#identitydocument-theft

[ follow ]
#cybersecurity #data-breach #phishing #data-privacy #privacy #data-protection #cybercrime #social-engineering
US politics
fromArs Technica
9 hours ago

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.
Privacy technologies
fromTNW | Insights
9 hours ago

LinkedIn secretly scans 6,000+ browser extensions and fingerprints your device

LinkedIn's hidden JavaScript routine collects extensive user data without disclosure, raising concerns about covert surveillance practices.
#data-breach
Privacy professionals
fromSilicon Canals
2 days ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Privacy professionals
fromSecurityWeek
2 days ago

T-Mobile Sets the Record Straight on Latest Data Breach Filing

T-Mobile confirmed a data breach was caused by an insider incident affecting only one account with limited information exposed.
Privacy technologies
fromTechCrunch
3 days ago

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.
Privacy professionals
fromSilicon Canals
3 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
Information security
fromTheregister
3 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
Privacy professionals
fromTechCrunch
2 days ago

Telehealth giant Hims & Hers says its customer support system was hacked | TechCrunch

Hims & Hers confirmed a data breach affecting customer support data, including names and contact information, but not medical records.
Privacy professionals
fromSilicon Canals
2 days ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Privacy professionals
fromSecurityWeek
2 days ago

T-Mobile Sets the Record Straight on Latest Data Breach Filing

T-Mobile confirmed a data breach was caused by an insider incident affecting only one account with limited information exposed.
Privacy technologies
fromTechCrunch
3 days ago

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.
Privacy professionals
fromSilicon Canals
3 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
Information security
fromTheregister
3 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
Privacy professionals
fromTechCrunch
2 days ago

Telehealth giant Hims & Hers says its customer support system was hacked | TechCrunch

Hims & Hers confirmed a data breach affecting customer support data, including names and contact information, but not medical records.
more#data-breach
EU data protection
fromEngadget
1 day ago

Ireland is testing out a digital wallet that conducts age verification for social media users

Ireland is trialing a Government Digital Wallet to verify user age for social media access, aiming for user-friendly design before its 2026 EU deadline.
Cryptocurrency
fromnews.bitcoin.com
1 day ago

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.
fromwww.theguardian.com
14 hours ago

Buying a collectible? Beware fakers out to persuade you it's the real deal

Scams involving antiques and collectibles are almost as old as some of the items. But internet sales now mean fraudsters have a much wider audience.
E-Commerce
Europe news
fromwww.theguardian.com
1 day ago

Biometric checks stalled again for cross-Channel travellers

Passengers crossing from the UK to France will not face new biometric checks despite the EU's entry-exit system deadline approaching.
#phishing
Information security
fromSecuritymagazine
5 days ago

Tax Season Means Phishing Season: How Individuals and Businesses Can Protect Themselves

Phishing attacks during tax season have become more sophisticated, leveraging generative AI to impersonate trusted entities like the IRS.
Information security
fromThe Hacker News
4 days ago

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.
Information security
fromThe Hacker News
4 days ago

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.
Privacy professionals
fromSecurityWeek
1 week ago

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Tycoon 2FA continues to operate despite international takedown efforts, facilitating phishing attacks and compromising accounts without alerts.
Information security
fromThe Hacker News
1 week ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.
Information security
fromSecuritymagazine
5 days ago

Tax Season Means Phishing Season: How Individuals and Businesses Can Protect Themselves

Phishing attacks during tax season have become more sophisticated, leveraging generative AI to impersonate trusted entities like the IRS.
Information security
fromThe Hacker News
4 days ago

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.
Information security
fromThe Hacker News
4 days ago

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.
Privacy professionals
fromSecurityWeek
1 week ago

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Tycoon 2FA continues to operate despite international takedown efforts, facilitating phishing attacks and compromising accounts without alerts.
Information security
fromThe Hacker News
1 week ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.
more#phishing
#job-scams
Careers
fromZDNET
1 day ago

FTC reports a surge in $220M job fraud - here's how to vet listings, according to recruiters

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.
fromZDNET
6 days ago
Careers

3 red flags that job posting is a scam - and how to verify safely

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.
Careers
fromZDNET
1 day ago

FTC reports a surge in $220M job fraud - here's how to vet listings, according to recruiters

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.
Careers
fromZDNET
6 days ago

3 red flags that job posting is a scam - and how to verify safely

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.
more#job-scams
Law
fromABA Journal
3 days ago

Sanctions ramping up in cases involving AI hallucinations

Monetary sanctions against attorneys for AI-generated hallucinations in case documents are increasing as courts take these issues more seriously.
#ai
fromFortune
1 day ago
Digital life

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

Privacy technologies
fromComputerWeekly.com
3 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
Digital life
fromFortune
1 day ago

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

AI-generated child sexual abuse material is surging, fundamentally changing targeting methods and overwhelming investigators.
Privacy technologies
fromComputerWeekly.com
3 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
more#ai
#data-privacy
Privacy technologies
fromZDNET
2 weeks ago

My personal data has been leaked several times - this service helped clean it all up

Data removal services like DeleteMe help protect personal information from being sold online after data breaches.
Privacy technologies
fromZDNET
2 weeks ago

My personal data has been leaked several times - this service helped clean it all up

Data removal services like DeleteMe help protect personal information from being sold online after data breaches.
more#data-privacy
Parenting
fromSlate Magazine
2 days ago

My Mom Got a Call That I Was in a Horrific Accident. What She Did Next Can't Be Undone.

