Millions Potentially Exposed by Neiman Marcus Breach

Dallas-based Neiman Marcus Group (NMG), a luxury department store chain that includes Bergdorf Goodman, recently learned that an unauthorized party gained access to a cloud database platform used by NMG that is provided by a third party named Snowflake. The company notified Maine’s Attorney General’s Office that the breach has impacted more than 64,000 customers. The company started mailing notification letters on June 24th. This is not the first cybersecurity incident for Neiman Marcus. Previous breaches are known to have occurred in 2013, 2015 and 2020 for the high-end retailer.

NMG disclosed the incident just as a hacker announced the sale of the database. According to SecurityWeek, although a ransom was demanded, the retailer refused to pay. SecurityWeek also reported that the database sold for $150,000 and allegedly includes information on 180 million users which is far more than the 64,000+ NMG reported. The hacker is now advertising 70 million transactions, 50 million customer email addresses, 12 million gift card numbers and six billion rows of customer shopping records, employee data and store information.

Campaigns have targeted at least 165 organizations associated with Snowflake cloud storage systems, such as Advance Auto Parts, Allstate, Anheuser-Busch, Mitsubishi, Progressive, State Farm and Ticketmaster. We expect to see a heightened volume of cybersecurity incidents surrounding Snowflake and will notify you as soon as we hear any further news. Learn More

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Gamers Hit with Social Engineering Attack

Gamers Hit with Social Engineering Attack

Our security teams have recently discovered that Shadow.tech, a cloud computing service developed by the French company Blade and later acquired by OBHcloud founder Octave Klaba in 2021 has been breached. Its technology is based on Window 10 server executing video games or other Windows software applications remotely. The breach origin date is October, 2023 and involves the data of 545,013 account users including their email addresses, full names, physical addresses and birth dates.

The public acknowledgement of the company states that they were a victim of a social engineering attack targeting one of their employee. Shadow.tech CEO said, “This highly sophisticated attack began on the Discord platform with the downloading of malware under cover of a game on the Steam platform, proposed by an acquaintance of an employee, himself, a victim of the same attack.” Learn More

If the term ‘social engineering attack’ is new to you … you are not alone.

Social engineering is a type of cyberattack that uses psychology to obtain personal identifying information (PII). It is impossible to prevent. This type of attack is a huge threat to cybersecurity because it begins on a very personal level with each victim. It invokes fear. It invokes urgency. If the device is being used for gaming and is part of a corporate network, login credentials can be compromised and harming of the network can occur.

Social engineering attacks can include many different formats: whaling, honeytrapping, tailgating … If you or a family member are into the gaming industry specifically, these are four social engineering attacks you need to be on the lookout for:

– Phishing – fraud, impersonation and old-fashioned blackmail.

– Baiting – fraudsters use fake websites, such as for not legit gaming add-ons and so-called “freebies.”

– Pretexting – this is a newer term and format. It includes a fabricated identity (or situation) where a victim may need to divulge PII. Example types of of impersonation could be a talent agency, a law enforcement officer, a major sweepstakes company.

– Spear Phishing – this is a very targeted email attack on specific employees (or sometimes organizations as a whole).

Tips:

– Only click on URLs that begin with https.

– Enable multi-factor authentication when available.

– Use a spam filter.

– Use a pop-up blocker.

– Do your research and check if a website or contact is legit.

– Never insert a USB into your device unless you know and trust exactly who it is from.

– If a request comes in and is marked URGENT, that is a red flag that it could be a scam.

Learning and following best cybersecurity practices are essential to safeguarding your PII. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Image courtesy credit: bermix-studio-wJ7atxTNeQE via unsplash.com

Nationwide Cyberattack Paralyzes Auto Dealerships

If you have been trying to buy a car this summer, you might have hit a snag or two. Dealerships have had to go back to good old fashioned pen and paper to complete deals after their operations suddenly came to a complete halt. What happened? Hackers targeted CDK Global, a software company that 15,000 car dealerships nationwide rely on. The back-to-back ransomware attacks occurred in mid-June but car dealerships are still recovering from having their operations paralyzed for about ten days. The good news is that dealerships do not think that customer private information has been stolen but that has not been confirmed. We will notify you if our teams find any data sets related to this attack on the dark web.

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Ticketmaster Entertainment, LLC is an American ticket sales and distribution company based in Beverly Hills, California with operations in many countries around the world. In 2010, it merged with Live Nation under the name Live Nation Entertainment. Ticketing giant Live Nation confirmed this summer that it has been the victim of a cyber attack. We have just learned that the breach origin date is May 20, 2024. Personal data from over half a billion users have been exposed. Data stolen can include full names, addresses, email addresses, birth dates, credit card type, the last four digits and credit card expiration dates used for ticket sales. Learn More

We suggest that you protect yourself by doing the following if you have a Ticketmaster account:

– Change your password immediately and frequently. Although it might be easier to remember, try to resist the urge to use the same password across multiple accounts.

