Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: ID Theft

Hackers Are Passing Around a Megaleak of 2.2 Billion Records

Wired: “When hackers breached companies like Dropbox and LinkedIn in recent years—stealing 71 million and 117 million passwords, respectively—they at least had the decency to exploit those stolen credentials in secret, or sell them for thousands of dollars on the dark web. Now, it seems, someone has cobbled together those breached databases and many more into a gargantuan, unprecedented collection of 2.2 billion unique usernames and associated passwords and is freely distributing them on hacker forums and torrents, throwing out the private data of a significant fraction of humanity like last year’s phone book…”

  • See the Hasso Plattner Institut – Everyday personal data is stolen in criminal cyber attacks. A large part of the stolen information is subsequently made public on Internet databases, where it serves as the starting point for other illegal activities. With the HPI Identity Leak Checker, it is possible to check whether your email address, along with other personal data (e.g. telephone number, date of birth or address), has been made public on the Internet where it can be misused for malicious purposes.

Cisco 2019 Data Privacy Benchmark Study

Cisco newsroom: “Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments, according to Cisco’s 2019 Data Privacy Benchmark Study. The Study validates the link between good privacy practice and business benefits as respondents report shorter sales delays as well as fewer and less costly data… Continue Reading

(Don’t) Return to Sender: How to Protect Yourself From Email Tracking

EFF: “There are a lot of different ways to track email, and different techniques can lie anywhere on the spectrum from marginally acceptable to atrocious. Responsible tracking should aggregate a minimal amount of anonymous data, similar to page hits: enough to let the sender get a sense of how well their campaign is doing without invading users’… Continue Reading

Security Risks of Government Hacking

Schneider on Security: “Some of us — myself included — have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. They include: Disincentive for vulnerability disclosure Cultivation of a market for surveillance tools Attackers co-opt hacking… Continue Reading

IG Audit finds continues flaws in OPM security of federal employee data

NextGov: “The Office of Personnel Management inspector general again found flaws in the agency’s contracting for the credit monitoring and ID theft services it provides to the more than 21.5 million current, former and prospective federal employees affected by the 2015 data breaches. OPM has gone through two different contracts for post-breach protections. The IG… Continue Reading

Bill Would Establish Cybersecurity Inspections, Impose Mandatory Penalties, and Compensate Consumers for Stolen Data

“United States Senators Elizabeth Warren (D-Mass.) and Mark Warner (D-Va.) today introduced the Data Breach Prevention and Compensation Act to hold large credit reporting agencies (CRAs) – including Equifax – accountable for data breaches involving consumer data. The bill would give the Federal Trade Commission (FTC) more direct supervisory authority over data security at CRAs,… Continue Reading

Equifax data breach fallout – hundreds of class action suits and SEC subpoena

Equifax faces hundreds of class-action lawsuits and an SEC subpoena over the way it handled its data breach “Equifax, the credit reporting firm, is facing more than 240 class-action lawsuits from consumers — in addition to suits from shareholders and financial institutions — over the way it handled a massive data breach that affected 145.5 million Americans. The… Continue Reading

Equifax says it owns all its data about you – really!

Senate Commerce Committee Hearing – Protecting Consumers in the Era of Major Data Breaches – November 8, 2017: “…“Massive data breaches have touched the vast majority of American consumers,” said [Senator John] Thune [R- S.D.]. “When such breaches occur, urgent action is necessary to protect sensitive personal information. This hearing will give the public the… Continue Reading

Business Email Scams: Protecting Your Company’s Information

From the Pennsylvania Department of Banking and Securities, a succinct and very useful Infographic guide: “Business Email Compromise is a cyber threat targeted against businesses, both large and small, that typically involves a con artist targeting employees with access to company financial or sensitive documents. The scammers lead the employees to believe they are a… Continue Reading

EPIC Urges Congress To Hold Equifax Accountable, Update Data Protection Law

“EPIC has sent statements to Congress ahead of hearings in the House and Senate on the Equifax data breach. EPIC underscored the risk to American consumers of data breaches which are increasingly severe. EPIC urged Congress to require prompt data breach notification, data minimization, and privacy enhancing techniques. In 2011 EPIC testified in the House… Continue Reading

Report – Phish For the Future

“This report describes “Phish For The Future,” an advanced persistent spearphishing campaign targeting digital civil liberties activists at Free Press and Fight For the Future. Between July 7th and August 8th of 2017 we observed almost 70 spearphishing attempts against employees of internet freedom NGOs Fight for the Future and Free Press, all coming from… Continue Reading

The Equifax Data Breach: What to Do

FTC – “If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies. Here are the facts, according to Equifax. The breach lasted from mid-May through… Continue Reading