krebs   544

« earlier    

Krebs Given ISSA’s ‘President’s Award’ — Krebs on Security
KrebsOnSecurity was honored this month with the 2017 President’s Award for Public Service from the Information Systems Security Association, a nonprofit organization for cybersecurity professionals. The award recognizes an individual’s contribution to the information security profession in the area of public service.
It’s hugely gratifying to have received this award, mainly because of the company I now keep.
krebs  security  award 
yesterday by rgl7194
Here’s What to Ask the Former Equifax CEO — Krebs on Security
Richard Smith — who resigned as chief executive of big-three credit bureau Equifax this week in the wake of a data breach that exposed 143 million Social Security numbers — is slated to testify in front of no fewer than four committees on Capitol Hill next week. If I were a lawmaker, here are some of the questions I’d ask when Mr. Smith goes to Washington.
Before we delve into the questions, a bit of background is probably in order. The new interim CEO of Equifax — Paulino do Rego Barros Jr. — took to The Wall Street Journal and other media outlets this week to publish a mea culpa on all the ways Equifax failed in responding to this breach (the title of the op-ed in The Journal was literally “I’m sorry”).
breach  credit_report  data  equifax  identity_theft  privacy  security  krebs  CxO  gov2.0 
13 days ago by rgl7194
Fear Not: You, Too, Are a Cybercrime Victim! — Krebs on Security
Maybe you’ve been feeling left out because you weren’t among the lucky few hundred million or billion who had their personal information stolen in either the Equifax or Yahoo! breaches. Well buck up, camper: Both companies took steps to make you feel better today.
Yahoo! announced that, our bad!: It wasn’t just one billion users who had their account information filched in its record-breaking 2013 data breach. It was more like three billion (read: all) users. Meanwhile, big three credit bureau Equifax added 2.5 million more victims to its roster of 143 million Americans who had their Social Security numbers and other personal data stolen in a breach earlier this year. At the same time, Equifax’s erstwhile CEO informed Congress that the breach was the result of even more bone-headed security than was first disclosed.
hack  privacy  security  yahoo  equifax  data  breach  identity_theft  krebs  credit_report 
13 days ago by rgl7194
USPS ‘Informed Delivery’ Is Stalker’s Dream — Krebs on Security
A free new service from the U.S. Postal Service that provides scanned images of incoming mail before it is slated to arrive at its destination address is raising eyebrows among security experts who worry about the service’s potential for misuse by private investigators, identity thieves, stalkers or abusive ex-partners. The USPS says it hopes to have changes in place by early next year that could help blunt some of those concerns.
The service, dubbed “Informed Delivery,” has been available to select addresses in several states since 2014 under a targeted USPS pilot program, but it has since expanded to include many ZIP codes nationwide, according to the Postal Service. U.S. residents can tell if their address is eligible by visiting informeddelivery.usps.com.
security  privacy  mail  email  krebs  scanning 
15 days ago by rgl7194
Equifax or Equiphish? — Krebs on Security
More than a week after it said most people would be eligible to enroll in a free year of its TrustedID identity theft monitoring service, big three consumer credit bureau Equifax has begun sending out email notifications to people who were able to take the company up on its offer. But in yet another security stumble, the company appears to be training recipients to fall for phishing scams.
Some people who signed up for the service after Equifax announced Sept. 7 that it had lost control over Social Security numbers, dates of birth and other sensitive data on 143 million Americans are still waiting for the promised notice from Equifax. But as I recently noted on Twitter, other folks have received emails from Equifax over the past few days, and the messages do not exactly come across as having emanated from a company that cares much about trying to regain the public’s trust.
breach  credit_report  data  equifax  identity_theft  krebs  privacy  security  phishing 
21 days ago by rgl7194
Equifax Breach: Setting the Record Straight — Krebs on Security
Bloomberg published a story this week citing three unnamed sources who told the publication that Equifax experienced a breach earlier this year which predated the intrusion that the big-three credit bureau announced on Sept. 7. To be clear, this earlier breach at Equifax is not a new finding and has been a matter of public record for months. Furthermore, it was first reported on this Web site in May 2017.
In my initial Sept. 7 story about the Equifax breach affecting more than 140 million Americans, I noted that this was hardly the first time Equifax or another major credit bureau has experienced a breach impacting a significant number of Americans.
breach  credit_report  data  equifax  identity_theft  privacy  security  krebs 
26 days ago by rgl7194
Experian Site Can Give Anyone Your Credit Freeze PIN — Krebs on Security
An alert reader recently pointed my attention to a free online service offered by big-three credit bureau Experian that allows anyone to request the personal identification number (PIN) needed to unlock a consumer credit file that was previously frozen at Experian.
Experian’s page for retrieving someone’s credit freeze PIN requires little more information than has already been leaked by big-three bureau Equifax and a myriad other breaches.