– Utilize two-factor authentication when it is available.

– If solicited online, never share any personal identifying information or financial account numbers. Only give out information to an individual you know or a company that you are 100% certain about.

This is definitely not the first time Ticketmaster has made the news. If you have a Swiftie in the household, you likely already know the debacle surrounding Ticketmaster and Taylor Swift’s Eras tour that started in 2022. If you are interested in the timeline of the chaos, check out People’s article of events. Learn More

Now is not the time to let your guard down. Knowledge is power. Being informed of what steps you may need to take can help ease the potential damage (and your stress level) if your identity has been compromised. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Image courtesy credit: Erfan Parhizi via unsplash.com

UPDATE from Ticketmaster – July 3, 2024: Ticketmaster has contacted those who may be affected. They state via email that they “take the protection of personal information very seriously.” They explain that an unauthorized third party obtained information from a cloud database hosted by a third-party data services provider. Based on their investigation, they determined that the unauthorized activity occurred on May 27, 2024. They note that they are working to mitigate risk to their users and the company, and have notified and are cooperating with law enforcement and regulatory authorities.

Investment Opportunity or Not? Keeping Eyes on Your 💰

Investment Opportunity or Not? Keeping Eyes on Your 💰

One of the top scams of the century involving investments is making a comeback in 2024. A fixed deposit, otherwise known as a term deposit, has traditionally been an investment plan that allows you to earn a safe guaranteed rate of interest for a lump sum over a fixed period of time. Funds can be withdrawn during the fixed term but there are fees to do so. Unfortunately, anyone with access to your personal identifying information and banking credentials can withdraw the money from these accounts.

Scammers desiring to cash in on anyone’s deal are offering fake investments that the masses are falling for. Here is how to get on the band wagon of what you need to know about fake fixed term deposit investment scams so you don’t fall victim:

– Understand that there is no such thing as easy money and it definitely doesn’t grow on trees.

– Every investment has some degree of risk. There is also risk in not investing at all so working with a reputable company registered with the Financial Industry Regulation Authority (FINRA), the Securities and Exchange Commission (SEC) or your state securities regulator is imperative.

– Get it in writing. If there isn’t any documentation that can mean that the investment may not be registered with the SEC and is not legit.

– An unsolicited phone call, text or email promising guaranteed profits is a really good reason to block the number or sender. With artificial intelligence (AI) having entered the pictured the last couple of years, it is understandably confusing as to who is real and who isn’t.

– If you are rushed to make any type of investment decision so you ‘don’t lose out’ and your gut tells you this investment is smelling fishy, then it’s probably ‘phishy,’ a scam technique that isn’t going away anytime soon. To learn more about phishing scams, check out the Federal Trade Commission’s article on the subject HERE.

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy credit: Micheile Henderson on Unsplash.com

Major Eyewear Company: Over 70 Million Hacked

Major Eyewear Company: Over 70 Million Hacked

Our security teams have recently discovered large data sets of compromised cyber elements on the Dark Web. On May 19th, the world’s largest eyewear company, Luxottica, confirmed reports of a 2021 data breach from a vendor’s computer network that leaked private information.

Luxottica, based in Milan, Italy, designs and manufactures sunglass and prescription frames. Brands include Burberry, Chanel, Dolce and Gabbana, Georgio Armani, Michael Kors, Oakley and Ray-Ban. The company also owns several retailers selling products such as LensCrafters and Sunglass Hut.

The hacking origin date is November, 2022 with retail customer data exposed being name, email address, physical address and phone number.

The company’s public acknowledgement stated that they discovered through their “proactive monitoring procedures that certain retail customer data, allegedly obtained through a third-party vendor related to Luxottica retail customers, was published in an online post.” The company reported the incident to the FBI and the Italian Police. The owner of the website where the data was exposed has since been arrested by the FBI. The website that leaked the information has also been shut down and the investigation is still ongoing. Learn More

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Image courtesy credit: uriel-sc-11KDtiUWRq4-unsplash.jpg unsplash.com

Triple Date Breach Climbs to 25 Million: TruthFinder, Instant Checkmate and Gemini

Triple Date Breach Climbs to 25 Million: TruthFinder, Instant Checkmate and Gemini

Our security teams have recently discovered that over 25 million people have been impacted by data breaches involving TruthFinder, Instant Checkmate and Gemini.

