I'm ever so slightly annoyed (= raging mad) that #Helsinki IT has managed to leave the personal details of every #school age kid, their parents, and every city employee on an unsecured network drive, allowed them to be stolen, and now is trying to wiggle out of the responsibility to inform every impacted person (= just about everyone) or offer anything but stupid generalities as protection for #identity#theft. #cybersecurity fail of the year. Perhaps several.
120k or so kids and youth. All their parents/guardians. 40k employees. Unspecified job applicants. Names, addresses, social security numbers (or personal IDs, as they're now called). Home languages, religious affiliations, nationalities.
All stolen at once, because some criminally negligent idiot had NO PROTECTION for any data in place.
The city dares to say that "those affected should take steps to protect their identity". What's to protect, you already exposed it all?! Besides, no identity protection services cover minors, so half the people impacted have nothing to lean to.
Guy's identity stolen for 3 decades by someone he worked with at a hot dog cart. The thief became a high-level hospital executive under his name, while he is homeless. The victim is deemed crazy by a judge and sent to a mental hospital. Then, a detective assigned to the case decides to do a DNA check...
Anyone familiar with this?? Scam? Phishing? Government glitch?
My spouse woke up to 50+ emails confirming subscriptions to a wide range of US government offices. Everything from Medicaid to counterterrorism. They all look legit but came within 1 minute of each other as if someone entered her email into 50 different websites at once.
It's not clear if many of these are actual accounts with stolen information, or just anonymous email subscriptions.
What's the angle here??
Aviram Azari, 52, pleaded guilty in April last year to computer intrusion, wire fraud and identity theft charges relating to work done on behalf of Wirecard, among others. The company collapsed in 2020 following the exposure of a massive fraud.
“From his home in Israel, Aviram Azari played a major role in orchestrating and facilitating an international hacking-for-hire spearphishing campaign,” said Damian Williams, the US attorney for the Southern District of New York, whose office brought the case.
“Today’s sentencing sends an unmistakable message about my office’s firm commitment to prosecuting hackers, domestic and foreign alike.”"
Sigh. This stuff is just so tiresome. Excerpt of email just received from #ACF. 😞
>I am writing to inform you of a third-party data security incident which we are extremely disappointed to advise has impacted some of your personal information.
>Back in August 2023, Pareto Phone, a third-party tele-fundraising supplier ACF engaged to help raise funds for our environmental protection and advocacy work, advised us that they had experienced a data breach that affected some of our supporters’ data. However, on Thursday 21 September, Pareto Phone advised us of further supporter data affected, and after analysis, we can now unfortunately confirm some of your information was compromised in that breach.
>We sincerely apologise that this has occurred.
>The personal information that has been impacted is your last name, post code, date of birth, and one or more of your first name, mobile number, landline, street address, email address, donation date and/or donation amount.
>Please note your credit card details were NOT impacted. We can also confirm no personal identity documents have been impacted as Pareto Phone does not request, collect, or hold personal identity documents such as passports or drivers’ licences.
Right. Henceforth, if any toots appear herein, fediwise, purporting to be from an alleged "MsDropbear", which are happy, cheerful, optimistic, embracing of the innate goodness of humanity, or any other similar crap, pls be assured they are emphatically not from moi! 😜
I've been getting emails from Dymocks Booksellers in regards to a cyberhack. They advise that "1.24 million customer contact records were stolen and made available if the dark web."
As a potential severity mitigation, they go on to advise that the info is limited to "contact information such as name, address, phone, email, membership details and date of birth"
They then tell me that it wasn't their systems which were compromised but those of a third party.
This begs a few questions - and these apply to many of these companies involved in these hacks - why are you sharing this data with other companies? Why do you, much less any third party org, need to keep my DOB?
I recently traveled all over Europe and the UK and was regularly asked for copies of my passport and other forms of ID. These are AirBnB owners and hotels - what guarantees do I have for my data safety?
This story by @josephcox to kick off 404Media is a barn-burner.
Bad actors are using false identities or compromised credentials to maintain persistent access to credit reporting data and automating its sale with bots to the tune of $15 per.
Address history, cellphone details, driver's license details, relatives and other sensitive data.
Bad day today after my little excursion for photography. Left my purse at a small grocery store and didn't realize it til I got home. When I called the store they could find no sign of my purse. So much of my personal info is out there now - soc Sec #, driver's license, car reg and ins it's freaking me out. Have done all the essentials - close credit card and debit card accts, credit freeze on the 3 credit reporting bureaus, will get duplicate drivers license. #IdentityTheft
" Ransomware criminals are dumping kids’ private files online after school #hacks #Ransomware gangs have been stealing confidential documents from schools and dumping them online. The documents describe student sexual assaults, psychiatric hospitalizations, abusive parents — even suicide attempts. "