Scammers exploit emotional vulnerabilities, making it crucial to educate and protect against future scams.
#openclaw
DevOps
fromInfoWorld
2 days ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
2 days ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
DevOps
fromInfoWorld
2 days ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
2 days ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
more#openclaw
fromSecurityWeek
3 days ago

Linx Security Raises $50 Million for Identity Security and Governance

Linx has built an AI-native platform that maps, monitors, and governs human, non-human, and agentic identities across the entire enterprise environment, relying on real-time detection and automated remediation to reduce identity-related risks.
Venture
NYC politics
fromHoodline
4 days ago

Brooklyn Drivers Slammed With Scam 'Enforcement Action' Texts, NYPD Warns

Brooklyn drivers are targeted by a scam text claiming enforcement action, urging immediate payment to avoid penalties.
UK politics
fromwww.independent.co.uk
6 days ago

Less than one per cent of phone theft cases lead to a criminal charge, figures show

Fewer than 1% of mobile phone thefts lead to charges, with 95% of cases closed by the Met Police without identifying a suspect.
Privacy professionals
fromPCMAG
9 hours ago

Use Perplexity? Lawsuit Accuses It of Sharing Personal Data With Google and Meta Without Permission

Perplexity faces a lawsuit for allegedly sharing user data with Google and Meta without consent, violating privacy rights.
#cybersecurity
fromTechCrunch
2 days ago
EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

fromTNW | Eu
1 day ago
Information security

European Commission breached after hackers poisoned open-source security tool Trivy

Information security
fromThe Hacker News
3 days ago

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.
Information security
fromSecurityWeek
3 days ago

Cybersecurity M&A Roundup: 38 Deals Announced in March 2026

Thirty-eight cybersecurity-related M&A deals were announced in March 2026, including significant acquisitions by Airbus, AppViewX, Cellebrite, and Databricks.
EU data protection
fromSecurityWeek
1 day ago

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.
EU data protection
fromTechCrunch
2 days ago

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.
Information security
fromTNW | Eu
1 day ago

European Commission breached after hackers poisoned open-source security tool Trivy

A major data breach at the European Commission was caused by TeamPCP exploiting a supply chain attack on the Trivy security tool.
Information security
fromThe Hacker News
3 days ago

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.
Information security
fromSecurityWeek
3 days ago

Cybersecurity M&A Roundup: 38 Deals Announced in March 2026

Thirty-eight cybersecurity-related M&A deals were announced in March 2026, including significant acquisitions by Airbus, AppViewX, Cellebrite, and Databricks.
more#cybersecurity
fromComputerworld
2 days ago

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
Information security
US politics
fromwww.npr.org
2 days ago

As DOJ prepares to share state voter data with DHS, a key privacy officer resigns

The DOJ is acquiring sensitive voter registration data, raising privacy concerns, as a key privacy officer resigns amid ongoing legal challenges.
#generative-ai
Privacy technologies
fromNextgov.com
2 weeks ago

New methods for assuring digital identity and authenticity

Generative AI is transforming content creation, increasing the need for reliable identity verification and authenticity in digital media.
Digital life
fromBig Think
5 days ago

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.
Privacy technologies
fromNextgov.com
2 weeks ago

New methods for assuring digital identity and authenticity

Generative AI is transforming content creation, increasing the need for reliable identity verification and authenticity in digital media.
more#generative-ai
Privacy professionals
fromSilicon Canals
2 days ago

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.
#privacy
Privacy professionals
fromBanray
4 days ago

BanRay.eu - Your face is not inventory

Meta's camera-equipped glasses compromise privacy by recording individuals without consent, turning them into data for AI training.
Privacy professionals
fromBanray
4 days ago

BanRay.eu - Your face is not inventory

Meta's camera-equipped glasses compromise privacy by recording individuals without consent, turning them into data for AI training.
more#privacy
US politics
fromTechCrunch
3 days ago

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.
Relationships
fromSlate Magazine
2 weeks ago

My Husband's Fear of Identity Theft Is Making Our House Unlivable

Pre-approved credit card offers contain insufficient information for identity theft; shredding all junk mail is unnecessary, though tearing by hand adds minimal extra security.
Privacy professionals
fromZDNET
2 days ago

I turned to PrivacyBee to clean up my data - here's how it made me disappear

PrivacyBee is preferred for its comprehensive data removal services and user-friendly management tools.
Information security
fromInfoWorld
2 days ago

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

TeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.
Information security
fromWIRED
1 day ago

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.
EU data protection
fromSecurityWeek
6 days ago

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.
fromWIRED
2 days ago

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The public Quizlet set contained information about alleged codes for specific facility entrances. 'Checkpoint doors code?' asked one card, with a specific four-digit combination listed in response.
Privacy professionals
Information security
fromSecurityWeek
2 days ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
Privacy professionals
fromNextgov.com
2 days ago

Suspected Chinese breach of FBI system exposed surveillance targets' phone numbers

A breach linked to China exposed phone numbers of FBI surveillance targets, raising concerns about counterintelligence risks.
Information security
fromSecurityWeek
5 days ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.
Privacy professionals
fromThe Verge
3 days ago

Pinterest said he violated laid-off colleagues' privacy. Now he's going public

A former Pinterest engineer claims he was unjustly fired for sharing a tool that revealed employee layoffs.
Information security
fromSecurityWeek
5 days ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.
Privacy professionals
fromTechCrunch
4 days ago

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.
Privacy professionals
fromHer Campus
5 days ago

Who's Watching The Watchers? AI, Age Verification, And Online Privacy

Parents are increasingly concerned about children's exposure to harmful online content despite regulations like CIPA and platforms like YouTube Kids.
Privacy professionals
fromThe Verge
5 days ago

OkCupid settles claims it shared user photos with a facial recognition company

OkCupid settled FTC claims for sharing user photos without consent, promising to avoid future misrepresentations about data policies.
Information security
fromnews.bitcoin.com
5 days ago

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.
#cybercrime
Privacy professionals
fromthenextweb.com
4 weeks ago

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.
Privacy professionals
fromthenextweb.com
4 weeks ago

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.
more#cybercrime
Privacy professionals
fromMedCity News
2 weeks ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.
Information security
fromComputerworld
1 week ago

What IT leaders need to know about AI-fueled death fraud

AI-generated fake death certificates pose significant risks for businesses by enabling fraudsters to exploit customer accounts and data.
Privacy professionals
fromTheregister
2 weeks ago

Age verification isn't sage verification inside OSes

California's Digital Age Assurance Act attempts age verification for minors but is vague, incoherent, and creates liability risks without clearly defining compliance requirements or addressing practical implementation across diverse computing devices.
Privacy professionals
fromWIRED
3 weeks ago

Do You Need an Identity Protection Service for Safe Browsing?

Identity theft protection services function as insurance products offering reactive compensation for damages rather than active prevention, with coverage details and sub-benefit caps critically affecting actual protection value.
Information security
fromTechzine Global
2 weeks ago

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.
Information security
fromSecurityWeek
3 weeks ago

SIM Swaps Expose a Critical Flaw in Identity Security

SIM swap attacks exploit structural weaknesses in mobile-based identity verification, allowing criminals to intercept authentication codes and take over accounts by transferring victims' phone numbers to attacker-controlled SIM cards.
Privacy professionals
fromWIRED
1 month ago

Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses

Congressional Democrats identified $20.9 billion in consumer losses from identity theft linked to four major data broker breaches, with one company refusing to improve opt-out accessibility.
Information security
fromThe Hacker News
1 month ago

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Many Windows authentication paths bypass MFA protections, allowing attackers to compromise networks using valid credentials despite MFA deployment on cloud applications.
Information security
fromComputerworld
1 month ago

OAuth phishers make 'check where the link points' advice ineffective

Attackers use phishing emails with malicious OAuth links containing broken parameters to redirect users to attacker-controlled destinations through legitimate identity providers.
Information security
fromTheregister
1 month ago

Every day in every way, passwords are getting worse

Passwords remain ubiquitous, aging and increasingly vulnerable due to implementation flaws, password manager weaknesses, and AI-related risks.
Information security
fromSecuritymagazine
2 months ago

What You Need to Know About the New LinkedIn Phishing Scheme

Attackers post LinkedIn-style comments claiming account restrictions to trick users into clicking lnkd.in links that lead to credential-harvesting pages.
fromThe Hacker News
2 months ago

Password Reuse in Disguise: An Often-Missed Risky Workaround

Near-identical password reuse occurs when users make small, predictable changes to an existing password rather than creating a completely new one. While these changes satisfy formal password rules, they do little to reduce real-world exposure. Here are some classic examples: Adding or changing a number Summer2023! → Summer2024! Appending a character Swapping symbols or capitalization Welcome! → Welcome? AdminPass → adminpass Another common scenario occurs when organizations issue a standard starter password to new employees, and instead of replacing it entirely, users make incremental changes over time to remain compliant.
Information security
Information security
fromTechzine Global
2 months ago

Number of phishing attacks doubles in one year

Phishing kits and phishing-as-a-service expanded in 2025, enabling less skilled attackers and leveraging AI-generated messages and QR-based quishing to increase realism and bypass defenses.
[ Load more ]