• 888-966-4827
Menu

Category Archives:
Data Breach

Home / Blog / Data Breach
FBI’s Vetted Threat Sharing Network Hacked

FBI’s Vetted Threat Sharing Network Hacked

Just recently, our security teams have discovered large data sets of compromised cyber elements on the Dark Web. The breached site is InfraGard.org, which is a partnership between the Federal Bureau of Investigations (FBI) and key members of the private sector for the protection of the United States critical infrastructure.

InfraGard members are in roles involved in both cyber and physical security at companies that manage most of the nation’s critical infrastructures, including drinking water, power utilities, communication and financial services firms, transportation and manufacturing companies, healthcare providers and nuclear energy firms.

The breach origin date is December 2022 and data exposed includes their members’ contact information, such as name, email and phone numbers. The FBI stated that “this is an ongoing situation” and that they are “not able to provide any additional information at this time.” Approximately 80,000 InfraGard members are impacted. Learn more HERE.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come.

Be vigilant. Be strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of Markus Spiske on Unsplash.com.

Twitter Data Breach Alert

Twitter Data Breach Alert

Just recently our security teams have found that Twitter, a popular social media service, has been breached. At least 5.4 million accounts have been compromised. The breach origin date is July, 2022 and data exposed includes name, phone number, email address and account holder user IDs.

Twitter acknowledged publicly that they received a report through their bug bounty program of a vulnerability in Twitter’s systems in January 2022. As a result of the vulnerability, if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted email address or phone number was associated with, if any. Twitter then explained that the bug resulted from an update to their code in June 2021. When Twitter learned about this, they immediately investigated and fixed it. Twitter announced that at that time, they had no evidence to suggest someone had taken advantage of the vulnerability. Twitter has said that it would directly notify every account owner it could confirm was affected by the exposure. In the meantime, it is highly suggested to add two-factor authentication.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come.

Be vigilant. Be strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of Bermix Studios via unsplash.com.

8.4B Passwords & 25M Records Stolen

8.4B Passwords & 25M Records Stolen

Just recently our security team found two new breaches involving 25,000,000 stolen records and that 8.4 billion passwords have been stolen and sold on the dark web. We see these breaches all the time. The reality is that out of the 8.5 billion IP addresses worldwide, 3.5 billion of them are malware. That’s correct! Almost half of the worldwide web is created to commit fraud. That’s why we have proudly built a strong partnership with industry powerhouse Experian who jointly provides our member’s identity protection, support, and complete resolution service.

 

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come!

 

Be vigilant. Be Strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

 

Photo courtesy of unsplash.com Bermix Studios

Data Breach Alert: T-Mobile 100 Million Impacted

Data Breach Alert: T-Mobile 100 Million Impacted

The Associated Press reported yesterday that communications giant T-Mobile confirmed there was unauthorized access to ‘some T-Mobile data’ but that the company is still determining the scope of the breach and who was affected. T-Mobile is actively investigating the leak after someone took to an online underground forum offering to sell personal information from more than 100 million cellphone users.

 

According to Vice’s Motherboard report, the data came from T-Mobile servers and “includes social security numbers, phone numbers, names, physical addresses, unique IMEI (International Mobile Equipment Identity) numbers, and driver license information.” Motherboard also reported that they had seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.

 

The seller on the underground forum was asking for 6 bitcoin, which is about $270,000, for a subset of the data containing 30 million social security numbers and driver licenses. The hacker said that they are privately selling the rest of the data at the moment. For more in-depth details about the hack, you can read the KrebsonSecurity article HERE.

 

A statement on the T-Mobile website reads “We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed. This investigation will take some time but we are working with the highest degree of urgency.” The statement also included that the company takes the protection of their customers very seriously and that T-Mobile is “conducting an extensive analysis alongside with forensic experts to understand the validity of these claims, and are coordinating with law enforcement.”

 

If you or a family member has been a T-Mobile customer and suspect your data has been compromised, please contact us as soon as possible. We are always available for you 24/7/365 at 888.966.GUARD (4827). Our Member Services can also be emailed at [email protected].

