Free Republic

An allegedly stolen Wattpad database containing 270 million records were being sold in private sales for over $100,000. Now it is being offered for free on hacker forums. Watthpad is a web site that allows members to publish user-generated stories on a variety of different topics. The site is immensely popular and is ranked as the the 150th most visited site worldwide. Since July 7th, BleepingComputer has been tracking the rumored private sale of a Wattpad database containing over 200 million records. In an anonymous tip, BleepingComputer was told that this database was being sold by Shiny Hunters, a group...

SPRINGFIELD – The Illinois Department of Employment Security has confirmed that a new online portal that processes claims for federal Pandemic Unemployment Assistance briefly allowed public access to applicants’ personal information including Social Security numbers. The PUA system, which went online May 11, is a federal program that provides unemployment benefits to gig workers and other independent contractors who are not normally covered by regular unemployment insurance. The data breach was first made public Saturday when state Rep. Terri Bryant, a Murphysboro Republican, said in a news release that she had been alerted to the issue by a constituent the...

Marriott said Tuesday approximately 5.2 million guests worldwide may have been affected. The information taken may have included names, addresses, phone numbers, birthdays, loyalty information for linked companies like airlines and room preferences. Marriott said it’s still investigating but it doesn’t believe credit card information, passport numbers or driver’s license information was accessed.-- excerpted per copyright list --

The website for an election app used by Prime Minister Benjamin Netanyahu’s party made it possible to view full names, addresses, identity card numbers and more. A software flaw exposed the personal data of every eligible voter in Israel — including full names, addresses and identity card numbers for 6.5 million people — raising concerns about identity theft and electoral manipulation, three weeks before the country’s national election.The security lapse was tied to a mobile app used by Prime Minister Benjamin Netanyahu and his Likud party to communicate with voters, offering news and information about the March 2 election. Until...

A new report reveals that 250 million Microsoft customer records, spanning 14 years, have been exposed online without password protection. Microsoft has been in the news for, mostly, the wrong reasons recently. There is the Internet Explorer zero-day vulnerability that Microsoft hasn't issued a patch for, despite it being actively exploited. That came just days after the U.S. Government issued a critical Windows 10 update now alert concerning the "extraordinarily serious" curveball crypto vulnerability. Now a newly published report, has revealed that 250 million Microsoft customer records, spanning an incredible 14 years in all, have been exposed online in a...

Convenience store chain Wawa announced a massive data breach that potentially compromised "customer payment card information" at all Wawa locations for approximately nine months. The data breach could impact debit and credit card numbers, expiration dates and cardholder names, Wawa announced Thursday. PIN numbers, CVV2 numbers (the three or four digit security codes on most credit cards) and driver's license information were not impacted, the company said. The company said it discovered the malware in Wawa payment processing servers on Dec. 10 and had the issue contained two days later, but that the malware may have been running since March...

The records of hundreds of millions Facebook users was discovered in a online forum on the dark web. The unsecure database contained the IDs, phone numbers and full names of 267 million users, most of which reside in the US. Although it is not yet clear how the sensitive information was exposed, experts speculate the database was compiled through an illegal process called ‘scraping’ – automated bots copied public information from Facebook profiles. Access to the database has since been removed, however, the recorders were available online for two weeks before the leak was discovered.

On Monday, Equifax settled with the US Federal Trade Commission over its 2017 data breach, which affected 147 million Americans. The settlement of up to $700 million includes as much as $425 million for individual compensation. With so many Americans affected, it's very likely you could qualify for some form of compensation as a result of the settlement. And with so many names, addresses, birthdates and Social Security numbers leaked, you could still be at long-term risk for identity theft.

In September of 2017, Equifax announced it experienced a data breach, which impacted the personal information of approximately 147 million people. A federal court is considering a proposed class action settlement submitted on July 22, 2019, that, if approved by the Court, would resolve lawsuits brought by consumers after the data breach. Equifax denies any wrongdoing, and no judgment or finding of wrongdoing has been made.

[full title] Equifax owes you a lot more, but here’s how to get $125 from this week’s settlement The US credit reporting agency Equifax settled earlier this week with the Federal Trade Commission over the massive 2017 data breach that exposed hundreds of millions of Americans’ Social Security numbers and other sensitive data. Now, you can finally file a claim to collect on the $700 million settlement, which contains a $380,500,000 consumer restitution fund, as part of the class action lawsuit. The FTC this morning posted the claim website, where you can both check if you were affected by the...

