Tag Archives: sex

Breach Brief – IRS Data Breach, Ashley Madison Update

August 24, 2015 

IRS Breach

IRS_LogoThe Internal Revenue Service (IRS) widened the scope of the breach first announced in May. The government agency is saying that as many as 390,000 taxpayers are now at risk. The hack was centered around the IRS’ Get Transcript system.

The IRS suspended the Get Transcript online service in May. The service was intended to simplify how taxpayers retrieve their tax records, review their tax account transactions, get line-by-line tax return information or wage and income reported to the IRS for a specific tax year.  Hackers circumvented the Get Transcript’s authentication safeguards and are believed to have gained access to taxpayer information, including Social Security numbers.

According to an August 17th statement the IRS stepped up its investigation of the breach. A deeper review of the compromised system included analyzing over 23 million system uses, including the 2015 filing season. Investigators were looking for suspicious activities and identified “more questionable attempts” to obtain taxpayer records through the Web application.

No details were provided on how the agency uncovered the additional taxpayer account breaches. But it is believed that the hackers were very skillful and probably covered their tracks to make it more made it difficult for the tax agency to quickly assess the extent of the breach.

Update-Ashley Madison Breach

ashley-madison-hed-2014Hackers who stole profile and customer data from Ashley Madison have released the data online. According to multiple reports a 10GB file of customer’s personal data including email addresses, member profiles and transaction data is now available online. Some reports say as many as 32 million customer’s information was released including one million UK civil servants, U.S. officials, members of the U.S. armed forces and top executives at European and North American corporations. There already reports of blackmail and divorce petitions because of the data release.

Impact Team, the hacker group claiming credit for the data theft,  released the data after Avid Life Media, which owns Ashley Madison and Established Men failed to meet demands that they permanently shut the sites down down. Cougar Life, another Avid Life Media site, was not mentioned and seems to be unaffected.

Additional information;

The Blackmail of Ashley Customer Has Already Begun

People are already starting divorce proceedings because of the Ashley Madison leak.

After the devastating hack, these lawsuits are threatening to wipe Ashley Madison out altogether.

A chart made from the leaked Ashley Madison data reveals which states in the US like to cheat the most.

The Pentagon Is Investigating the Ashley Madison Leak.

How to check if an account was exposed in the Ashley Madison hack

August 4, 2015

United Airlines

united_continental_logo_detAccording to Bloomberg Business United Airlines has reported that it’s customer flight records have been lost to a data breach.

The breach was detected in May or June of this year and involved flight manifests. Chinese hackers are suspected. These same Chinese hackers are suspected of stealing more than twenty million OPM records. Experts believe that Chinese intelligence is constructing a massive database.

United Airlines is one of the government’s largest contractors. It is believed that the stolen data contains vast amounts of information on military and government officials and federal employee’s travel.

Experts have also questioned a possible connection between the hack and the computer glitch that caused flight delays on July 8th. Evidence from the investigation reveal that hackers may have been inside United’s computers for months.

A spokesman for United Airlines declined to confirm that a breach occurred and insisted that customer’s private data is safe.

One of the major concerns is that hackers, tinkering with sensitive systems, could accidently or deliberately, cause massive flight delays or even cripple a major airline causing nationwide and potentially global aviation gridlock. Another concern is backdoors left inside computer networks that allow hackers back in at will.

United spokesman Luke Punzenberger said of customer information that United “would abide by notification requirements if the situation warranted.”

Medical Informatics Engineering

mielogolargeA data breach at Medical Informatics Engineering has compromised the data of over 3.9 million people nationwide. According MIE the information loss includes names, phone numbers, mailing addresses, user names, hashed passwords, security questions and answers, email addresses, birthdates, Social Security numbers, lab results, health insurance policy information, diagnoses, disability codes, doctors’ names, medical conditions, and spouses’ and childrens’ names and birthdates.

MIE creates electronic medical records software for health care providers and the result of the breach could impact as many as 11 healthcare providers including local, national and the federal government.

According to the company the hackers had access to the MIE servers for three weeks and have stolen the information to sell on the black market. Experts suspect the theft was likely and inside job.

MIE has reported the breach to the FBI Cyber squad and said the investigation into the security breach is ongoing. MIE  is offering free credit monitoring and identity theft protection. The company has established a toll free hotline available Monday-Friday 9:00AM-9:00PM EST at (866) 328-1987.

