Free Republic

Health insurance giant Blue Shield of California is notifying millions of people of a data breach. The company confirmed on Wednesday that it had been sharing patients’ private health information with tech and advertising giant Google since 2021. The insurer said that the data sharing stopped in January 2024, but it only learned this February that the years-long collection contained patients’ personal and sensitive health information. Blue Shield said it used Google Analytics to track how its customers used its websites, but a misconfiguration had allowed for personal and health information to be collected as well, such as the search...

Nearly every American's Social Security number may have been leaked, with a hacking group claiming they stole nearly 3 billion records of personal information. A massive database containing over 2.7 billion records has reportedly ended up on a criminal forum. These records belong to individuals in the U.S. and were allegedly stolen from National Public Data (NPD). While the accuracy of the leaked data could not be verified, the hackers reportedly obtained sensitive information such as names, mailing addresses and Social Security numbers. The scale of this breach is so vast that if you live in the U.S., it's likely...

The two illegal Jordanian migrants who are charged with trying to breach Marine Corps Base Quantico in May posted thousands of dollars in bail and were allowed to leave federal custody, The Post can exclusively reveal. Hasan Yousef Hamdan, 32, and Mohammad Khair Dabous, 28, were released from Immigration and Customs Enforcement (ICE) detention despite their immigration status — Hamdan had crossed into the country illegally in April and Dabous had overstayed his student visa and is subject to removal proceedings, law enforcement sources told The Post. They were arrested on May 3 for trespassing onto the military installation and...

AT&T suffered a massive data breach that saw data from 'nearly all' of its customers' accounts illegally downloaded, the company has confirmed. The compromised data included records of calls and texts of wireless subscribers and landline customers over a five month period in 2022. AT&T listed it had 110 million wireless customers that year, which would make this hack one of the biggest breaches of private communications data in recent history. Although the exposed data did not include customer names, there are 'publicly available online tools' capable of connecting numbers with people's identities, the company said. AT&T admitted it had...

The Cybersecurity and Infrastructure Security Agency’s (CISA) Chemical Security Assessment Tool (CSAT) was the target of a cybersecurity intrusion by a malicious actor from January 23-26, 2024. While CISA’s investigation found no evidence of exfiltration of data, this intrusion may have resulted in the potential unauthorized access of Top-Screen surveys, Security Vulnerability Assessments, Site Security Plans, Personnel Surety Program (PSP) submissions, and CSAT user accounts. Following the reporting requirements under the Federal Information Security Modernization Act (FISMA), CISA notified participants in the Chemical Facility Anti-Terrorism Standards (CFATS) program about the intrusion and the potentially impacted information. snip CISA was not...

I was just notified by CreditKarma that The Post Millennial [thepostmillennial.com] had a data breach that shared my personal information: The Post Millennial breach Reported on May 2024 In May 2024, The Post Millennial's database was allegedly breached. Even if you don't use your The Post Millennial account anymore, it's important to protect any info that was exposed.

Credential theft is a significant factor in breaches, resulting in 38% of all incidents. Phishing is another route into the enterprise, being associated with 15% of all breaches. The most frequently used entry point for phishing is Web applications, followed by email.The report, which analyses 20,358 security incidents and 10,626 confirmed breaches offered by third-party contributors including the US Secret Service and dozens of other organizations and companies; publicly-known data breaches; and security events mitigated by its own Verizon Threat Research Advisory Center (VTRAC), emphasised the critical role the human element plays in introducing risk into the equation.

State Senate Majority Leader Sonny Borrelli (R-Lake Havasu) and State Senator Wendy Rogers (R-Flagstaff) held a press conference on Wednesday revealing that a cybersecurity expert discovered that voting machine software used in Maricopa County’s elections in 2020 and 2022 was compromised. Borrelli said “there is probable cause” of a crime, and Maricopa County Attorney Rachel Mitchell has been notified. Borrelli said, “A few days ago I received documentation and a sworn declaration by a cybersecurity expert that examined the data from the 2020 and 2022 elections, where it has been determined that the data and the equipment had been altered....

Your personal information may have been leaked in the 'Mother of all Breaches' (MOAB), cybersecurity researchers have warned. Over 26 billion personal records have been exposed, in what researchers believe to be the biggest-ever data leak. Sensitive information from several sites including Twitter, Dropbox, and Linkedin was discovered on an unsecured page. Worryingly, the researchers who found it claim this breach is extremely dangerous and could prompt a tsunami of cybercrime.

A Tennessee-based engineer is being investigated by the Pentagon for a “critical compromise” of communications across 17 Air Force facilities. The unnamed engineer, who hasn’t been formally charged, is alleged to have taken home more than $90,000 worth of government radio technologies and gained “unauthorized administrator access” to the Air Force’s Air Education and Training Command (AETC). The security breach comes just three months after a junior Air National Guardsman allegedly leaked a massive number of classified documents online. Jack Teixeira, although relatively low-ranking, used his top-secret security clearance to post hundreds of Ukraine war documents on the Russians and...

