Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Social Security Number. Show all posts
User Privacy
Data Breach Data Leak GMA Social Security Number U.S. Firm User Privacy

Hackers Siphon 340,000 Social Security Numbers From U.S. Consulting Firm

 

Greylock McKinnon Associates (GMA) has discovered a data breach in which hackers gained access to 341,650 Social Security numbers. 

The data breach was disclosed last week on Friday on Maine's government website, where the state issues data breach notifications. In its data breach warning mailed to impacted individuals, GMA stated that it was targeted by an undisclosed cyberattack in May 2023 and "promptly took steps to mitigate the incident." 

GMA provides economic and litigation support to companies and government agencies in the United States, including the Department of Justice, that are involved in civil action. According to their data breach notification, GMA informed affected individuals that their personal information "was obtained by the U.S. Department of Justice ("DOJ") as part of a civil litigation matter" supported by GMA.

The purpose and target of the DOJ's civil litigation are unknown. A Justice Department representative did not return a request for comment. 

GMA stated that individuals that were notified of the data breach are "not the subject of this investigation or the associated litigation matters," adding that the cyberattack "does not impact your current Medicare benefits or coverage.” 

“We consulted with third-party cybersecurity specialists to assist with our response to the incident, and we notified law enforcement and the DOJ. We received confirmation of which individuals’ information was affected and obtained their contact addresses on February 7, 2024,” the firm noted. 

GMA notified victims that "your private and Medicare data was likely affected in this incident," which included names, dates of birth, home addresses, some medical and health insurance information, and Medicare claim numbers, including Social Security numbers.

It remains unknown why GMA took nine months to discover the scope of the incident and notify victims. GMA and its outside legal counsel, Linn Freedman of Robinson & Cole LLP, did not immediately respond to a request for comment.
Read more »
Social Security Number
AT&T Data Breach Data Hacking Mobile Numbers ShinyHunters Social Security Number

AT&T Denies Involvement in Massive Data Leak Impacting 71 Million People

 


AT&T has categorically denied any involvement in a significant data breach affecting approximately 71 million individuals. The leaked data, disseminated by a hacker on a cybercrime forum, allegedly originates from a 2021 breach of the company's systems. Despite assertions made by the hacker, known as ShinyHunters, and subsequent releases by another threat actor named MajorNelson, AT&T maintains its position, asserting that the leaked information did not originate from its infrastructure.

While the authenticity of the entire dataset remains unconfirmed, the verification of some entries suggests potential accuracy. This includes personal data that is not readily accessible for scraping, such as names, addresses, mobile phone numbers, encrypted dates of birth, encrypted social security numbers, and other internal details.

Despite refuting claims of a breach within its systems, AT&T has not provided definitive evidence to support its stance. Speculation persists regarding the involvement of third-party service providers or vendors, with AT&T yet to respond to inquiries seeking clarification on this matter.

While the leaked data purportedly includes sensitive personal information, such as social security numbers and dates of birth, decryption efforts by threat actors have rendered this data accessible. However, the precise origin of the leaked information remains elusive, fueling speculation and concern among affected individuals and cybersecurity experts alike.

For individuals who were AT&T customers before and during 2021, caution is advised, as the leaked data could potentially be exploited in various forms of targeted attacks, including SMS and email phishing, as well as SIM swapping schemes. Users are urged to exercise heightened caution and verify the authenticity of any communications purportedly from AT&T, refraining from disclosing sensitive information without direct confirmation from the company.

As investigations into the origins of the leaked data continue, the implications for affected individuals underscore the importance of robust cybersecurity measures and heightened awareness of potential threats. The incident serves as a telling marker of the ever-present risks associated with the digital realm and the imperative for proactive measures to safeguard personal information.

While AT&T denies any involvement in the data leak, concerns regarding the security and privacy of affected individuals persist. The unprecedented nature of cyber threats necessitates ongoing vigilance and collaborative efforts to combat risks and ensure the protection of personal data in an increasingly interconnected world.


Read more »
Social Security Number
Cyber Security Data data security Investigation IRS Safety Social Security Number

The IRS is Deploying Four Investigators Across the Globe to Combat Cybercrime

 


Starting this summer, the Internal Revenue Service (IRS) intends to dispatch four cybercrime investigators to Australia, Singapore, Colombia, and Germany. These four new jobs indicate a major boost in the IRS's global efforts to combat cybercrime, such as cryptocurrency, decentralized finance, and bitcoin laundering services. 