 

Photo credit: John Tuesday on unsplash.com

University of California and StreetEasy: Dark Web Fraud Alert

University of California and StreetEasy: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are University of California and StreetEasy.com.

 

The University of California (UC) is the world’s leading public research university system. Like several hundred other institutions throughout the country, including universities, government institutions and private companies, UC has been using a vendor service called Accellion File Transfer Appliance (FTA) to transfer information. Accellion was the target of an international cyberattack where the perpetrators exploited a vulnerability in Accellion’s program and attacked roughly 100 organizations. The attackers are now attempting to get money from organizations and individuals.

 

The breach origination date was March 31, 2021. Information stolen includes names, addresses, SSNs, as well as some email addresses and medical IDs.

 

StreetEasy.com is New York City’s leading local real estate marketplace on mobile and the Web, providing comprehensive listings and market data. The approximate breach size is 990,290 and originated in June of 2016. Data exposed includes passwords, first and last names, email addresses, and user IDs.

 

Be vigilant. Be strong. Stay in the know. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by Erfan Parhizi via unsplash.com.

How to Spot a Hacker Going After Your Business

How to Spot a Hacker Going After Your Business

When you think of a “bad guy,” what comes to mind? Someone sitting alone hunched over a keyboard in a dark hoody in a dark basement with fast typing fingers and maybe sporting a three-day-old beard? And what do you picture this anti-social “bad guy” doing? Are they only going after huge corporations and corrupt politicians? Nope! But that is what pop society has been assuming cybercrime is and that the everyday individual or smaller organizations aren’t being targeted.

 

The reality is that many of the faces of modern cybercrime don’t look like what we have read in fictional books and seen on tv and in the movies. These cybercriminals are much harder to spot because “they look a lot like legitimate businesses than you might expect,” Hubspot reported. “The work they might do day-to-day to steal personal information and disrupt businesses is pretty boring.”

 

So why do they hack? Money! Cybercrime has cost the world just under a trillion dollars in 2020.

 

The fact is that your Personal Identifying Information (PPI) is just like a currency. When stolen and aggregated, PPI can be sold for a hefty profit and “it’s a lot easier to try to get into your business’s data than to try to gather their own to sell.” Many websites sell aggregated collections of email addresses and passwords that have been gathered from past data breaches. From there, all it takes is a bit of unsophisticated scripting to use these emails and passwords to try to log into different websites across the internet.

 

“These folks aren’t looking to hit the biggest, most valuable businesses. It’s a case of quantity over quality.” These villains take a few thousand emails and passwords and see how many of them work out against high value services (such as email providers or CRMs) to see what data can be pulled out of those accounts to sell or how they can use those accounts for phishing emails or ransomware.

 

Look at the statement released by Darkside, the group whose ransomware attack brought down the Colonial Oil Pipeline and caused gas prices to spike in May this year. They released: “We are apolitical, we do not participate in geopolitics, do not need to tie use with a defined government and look for other motives. Our goal is to make money and not creating problems for society.” They want cash flow not world domination.

 

Hubspot reported in a blog last month written by Ryan DiPetta, “A lot of hackers look and behave like legitimate businesses, even if they do illegitimate things. Maybe they work a regular nine to five schedule. Maybe they take vacations with their kids. They’re trying to build a business just like you, too … but their business is built on theft and exploitation of your business and the data and trust of your customers.”

 

Are you and your employees protected? For more information on how to protect your company’s bottom line and employees by providing this must-have voluntary benefit, please click HERE.

 

Our team at Guard Well Identity Theft Solutions is available 24/7/365. Contact us at 888.966.GUARD (4827) or email [email protected] if you suspect fraud or have any concerns. We are here to help!

 

Photo credit: Markus Spiske via Unsplash.com

The Steps We Take to Protect Your Identity

The Steps We Take to Protect Your Identity

Identity theft is inevitable. If it hasn’t already, it will victimize you, a family member, or an employee’s life in the near future. ‘Data Harvesting’ has become a major threat to identity protection. Browsing history, online shopping, and messaging data is being used against you.

