Skip to main content

Tag: identity theft

331 articles

Person working on laptop with blurred screen in home office setting.

Microsoft Warns of Device Code Phishing Attacks via Legitimate Website

Beware of device code phishing attacks that can trick you into giving away access to your accounts, even on legitimate websites. Hackers are using a clever tactic that exploits Microsoft's authentication endpoint to steal your credentials.

Analyst 207
Person holds credit card, looking concerned in front of blurred retail store background.

Card Data Theft Exposes Persistent US Consumer Vulnerability

Nearly half of US consumers are on high alert for card data theft, naming it their top fraud worry. A recent Capco survey found 46% of respondents citing card and card data theft as their biggest concern, beating out identity theft and other financial security threats.

Analyst 207
A dimly lit office interior with a single wooden desk and chair, papers and folders scattered on the surface, illuminated…

Amazon Fined $2.25M for Withholding Fraud Evidence

Amazon has been fined $2.25 million for allegedly blocking identity-theft victims from accessing records of fraudulent transactions, violating the Fair Credit Reporting Act. The company reportedly told some consumers that they couldn't access the requested records, adding to the frustration of those trying to recover from scams.

Analyst 207
Passport lies on a plain surface surrounded by blurred cannabis dispensary items, hinting at a security breach.

Massive Passport Leak Exposes Sensitive Traveler Data

A staggering leak of almost a million passport records from around the world has put sensitive traveler data at risk. The breach, linked to a low-security ID verification system for cannabis dispensaries, exposed passports as a vulnerable weak point in authentication processes.

Analyst 207
Multi-layered city infrastructure with payment terminal in foreground.

Fraud Prevention Strategies Target Multiple Elevation Levels

Fraudsters are constantly evolving, and a single-layer defense just won't cut it - that's why IPQS advocates for a layered approach to fraud prevention, because what may seem like a secure transaction to you might be just the tip of the iceberg to a sophisticated scammer. By monitoring at multiple levels, you can stay one step ahead of even the most cunning attackers.

Analyst 207
Person sitting at desk with laptop and smartphone, surrounded by papers in a blurred office setting.

Identity Crimes Evolve into Multi-Layered Fraud Schemes

Identity crimes are no longer standalone incidents, but rather gateways to multiple, simultaneous frauds that can wreak havoc on victims' lives. A staggering 25.6% of victims now face two or more concurrent events, a 23.5% surge from the previous year.

Analyst 207
Darkened underground digital marketplace with rows of screens displaying abstract data.

Cyberattacks Expose AI Agents' Vulnerability to Phishing Risks

A staggering 3.3 billion identity records are now circulating on illicit markets, thanks to a whopping 11.1 million devices infected with infostealers last year - a digital threat landscape that's more vulnerable than ever. This alarming trend highlights the urgent need for robust protection against AI agents' vulnerability to phishing risks.

Analyst 207
Person sits at cluttered desk with concerned expression, surrounded by papers and laptop.

Identity Crime Incidents Multiply for Victims, ITRC Data Reveals

The alarming rise in identity crime incidents is not just about the numbers, but also the disturbing pattern of recurrence, with nearly 26% of victims experiencing multiple concurrent incidents, according to the Identity Theft Resource Center's 2026 Trends in Identity Report. This growing multi-layered crisis sees single compromises snowballing into additional incidents across accounts and institutions.

Analyst 207
Dimly lit server room with rows of computer servers and a blurred technician screen.

Hackers Exploit Active Directory Flaw to Harvest Passwords

Storing passwords in Active Directory description fields is a rookie mistake that hackers are eager to exploit, and one hacker did just that with alarming ease. It was disturbingly simple for them to get their hands on sensitive information.

Analyst 207
Elderly man stands somberly in front of a nondescript government building backdrop.

Elder Data Trafficker Draws 10-Year Sentence

A massive data scam that compromised the personal info of over 7 million elderly Americans has landed its mastermind, 57-year-old Troy Murray, a 10-year prison sentence - a major victory in the fight against these heartless crimes. Murray, who went by the alias "Steve Dixon," was found guilty of running a scheme that sold sensitive data, including names, phone numbers, and addresses, to overseas scammers.

Analyst 207
Courthouse interior with judge's bench and computer in foreground.

Romanian Hacker Sentenced for Breaching Oregon Govt Network

A Romanian hacker has been sentenced to 56 months in prison for breaking into Oregon's state emergency-management network, stealing sensitive personal data, and selling it to buyers in the US. Catalin Dragomir, 46, pleaded guilty to aggravated identity theft and computer intrusion charges.

Analyst 207
A dimly lit office cubicle with scattered papers and a hand reaching for a wallet near a laptop and login credentials list.

Employees Willingly Sell Work Credentials

A shocking 13% of employees admit to selling their work logins or knowing someone who has, revealing a surprisingly casual attitude towards protecting sensitive work credentials. This statistic raises serious concerns about workplace security and the vulnerability of company data.

Analyst 207
Computer screen displays OAuth integration interface in a CRM workspace.