In recent years, IRS-CI agents have played a key role in investigating crimes on the dark web as part of landmark international operations such as the shutdown of the drug and hacking services marketplace AlphaBay and the arrest of its administrator, the bust of the internet's largest child abuse website, and the takedown of a marketplace for stolen Social Security numbers, among others.

Until now, the IRS has only one cyber investigator abroad, in The Hague, Netherlands, who has been mostly working with Europol since 2021. Guy Ficco, the IRS's executive director for worldwide operations policy and IRS-CI support, initially mentioned the expansion during a panel discussion at the Chainalysis Links conference on April 4.

“Starting really now we’re going to be piloting for additional posts, putting dedicated cyber attaches in Bogota, Colombia, in Frankfurt, Germany, in Singapore, and in Sydney, Australia,” Ficco said. “I think the benefits have been — at least with the Hague and with Europol posts — have been very tangible.”

In an email, IRS spokesperson Carissa Cutrell explained that the four new positions are part of a pilot program that will run for 120 days, from June to September 2023, and are designed "to help combat the use of cryptocurrency, decentralized finance, and mixing services in international financial and tax crimes." Following the 120-day pilot program, the IRS will decide whether to keep the agents in the new countries.

“Success will hinge on the attachés’ ability to work cooperatively and train our foreign law enforcement counterparts, and build leads for criminal investigations,” Cutrell said.

According to Chris Janczewski, a special agent in the IRS-CI Cyber Crimes Unit, expanding the IRS's presence abroad is crucial to expediting foreign investigations.

“The U.S.-based case agent can’t always travel to coordinate with foreign partners on investigative needs and the cyber attaché has to act as the proxy for the case agent,” Janczewski told TechCrunch in an email. “Their expertise on knowing what questions to ask, what evidence can reasonably be obtained, and the impact of any cultural or legal implications.”

Janczewski handled the investigation of the largest dark web child abuse site, Welcome to Video. He is presently the worldwide investigations director of TRM Labs, a blockchain intelligence firm. He explained that depending on the countries with whom the IRS is dealing, there may be different legal methods to gather evidence, "but often informal information in real-time is needed in fast-moving investigations."

“In these situations, it comes down to professional relationships, knowing who to call and what to say,” he said.

Aside from the five cyber investigators, the IRS maintains 11 attaché locations around the world, including Mexico, Canada, Colombia, Panama, Barbados, China, Germany, the Netherlands, the United Kingdom, Australia, and the UAE.

“These partnerships give CI the ability to develop leads for domestic and international investigations with an international nexus. In addition, attachés provide support and direction for investigations with international issues, foreign witnesses, foreign evidence, or execution of sensitive investigative activities in collaboration with our international partners,” the IRS-CI wrote in its 2022 annual report. “Attachés also help uncover emerging schemes perpetrated by promoters, professional enablers, and financial institutions. These entities facilitate tax evasion of federal tax obligations by U.S. taxpayers, as well as other financial crimes.”

Read more »
User Privacy
Data Breach Hackers Social Security Number Unauthorized User Privacy

Data Exposed at County of Tehama, Here's All You Need to Know

As per the announcement made by the County of Tehama in California, a data security breach that allowed unauthorized access to files on its systems was handled. 

The County of Tehama started mailing to individuals whose data may have been linked to the event on November 17, 2022. The County of Tehama is giving free credit monitoring and identity theft prevention services to anybody whose Social Security numbers or driver's licence numbers were involved.

In addition, the organisation opened an investigation and alerted law authorities. After conducting an investigation, the County of Tehama came to the conclusion that between November 18, 2021, and April 9, 2022, an unauthorised person had gained access to its IT network.

Further findings from the inquiry revealed that the unauthorised user had accessed files on the County of Tehama Department of Social Services' computer systems.

A special, toll-free incident response line has also been set up by the County of Tehama to address any queries people may have. Call 855-926-1376 between 6:00 a.m. and 3:30 p.m., Pacific Time, Monday through Friday if anyone has any questions about this incident or thinks their information may have been compromised.

The County of Tehama advises those whose information may have been compromised to stay alert to the danger of fraud by examining their financial account statements and promptly informing their financial institution of any suspicious activity.
 
