … certainly a questionable transaction. Another website breach alert for a company you don’t recall doing business with … who knows? After a while, all of the buzzes, dings, alerts start to blur together. Which alerts are real? Which ones are scams? And what happens if you miss something important?

With so much noise going on it’s no surprise that many people are feeling overwhelmed and unsure of what to do next and that’s why scammers have started to take advantage of this new phenomenon known as Alert Fatigue.

Why Alert Fatigue is Dangerous:

– It causes stress and creates opportunities for criminals when consumers potentially ignore real alerts because they just sound like another false alarm.

– It causes clicks on fake alerts that look legitimate, opening the door to old-fashioned fraud.

– It causes a feeling of “there’s no way I can keep up with all of this monitoring.”

Those feelings and actions are exactly what scammers want. The more confused and exhausted you are by alerts, the easier it is for them to sneak through the phishing attacks, fake jury duty scams, or fraudulent credit applications.

The Good News:

Moving from chaos to confidence is easy. You don’t have to face the fatigue alone. At Guard Well Identity Theft Solutions, our mission is to bring clarity, confidence and resolution when all of these identity theft threats strike.

– We help you understand which alerts require action with personalized guidance.

– If your identity is compromised, we don’t just notify you. Our team in Member Services works on your behalf to resolve the fraud completely and restore your identity.

– Instead of drowning in alerts, you gain a trusted partner who knows how to navigate the system and get results. With Guard Well you’re never left guessing.

Here are a few practical tips to stay safer:

Pause before reacting. Never click a link or call a number from an unexpected alert. Verify first through your bank or provider’s official website.

Enable two-factor authentication. Even if your password is stolen, this adds another layer of protection.

Use a password manager system. Strong, unique passwords across accounts reduce the chance that one stolen password will lead to multiple breaches.

Report suspicious alerts. Forward phishing emails or texts to the proper authorities instead of ignoring them. Phishing emails came be forwarded to the Federal Trade Commission at [email protected], the Anti-phishing Working Group at [email protected], and directly to your email provider by utilizing the ‘report phishing’ option. Remember to not click on any links or download attachments before forwarding. Take a screenshot if you need to document it for your records and delete the phishing email or text after reporting.

Guard Well Identity Theft Solutions exists to protect you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available to you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

16 Billion Logins Leaked

16 Billion Logins Leaked

This is by far the biggest leak this year. Late last month, Cybernews uncovered a massive compilation of 30 exposed datasets containing approximately 16 billion login credentials stolen via infostealer malware from individual devices with accounts with companies like Apple, Google and Facebook (along with various US government services). Yes, that was a lot to swallow. Long story short, your logins may be compromised.

This wasn’t just one massive breach though. No, no. This treasure trove is the result of years of corporate leaks, phishing scams and a particularly shady type of malware called “infostealers.” These programs hang out on your devices like digital bedbugs quietly snatching up usernames, passwords, cookies, session tokens and probably your last ounce of sanity.

Here’s how to save yourself from becoming a cautionary tale:

Change. Your. Passwords. If you’re still using ilovecats123! or Password!, let’s take a few minutes and use a unique and strong password for every account. Write this information down and keep it locked in a safe place. I use color-coded post-its in a plastic container kept in my fire-proof safe … I know it’s not the best system but, it’s something.

Turn on two-factor authentication. It is one of the best things you can do to protect your accounts. But, let’s be honest… it’s not without its little quirks. There is the stress of the six-digit code expiring because you had a sneezing fit, paused two seconds too long and didn’t type the code in before it vanished into the digital abyss. Blink and it’s “code expired, try again.” And then there’s the waiting game if the verification code was ONLY sent to your phone and it is lost in the couch, dead or charging in another room. Classic. It happens to the best of us.

– Use an authenticator app or better yet, try passkeys. A passkey is a newer, password-free way to sign in to websites and apps. Instead of remembering passwords or entering a code, you use your face, fingerprint or device PIN to log in securely. Passkeys are practically phishing-proof since they can’t be reused or tricked into logging in somewhere fake and they work across all of the devices you’re signed into.

Update your software. Regularly. That “update now” pop-up is your friend. It’s patching security flaws that hackers love.

Do not click! If an email or text asks you to log in, call them or download anything, run and don’t look back. Phishing is the number one way credentials get stolen. Block the number, report the message and delete it from all of your devices.

Avoid public Wi-Fi like the plague unless you’re using a Virtual Private Network (VPN). Although VPNs hide your IP address (your location and identity online), they don’t make you invisible … just harder to track.