The first hurdle for instantly revealing anyone’s freeze PIN is to provide the person’s name, address, date of birth and Social Security number (all data that has been jeopardized in breaches 100 times over — including in the recent Equifax breach — and that is broadly for sale in the cybercrime underground).
After that, one just needs to input an email address to receive the PIN and swear that the information is true and belongs to the submitter. I’m certain this warning would deter all but the bravest of identity thieves!
security  krebs  privacy  credit_report  credit_freeze 
26 days ago by rgl7194
Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop — Krebs on Security
Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. At first glance, the private notices obtained by KrebsOnSecurity appear to suggest that hackers initially breached Equifax starting in November 2016. But Equifax says the accounts were all stolen at the same time — when hackers accessed the company’s systems in mid-May 2017.
Both Visa and MasterCard frequently send alerts to card-issuing financial institutions with information about specific credit and debit cards that may have been compromised in a recent breach. But it is unusual for these alerts to state from which company the accounts were thought to have been pilfered.
In this case, however, Visa and MasterCard were unambiguous, referring to Equifax specifically as the source of an e-commerce card breach.
breach  credit_report  data  equifax  identity_theft  privacy  security  credit_cards  krebs 
4 weeks ago by rgl7194
Ayuda! (Help!) Equifax Has My Data! — Krebs on Security
Equifax last week disclosed a historic breach involving Social Security numbers and other sensitive data on as many as 143 million Americans. The company said the breach also impacted an undisclosed number of people in Canada and the United Kingdom. But the official list of victim countries may not yet be complete: According to information obtained by KrebsOnSecurity, Equifax can safely add Argentina — if not also other Latin American nations where it does business — to the list as well.
Equifax is one of the world’s three-largest consumer credit reporting bureaus, and a big part of what it does is maintain records on consumers that businesses can use to learn how risky it might be to loan someone money or to extend them new lines of credit. On the flip side, Equifax is somewhat answerable to those consumers, who have a legal right to dispute any information in their credit report which may be inaccurate.
breach  credit_report  data  equifax  privacy  security  krebs  identity_theft  south_america  business 
4 weeks ago by rgl7194
The Equifax Breach: What You Should Know — Krebs on Security
It remains unclear whether those responsible for stealing Social Security numbers and other data on as many as 143 million Americans from big-three credit bureau Equifax intend to sell this data to identity thieves. But if ever there was a reminder that you — the consumer — are ultimately responsible for protecting your financial future, this is it. Here’s what you need to know and what you should do in response to this unprecedented breach.
Some of the Q&As below were originally published in a 2015 story, How I Learned to Stop Worrying and Embrace the Security Freeze. It has been updated to include new information specific to the Equifax intrusion.
equifax  breach  credit_report  data  privacy  security  krebs  credit_freeze  identity_theft 
4 weeks ago by rgl7194
Equifax Breach Response Turns Dumpster Fire — Krebs on Security
I cannot recall a previous data breach in which the breached company’s public outreach and response has been so haphazard and ill-conceived as the one coming right now from big-three credit bureau Equifax, which rather clumsily announced Thursday that an intrusion jeopardized Social security numbers and other information on 143 million Americans.
WEB SITE WOES
As noted in yesterday’s breaking story on this breach, the Web site that Equifax advertised as the place where concerned Americans could go to find out whether they were impacted by this breach — equifaxsecurity2017.com —
is completely broken at best, and little more than a stalling tactic or sham at worst.
In the early hours after the breach announcement, the site was being flagged by various browsers as a phishing threat. In some cases, people visiting the site were told they were not affected, only to find they received a different answer when they checked the site with the same information on their mobile phones.
breach  credit_report  data  equifax  privacy  security  krebs  identity_theft 
5 weeks ago by rgl7194
Breach at Equifax May Impact 143M Americans — Krebs on Security
Equifax, one of the “big-three” U.S. credit bureaus, said today a data breach at the company may have affected 143 million Americans, jeopardizing consumer Social Security numbers, birth dates, addresses and some driver’s license numbers.
In a press release today, Equifax [NYSE:EFX] said it discovered the “unauthorized access” on July 29, after which it hired an outside forensics firm to investigate. Equifax said the investigation is still ongoing, but that the breach also jeopardized credit card numbers for roughly 209,000 U.S. consumers and “certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.”
security  privacy  data  breach  credit_report  equifax  krebs  identity_theft 
5 weeks ago by rgl7194
Twitter Bots Use Likes, RTs for Intimidation — Krebs on Security
Upon further examination, it appears that almost all of my new followers were compliments of a social media botnet that is being used to amplify fake news and to intimidate journalists, activists and researchers. The botnet or botnets appear to be targeting people who are exposing the extent to which sock puppet and bot accounts on social media platforms can be used to influence public opinion.
krebs  twitter  propaganda  influence  socialmedia  social  botnet  manipulation 
6 weeks ago by ivar