 July 28, 2015

Experian

ExperianLogo

Experian Credit Reporting Services is the target of a class action lawsuit filed in California. The amount is to be determined. According to the suit Experian was negligent and violated consumer protection laws because it failed to realize that for nearly a year a customer of it’s data brokerage subsidiary, Court Ventures, was actually a criminal gang specializing in selling consumer data to identity thieves. Experian purchased Court Vnetures in 2012.

The leader of the identity theft ring was sentenced to 13 years in prison last week in New Hampshire. Hieu Minh Ngo accessed as many as 200 million consumer records by posing as a private investigator based in the United States.

According to the government Ngo collected nearly $2 million from his scheme. The IRS has confirmed that 13,673 U.S. citizens had their personal information stolen and sold on Ngo’s websites Superget.info and Findget.me. The stolen identities were used to file over $65 million dollars in fraudulent tax returns.

Plaintiffs in the case have asked the court to compel Experian to notify all consumers affected by the breach, provide free credit monitoring services, turn over all profits made as a result of the Ngo relationship and to establish a fund to reimburse victims for the time and expenses of fighting fraud and correcting identity theft caused by customers of Ngo’s ID theft service.

U.S Census Bureau

2000px-Census_Bureau_seal.svgThe U.S. Census Bureau reported a data breach early last week. In a written statement released on Friday Census Bureau Director John H. Thompson said a database belonging to the Federal Audit Clearinghouse had been attacked. The FAC collects audit reports from the government agencies and other organizations spending federal money. 

According to Thompson the information included the names of people who submitted information, addresses, phone numbers, user names and other data. According the Bureau no household or business data was lost.

In the statement Thompson wrote that the intruders accessed the database through a configuration setting on an external IT system. That system is separate from the Census Bureau internal systems that stores census data.

In the statement Thompson went to say, “Over the last three days, we have seen no indication that there was any access to internal systems.”

The attack was apparently in protest of the Trans-Pacific Partnership and the Transatlantic Trade and Investment Partnership. Both are pending trade agreements that have been widely criticized. A group calling itself Anonymous Operations claimed credit for the breach and posted a link on Twitter to four of the stolen files.

July 20, 2015

Ashley Madison

ashley-madison-hed-2014A hacking group calling itself the Impact Team has hacked into the sex hookup website AshleyMadison.com.

According to Krebsonsecurity.com massive caches of customer and company data have been stolen and posted online. The group claims to have totally penetrated the company’s networks taking control of the company’s customer database of 37 millon users, financial records and other proprietary information. As a website dedicated to cheating spouses the damage could go well beyond lost data.

Avid Life Media, which in addition to Ashley Madison also owns hookup sites CougarLife.com and EstablishedMen.com, was attacked in retaliation for lying to customers. According to the Impact Team hackers ALM advertised to customers  a service allowing members to completely erase their profile information for a $19 fee. According to the hackers the company is not fully deleting user’s information including personally identifiable information, user’s purchase details and real name and address.

The hackers have demanded that Ashley Madison and Established Men websites be taken down immediately and permanently or more information will be released online.  The hackers are threatening to release customer records, including profiles with their secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.

Avid Life Media CEO Noel Biderman believes the attack maybe the work of one or more persons, possibly an employee or contractor, who had legitimate access to the company’s network.

July 18, 2015

CVSPhoto.com, Costocophotocenter.com, RiteAid Photo, Sams Club, Walgreens & Tesco

CVS PhotoPNI Digital Media  is a third party vendor that handles transactions for these retailers according to KrebsOn Security.com PNI has suffered a data breach of unknown size. But it is known that customer payment information has been compromised.

Neither PNI nor any of the retailers connected with the breach have said much only saying that more information will be released as it becomes available. CVSPhoto.com took down its photo site and posted an announcement indicating an investigation is under way and that other CVS sites such as it’s pharmacy were unaffected by the breach. CVS has asked customers who used the photo service to check and monitor their card statements for suspicious activity or transactions. If anything looks strange they are to contact their bank or card company immediately to report it.

Costcophotocenter.com and RiteAid photo also took their sites down.

UCLA Health

UCLA Health has confirmed health information for as many as 4 million individuals has been exposed as a result of a data breach that may have began last September. The FBI is investigating and UCLA has hired a private forensics experts to beef up the security on it’s servers.