USAToday Article.Link Only 

Equifax will pay up to a record $650million to settle US federal and state probes into a massive 2017 data breach of personal information, authorities said on Monday. The largest-ever settlement for a data breach draws to a close multiple probes into Equifax by the Federal Trade Commission, the Consumer Financial Protection Board (CFPB) and nearly all state attorneys general. It also resolves pending class-action lawsuits against the company. 'This company´s ineptitude, negligence, and lax security standards endangered the identities of half the US population,' New York Attorney General Letitia James said in a statement.

Multiple government agencies are relying on a security measure that can be easily bypassed thanks to massive breaches like the Equifax hack, the US Government Accountability Office has found. In a report released Friday, the government watchdog group found that the US Postal Service, the Department of Veterans Affairs, the Social Security Administration and the Centers for Medicare and Medicaid Services have still been using "Knowledge-Based Verification" to make sure people who apply for benefits online are authentic. This verification method asked applicants questions like their date of birth, Social Security numbers and addresses, assuming that only the applicant would...

The clinical laboratory company said in a release that an "unauthorized user" gained access to a system used by American Medical Collection Agency (AMCA), a billing vendor hired by a Quest contractor called Optum360. Quest said the information that may have been exposed included Social Security numbers and medical information, but not test results. AMCA first notified Quest on May 14 of "potential unauthorized activity" on its payment page, Quest said. Two weeks later, according to Quest, AMCA then told Quest and Optum360 more about the breach, including the number of patients potentially affected and what information was accessed. Quest...

“Collection #1" is the largest public data breach by volume, with 772,904,991 unique emails and 21,222,975 unique passwords exposed. ...12,000 separate files and 87GB of data had been uploaded to MEGA, a popular cloud service. The data was then posted to a popular hacking forum and appears to be an amalgamation of over 2,000 databases. The troubling thing is the databases contain “dehashed” passwords, which means the methods used to scramble those passwords into unreadable strings has been cracked, fully exposing the passwords. So what does this mean for the average person? According to Hunt, it means compromised email and...

Marriott International said early Friday that data on roughly 500 million customers staying at Starwood hotel properties had been compromised in a breach that gave unknown attackers access to the Starwood network since 2014. The company said it has not finished identifying duplicate information in the database, but believes it contains information on up to approximately 500 million guests who made a reservation at a Starwood property. The hotel giant said that on September 8, 2018, it received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. The company said it “quickly...

Marriott says its guest reservation system has been hacked, potentially exposing the personal information of approximately 500 million guests. The hotel chain said Friday the hack affects its Starwood reservation database, a group of hotels it bought in 2016 that includes the St. Regis, Westin, Sheraton and W Hotels. Marriott said hackers had gained "unauthorized access" to the Starwood reservation system since 2014, but the company only identified the issue last week. "The company recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it," Marriott said in a statement. For 327 million people,...

Amazon has suffered a data breach, just days before its Black Friday extravaganza kicks off. In an email sent to customers, including security guru Graham Cluley (below), Amazon fessed up to the data breach, warning that the company "inadvertently disclosed your name and email address due to a technical error." "This is not a result of anything you have done, and there is no need for you to change your password or take any other action," the email concludes.

Ian Kar, a New York-based product manager who was sent the scammy email... said he was pretty sure his password was included in one of the big leaks in the past few years — databases have been stolen from LinkedIn, Yahoo, and eBay, for example. You can check whether your password is in one of these leaked databases over at the website Have I Been Pwned. Basically, the attackers don't actually have video of you or access to your contacts, and they haven't been able to install malicious code on your computer. In reality, they're taking a password from a...

In a filing on Monday with the Securities and Exchange Commission which was provided to congressional committees, the exact scope of the Equifax data breach was revealed. Just how much personal data was exposed in the Equifax breach of 2017? The sensitive, personally identifiable information of the Equifax breach contained: 146.6 million birthdays 145.5 million Social Security numbers were compromised 99 million addresses 27.3 million gender identifications 20.3 million phone numbers 17.6 million driver’s license numbers 1.8 million email addresses 200,000 credit card numbers and expiration dates