A major data breach at mortgage giant Mr. Cooper compromised the personal data of an astounding 14 million consumers, according to a surprising disclosure. Sensitive data susceptibility in the digital age is a worry raised by the occurrence, which has shocked the cybersecurity world.
Strong cybersecurity procedures in financial institutions are vital, as demonstrated by the breach, confirmed on December 18, 2023, and have significant consequences for the impacted persons. The hackers gained access to Mr. Cooper's networks and took off with a wealth of private information, including social security numbers, names, addresses, and other private information.
Governor Gavin Newsom has enacted the California Delete Act, marking a historic step for data privacy. This law represented a big step towards giving people more control over their personal information and was passed with resounding support from the state government.
The CA Delete Act, also known as Assembly Bill 375, is set to revolutionize the way businesses handle consumer data. It grants Californians the right to request the deletion of their personal information from company databases, putting the power back in the hands of the individual.
The bill's passage is being hailed as a major win for privacy advocates. It signals a shift towards a more consumer-centric approach to data handling. According to Governor Newsom, this legislation represents a critical move towards "putting consumers in the driver’s seat when it comes to their own data."
One of the key provisions of the CA Delete Act is the requirement for businesses to conspicuously display an opt-out option on their websites, allowing users to easily request the deletion of their data. This transparency ensures that consumers are fully aware of their rights and can exercise them effortlessly.
Furthermore, the legislation includes penalties for non-compliance. Businesses that fail to comply with deletion requests within the stipulated timeframe may face fines and other legal consequences. This aspect of the bill emphasizes the seriousness with which California is approaching data privacy.
Industry experts predict that the CA Delete Act could set a precedent for similar legislation on a national and even international scale. As businesses increasingly operate in a globalized digital landscape, the demand for comprehensive data protection measures is becoming paramount.
The significance of the CA Delete Act extends far beyond California's borders. It sends a clear message about the importance of prioritizing individual privacy in the digital age. As Joseph Jerome, a privacy expert, stated, "This law will likely serve as a catalyst for other states to take a harder look at consumer privacy."
Data privacy has advanced significantly thanks to the California Delete Act. Individuals now have the power to manage their personal information, which puts more responsibility and accountability on businesses to be open and honest about how they handle customer data. This historic law is a ray of hope for those defending privacy rights in the digital age since it could influence laws comparable to those around the world.
Fortunately, there are steps you can take to protect your personal financial information from data brokers.
Here are some tips to help you fight back:
1. Monitor your credit reports: Regularly check your credit reports from the three major credit bureaus (Equifax, Experian, and TransUnion) to ensure that there are no unauthorized accounts or inquiries. If you find any suspicious activity, report it immediately.
2. Freeze your credit: Consider placing a security freeze on your credit reports. This will prevent anyone from accessing your credit report without your permission, making it more difficult for identity thieves to open new accounts in your name.
3. Opt-out of data sharing: Many companies share your personal information with third parties for marketing purposes. You can opt-out of this by contacting the company directly and requesting that they stop sharing your information.
4. Use strong passwords: Use strong, unique passwords for all of your online accounts and enable two-factor authentication whenever possible. This will make it more difficult for hackers to access your accounts and steal your personal information.
5. Be cautious when sharing personal information: Be cautious when sharing personal information online or over the phone. Only provide this information when it is absolutely necessary and when you are sure that the person or company requesting it is legitimate.
Protecting your personal financial information from data brokers is important for preventing identity theft and other fraudulent activities.
By following these tips, you can take control of your personal information and keep it safe from prying eyes.
The FBI has issued a warning about a new threat targeting iPhone users - hackers using public charging stations to steal personal data. As the popularity of public charging stations continues to grow, so does the risk of falling victim to this type of cyber attack.
Personal information of more than 20,000 members of the public has been stolen in a data breach at Christchurch City Council's He Puna Taimoana hot pools.
The stolen information consists copies of driver's licenses, rates invoices, passports, utility bills, tenancy agreements, and other council membership cards- all contents given by pool users as residence proof.
The data breach was found on August 24. Pool users were contacted two weeks later- from an email by Nigel Cox, the council's head of recreation and sport.
According to him, they were informed about the hack by a third party who had been contacted by an individual who claims to have accessed and downloaded some files stored on the He Puna Taimoana cloud server.
Following this, Cox has a reason to believe in that the third party who got access and illegally downloaded the files stored on the He Puna Taimoana cloud server is a 'white hat hacker', an actor who compromises computer systems or networks to find vulnerabilities to promote improvement or advancement of the systems and network security.
"The security of your information is Christchurch City Council's upmost priority and we appreciate the need to provide information regarding the breach to you as quickly as possible"
As of now, the customers have not been told what to do, but they can consider their personal information might be a part of the data breach. The email takes users to the He Puna Taimoana website for more details.
Affected users can also contact or email the council. Netsafe chief online safety officer Sean Lyons said "worrying" about the data breach. According to him, passport and driver license copies can be misused for identity theft (in worst case scenarios).
The information from these documents can be used to impersonate someone's identity. He suggests customers to get new passports and drivers license if they are worried about the data breach.
For all the inconvenience it is probably better than the worry of someone out there using your passport number, he says.
Cox said:
At this stage, we have no reason to believe the information has been further disclosed by the third-party actor other than to the third party who has informed us of the breach.
The privacy commissioner has been informed. The council is aware about its duty under the Privacy Act, and the possible effect on customers, and said the council has launched an investigation.
National reports:
Christchurch residents get cheaper tickets to the pools, which opened in 2020, but are required to provide proof of address to get the discount.
The practice doesn't know which ransomware group or data leak site, however, the Russian ransomware group Hive - which was the topic of a recent federal advisor for the healthcare industry- is hinted at in the attack. Hive has been wildly attacking the U.S healthcare sector.
Nerve and gray matter experts Goodman Campbell Brain and Spine, in a data breach report to the attorney general of Maine in July, said a "sophisticated" ransomware attack that compromised its computer network and communications system- which includes phones and e-mails, compromised employees and patients data.
"A healthcare entity informing individuals in a breach notification letter or statement that their information has been potentially listed on the dark web is a highly uncommon level of transparency," reports Bank Info Security.
Once the attack was discovered on May 20, the practice took immediate steps to safeguard its systems and did a forensic analysis and incident response firm. Goodman Campbell also notified the FBI. An inquiry into the case revealed that a malicious third party had acquired info from the practice's systems.
However, the hacker didn't access the electronic medical record system, but accessed patient info and records in other locations in the internal networks, like appointment schedules, insurance eligibility documentation, and referral forms.
Info compromised in the attack includes date of birth, names, telephone number, address, e-mail IDs, medical record number, patient account number, physician name, dates of service, diagnosis and treatment information, insurance info, and social security numbers.
"While we have no indication that the information of any impacted individuals has been used inappropriately as a result of this incident, we do know that some information acquired by the attacker was made available for approximately 10 days on the dark web," says the practice notification.