According to a UCLA Health statement released on Friday “criminal hackers” hacked into parts of the organization’s computer network containing personal and medical information.

UCLA Health began investigating suspicious activity on its networks in October of 2014. At the time they  did not believe the attackers gained access to areas of the network containing personal and medical information.

“As part of that ongoing investigation, on May 5, 2015, UCLA Health determined that the attackers had accessed parts of the network that contain personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information. Based on the continuing investigation, it appears that the attackers may have had access to these parts of the network as early as September 2014. We continue to investigate this matter.”

Office of Personnel Management

Even though OPM suffered a data breach and the loss of information of 24 million Americans the government still has not notified those invividuals. Its been two months.

Officials from multiple agencies familiar with the investigation say that OPM is working with other agencies to set up a system to inform the victims.

An OPM official, who wishes to remain anonymous, said that because of the complicated nature of the data and movement of contract and federal employees it would be weeks before a mechanism was in place.

According to the official the government is attempting to establish a central notification system rather than rely on separate agencies to make notifications. An outside contractor  is being considered for the task but OPM has not yet asked for bids for the job.

July 16, 2015

OPM Data Breach

An interagenOPM Sealcy task force investigating April’s OPM hacking has determined with “high confidence” that as many as 21.5 million people had their personal information stolen. This includes social security numbers .

The Office of Personnel Management updated its website last Thursday with the startling new information.

According to the OPM 4.2 million former federal employees’ personnel data was stolen. While investigating that theft investigators found a much larger data theft. OPM has not yet notified the 19.7 million additional individuals affected. Those are the people who requested a background check normally for employment purposes or acces to classified information. An additional 1.8 were people were not job appicants but were either married to or co-habiting with an applicant.

In addition to personal information the hackers stole as many as one million fingerprint records.

Applicants who applied for employment had their user names and passwords for investigation forms stolen. It is also highly possible that information such as mental health history and financial history many have also been stolen. Applicants that were interviewed as part of their background investigations often reveal this sensitive information when applying for security clearences.

OPM attempted to take some of the sting from the bad news by saying “there is no evidence that health, financial, payroll, and retirement records of federal personnel or those who have applied for a federal job were impacted by this incident (for example, annuity rolls, retirement records, USAjobs, Employee Express).” The agency assures the public that it’s working to create safeguards to prevent such incidents in the future.

OPM Director Katherine Archuleta resigned her position last week after whitering criticism over the data breach.

Army National Guard Data Breach

Seal_of_the_United_States_Army_National_Guard.svgCurrent and former members of the Army National Guard members dating back to 2004 had personal information including social security numbers, birthdates and home addresses stolen. 

National Guard Spokesman Major Earl Brown, said “The National Guard Bureau takes the control of personal information very seriously,” said Brown. “After investigating the circumstances of these actions, and the information that was transferred, the Guard has determined, out of an abundance of caution, to inform current and past Guard personnel that their Personally Identifiable Information (PII) was among the files that were transferred.”

“The issue was identified and promptly reported, and we do not believe the data will be used unlawfully,” Brown said. “This was not a hacking incident, in which the intent was to use data for financial gain. Nonetheless, the Guard believes that individuals potentially affected need to know about the breach and what actions they can take to protect themselves from potential identity theft.”

If you are a member of the Nationa guard and need more information please  go to http://www.nationalguard.mil/Features/IdentityTheft.aspx or call  toll-free 877-276-4729 8AM to 4PM EST, Monday through Friday. You can also email any questions you have to dod.data.breach.questions@mail.mil

Spyware Exposes Teen Sexting

MTECHNOLOGY MSPY - MOBILE SPYWARE LOGOWe were all teenagers at one time. And as a teen we had two lives, one with our parents and family and the other with our teenage friends. Don’t deny it! And if you have been reading this blog you know how good black teens are at hiding their Internet activity. The latest spyware can help parents uncover some of that secret activity.

Teens today live in a much different world than we did. Today, in the age information and communication, they have more channels of communication and devices available to them than we ever dreamed of.

Teens are about the latest thing. Be it movies. music, clothes, electronic gadgets and even sex. Yes sex!

Sexting is the exchange of sexually explicit messages and images. Many times its selfies of themselves nearly or completely naked and even having sex.

