• 888-966-4827
Menu

Tag Archives:
Dark Web

Home / Blog / Tag: Dark Web
16 Billion Logins Leaked

16 Billion Logins Leaked

This is by far the biggest leak this year. Late last month, Cybernews uncovered a massive compilation of 30 exposed datasets containing approximately 16 billion login credentials stolen via infostealer malware from individual devices with accounts with companies like Apple, Google and Facebook (along with various US government services). Yes, that was a lot to swallow. Long story short, your logins may be compromised.

This wasn’t just one massive breach though. No, no. This treasure trove is the result of years of corporate leaks, phishing scams and a particularly shady type of malware called “infostealers.” These programs hang out on your devices like digital bedbugs quietly snatching up usernames, passwords, cookies, session tokens and probably your last ounce of sanity.

Here’s how to save yourself from becoming a cautionary tale:

Change. Your. Passwords. If you’re still using ilovecats123! or Password!, let’s take a few minutes and use a unique and strong password for every account. Write this information down and keep it locked in a safe place. I use color-coded post-its in a plastic container kept in my fire-proof safe … I know it’s not the best system but, it’s something.

Turn on two-factor authentication. It is one of the best things you can do to protect your accounts. But, let’s be honest… it’s not without its little quirks. There is the stress of the six-digit code expiring because you had a sneezing fit, paused two seconds too long and didn’t type the code in before it vanished into the digital abyss. Blink and it’s “code expired, try again.” And then there’s the waiting game if the verification code was ONLY sent to your phone and it is lost in the couch, dead or charging in another room. Classic. It happens to the best of us.

– Use an authenticator app or better yet, try passkeys. A passkey is a newer, password-free way to sign in to websites and apps. Instead of remembering passwords or entering a code, you use your face, fingerprint or device PIN to log in securely. Passkeys are practically phishing-proof since they can’t be reused or tricked into logging in somewhere fake and they work across all of the devices you’re signed into.

Update your software. Regularly. That “update now” pop-up is your friend. It’s patching security flaws that hackers love.

Do not click! If an email or text asks you to log in, call them or download anything, run and don’t look back. Phishing is the number one way credentials get stolen. Block the number, report the message and delete it from all of your devices.

Avoid public Wi-Fi like the plague unless you’re using a Virtual Private Network (VPN). Although VPNs hide your IP address (your location and identity online), they don’t make you invisible … just harder to track.

The bottom line is, if you have reused login credentials, you’re at risk. Updating your digital hygiene today is urgent and essential. Guard Well Identity Theft Solutions exists to protect you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available to you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

 

 

Nationwide Cyberattack Paralyzes Auto Dealerships

If you have been trying to buy a car this summer, you might have hit a snag or two. Dealerships have had to go back to good old fashioned pen and paper to complete deals after their operations suddenly came to a complete halt. What happened? Hackers targeted CDK Global, a software company that 15,000 car dealerships nationwide rely on. The back-to-back ransomware attacks occurred in mid-June but car dealerships are still recovering from having their operations paralyzed for about ten days. The good news is that dealerships do not think that customer private information has been stolen but that has not been confirmed. We will notify you if our teams find any data sets related to this attack on the dark web.

Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Update – Ticketmaster/Live Nation Breach Alert: 560 Million Fans Impacted

Ticketmaster Entertainment, LLC is an American ticket sales and distribution company based in Beverly Hills, California with operations in many countries around the world. In 2010, it merged with Live Nation under the name Live Nation Entertainment. Ticketing giant Live Nation confirmed this summer that it has been the victim of a cyber attack. We have just learned that the breach origin date is May 20, 2024. Personal data from over half a billion users have been exposed. Data stolen can include full names, addresses, email addresses, birth dates, credit card type, the last four digits and credit card expiration dates used for ticket sales. Learn More

We suggest that you protect yourself by doing the following if you have a Ticketmaster account:

– Change your password immediately and frequently. Although it might be easier to remember, try to resist the urge to use the same password across multiple accounts.

– Utilize two-factor authentication when it is available.

– If solicited online, never share any personal identifying information or financial account numbers. Only give out information to an individual you know or a company that you are 100% certain about.