 
Read more »
User Privacy
Data Breach Hackers. Social Security Number User Privacy

Data Breach at City of Tucson Affected 123,500 Users

The City of Tucson, Arizona, recently announced a data breach that compromised the personal data of more than 125,000 people.

Data breach

A data breach is a scenario in which information is taken from a system without the owner's knowledge or consent. A data breach could happen to a small business or a major corporation.

If related data are among the information stolen, victims and their customers can also sustain financial damages. Malware or hacking attacks are to be blamed for the majority of data breaches.

Violation of user data

Although the event was discovered around May 2022, the city's investigation was not finished until last month.

The city claims that the issue was triggered by compromised network account credentials that gave the hackers access to files containing certain people's personal information in a data breach notice posted on its website. Between May 17 and May 31, the malicious hackers who had access to the network may have stolen or downloaded documents that contained the personal information of 123,513 people. 

The attacker may have had access to the affected people's names and Social Security numbers among other sensitive personal information disclosed during the incident, the City informed those who might have been impacted on September 23. Furthermore, according to letters of notification issued to the affected parties, there is no proof that this personal data has been exploited up to this point.

The city claims that after quickly recognizing the breach, it was able to contain it and make repairs and that it is also taking extra steps to strengthen its cybersecurity. The City is also offering advice to those affected on better defending themselves against fraudulent activities including identity theft and fraud.

The breach notification letters stated, "As part of its ongoing obligations to the security of information under its care, the City is reviewing its current policies and procedures regarding cybersecurity and considering extra measures and safeguards to defend against this sort of event in the future.

In addition, the city said it will provide free credit monitoring services to anyone affected and advice on how to safeguard oneself against fraud and identity theft.



Read more »
User Privacy
Authentication Data Breach Phishing Attacks Social Security Number Students Data User Privacy

Nelnet Servicing breach over 2.5 Million Student Loan Data

A hack on technology services supplier Nelnet Servicing affected more than 2.5 million persons with students with student loan accounts with EdFinancial and the Oklahoma Student Loan Authority. 

The provider claims that hackers accessed its systems without authorization in June and continued to do so through July 22. There have been about 2,501,324 people who were affected by the data breach.

The information that was made public includes full name, place of residence, email address, contact details, and social security number. 

Hackers can exploit the aforementioned data by employing a number of tricks like phishing, social engineering, impersonation, and other tactics. The danger of exposure is amplified because loans are such a delicate subject.

Nelnet informed Edfinancial and OSLA that the attackers initially gained access by taking advantage of a vulnerability in its systems.

Nelnet claims to have stopped the hack as soon as the security vulnerability was discovered, but a later review, which was finished on August 17, 2022, found that some student loan account registration data may have been obtained.

Customers who might be impacted have already been informed by EdFinancial and OSLA, although EdFinancial made it clear that not all of its clients are affected as Nelnet Servicing is not its only technology supplier. 

It has been suggested that people use the free identity theft protection services offered by EdFinancial and OSLA if their data may have been affected by the event. Furthermore, due to the data breach, the provider of technical services could be subject to a class action lawsuit. 

The law firm "Markovits, Stock & DeMarco" yesterday began an inquiry into the possibility of a class action lawsuit due to the magnitude of this data breach occurrence.

According to a letter sent to impacted borrowers, "we urge you to be alert against incidences of identity theft and fraud over the following 24 months, by examining your account statements and keeping an eye on your free credit reports for suspicious activity and to spot errors."

It is advised that those who receive the notices sign up for Experian's IdentityWorks service right once to shield themselves from fraud, and they should also keep a watch for any other incoming correspondence.
Read more »
User Security
Data Data Breach Data Privacy data security Notice Security Social Security Number User Privacy User Security

ATC Healthcare, Community of Hope & The People Concern Disclose Data Breaches

 

ATC Healthcare in New York made a news statement disclosing a breach in December 2021. Their press statement is not as clear or extensive as an updated notice on their website, thus this description is based on the website notice: 

ATC noticed strange behaviour with various staff email accounts on December 22, 2021. The email accounts were accessed without authorisation at various occasions between February 9, 2021, and December 22, 2021, according to the investigation. 

At the time of the incident, the compromised email accounts contained the following data: names, Social Security numbers, driver's licence numbers, financial account information, usernames and passwords, passport numbers, biometric data, medical information, health insurance information, electronic/digital signatures, and employer-assigned identification numbers. 