This growing phenomenon is getting dangerous. Teens are naturally spontaneous and lack fore thought so they are not thinking of the consequences of sexting when it goes wrong. In cities all over the country teenagers are being humiliated or even killing themselves after nude images of them show up on social media and in one instance on the school website. A mother in Virginia called the police on her 13 year old daughter after she found numerous pictures of nude teens on her daughters cell phone and tablet.

One of the newest and popular social media apps among teens is called SnapChat. Why? Because pictures and videos self-destruct without a trace. Teens using the app can set the destruct time from a few seconds to days, This encourages teens to snap silly selfies and, for some, sexting.

But if your teen is using SnapChat and you want to know what they are doing there is a way you can. For $40 a month mSpy allows parents to see exactly what their teens are doing on SnapchatThey can also see  their texts , calls and emails and even their location. Parents must first download the software onto their teens phone. After its installed they can see it all on their own device. mSpy leaves no icon or evidence of its presence so your teen will never know its there. mSpy can also monitor Skype calls and WhatsApp messages, too. The software is growing in popularity especially among parents. According to COO Uri Soroka, of the 2 million people using the spyware a third of them are parents.

Other users of the spyware are business owners that want to see what employees are doing on company owned devices. Another spyware, FlexiSpy is targeted toward married couples who suspect their spouse is cheating.

Now you know.

 

 

Sexual Predators Hunt Online

 

hutchinson

Tremain Hutchinson

On December 20th of 2013  Tremain Hutchinson, 28 of Cobb County Georgia was sentenced to life in prison for producing child pornography. A just sentence for a sexual predator but it is how he did it that black parents need to pay attention to.

Hutchinson used social media to connect to teenage girls. He gained their trust by pretending to be a 16 year old boy. He then talked them into sending him nude pictures of themselves. Two of the girls were raped by him.

Hutchinson used the website Tagged.com and threatened to put the girls pictures on Facebook and in some cases threatened their families. Hutchinson even forced one teenage girl to molest her own brother.

In another case a California computer science student by the name of Jared James Abrahams, 20 was sentenced to 18 months in prison for hacking into the computer of teenage girls, turning on their webcams and watching them undress. One of the computers he hacked was that of  Cassidy Wolf, Miss Teen USA.

Abrahams threatened to post the images online if the women did not send him more pictures or “perform” on Skype.

In another case Richard Finkbiner of Brazil, Indiana pleaded guilty to child exploitation, extortion and possession of child pornography. Finkbiner used as a video chat website, omegle.com. There he convinced teens to perform sex acts or appear nude. He would later extort them by threatening to post the images on porn websites if the did not continue to make videos. His victims were ages 12-16 years old and Finkbiner admitted to coercing at least 100 young people into making explicit videos.

Sexting is not new but it is a problem. What is it? Its the sending of sexually explicit photographs or message via mobile phone, according to Google. Statistics show that almost 25% of teenagers are actively sexting or have sexted in the past. Sexting, even among minors is illegal and when it is exposed it can very damaging to the teen.

There have been cases where teen girls have been embarrassed and bullied when the images of their naked or near naked body starts circulating on campuses. Even junior high school students have been caught sexting. In some cases  teens have even committed suicide after being exposed for sexting. Kids have even developed their own language for sexting. So if you are a parent you better learn it. NoSlang.com has a complete dictionary of sexting terms you should know to keep your child under control.

Breaking It Down

Do you know what your child is doing online? Black parents need to become more aware of what is happening behind your child’s closed door. The Internet is crawling with predators and black teens and children are just as likely to be victims as white kids.

As a parent its your job to know what your child is doing at all times. So having a teenager who goes into his or her bedroom alone with their computer or smartphone is a serious situation. I have just shown you what can happen when you don’t know exactly what your child is doing online.

Websites like Facebook, Tagged and others are where these perverts hangout. They can also be found on your child’s school’s Facebook page. Anywhere children go on the web you should believe that predators are there and working to do something really nasty even deadly to them.

Make sure you know what your child is doing online. Know what websites they visit and who they are talking to. Teach them how dangerous the web can be and don’t be gentle about it. You might want to consider if your child should have their own computer in the first place. Perhaps a family computer in an open location is better.

Black parents need to step up and get involved in what your child is doing online. There is no excuse for not knowing. Get on it!