The bottom line is, if you have reused login credentials, you’re at risk. Updating your digital hygiene today is urgent and essential. Guard Well Identity Theft Solutions exists to protect you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available to you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

 

 

Your Face – The Truth About Biometric Data Theft

Your Face – The Truth About Biometric Data Theft

It all started with a smile. Byron’s new fitness app promised to tell him his new “biological age” but required a selfie to validate his account. So guess what he did? Snapped it for the app and went about his day. Although he didn’t quite agree with their age calculation later that night, he totally brushed it off and slathered on more skin care product.

A few weeks later, he saw a delivery app charge him for food several states away. Then his bank app asked him to confirm a new device. The kicker was when his pharmacy required him to update his new insurance card before picking up a prescription. He didn’t even have a prescription to pick up. “I better change my passwords,” he told his wife. That didn’t work. Stranger things kept happening. And she kept asking him about it. Annoying.

Even though he was proactive about updating his accounts, the problem was that he couldn’t change his face (well, technically he could have but extreme plastic surgery wasn’t in his five-year plan).

Hackers know you can’t just change the features that make you uniquely you. That data is one-of-a-kind and as permanent as it gets … which is why it is so powerful for authentication and totally devastating when compromised.

Remember that fun little fitness app that quietly stored his facial data? Well, their security wasn’t so great. They got hacked. Unlike that password you can’t quite remember, you can’t swap out your face or your fingerprints for new ones. So, what can you do?

– Make multi-factor authentication your new best friend. It might add an extra 15 seconds to your day, but your bank account’s balance is worth it in the long run.

– When your device tells you, “Software Update Available: Install Now?” don’t blink!

– Don’t automatically opt in. Get your readers out and check the fine print before handing over your face, fingerprints or your eyeballs to an app.

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

NationalPublicData.com Breach Exposes 2.9 Billion SSNs: Protect Yourself

NationalPublicData.com Breach Exposes 2.9 Billion SSNs: Protect Yourself

We previously reported last month that NationalPublicData.com, a widely-used public data aggregation platform, had suffered a massive system breach, exposing 2.9 billion Social Security Numbers (SSNs). This incident marks one of the largest data breaches in history, leaving millions vulnerable to identity theft and fraud.

As details continue to unfold, it’s important to understand what happened, what this breach means for you, and how you can protect yourself in the aftermath.

What Happened?

This summer, NationalPublicData.com, which aggregates and provides access to public records, announced that its database had been compromised by an external party. NationalPublicData.com serves a range of industries and businesses, including financial institutions, insurance companies, and government agencies. The breach affected an enormous volume of personal data, including 2.9 billion SSNs, full names, addresses, and other sensitive information. Given the scale, this breach impacts a significant portion of the global population, as the platform collects data from various sources worldwide.

Initial reports suggest that the breach was a result of a vulnerability in the system’s database security, which hackers were able to exploit. NationalPublicData.com has since launched an investigation and is working with cybersecurity experts to understand the full scope of the breach. However, the exposed data is already circulating on dark web forums, increasing the urgency for those affected to take immediate action.

Why is This Breach So Concerning?

The exposure of 2.9 billion SSNs is particularly alarming because of how SSNs are used in the United States and other countries as a primary identifier. With access to an individual’s SSN, cybercriminals can:

– Open new credit accounts: Fraudsters can use your SSN to open credit cards, loans, or other financial accounts in your name, leading to financial chaos.
– File fraudulent tax returns: Identity thieves can use stolen SSNs to file fraudulent tax returns and claim refunds in your name.
– Gain access to medical records: With an SSN, criminals can access healthcare records or commit medical fraud.
– Commit employment fraud: Stolen SSNs can be used to obtain jobs under your identity, which can create problems with the IRS and impact your credit report.

Beyond these financial and personal risks, this breach could lead to widespread identity theft, damaging the reputations of both individuals and businesses.

What Should You Do If You’re Affected?

If you are one of the millions who have received a CyberAgent Dark Web monitoring alert from us, please read the alert in entirety as it will include a list of recommended actions to take. Remember that an alert is sent when our surveillance technology has discovered information on the internet that matches up to your monitored identity elements. Multiple alerts could mean multiple monitored identity elements were found on various sites. Personal information exposed on the dark web does not necessarily mean your information has been used fraudulently. The actions recommended are proactive steps to prevent any potential risk.