OAuth Grants Expose Hidden Attack Vector in Enterprise Workspaces

Unmanaged OAuth grants are a ticking time bomb in enterprise workspaces, with 80% of security leaders recognizing them as a critical or significant risk. A recent attack by threat actor UNC6395 exploited valid OAuth refresh tokens to breach Salesforce environments of over 700 organizations, highlighting the devastating consequences of neglecting OAuth security.

Analyst 207
Government building interior with daylight through tall windows and empty podium.

Pharmacist Indicted for Spying on Co-Workers with Cyber Tools

A pharmacist in Maryland has been indicted for allegedly spying on nearly 200 coworkers and individuals over eight years using cyber tools, breaching trust and violating digital boundaries. Matthew Bathula faces federal charges for unauthorized computer access and aggravated identity theft.

Analyst 207
Loan officer's workspace with laptop and papers, busy banking hall blurred in background.

Fraudsters Target Credit Unions with Structured Loan Scams

Fraudsters are now targeting credit unions with sophisticated loan scams, using stolen identities and social engineering to exploit lending workflows. In fact, auto lending fraud exposure is expected to hit $9.2 billion by 2025, making it a lucrative target for these scammers.

Analyst 207
Residential building with open door and scattered personal items, hinting at vulnerability.

ADT Breach Exposes 5.5 Million in ShinyHunters Hack

A massive data breach at ADT has put 5.5 million people's personal info at risk, including names, phone numbers, addresses, and sensitive details like dates of birth and Social Security numbers. The breach, linked to the ShinyHunters extortion group, has left millions vulnerable to potential identity theft and scams.

Analyst 207
Rows of server racks in a brightly-lit data center with equipment slightly askew, hinting at unauthorized access.

ADT Confirms Cyber Intrusion After ShinyHunters Extortion Attempt

ADT confirmed a cyber intrusion on April 20, swiftly isolating the breach and collaborating with incident responders and law enforcement to contain the damage. The compromised data included sensitive information like names, phone numbers, and addresses, as well as dates of birth and partial Social Security numbers for a smaller subset of individuals.

Analyst 207
Security analyst's desk with multiple monitors displaying alerts, phone, and papers, with blurred office area in background.

Hackers Expose 19M Records in French Government Agency Breach

A recent data breach at France's Agence nationale des titres sécurisés (ANTS) may have compromised 19 million records, but thankfully, no action is required from users - for now. The agency is notifying affected individuals and advising them to stay vigilant for suspicious contacts.

Analyst 207
Dimly lit workstation with computer, papers, and blurred French government office background.

France's ID Agency Probes Breach Claiming 19M Records Stolen

A massive data breach at France's ID agency may have exposed a staggering 19 million records, putting the personal info of nearly a third of the country's population at risk. The breach, detected on April 15, involves the theft of sensitive data, including login IDs, names, email addresses, and dates of birth.

Analyst 207
Young British man in his mid-twenties sits somberly in a formal setting surrounded by law enforcement officials.

Scotland Hacker Pleads Guilty in Scattered Spider Cybercrime Case

Meet Tyler Robert Buchanan, the 24-year-old mastermind behind the notorious Scattered Spider cybercrime gang, who has pleaded guilty to federal charges of conspiracy and identity theft. With a potential 22-year prison sentence looming, Buchanan's guilty plea marks a major win for law enforcement in the fight against cybercrime.

Analyst 207
Person in hoodie with obscured face pleading, surrounded by code and scattered items on a desk.

Scattered Spider Member Pleads Guilty to $8 Million Crypto Heist

A 24-year-old British hacker, Tyler Robert Buchanan, has pleaded guilty to masterminding an $8 million crypto heist as part of the notorious Scattered Spider cybercrime group. His downfall began with a trail of seemingly harmless text messages that ultimately led to his guilty plea.

Analyst 207
Lone figure in hoodie sits at laptop with code on screen, surrounded by symbols of cybercrime.

British Hacker Pleads Guilty to Crypto Theft Charges

A British hacker, allegedly the mastermind behind the notorious Scattered Spider cybercrime collective, has pleaded guilty to wire fraud and aggravated identity theft charges in a US court, dealing a significant blow to the shadowy network. This guilty plea marks a major win for law enforcement and raises important questions about the future of cybercrime and online security.

Analyst 207
Hooded figure sits in dimly lit room surrounded by shattered screens and tangled wires.

Scattered Spider Operative Pleads Guilty to US Federal Charges

In a major breakthrough, Tyler Robert Buchanan, a senior figure in the notorious Scattered Spider cybercrime group, has pleaded guilty to federal charges, bringing an end to his digital crime spree. Buchanan admitted to conspiracy to commit wire fraud and aggravated identity theft in a US federal district court.

Analyst 207
Person in handcuffs stands before dark laptop, shattered phone, and judge's gavel.

DraftKings Hacking Scheme Draws 30-Month Prison Sentence

A 23-year-old man from Memphis, Tennessee, has been sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts, a brazen crime that left countless victims feeling vulnerable and betrayed. The case highlights the growing threat of account-fraud markets, where stolen credentials are bought and sold like commodities.

Analyst 207