This is definitely not the first time Ticketmaster has made the news. If you have a Swiftie in the household, you likely already know the debacle surrounding Ticketmaster and Taylor Swift’s Eras tour that started in 2022. If you are interested in the timeline of the chaos, check out People’s article of events. Learn More

Now is not the time to let your guard down. Knowledge is power. Being informed of what steps you may need to take can help ease the potential damage (and your stress level) if your identity has been compromised. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. Please don’t hesitate to reach out if you need help or have any questions or concerns. We are available for you 24/7/365 at 888.966.4827 (GUARD) and [email protected].

Image courtesy credit: Erfan Parhizi via unsplash.com

UPDATE from Ticketmaster – July 3, 2024: Ticketmaster has contacted those who may be affected. They state via email that they “take the protection of personal information very seriously.” They explain that an unauthorized third party obtained information from a cloud database hosted by a third-party data services provider. Based on their investigation, they determined that the unauthorized activity occurred on May 27, 2024. They note that they are working to mitigate risk to their users and the company, and have notified and are cooperating with law enforcement and regulatory authorities.

Memorial Day Hacks and Hamburgers

Memorial Day Hacks and Hamburgers

Memorial Day is a special time of year to honor the men and women who have died while serving in the U. S. military. Originally known as Decoration Day, Memorial Day originated in the years following the Civil War and became an official federal holiday in 1971. Visit History.com for more information.

Always the last Monday in May, this holiday also marks the unofficial beginning of summer fun … pool season, popsicles, and plenty of barbeques. Americans have traditionally observed Memorial Day by visiting cemeteries or memorials, holding family gatherings, and participating in parades. This year the weekend activities may still look a bit different if social distancing, but we will continue to reflect on the sacrifices our soldiers made for us while lighting up our grills. Speaking of, take a visit to Chowhound.com for some amazing tips for the most perfect hamburger ever (80/20 lean to fat ratio ground chuck always!) and clever grilling hacks. Did you know you can use a spare cooler as an insulated warmer to keep food hot and juicy right off the grill? One tip you won’t see there is a favorite of mine … folding a dollop of mayo into each burger patty for optimal juiciness before they even go on the grill. Try it. You’ll love it!

Unfortunately during this time of year crooks might pop up who feed on our gratitude. Watch out for Memorial Day scams where hackers use a patriotic or military approach when contacting service members for money. The Better Business Bureau (BBB) suggests to be on the lookout for five specific scams during this time of remembrance:

Fake military charities. Scammers will send out emails, phone calls, direct mailers and send texts using the same outreach practices as well-known legitimate nonprofits. Be wary of messages that contain words like “disabled,” “heroes,” and “warriors” and always double-check the exact name and spelling of the charity.

Fake rental properties. Scammers take out classified ads and will use photos from legitimate rental properties that promise military discounts or other incentives.

High-priced military loans. No legitimate lender will guarantee a loan as being instantly approved. Watch for ads that may also say no credit check is required. If this is the case, the loan will likely come with hidden fees as well as outrageously high interest rates.

Veteran benefit buyout plans. These plans offer an attractive cash payment in exchange for a disabled veteran’s future benefits or pension payments. The cash payment is typically only 30-40% of what the veteran is entitled to receive.

Misleading car sales. Some websites post ads that contain false discounts for those in the military. There is also an increase of ads that claim to be from soldiers who need to sell their autos quickly due to deployment.

Stay safe this weekend and please reach out to us if needed. Guard Well Identity Theft Solutions exists to provide you, your family and your employees from the damages of identity theft. We are available for you 24/7/365 at 888.966.GUARD (4827) and [email protected].

Photo courtesy Justin Casey via unsplash.com

 

AT&T Breach Alert: 73 Million Impacted

AT&T Breach Alert: 73 Million Impacted

Our security teams have recently discovered that AT&T, one of the main US telecommunications companies, has suffered an enormous data breach. Data from 73 million current and former customers has been leaked on the dark web. In August, 2021, the company originally said that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers. Although the hacking date remains unclear, one in five Americans have now been impacted. Data exposed include name, address, date of birth, phone number and social security numbers.