We suggest that you make a practice to do the following:

– Monitor Your Financial Accounts: Keep a close eye on your bank accounts, credit cards, and other financial records for any suspicious or unauthorized transactions. Consider setting up alerts to notify you of any unusual activity

– Change Your Passwords Regularly: While SSNs are the primary concern, it’s a good idea to update your passwords for any accounts linked to NationalPublicData.com or other platforms that store sensitive data. Use strong, unique passwords and consider enabling two-factor authentication (2FA) where possible.

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Photo credit courtesy: Uriel SC via Unsplash.com

2.9 Billion SSN Records on Dark Web

2.9 Billion SSN Records on Dark Web

A background check service known as National Public Data (NPD) just confirmed that their system has been breached. The company stated that “the breached data may include names, email addresses, phone numbers, social security numbers (SSNs) and mailing addresses.”

Ten days ago a large portion of the database was leaked with an enormous amount of sensitive information, including 2.9 billion social security numbers. Bleeping Computer reported that “the leaks started after a threat actor in April using the alias USDoD offered to sell for $3.5 million 2.9 billion records allegedly stolen from NPD.” The records include citizens from the United States, Canada and the United Kingdom. A hacker known as “Felice” leaked the most complete version of the data for free. Learn More

Because contact information and sensitive background information related to family members, even those who are deceased, are a part of what was leaked, there is a high probability of individuals being victims of phishing attempts. There is also a reputation aspect of the breach that could potentially cause harm to individuals, leading to embarrassment, humiliation and/or emotional distress.

What You Can Do:

– If you have received a Cyber Agent notification from us, contact us immediately at 888.966.4827 (GUARD) so we can help place proactive measures for you.

– Update your passwords for your email and financial institution accounts.

– Enable multi-factor authentication on all of your accounts that offer the service.

– Be on the look-out for phishing attempts. Do not respond to anyone calling, texting or emailing to update your banking credentials. Learn More

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Photo courtesy credit: Erfan Parhizi via unsplash.com

110 Million AT&T Call & Text Logs Stolen

110 Million AT&T Call & Text Logs Stolen

Last Friday, July 12th, Telecom giant AT&T revealed that they experienced a data breach impacting nearly all of their wireless customers. The company announced on April 19th, that “hackers exfiltrated records of customer call and text interactions from May 1, 2022 to October 31, 2022” and also on January 2, 2023.

AT&T is in process of notifying nearly 110 million account holders of the cyber crime. Compromised records identify other phone numbers their customers interacted with including call duration, text counts and numbers texted. Although the hacker reportedly demanded $1,000,000 ransom, SecurityWeek reported that approximately $370,000 in bitcoin was wired in May to prevent the data from getting leaked.

The U.S. telecommunications company said that the FBI is investigating and at least one person has been arrested after data was copied from its workspace on a third-party cloud platform, Snowflake. Snowflake is a company with 9,800+ global customers, including Adobe, Honeywell, Mastercard and Pfizer and has been in the news frequently of late. Learn More

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Photo courtesy credit: markus-spiske-FXFz-sW0uwo-unsplash

Millions Potentially Exposed by Neiman Marcus Breach

Dallas-based Neiman Marcus Group (NMG), a luxury department store chain that includes Bergdorf Goodman, recently learned that an unauthorized party gained access to a cloud database platform used by NMG that is provided by a third party named Snowflake. The company notified Maine’s Attorney General’s Office that the breach has impacted more than 64,000 customers. The company started mailing notification letters on June 24th. This is not the first cybersecurity incident for Neiman Marcus. Previous breaches are known to have occurred in 2013, 2015 and 2020 for the high-end retailer.

NMG disclosed the incident just as a hacker announced the sale of the database. According to SecurityWeek, although a ransom was demanded, the retailer refused to pay. SecurityWeek also reported that the database sold for $150,000 and allegedly includes information on 180 million users which is far more than the 64,000+ NMG reported. The hacker is now advertising 70 million transactions, 50 million customer email addresses, 12 million gift card numbers and six billion rows of customer shopping records, employee data and store information.

Campaigns have targeted at least 165 organizations associated with Snowflake cloud storage systems, such as Advance Auto Parts, Allstate, Anheuser-Busch, Mitsubishi, Progressive, State Farm and Ticketmaster. We expect to see a heightened volume of cybersecurity incidents surrounding Snowflake and will notify you as soon as we hear any further news. Learn More

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Gamers Hit with Social Engineering Attack

Gamers Hit with Social Engineering Attack

Our security teams have recently discovered that Shadow.tech, a cloud computing service developed by the French company Blade and later acquired by OBHcloud founder Octave Klaba in 2021 has been breached. Its technology is based on Window 10 server executing video games or other Windows software applications remotely. The breach origin date is October, 2023 and involves the data of 545,013 account users including their email addresses, full names, physical addresses and birth dates.