As is typically the case, investigators were unsure exactly what data had been accessed, thus notifications were made to all individuals who may have been affected. They do not appear to be providing any free services and highlight that there is no conclusive proof that any data was read, copied, or exfiltrated. 

Community of Hope D.C. (COHDC) 

COHDC learnt of a data security problem involving unauthorised access to one of its employees' email accounts on February 7, 2022. According to reports, the issue was uncovered after the account's authorised user saw spam messages being sent from the account. 

An investigation indicated that between January 27 and February 7, 2022, an unauthorised actor may have accessed specific files and data housed within a single Outlook 365 email account. Individuals' Social Security numbers, driver's licence numbers, financial information, health insurance information, and health diagnostic information may have been obtained. COHDC appears to have made arrangements with IDX to assist and serve the individuals affected. The complete notification is available on the COHDC website.   

The People Concern 

The People Concern (TPC) in California discovered that an unauthorised user accessed workers' email accounts on various days between April 6, 2021, and December 9, 2021, however, they do not identify when they initially detected an issue. 

As in previous incidents, investigators were unable to identify whether emails or data in the email accounts were accessed. TPC gathers information on community members and staff such as their name, date of birth, Social Security number, health insurance information, and medical information about the care they may have gotten in one of their programmes. TPC is giving IDX services to people whose SSN or driver's licence information may have been compromised. 

Advocates, Inc. 

Advocates, Inc. in Massachusetts published a news release on June 28. 

"According to the release, on October 1, 2021, Advocates was informed that Advocates' data had been copied from its digital environment by an unauthorized actor. Investigation revealed that an unknown actor gained access to and obtained data from the Advocates network between September 14, 2021, and September 18, 2021. The unauthorized individual was able to acquire personal and protected health information including name, address, Social Security number, date of birth, client identification number, health insurance information, and medical diagnosis or treatment information."

A further look at their website notice suggests that the identification of additional impacted persons was ongoing until June. As they put it:

"Advocates is not aware of any evidence of the misuse of any information potentially involved in this incident. However, beginning on January 3, 2022, Advocates mailed notice of this incident to potentially impacted individuals for which Advocates had identifiable address information. Advocates then worked diligently with experts to review the impacted data set and identify any additional potentially impacted individuals with address information. That process was completed on June 9, 2022, and on June 28, 2022, Advocates provided notice of this incident to those individuals."
Read more »
Social Security Number
Data Breach Healthcare Hacking LAPSUS$ Microsoft NVIDIA Ransomware Threat Samsung Social Security Number

LAPSUS$ Group Targets SuperCare Health

 


SuperCare Health, a California-based respiratory care provider, has revealed a data breach that exposed the personal details of over 300,000 patients. Someone had access to specific systems between July 23 and July 27, 2021. By February 4, the company had assessed the scope of the data breach, learning the attackers had also acquired patient files including sensitive personal information such as:
  • Names, addresses, and birth dates.
  • A medical group or a hospital.
  • Along with health insurance details, a patient's account number and a medical record number are required. 
  • Data about one's health, such as diagnostic and treatment information. 
  • A small number of people's Social Security numbers and driver's license information were also revealed. 

"We have no reason to suspect any information was published, shared, or misused," according to SuperCare Health, but all possibly impacted patients should take extra security precautions to avoid identity theft and fraud. 

On March 25, the company notified all affected customers and implemented extra security steps to prevent the following breaches. The breach has affected 318,379 people, according to the US Department of Health and Human Services. Based on the number of people affected, this is presently among the top 50 healthcare breaches disclosed in the last two years. SuperCare Health further told, "We have reported the event to a Federal Bureau of Investigation and it will cooperate to help us identify and prosecute those involved." 

In the last several months, several healthcare institutions have revealed massive data breaches. Monongalia Health System (400,000 people affected), South Denver Cardiology Associates (287,000 people affected), Norwood Clinic (228,000 people affected), and Broward Health (228,000 people affected) are among the organizations on the list (1.3 million). 

Last week, the Health Department issued an advisory to healthcare groups, warning companies about the impact of a major cybercrime attack by the Lapsus$ cybercrime group. In recent months, the hackers have targeted Samsung, NVIDIA, Vodafone, Ubisoft, Globant, Microsoft, and Okta, among others. The organization takes information, often source code, and threatens to release it unless they are paid.