Health-care giant says an unknown party made patient information available on an online forumHCA Healthcare HCA - which operates about 180 hospitals and other health-care facilities, said some patient information, including names, emails and phone numbers, were leaked online. The company said an unknown and unauthorized party made the information available on an online forum. The information includes patients’ names, cities, ZIP codes, emails, phone numbers, service date and more. However, payment information, clinical information and other sensitive information such as social security numbers weren’t leaked. [Snip] The company has disabled user access to the affected storage location as a...

The vendor helps CalPERS identify member deaths and make sure that correct payments go to retirees and their beneficiaries.. The personal information of about 769,000 retired CalPERS members was exposed in a third-party data breach that was reported earlier this month. CalSTRS also said it was impacted by the breach and KCRA 3 is trying to learn how many of its members were impacted. CalPERS, the California Public Employees' Retirement System, is the nation's largest public pension fund. It serves more than 2 million members in its retirement system and more than 1.5 million in its health program. CalSTRS, the...

The Oregon DMV data breach is just the latest in a long list that affects consumers. State officials confirmed the breach had extended to about 90% of the state’s driver’s license and ID card files. Nationally, millions of people have sensitive information, such as login credentials, bank account info and Social Security numbers, floating around the internet just waiting to be exploited. At this point, it’s safe to assume that some of your information is out there. Now it’s a matter of doing what you can to protect yourself and deter malevolent actors from making you a victim of identity...

WASHINGTON (AP) — Members of the House and Senate were informed Wednesday that hackers may have gained access to their sensitive personal data in a breach of a Washington, D.C., health insurance marketplace. Employees of the lawmakers and their families were also affected. DC Health Link confirmed that data on an unspecified number of customers was affected and said it was notifying them and working with law enforcement. Sample stolen data was posted on the site for a dozen apparent customers. It included Social Security numbers, addresses, names of employers, phone numbers, emails and addresses. In an email to all...

The U.S. Marshals Service suffered a major security breach this month when hackers broke into and stole data from a computer system that included a trove of personal information about investigative targets and agency employees... The service, a division of the Justice Department, is responsible for the protection of judges, the transportation of federal prisoners and the operation of the federal witness protection program. The witness protection database was not breached, but hackers did gain access to information about some fugitives sought by federal authorities, according to a senior law enforcement official. Justice Department officials have determined that the breach,...

As the November midterm election draws near, the focus is on voting protocols and tools, especially the voting machines themselves. After the 2020 election, many irregularities in voting were documented across the country, some due to mail-in voting, some due to voting rosters, some due to poll workers, and some due to machines that were somehow hacked or compromised in some way. GPB News reports: “Sensitive voting system passwords posted online. copies of confidential voting software are available for download. Ballot counting machines inspected by people not supposed to have access. The list of suspected security breaches at local election...

Close to 77 million customers were impacted by a massive hack last year. T-Mobile has agreed to a $350 million settlement in a class action suit that alleged it allowed sensitive information from millions of current, past and prospective customers to be stolen by hackers last year. If approved, the deal will be the second-largest data-breach settlement in US history, after Equifax's agreement to pay $700 million in 2019. The mobile carrier has not acknowledged any wrongdoing but in a statement shared with CNET, T-Mobile said it was "pleased to have resolved this consumer class action filing." "Customers are first...

House Intelligence Committee Chairman Adam Schiff (D-CA) tweeted on Wednesday that he did not care how the draft of the Supreme Court opinion on Roe v. Wade leaked — despite it being an unprecedented breach in the Supreme Court’s modern history. “I don’t care how the draft leaked. That’s a sideshow,” he tweeted, in remarks reminiscent of his efforts to protect the identity of the leaker of former President Donald Trump’s classified call with the Ukrainian president.

Okta, the $25 billion market cap company that handles logins for more than 100 million users, today confirmed it suffered a breach in January via a third party customer support provider. But for some customers who spoke to Forbes, the disclosure was too late and too scant with information. Okta’s admittance came after a hacking crew called LAPSUS$, which extorts its targets after stealing their data and often leaks victims’ information in public forums, claimed it had breached the company. LAPSUS$ had previously claimed to have stolen data from major security companies including NVIDIA and Microsoft, leading both to investigate...

WASHINGTON D.C. (KUSI) – The FBI has found little evidence that the Jan. 6th attack on the U.S. Capitol was coordinated on a large scale, according to reports.A source told Reuters that “Ninety to ninety-five percent of these are one-off cases”, while a small percentage came from “militia groups that were more closely organized”.The official said “there was no grand scheme with Roger Stone and Alex Jones and all of these people to storm the Capitol and take hostages.”Reuters reported, “spokespeople for the Justice Department and U.S. Attorney’s office in Washington, which is leading the Jan. 6 prosecutions, declined to...