The company stated that it is not yet known whether the data originated from AT&T or one of its vendors. The company added that “currently AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set.” The company said that it is reaching out to customers to reset their account pass codes and is also urging customers to remain alert about changes to their accounts or credit reports. LEARN MORE

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Image courtesy credit: Marcus Spiske via unsplash.com

Online Music Streaming Service Breach Impacts Billions

Online Music Streaming Service Breach Impacts Billions

Our security teams have recently discovered that a former deezer.com partner experienced a data breach in 2019 that has impacted 257 billion users. Deezer is a France-based music streaming platform. Leaked information includes users’ dates of birth, email addresses, genders, geographic locations, IP addresses, names, spoken languages and/or surnames. The hacking dates back to mid-2019 when a Deezer third-party fell victim to a breach exposing user data, which was then sold on a popular hacking forum.

The hacker claimed that the data breach affects users in the United States, the United Kingdom, Brazil, Columbia, France, Germany, Guatemala, Italy, Mexico and Turkey.

Other music streaming platforms, such as Spotify, have suffered data leaks in recent years. In December 2020, Spotify confirmed that an incident may have affected over 300,000 users’ email addresses, display names, passwords, genders and dates of birth.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo by Uriel SC via Unsplash.com.

FBI’s Vetted Threat Sharing Network Hacked

FBI’s Vetted Threat Sharing Network Hacked

Just recently, our security teams have discovered large data sets of compromised cyber elements on the Dark Web. The breached site is InfraGard.org, which is a partnership between the Federal Bureau of Investigations (FBI) and key members of the private sector for the protection of the United States critical infrastructure.

InfraGard members are in roles involved in both cyber and physical security at companies that manage most of the nation’s critical infrastructures, including drinking water, power utilities, communication and financial services firms, transportation and manufacturing companies, healthcare providers and nuclear energy firms.

The breach origin date is December 2022 and data exposed includes their members’ contact information, such as name, email and phone numbers. The FBI stated that “this is an ongoing situation” and that they are “not able to provide any additional information at this time.” Approximately 80,000 InfraGard members are impacted. Learn more HERE.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come.

Be vigilant. Be strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of Markus Spiske on Unsplash.com.

8.4B Passwords & 25M Records Stolen

8.4B Passwords & 25M Records Stolen

Just recently our security team found two new breaches involving 25,000,000 stolen records and that 8.4 billion passwords have been stolen and sold on the dark web. We see these breaches all the time. The reality is that out of the 8.5 billion IP addresses worldwide, 3.5 billion of them are malware. That’s correct! Almost half of the worldwide web is created to commit fraud. That’s why we have proudly built a strong partnership with industry powerhouse Experian who jointly provides our member’s identity protection, support, and complete resolution service.

 

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come!

 

Be vigilant. Be Strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

 

Photo courtesy of unsplash.com Bermix Studios

University of California and StreetEasy: Dark Web Fraud Alert

University of California and StreetEasy: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are University of California and StreetEasy.com.

 

The University of California (UC) is the world’s leading public research university system. Like several hundred other institutions throughout the country, including universities, government institutions and private companies, UC has been using a vendor service called Accellion File Transfer Appliance (FTA) to transfer information. Accellion was the target of an international cyberattack where the perpetrators exploited a vulnerability in Accellion’s program and attacked roughly 100 organizations. The attackers are now attempting to get money from organizations and individuals.

 

The breach origination date was March 31, 2021. Information stolen includes names, addresses, SSNs, as well as some email addresses and medical IDs.

 

StreetEasy.com is New York City’s leading local real estate marketplace on mobile and the Web, providing comprehensive listings and market data. The approximate breach size is 990,290 and originated in June of 2016. Data exposed includes passwords, first and last names, email addresses, and user IDs.

 

Be vigilant. Be strong. Stay in the know. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by Erfan Parhizi via unsplash.com.

RedDorz and Foxtons: Dark Web Fraud Alert

RedDorz and Foxtons: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are RedDorz.com and Foxtons.com.

 

RedDoorz.com is a Singapore-based hotel management and booking platform. Their breach size involves 5.8 million records: first name, last name, email address, password, gender, phone number, and date of birth. The origin date was September 2020.

 

Foxtons.co.uk is a British estate agency company dealing with both listings and sales. Alexander Hall is a subsidiary of Foxtons and provides mortgage services and advice since 1992. Their breach size involves 2.9 million records: first name, last name, email address, userid, and password. The origin date of this breach is unknown.

 

Be vigilant. Be strong. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by https://unsplash.com – Erfan Parhizi