Tag: identity theft
331 articles

Microsoft Warns of Device Code Phishing Attacks via Legitimate Website
Beware of device code phishing attacks that can trick you into giving away access to your accounts, even on legitimate websites. Hackers are using a clever tactic that exploits Microsoft's authentication endpoint to steal your credentials.

Card Data Theft Exposes Persistent US Consumer Vulnerability
Nearly half of US consumers are on high alert for card data theft, naming it their top fraud worry. A recent Capco survey found 46% of respondents citing card and card data theft as their biggest concern, beating out identity theft and other financial security threats.

Amazon Fined $2.25M for Withholding Fraud Evidence
Amazon has been fined $2.25 million for allegedly blocking identity-theft victims from accessing records of fraudulent transactions, violating the Fair Credit Reporting Act. The company reportedly told some consumers that they couldn't access the requested records, adding to the frustration of those trying to recover from scams.

Massive Passport Leak Exposes Sensitive Traveler Data
A staggering leak of almost a million passport records from around the world has put sensitive traveler data at risk. The breach, linked to a low-security ID verification system for cannabis dispensaries, exposed passports as a vulnerable weak point in authentication processes.

Fraud Prevention Strategies Target Multiple Elevation Levels
Fraudsters are constantly evolving, and a single-layer defense just won't cut it - that's why IPQS advocates for a layered approach to fraud prevention, because what may seem like a secure transaction to you might be just the tip of the iceberg to a sophisticated scammer. By monitoring at multiple levels, you can stay one step ahead of even the most cunning attackers.

Identity Crimes Evolve into Multi-Layered Fraud Schemes
Identity crimes are no longer standalone incidents, but rather gateways to multiple, simultaneous frauds that can wreak havoc on victims' lives. A staggering 25.6% of victims now face two or more concurrent events, a 23.5% surge from the previous year.

Cyberattacks Expose AI Agents' Vulnerability to Phishing Risks
A staggering 3.3 billion identity records are now circulating on illicit markets, thanks to a whopping 11.1 million devices infected with infostealers last year - a digital threat landscape that's more vulnerable than ever. This alarming trend highlights the urgent need for robust protection against AI agents' vulnerability to phishing risks.

Identity Crime Incidents Multiply for Victims, ITRC Data Reveals
The alarming rise in identity crime incidents is not just about the numbers, but also the disturbing pattern of recurrence, with nearly 26% of victims experiencing multiple concurrent incidents, according to the Identity Theft Resource Center's 2026 Trends in Identity Report. This growing multi-layered crisis sees single compromises snowballing into additional incidents across accounts and institutions.

Hackers Exploit Active Directory Flaw to Harvest Passwords
Storing passwords in Active Directory description fields is a rookie mistake that hackers are eager to exploit, and one hacker did just that with alarming ease. It was disturbingly simple for them to get their hands on sensitive information.

Elder Data Trafficker Draws 10-Year Sentence
A massive data scam that compromised the personal info of over 7 million elderly Americans has landed its mastermind, 57-year-old Troy Murray, a 10-year prison sentence - a major victory in the fight against these heartless crimes. Murray, who went by the alias "Steve Dixon," was found guilty of running a scheme that sold sensitive data, including names, phone numbers, and addresses, to overseas scammers.

Romanian Hacker Sentenced for Breaching Oregon Govt Network
A Romanian hacker has been sentenced to 56 months in prison for breaking into Oregon's state emergency-management network, stealing sensitive personal data, and selling it to buyers in the US. Catalin Dragomir, 46, pleaded guilty to aggravated identity theft and computer intrusion charges.

Employees Willingly Sell Work Credentials
A shocking 13% of employees admit to selling their work logins or knowing someone who has, revealing a surprisingly casual attitude towards protecting sensitive work credentials. This statistic raises serious concerns about workplace security and the vulnerability of company data.