LAPSUS$ steals confidential information from organizations which have been hacked, then threatens to disclose or publish the information if the requested amount is not paid. The LAPSUS$ extortion ring, on the other hand, has abandoned the typical ransomware strategies of file encryption and computer lockout. 

According to the notice, the Health Department is aware of healthcare institutions which have been hacked as a result of the Okta attack; Okta has verified that more than 300 of its clients have been affected by the breach. In the light of the incident, Police in the United Kingdom have identified and charged several accused members of the Lapsus$ gang.
Read more »
User Security
Cyber Attacks Personal Information SIM Swapping Social Security Number User Security

Another T-Mobile Cyberattack Allegedly Exposed User Information and SIM Cards

 

T-Mobile has been subjected to yet another cyberattack following a big data breach in August. According to documents revealed by The T-Mo Report, attackers gained access to "a small number of" users' accounts this time. The damage appears to be far less serious this time. It appears that just a small percentage of consumers are affected. There is no further information regarding what transpired, with the records just stating that some information was leaked. 

Customers who have been affected fall into one of three categories. First, a client may have only been impacted by a CPNI leak. This information could include the billing account name, phone numbers, the number of lines on the account, account numbers, and rate plan information. That's not ideal, but it's far less damaging than the August incident, which exposed client social security numbers. 

The second category into which an impacted consumer may fall is having their SIM swapped. In order to get control of a phone number, a malicious actor will alter the physical SIM card linked with it. This can and frequently does result in the victim's other online accounts being accessed through two-factor authentication codes supplied to their phone number. According to the document, consumers who were affected by a SIM swap have now had that action reversed. The final category consists of both of the previous two. Customers who were affected may have had their private CPNI accessed as well as their SIM card swapped. 

When it comes to account security, T-Mobile does not have the finest track record. As previously stated, a huge data breach occurred earlier this year in August, exposing information on roughly 50 million users across both post-paid and prepaid accounts. The stolen files contained crucial personal information such as first and last names, dates of birth, Social Security numbers, and driver's licence / ID numbers - the kind of information you could use to open a new account or hijack an existing one. It did not appear to include "phone numbers, account numbers, PINs, or passwords." 

Affected customers, who appear to be few in number, have received letters warning them of the unlawful activity on their accounts. Memos have also been placed on those impacted accounts so that reps may see them when they log in.

"We informed a very small number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed. Unauthorized SIM swaps are unfortunately a common industry-wide occurrence, however, this issue was quickly corrected by our team, using our in-place safeguards, and we proactively took additional protective measures on their behalf," a T-Mobile spokesperson said.
Read more »
United States
Cyber Attacks Nevada Personal Data Social Security Number United States

Cyber-Attack on Dotty’s Exposed Personal Data of Customers

 

Customers' personal data was revealed as a result of a cyber-attack on Dotty's, a fast food and gaming franchise in the United States, according to the company. Dotty's has around 300,000 players in its database and runs 120 gambling locations in Nevada. Nevada Restaurant Services (NRS) owns and operates Dotty's, a fast-food franchise with 175 locations that offers gaming services. On January 16, 2021, malware was detected on "some computer systems." 

The investigation found that “an unauthorized person accessed certain systems” on the NRS network, according to the firm. Furthermore, the company admitted that an unauthorized person copied data from those systems on or before January 16 of this year. The NRS discovered that certain users' data may have been impacted after further examination and analysis. 

NRS examined the impacted data thoroughly to establish what sorts of information were implicated and to whom it was linked. Individuals' names, dates of birth, Social Security numbers, driver's license numbers or state ID numbers, passport numbers, financial account and/or routing numbers, health insurance information, treatment information, biometric data, medical records, and taxpayer identification numbers are just some of the data elements that could be involved. 

NRS sent notice letters to those who had proper mailing addresses and had been recognized as possibly affected. Users have told Vital Vegas that they received a letter from Dotty's regarding the breach, but that they just learned about it lately — months after the alleged assault. 

NRS has put in place security measures to secure its systems and the information it holds, and it has worked to improve its environment's technical protections. Following the event, NRS took urgent steps to protect its systems and undertake a thorough investigation into the issue's entire nature and scope. In addition, the firm provided free access to its “credit monitoring and identity theft restoration services, through IDX.” 