 

The statistics are overwhelming. Cyber attacks, malware, and phishing scams have increased over 1000% since Covid-19 began. There are 3.5M Google searches every minute and 4.4B Facebook messages each day … all of that information is collected, stored, and sold. Essentially, your data is being stolen then sold back to you.

 

As a leader in the identity protection space, we are advocating for laws to protect the American consumer from Data Harvesting. Additionally, of the 8.5 billion IP addresses worldwide, 3.5 billion of them are malware. It is our hope that stronger IT security efforts are implemented in America (and worldwide) to block the thieves from stealing your information.

 

Protecting identity includes five main steps:

 

1. Implementing proactive safeguards with Guard Well fraud specialists.

2. Protecting personal identifying information (PII), such as social security number, date of birth, driver’s license ID number, financial institution account numbers, passport number, IP addresses, passwords, etc. Remember that even the smallest amount of stolen PII can be used against you.

3. Browsing in incognito or private mode, deleting unused email accounts, using two-factor authentication whenever possible, changing your passwords every 60 days, and removing your information from ‘people finder’ sites.

4. Monitoring credit and identity to quickly detect theft/fraud when it occurs.

5. Resolving all theft/fraud issues completely and continuously monitoring for recurrence.

 

Finally … we always strongly recommend that you DO NOT CLICK on any online link that you are not 100% certain is safe, secure and legit.

 

For more information on how to protect your employees by providing this must-have voluntary benefit, please click on the flyer: GW_Flyer_070821_OnePageMktgPiece

 

Our team at Guard Well Identity Theft Solutions is available 24/7/365. Contact us at 888.966.GUARD (4827) or email [email protected] if you suspect fraud or have any concerns.

RedDorz and Foxtons: Dark Web Fraud Alert

RedDorz and Foxtons: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are RedDorz.com and Foxtons.com.

 

RedDoorz.com is a Singapore-based hotel management and booking platform. Their breach size involves 5.8 million records: first name, last name, email address, password, gender, phone number, and date of birth. The origin date was September 2020.

 

Foxtons.co.uk is a British estate agency company dealing with both listings and sales. Alexander Hall is a subsidiary of Foxtons and provides mortgage services and advice since 1992. Their breach size involves 2.9 million records: first name, last name, email address, userid, and password. The origin date of this breach is unknown.

 

Be vigilant. Be strong. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by https://unsplash.com – Erfan Parhizi

 

ClientTether.com Breach Alert

ClientTether.com Breach Alert

Our security teams have recently discovered several large sets of compromised data on the Dark Web. The website, ClientTether.com has been affected.

 

ClientTether is an automated CRM and lead engagement sales automation platform. Users can send personalized text messages, receive a phone call, and send an email within seconds. Entrepreneur Magazine has recognized this popular website as a Top Franchise Supplier for 2020. Over 750,000 users have been impacted since the November 2020 breach origination date. The type of data exposed includes email, phone, name, address and gender.

 

If you have visited ClientTether.com or have engaged in business activity with this company, please call us at 888.966.GUARD (4827) to speak with a fraud resolution specialist. Likewise, if you have questions or concerns feel free to call anytime. We are available for you 24/7/365.

Romwe.com Breach Impacting 23 Million

Romwe.com Breach Impacting 23 Million

Our security teams have recently discovered several large sets of compromised data on the Dark Web. The website, Romwe.com, has been affected.

 

Romwe is a Chinese fashion retailer founded in 2008. Headquartere in Nanjing, China, Romwe deals with a wide range of trending fashion items for men, women and children. The breach date was July 2020 and impacts 23 million people. The type of data exposed includes email, password and telephone number.

 

If you have visited the romwe.com website or have engaged in business activity with this company, please call us at 888.966.GUARD (4827) to speak with a fraud resolution specialist. Likewise, if you have questions or concerns feel free to call anytime. We are available for you 24/7/365.