OAuth Grants Expose Hidden Attack Vector in Enterprise Workspaces
Unmanaged OAuth grants are a ticking time bomb in enterprise workspaces, with 80% of security leaders recognizing them as a critical or significant risk. A recent attack by threat actor UNC6395 exploited valid OAuth refresh tokens to breach Salesforce environments of over 700 organizations, highlighting the devastating consequences of neglecting OAuth security.

Pharmacist Indicted for Spying on Co-Workers with Cyber Tools
A pharmacist in Maryland has been indicted for allegedly spying on nearly 200 coworkers and individuals over eight years using cyber tools, breaching trust and violating digital boundaries. Matthew Bathula faces federal charges for unauthorized computer access and aggravated identity theft.

Fraudsters Target Credit Unions with Structured Loan Scams
Fraudsters are now targeting credit unions with sophisticated loan scams, using stolen identities and social engineering to exploit lending workflows. In fact, auto lending fraud exposure is expected to hit $9.2 billion by 2025, making it a lucrative target for these scammers.

ADT Breach Exposes 5.5 Million in ShinyHunters Hack
A massive data breach at ADT has put 5.5 million people's personal info at risk, including names, phone numbers, addresses, and sensitive details like dates of birth and Social Security numbers. The breach, linked to the ShinyHunters extortion group, has left millions vulnerable to potential identity theft and scams.

ADT Confirms Cyber Intrusion After ShinyHunters Extortion Attempt
ADT confirmed a cyber intrusion on April 20, swiftly isolating the breach and collaborating with incident responders and law enforcement to contain the damage. The compromised data included sensitive information like names, phone numbers, and addresses, as well as dates of birth and partial Social Security numbers for a smaller subset of individuals.

Hackers Expose 19M Records in French Government Agency Breach
A recent data breach at France's Agence nationale des titres sécurisés (ANTS) may have compromised 19 million records, but thankfully, no action is required from users - for now. The agency is notifying affected individuals and advising them to stay vigilant for suspicious contacts.

France's ID Agency Probes Breach Claiming 19M Records Stolen
A massive data breach at France's ID agency may have exposed a staggering 19 million records, putting the personal info of nearly a third of the country's population at risk. The breach, detected on April 15, involves the theft of sensitive data, including login IDs, names, email addresses, and dates of birth.

Scotland Hacker Pleads Guilty in Scattered Spider Cybercrime Case
Meet Tyler Robert Buchanan, the 24-year-old mastermind behind the notorious Scattered Spider cybercrime gang, who has pleaded guilty to federal charges of conspiracy and identity theft. With a potential 22-year prison sentence looming, Buchanan's guilty plea marks a major win for law enforcement in the fight against cybercrime.

Scattered Spider Member Pleads Guilty to $8 Million Crypto Heist
A 24-year-old British hacker, Tyler Robert Buchanan, has pleaded guilty to masterminding an $8 million crypto heist as part of the notorious Scattered Spider cybercrime group. His downfall began with a trail of seemingly harmless text messages that ultimately led to his guilty plea.

British Hacker Pleads Guilty to Crypto Theft Charges
A British hacker, allegedly the mastermind behind the notorious Scattered Spider cybercrime collective, has pleaded guilty to wire fraud and aggravated identity theft charges in a US court, dealing a significant blow to the shadowy network. This guilty plea marks a major win for law enforcement and raises important questions about the future of cybercrime and online security.

Scattered Spider Operative Pleads Guilty to US Federal Charges
In a major breakthrough, Tyler Robert Buchanan, a senior figure in the notorious Scattered Spider cybercrime group, has pleaded guilty to federal charges, bringing an end to his digital crime spree. Buchanan admitted to conspiracy to commit wire fraud and aggravated identity theft in a US federal district court.

DraftKings Hacking Scheme Draws 30-Month Prison Sentence
A 23-year-old man from Memphis, Tennessee, has been sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts, a brazen crime that left countless victims feeling vulnerable and betrayed. The case highlights the growing threat of account-fraud markets, where stolen credentials are bought and sold like commodities.