According to NRS, this will give an additional layer of protection for consumers who want to utilize it. With that in mind, the NRS emphasized that customers who wish to engage must do it themselves since the business is unable to do so on their behalf. Finally, the NRS expressed regret for any inconvenience or worry that the data breach event may have caused.
Read more »
User Security
API COVID-19 Data Breach Microsoft Social Security Number User Privacy User Security

38 Million Records Exposed Due to Microsoft Misconfiguration

 

According to experts, some 38 million records from over a thousand web apps that use Microsoft's Power Apps portals platform were left accessible online. Data from COVID-19 contact tracing operations, vaccine registrations, and employee databases, including home addresses, phone numbers, social security numbers, and vaccination status, is believed to have been included in the records. 

Major corporations and organizations were impacted by the incident, including American Airlines, Ford, J.B. Hunt, the Maryland Department of Health, the New York City Municipal Transportation Authority, and New York City public schools. While the data breaches have already been fixed, they demonstrate how a single incorrect configuration setting in a widely used platform can have far-reaching repercussions.  

Customers can use the Power Apps services to easily create their own web and mobile apps. It provides developers with application programming interfaces (APIs) to use with the data they collect. Upguard discovered, however, that accessing those APIs makes data received through Power Apps Portals public by default, necessitating manual reconfiguration to keep the information private. 

In May, researchers from the security firm Upguard began investigating the problem. They discovered that data from several Power Apps portals, which was intended to be secret, was accessible to anyone who knew where to look. According to Upguard, on June 24th, it provided a vulnerability report to the Microsoft Security Resource Center, which included links to Power Apps portal accounts with sensitive data exposed and methods to discover APIs that allowed anonymous data access. 

“The number of accounts exposing sensitive information, however, indicates that the risk of this feature– the likelihood and impact of its misconfiguration– has not been adequately appreciated,” the researchers wrote in the report. “Multiple governmental bodies reported performing security reviews of their apps without identifying this issue, presumably because it has never been adequately publicized as a data security concern before.” 

 On Monday, a Microsoft representative defended the product's security, noting that the firm worked directly with affected users to ensure that their data remained private and that consumers were notified if their data was made publicly available. “Our products provide customers flexibility and privacy features to design scalable solutions that meet a wide variety of needs," a Microsoft spokesperson said in a statement.
Read more »
Social Security Number
Atlas VPN Dark Web Privacy Social Security Number

Latest Research Reports Prices of Your Documents on the Dark Web


Atlas VPN did a new study based on Flash Intelligence Research findings from 2017-2019. The research has revealed the costs of essential goods and services on the dark web. For instance, the Social Security Numbers, which are now out of date and insecure as they are no longer in use, especially after the 2018 Equifax Hack, they are still widely used as a primary proof of identification confirmation. Hackers tend to attack websites that can generate millions of SSNs at once so that all the data is vulnerable to hackers.


Therefore, with millions of SSNs in the open, they are sold up to $4 on the dark web. According to Flashpoint, the following services are available on the dark web along with the SSNs.

These services are divided into four types:


  •  Hacker Services
  •  Forged Documents 
  • Personal Identifiable Information (PII) 
  • Stolen Financial Information 


The PII (personally identifiable information) package, in addition to the SSN for $4, has the victim's Name, Passport No, Driver's License Details, and email id. However, access to Stolen Financial Information costs much more than SSN. According to Atlas VPN, credit cards up to $5k balance costs $10, whereas discredited bank accounts with savings more than $10000 cost $25.

Note: The price also depends on the victim's savings. If the savings go higher, the cost to obtain the details also goes higher. It is because of victims with high credit score accounts are less risky to attack as their banks won't notice it and won't cut it off.

Forged documents top the list in the prices. Physical passports are sold for $3k-$5k on the dark web. According to other reports, a 1-hour DDoS (Distributed Denial of Service allows the servers to shut down or stop working )attack on any bank or government website costs around $165.

How to prevent yourself? 

It is a bit difficult to prevent such attacks, but the users can always follow some rules to secure their account information. These are:

  •  Secure your devices with a password; a pin would be better.
  •  Avoid using public wifis while browsing or downloading apps. 
  • Use 2 step verification
Read more »
Subscribe to: Posts (Atom)