Both TruthFinder and Instant Checkmate are subscription-based websites owned by PeopleConnect that allow users to do background checks on people by utilizing public records. The breaches for both companies occurred on April 12, 2019. While TruthFinder’s breach involves eight million account holders, Instant Checkmate’s is even larger impacting 12 million. Stolen account holder information includes users’ email addresses, phone numbers and passwords for both sites. Parent company PeopleConnect has confirmed that all customer accounts created between 2011 and 2019 have been impacted and that the published list originated inside their company. Learn More

Gemini (Gemini Trust Company, LLC) is a cryptocurrency exchange and custodian that allows customers to buy, sell and store digital assets. The American-owned company operates in the United States, Canada, the United Kingdom, South Korea, Hong Kong and Singapore. The breach size of 5.4 million originated December 13, 2022 as a result of a third-party incident. The company has declared that some customers have been the target of phishing campaigns from that third-party vendor exposing millions of email addresses and partial phone numbers. Learn More

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo by https://unsplash.com Erfan Parhizi

 

Data Breach Alert: T-Mobile 100 Million Impacted

Data Breach Alert: T-Mobile 100 Million Impacted

The Associated Press reported yesterday that communications giant T-Mobile confirmed there was unauthorized access to ‘some T-Mobile data’ but that the company is still determining the scope of the breach and who was affected. T-Mobile is actively investigating the leak after someone took to an online underground forum offering to sell personal information from more than 100 million cellphone users.

 

According to Vice’s Motherboard report, the data came from T-Mobile servers and “includes social security numbers, phone numbers, names, physical addresses, unique IMEI (International Mobile Equipment Identity) numbers, and driver license information.” Motherboard also reported that they had seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.

 

The seller on the underground forum was asking for 6 bitcoin, which is about $270,000, for a subset of the data containing 30 million social security numbers and driver licenses. The hacker said that they are privately selling the rest of the data at the moment. For more in-depth details about the hack, you can read the KrebsonSecurity article HERE.

 

A statement on the T-Mobile website reads “We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed. This investigation will take some time but we are working with the highest degree of urgency.” The statement also included that the company takes the protection of their customers very seriously and that T-Mobile is “conducting an extensive analysis alongside with forensic experts to understand the validity of these claims, and are coordinating with law enforcement.”

 

If you or a family member has been a T-Mobile customer and suspect your data has been compromised, please contact us as soon as possible. We are always available for you 24/7/365 at 888.966.GUARD (4827). Our Member Services can also be emailed at [email protected].

 

Photo credit: John Tuesday on unsplash.com

University of California and StreetEasy: Dark Web Fraud Alert

University of California and StreetEasy: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are University of California and StreetEasy.com.

 

The University of California (UC) is the world’s leading public research university system. Like several hundred other institutions throughout the country, including universities, government institutions and private companies, UC has been using a vendor service called Accellion File Transfer Appliance (FTA) to transfer information. Accellion was the target of an international cyberattack where the perpetrators exploited a vulnerability in Accellion’s program and attacked roughly 100 organizations. The attackers are now attempting to get money from organizations and individuals.

 

The breach origination date was March 31, 2021. Information stolen includes names, addresses, SSNs, as well as some email addresses and medical IDs.

 

StreetEasy.com is New York City’s leading local real estate marketplace on mobile and the Web, providing comprehensive listings and market data. The approximate breach size is 990,290 and originated in June of 2016. Data exposed includes passwords, first and last names, email addresses, and user IDs.

 

Be vigilant. Be strong. Stay in the know. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by Erfan Parhizi via unsplash.com.

The Steps We Take to Protect Your Identity

The Steps We Take to Protect Your Identity

Identity theft is inevitable. If it hasn’t already, it will victimize you, a family member, or an employee’s life in the near future. ‘Data Harvesting’ has become a major threat to identity protection. Browsing history, online shopping, and messaging data is being used against you.

 

The statistics are overwhelming. Cyber attacks, malware, and phishing scams have increased over 1000% since Covid-19 began. There are 3.5M Google searches every minute and 4.4B Facebook messages each day … all of that information is collected, stored, and sold. Essentially, your data is being stolen then sold back to you.

 

As a leader in the identity protection space, we are advocating for laws to protect the American consumer from Data Harvesting. Additionally, of the 8.5 billion IP addresses worldwide, 3.5 billion of them are malware. It is our hope that stronger IT security efforts are implemented in America (and worldwide) to block the thieves from stealing your information.

 

Protecting identity includes five main steps:

 

1. Implementing proactive safeguards with Guard Well fraud specialists.

2. Protecting personal identifying information (PII), such as social security number, date of birth, driver’s license ID number, financial institution account numbers, passport number, IP addresses, passwords, etc. Remember that even the smallest amount of stolen PII can be used against you.

3. Browsing in incognito or private mode, deleting unused email accounts, using two-factor authentication whenever possible, changing your passwords every 60 days, and removing your information from ‘people finder’ sites.

4. Monitoring credit and identity to quickly detect theft/fraud when it occurs.

5. Resolving all theft/fraud issues completely and continuously monitoring for recurrence.

 

Finally … we always strongly recommend that you DO NOT CLICK on any online link that you are not 100% certain is safe, secure and legit.

 

For more information on how to protect your employees by providing this must-have voluntary benefit, please click on the flyer: GW_Flyer_070821_OnePageMktgPiece

 

Our team at Guard Well Identity Theft Solutions is available 24/7/365. Contact us at 888.966.GUARD (4827) or email [email protected] if you suspect fraud or have any concerns.