The Master List of 2018 Breaches

/0 Comments/in /by

The Master List of 2018 Breaches

2017 was a record setting year for data breaches, but we might have to call 2018 “The Year of the Breach.”

According to Verizon, there have been more than 2200 data breaches across the globe, and about 68 percent of these breaches were not detected for months. This is not good news for any business or organization.

Here are some of the major breaches of 2018:

Facebook

Facebook is part of the list of 2018 breaches but NOT because of the Cambridge Analytica scandal. Instead, it’s because of the breach that occurred in late September, when about 50 million people had their data exposed. This hack took advantage of vulnerabilities in Facebook’s code, and hackers were able to control the accounts of
users.

Department Store Hacks

Several department stores were also hacked this year including Saks Fifth Avenue and Lord & Taylor, which were hacked in April. These stores had their customer payment cards compromised. Macy’s also was hacked. This time, it was the names and passwords of its customers that hackers obtained.

The Master List of 2018 Data Breaches Hacks Robert Siciliano Safr.me

Fitness Hacks

There were also hacks against fitness companies like Adidas and Under Armour. In the case of Adidas, hackers accessed the data of several million customers. In the case of Under Armour, the hackers targeted the brand’s app, MyFitnessPal, and were able to access the information from about 150 million users. In neither case were Social Security numbers, payment information, nor driver’s license numbers accessed.

Exactis Hack

The biggest hack of the year was also the one that most people don’t even know about. You probably don’t even recognize the name Exactis, but it is a marketing and data aggregation firm. In June, the company leaked the data of more than 340 million Americans. In this case, the company did not secure its database, and this left records
open to anyone who wanted them. Not only were people affected here, but so were businesses. Phone numbers, emails, addresses, and even interests of these people were exposed.

Marriott

Marriott also makes the list of the major breaches of 2018 (but it originated as early as 2014), and in this case, about 500 million people were affected. This hack was done through the Starwood Hotels guest database. It was later realized that the hackers who did this were very likely working for the Chinese government, which was trying to gather intelligence. China has denied being involved in the hack, but experts claim that the methods used in the hack and evidence found all point towards the Chinese government.

Google

There were a few other hacks that are worth mentioning too. Google, for instance, though not technically hacked, did expose data of its users thanks to a security bug. In this case, about 50 million accounts were compromised.

We hope, of course, that lessons were learned in 2018 so that 2019 looks a bit more promising, but as most security professionals know, hackers like to stay one step ahead. So keep your data as safe as possible.

What can you do? Move to Montana, find a cave, live in it. Toss your mobile, PC and credit cards and eat off the land.

Or…

Should You Worry About Contactless Credit Card NFC Skimming

/0 Comments/in , /by

If you have a contactless card, you might have worries about skimming. A contactless card or “frictionless” or “tap and go” is a card that has technology in it that allows payment over secure wireless like Apple Pay, Android Pay etc. Basically, this is where a criminal literally digitally pickpockets you by scanning things like your debit card or passport. What’s scary about this is that anyone can get an app for their phone that will allow them to skim. Is there protection for this? Maybe.

But before you freak out, you probably don’t even have a contactless card. Very few cards deployed in the USA are contactless, so that sleeve you use doesn’t protect you from anything. Now if you are overseas or even in Canada, then look at your card and if there is a WiFi looking logo on there, you have contactless.

The way that the bad guys skim this information is by using RFID, or radio-frequency identification. There are RFID signal jammers out there, but the question is this: do they work and are they necessary?

RFID Signal Blockers

If you put some time into it, you will find a number of RFID signal blockers on the market. Some of these are small and slip right into your wallet. Others are passport sized. There are also RFID signal blocker wallets on the market.

The Test

A blogger recently put these RFID signal blockers to the test…on the London Underground, one of the most crowded places in the world, especially during rush hour. He set up the test by asking one person to place a debit card in their pocket, and then another person used a mobile phone with an RFID signal scanner. The result was that the phone could scan and record the number on the debit card and the expiration date, simply by holding the phone really close to the pocket.

The blogger took the test a step further and tried to block these signals with RFID blocking technology. Even though the experiment was very unscientific, the blogger found that the blocker stopped the skimming.

Protecting Yourself

There are some things you can do to protect yourself from this. First, check your passport. It should have a chip in it. This chip is in all US passport that have been released since 2007. Now, someone can still take information from your passport using RFID skimming, but they have to actually be on the page where the photo is, and it’s pretty rare that they would have access to that.

You can also use a shielding device. They can certainly work, and some people have even found great results by using tinfoil. This will further help to protect your accounts.

Finally, even if you are using an RFID shielding device, make sure that you are checking your statements for anything suspicious. This is especially the case if you often find yourself in crowded places, like the subway.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Murder is a Reminder for Real Estate Agent Safety

/0 Comments/in , /by

911 calls are always chilling, but the one that came from a model home in Maryland recently was extremely distressing.

Instead of the caller speaking into the phone, all the 911 operator heard was heavy breathing. The operator asked what was wrong but got no response…then, a far-off voice said, “Where is the money? Who are you talking to?” This call, which was just made public, lead police to a man who was shot to death and, eventually, to the man accused of his murder.

The body of Steven B. Wilson, a real estate professional, was found in the home, and the suspect, 18-year-old Dillon Augustyniak, was charged with several crimes including murder, theft, armed robbery and the use of a firearm in a violent crime.

Steven B. Wilson Safr.me Maryland Agent Death

Steven Wilson, washingtonpost.com

At this time, Timothy J. Altomare, the Anne Arundel Police Chief, says that he believes robbery was the motive and that the suspect had taken the victim’s laptop and cell phone. Though it is not known how Augustyniak entered the model home, police also said that he only lived about a half mile from the scene.

Local authorities believe that Wilson was placed the 911 call after being shot by teenager Dillon Nicholas Augustyniak. When the operator heard the voice from the background, presumably Augustyniak’s, police and an ambulance were dispatched. There was security footage from the scene that shows the suspect holding a long gun. It was also revealed that Augustyniak had not only stolen Wilson’s cellphone but had given it to another person.

Witnesses also say that Augustyniak was trying to sell his gun, which they believe is the same one that he used to shoot Wilson.

Dillon Nicholas Augustyniak, safr.me

Dillon Augustyniak, wmar2news.com

Police later found an identical firearm in Augustyniak’s home. They also found Wilson’s laptop and cellphone. Augustyniak was taken into custody and is now off the streets, but this does open the opportunity for discussion about real estate agent safety.

It is imperative that agents remain vigilant at all times although there are no specific threats towards them. Though this crime might have been a crime of opportunity, it is certainly not uncommon for criminals to target open houses and other real estate events.

For agents out there, you might want to start thinking seriously about your surroundings when showing houses, and come up with a plan to protect yourself if necessary. This type of crime isn’t extremely common, but it does happen; since most real estate agents work alone, it is important to know what you are up against.

More information here on protection as a real estate agent.