The public acknowledgement of the company states that they were a victim of a social engineering attack targeting one of their employees. Shadow.tech CEO said, “This highly sophisticated attack began on the Discord platform with the downloading of malware under cover of a game on the Steam platform, proposed by an acquaintance of an employee, himself, a victim of the same attack.” Learn More

If the term ‘social engineering attack’ is new to you … you are not alone.

Social engineering is a type of cyberattack that uses psychology to obtain personal identifying information (PII). It is impossible to prevent. This type of attack is a huge threat to cybersecurity because it begins on a very personal level with each victim. It invokes fear. It invokes urgency. If the device is being used for gaming and is part of a corporate network, login credentials can be compromised and harming of the network can occur.

Social engineering attacks can include many different formats: whaling, honeytrapping, tailgating … If you or a family member are into the gaming industry specifically, these are four social engineering attacks you need to be on the lookout for:

– Phishing: fraud, impersonation and old-fashioned blackmail.

– Baiting: fraudsters use fake websites, such as for not legit gaming add-ons and so-called “freebies.”

– Pretexting: this is a newer term and format. It includes a fabricated identity (or situation) where a victim may need to divulge PII. Example types of of impersonation could be a talent agency, a law enforcement officer, a major sweepstakes company.

– Spear Phishing: this is a very targeted email attack on specific employees (or sometimes organizations as a whole).

Tips:

– Only click on URLs that begin with https.

– Enable multi-factor authentication when available.

– Use a spam filter.

– Use a pop-up blocker.

– Do your research and check if a website or contact is legit.

– Never insert a USB into your device unless you know and trust exactly who it is from.

– If a request comes in and is marked URGENT, that is a red flag that it could be a scam.

Learning and following best cybersecurity practices are essential to safeguarding your PII. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Image courtesy credit: bermix-studio-wJ7atxTNeQE via unsplash.com

Nationwide Cyberattack Paralyzes Auto Dealerships

If you have been trying to buy a car this summer, you might have hit a snag or two. Dealerships have had to go back to good old fashioned pen and paper to complete deals after their operations suddenly came to a complete halt. What happened? Hackers targeted CDK Global, a software company that 15,000 car dealerships nationwide rely on. The back-to-back ransomware attacks occurred in mid-June but car dealerships are still recovering from having their operations paralyzed for about ten days. The good news is that dealerships do not think that customer private information has been stolen but that has not been confirmed. We will notify you if our teams find any data sets related to this attack on the dark web.

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Ticketmaster Entertainment, LLC is an American ticket sales and distribution company based in Beverly Hills, California with operations in many countries around the world. In 2010, it merged with Live Nation under the name Live Nation Entertainment. Ticketing giant Live Nation confirmed this summer that it has been the victim of a cyber attack. We have just learned that the breach origin date is May 20, 2024. Personal data from over half a billion users have been exposed. Data stolen can include full names, addresses, email addresses, birth dates, credit card type, the last four digits and credit card expiration dates used for ticket sales. Learn More

We suggest that you protect yourself by doing the following if you have a Ticketmaster account:

– Change your password immediately and frequently. Although it might be easier to remember, try to resist the urge to use the same password across multiple accounts.

– Utilize two-factor authentication when it is available.

– If solicited online, never share any personal identifying information or financial account numbers. Only give out information to an individual you know or a company that you are 100% certain about.

This is definitely not the first time Ticketmaster has made the news. If you have a Swiftie in the household, you likely already know the debacle surrounding Ticketmaster and Taylor Swift’s Eras tour that started in 2022. If you are interested in the timeline of the chaos, check out People’s article of events. Learn More

Now is not the time to let your guard down. Knowledge is power. Being informed of what steps you may need to take can help ease the potential damage (and your stress level) if your identity has been compromised. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Image courtesy credit: Erfan Parhizi via unsplash.com

UPDATE from Ticketmaster – July 3, 2024: Ticketmaster has contacted those who may be affected. They state via email that they “take the protection of personal information very seriously.” They explain that an unauthorized third party obtained information from a cloud database hosted by a third-party data services provider. Based on their investigation, they determined that the unauthorized activity occurred on May 27, 2024. They note that they are working to mitigate risk to their users and the company, and have notified and are cooperating with law enforcement and regulatory authorities.