« earlier    

related tags

2fa  7.5g  90-120_min_sport_täglich  @svenja  a  aid  aktion  alkohol  amazon  anabol  anabole_diät  aspartam  aspirin  attack  ausleiten  award  basketball  bewegung  bgp  blogs  blutspiegel  botnet  bots  breach  brian  browser  business  butter  bücher  c  cancer  censorship  chemobrain  chemotherapie  cia  cloud  comic  cortisol  creativity  credit  credit_cards  credit_freeze  credit_report  creditcards  creditfreeze  crime  cxo  cybersecurity  cycle  d  d14  data  ddos  democracy  dems  dnc  dns  dosis  ecommerce  economics  einsamkeit  election  email  equifax  fasten  fastening  fatigue  fcc  feil_dr._wolfgang  fettleber  fisch  fitness  flash  flying  gegen  gesund  gesundheit  google  gop  gov2.0  graphic_novel  hack  hacking  health  herz  hijack  hilfe  hillary  hochdosistherapie  html5  identity_theft  immunotherapie  influence  infrastructure  infusion  interaktion  internet  iot  isp  jhu  jigsaw  k1  k2  ketogene_diät  ketose  kinder  kontakte  kurkuma  leben  leber  legal  m07  mail  malware  manipulation  meditation  medizin  mefi  metastase  methadon  mäuse  nahrungsergänzungsmittel  netflix  nutrition  nytimes  on  otf  palliativ-medizin  passwords  pflanzenschutzmittel  pflichtprogramm_täglich  phishing  platform  politics  privacy  propaganda  pros  ransom_ware  rapidresponse  rinderleber  robocalls  rr  running  russia  saccharin  scam  scanning  schadstoffe_ausleiten  schwermetalle  security  seefisch  social  social_engineering  socialmedia  software  sollwert  south_america  sozial  spam  spotify  stevia  stress  stresshormon  studien  sucralose  süßstoff  technology  temporäre_kalorienrestriktion  tobuy  tod  tools  trump  twitter  ukraine  usb  usb_hacking  video_jacking  vitamin  vitamin_d  vpn  web  wikileaks  y2017  yahoo  yoga  zucker  übergewicht 

Copy this bookmark:



description:


tags: