identity theft | Breaking Cybersecurity News | The Hacker News

22 million Yahoo! Japan's user IDs may have been stolen during an unauthorised attempt to access the administrative system of its Japan portal. " We don't know if the file of 22 million user IDs was leaked or not, but we can't deny the possibility given the volume of traffic between our server and external terminals ", Yahoo said. The information did not include passwords and the kind of data necessary to verify a user's identity or reset passwords, it said, adding that the company had updated its security measures to prevent a repeat of the incident. In 2011, Sony said information such as usernames, passwords and birth dates of more than 100 million people may have been compromised after hackers struck the PlayStation Network and Sony Online Entertainment services. Japan acknowledges that its preventative measures against cyberattacks remain underdeveloped, with the national police agency having announced this month it would launch a team to analyze and combat cyberatt

The Philippine Supreme Court on Tuesday suspended implementation of Republic Act 10175 or the Cybercrime Prevention Act for 120 days, while it decides whether certain provisions violate civil liberties. The law, signed last month, aims to combat Internet crimes such as hacking, identity theft, spamming, cybersex and online child pornography. Human Rights Watch, a human rights monitoring group, hailed reports of the TRO, and called on the tribunal to strike down what it called a "seriously flawed law." Many Facebook and Twitter users, and the portals of several media organisations in the Philippines, have replaced their profile pictures with black screens to protest against the law. Hackers also defaced several government websites in protest. Journalists and citizen groups are protesting because the law also doubles the normal penalty for libel committed online and blocks access to websites deemed to violate the law. They fear such provisions will be used by politicians

For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem installations and controlled networks. Data and applications now reside in distributed cloud environments and data centers, accessed by users and devices connecting from anywhere on the planet. The walls have crumbled, and the perimeter has dissolved, opening the door to a new battlefield: identity . Identity is at the center of what the industry has praised as the new gold standard of enterprise security: "zero trust." In this paradigm, explicit trust becomes mandatory for any interactions between systems, and no implicit trust shall subsist. Every access request, regardless of its origin,

Animosity between neighbors has landed a Minnesota man in serious legal trouble. Vincent Ardolf of Blaine, Minn., is facing decades in prison after pleading guilty to hacking his neighbor's WiFi, distributing child pornography, and threatening the Vice President of the United States. Ardolf halted his trial on December 17 by admitting to these crimes. He confessed to two counts of aggravated identity theft, one count of possession of child pornography, distribution of child pornography, unauthorized access to a protected computer, and making threats against Vice President Joe Biden. Authorities revealed that in February 2009, Ardolf hacked into his neighbor's WiFi and created multiple Yahoo email accounts under his neighbor's name. On May 6, 2009, he used one of these accounts to send an email to Biden's office. The email read: "This is a terrorist threat! Take this seriously. I hate the way you people are spending money you don't have... I'm assigning myself to be judge

CitySights NY, a company that organizes New York City tours on double-decker buses, has experienced a significant data breach. The personal information of 110,000 customers, including names, addresses, email addresses, credit card numbers, expiration dates, and Card Verification Value (CVV2) codes, was stolen. The breach likely occurred on September 26, when attackers used an SQL injection to upload a malicious script to the web server. The intrusion was discovered on October 25 by a web programmer who found the unauthorized script. According to a breach notification letter sent to and published by New Hampshire's attorney general, Twin America, CitySights NY's parent company, confirmed the compromise. In response to the breach, Twin America has taken several steps to enhance data security, including: Changing all administrative-level passwords to more complex ones. Restricting access to the administration panel and server to a few pre-approved IP addresses. Patching scri

Checking the mail in December is typically a pleasant experience, filled with holiday cards and packages. Then comes January. Besides the Christmas bills, mailboxes begin to overflow with W-2s, 1099s, statements from financial institutions, and IRS forms. It's no wonder John Ulzheimer, president of consumer education for Smartcredit.com, calls January the most dangerous month for mail. "January is a high-value month for thieves," he said. It's particularly easy for thieves to dip into someone's mailbox, take the envelopes, and gain all the information needed to steal someone else's identity. How to best protect mail, short of meeting the mail carrier at the mailbox each day, is a significant challenge. You shouldn't stop your mail because many items are time-sensitive. Creating an alternative delivery destination, like a P.O. box, could cause more trouble than it's worth, said Ulzheimer. The first step is to know what tax-related statements you should be receiving. For mos

Nearly 100 law enforcement officers recently witnessed how easily an identity thief can steal electronic information. During a UNLV conference, a cybercrime expert used a $30 device to intercept data from their smartphones. Welcome to the dark side of the 21st century. As technology advances, so do the methods of thieves. They now target computers, phones, ATMs, credit card machines, and any device holding personal information. Identity theft is a severe crime. Criminals can quickly wreak havoc by draining bank accounts, taking out loans, and racking up credit card debts. A victim's credit score can be ruined in no time. As reported by Steve Kanigher in the Las Vegas Sun, Nevada has been a hotspot for identity theft. According to the Federal Trade Commission, Nevada ranked fifth in the nation for identity theft last year. This is an improvement from 2005 when it was second. Metro Police reported 2,063 cases from January to November 13 this year, down from 2,440 during the same

Americans are nearly as likely to be victimized by Internet-based crime as by other forms of nonviolent theft. This perception emerges from a recent survey on crimes committed against individuals and their families. According to a Gallup Poll released Monday, 11% of American adults reported that they or a household member were victims of a computer or Internet crime on their home computers in the past year. This marks an increase from the previous seven years, where the percentage ranged between 6% and 8%. Gallup notes: "At 11 percent, computer/Internet-based crime is edging closer in reported frequency to the most common traditional forms of crime involving nonviolent theft of personal property and vandalism. Further, the increase is an exception in the overall crime picture, in that Americans' victimization reports have been fairly steady over the past several years. Not only has the overall percentage of Americans experiencing any type of crime been fairly flat, but Ameri

Thousands of Social Security numbers have been stolen from the computers of a New York state agency. The Social Security Administration in New York City reports that a subcontractor, who was working for the Office of Temporary Disability Assistance on computer infrastructure upgrades, illegally downloaded approximately 15,000 Social Security numbers. These numbers were taken from computers belonging to private contractors working for the agency, which is responsible for deciding Social Security disability claims. The commissioner of Social Security, Michael Astrue, confirmed that the accused worker has been arrested and is now in the custody of the New York State Police. According to Astrue, the unauthorized download of information occurred in a limited number of cases. However, investigations are ongoing, and the full extent of the damage is still unknown. Individuals whose information was compromised will be notified. They will also be offered free credit monitoring and a special

When Ben Franklin famously wrote, "An ounce of prevention is worth a pound of cure," he wasn't thinking about cybercrime. Yet, in today's world of phishing, shoulder-surfing, and spyware, his advice is more relevant than ever. Unfortunately, some people will take advantage of any opportunity to rip you off. Just as you take precautions when handling cash, you should be vigilant when using credit or debit cards, whether in person or online. Tips for Protecting Your Account Information and Avoiding Payment Card Scams Prevent Online Intrusions Use updated anti-virus and anti-spyware software. Only download information from trusted sites, and don't click on pop-up windows or suspicious links in emails. These can be tricks to install spyware, which can record your keystrokes to steal account or other confidential information. Use Secure Websites When purchasing items online, look for safety symbols like the padlock icon in the browser's status bar, an "s" after "http" in the U

Globalization benefits consumers and businesses but also provides opportunities for organized crime. Many internet criminals join or form organized crime groups, motivated by economic, cultural, or technical reasons. Globally, individuals and mafia groups engage in illegal online activities, often aiming to become wealthy. Australia ranks among the top 10 countries targeted by cybercrime. Recently, Australian credit card holders' personal information was compromised and published on a website originating from Vietnam. Although this might seem like an isolated incident, such occurrences are part of a broader organized cybercrime effort. Cybercriminals sell thousands of pieces of stolen, misappropriated, and sometimes fake credit card information daily. Three primary packages are available: CC Dump: Information from the credit card's magnetic strip. A simple dump costs around US$0.10 (AU$0.09) when bought in large quantities. CC Full Info: Contains all details about a b

Computer security firms and military personnel have issued warnings about certain Facebook features that could compromise both personal and national security. On Thursday, Sophos, a computer security developer, warned that Facebook's new online messaging service could increase users' vulnerability to identity theft. John Leyden of The Register reported that the service, which combines site updates, instant messaging chat, and SMS messages in one place, is an attractive target for cybercriminals. According to Leyden, spammers can easily target accounts, or they can be compromised to create Web 2.0 botnets. "Users need to realize that these new features increase the attack surface on the Facebook platform, making personal accounts more attractive to cybercriminals," said Graham Cluley, Sophos' senior technology consultant, to AFP. "Facebook accounts will now be linked with more people in users' social circles, creating new opportunities for identity fraud

Criminals are posing as IT support staff, calling unsuspecting U.K. internet users to push rogue antivirus software. GetSafeOnline.org reports this as part of their Internet safety week campaign. These scam operations often involve up to 400 people using sales techniques and social engineering to deceive victims. The goal is to obtain credit card information through the sale of rogue antivirus software or gain remote access to the victim's system for future use. Typically, the scam begins with an unexpected call. The caller, pretending to be an IT helpdesk technician, builds rapport with the victim, presenting themselves as trustworthy by using personal information available online. The victim is then questioned about computer problems like slow email or internet browsing. Once the victim admits to an issue, the caller exaggerates the problem and offers a solution for a small fee. The caller might say, "For a small fee, we can install something to fix your system and clean it co

With mobile phones now essentially serving as personal computers, proposed amendments to the Information Technology Act, 2006, specify that transmitting offensive or menacing text, audio, or video can result in two years of imprisonment. This punishment also applies if the content is false and intended to cause annoyance, inconvenience, danger, or insult. Furthermore, using a cellphone to impersonate and cheat someone can lead to five years of imprisonment. The need to define "communication device" in the proposed amendments arose because the current law does not specify which devices fall under this category. The amended IT Act clarifies that a cellphone or a personal digital assistant (PDA) is considered a communication device, allowing legal action accordingly. In light of various scandals over the past two years, including the arrest of a prominent portal's CEO, the government has introduced new cybercrimes under the proposed law. The amended Act, presented to the