All news with #pii tag

Criminal Gangs Deploy Toll and Postal Texts to Steal Cards

💳 Criminal gangs operating from China send deceptive texts about overdue tolls, postal fees, and municipal fines to trick victims into divulging credit-card details. Investigators say the groups exploit an installation trick that provisions stolen card numbers into Google and Apple Wallet accounts in Asia, then share those virtual cards with buyers in the United States. The Department of Homeland Security estimates the scheme has generated over $1 billion in the last three years, enabling purchases of phones, gift cards, apparel and cosmetics by fraud rings that coordinate messaging, remote provisioning, and cross-border purchasing.

Hardening Google Workspace: Practical Guidance for Teams

🔒 Small security teams can harden Google Workspace by enforcing MFA, restricting admin roles, and tightening sharing and OAuth app permissions. The article stresses stronger email defenses — advanced phishing controls, DMARC/DKIM/SPF — and proactive monitoring for account takeovers through alerts and behavioral signals. It argues native controls form a solid foundation but leave gaps, and recommends augmenting them with Material Security for unified visibility and automated remediation.

Top 10 Challenges Facing CISOs and Security Teams Today

🔒 Security leaders face a rapidly evolving threat landscape driven by AI, constrained budgets, talent shortages, and a vastly expanded attack surface. Many organizations rushed into AI adoption before security controls matured, and CISOs report growing involvement in AI governance and implementation even while attackers leverage AI to compress time-to-compromise. Data protection, employee susceptibility to sophisticated scams, quantum readiness, and board alignment emerge as immediate priorities that require clearer risk-based decisions and frequent simulation exercises.

Smishing Triad Linked to 194,000 Malicious Domains

📱 Unit 42 attributes a sprawling smishing campaign to the China-linked Smishing Triad, tying it to 194,345 FQDNs and more than 194,000 malicious domains registered since January 1, 2024. Most root domains are registered through Dominet (HK) Limited yet resolve to U.S.-hosted infrastructure, primarily on Cloudflare (AS13335). Campaigns impersonate USPS, toll services, banks, exchanges and delivery services, using rapid domain churn to evade detection. The operation has reportedly generated over $1 billion in three years and increasingly targets brokerage and banking accounts to enable market manipulation.

Privacy rankings of popular messaging apps — 2025 Report

🔒 Incogni's Social Media Privacy Ranking 2025, summarized by Kaspersky, evaluates 15 platforms across 18 criteria to compare messaging apps on privacy and data handling. Overall scores place Discord, Telegram and Snapchat near the top, but a subset of practical criteria ranks Telegram first, followed by Snapchat and Discord. The analysis highlights default settings, data collection by mobile apps, handling of government requests, and encryption differences, noting that only WhatsApp provides end-to-end encryption for all chats by default.

FIA drivers' portal breached, Formula 1 data exposed

🔐 Hackers gained access to a drivers' portal run by the Fédération Internationale de l'Automobile (FIA) during the summer, potentially exposing Formula 1 driver records. The three individuals said they were fans who reported a vulnerability instead of pursuing malicious use and claimed they neither viewed nor stored sensitive data after noticing passport details could be retrievable. The FIA took the site offline, secured the system and worked with the researchers to strengthen the portal.

Toys R Us Canada confirms customer data leak; regulators

🔔 Toys R Us Canada has notified customers that a threat actor leaked records taken from its database after a posting on the dark web on July 30, 2025. An investigation with third-party cybersecurity experts confirmed the data's authenticity and found exposed fields may include full name, physical address, email, and phone number, while passwords and payment card details were not exposed. The retailer says it has strengthened IT security, is notifying Canadian privacy regulators, and warns customers to beware of phishing attempts.

FinWise Breach Highlights Encryption and Insider Risk

🔒 The FinWise data breach involved a former employee who retained credentials and accessed systems on May 31, 2024, exposing personal records for 689,000 American First Finance customers. The intrusion remained undetected until June 18, 2025, prompting lawsuits alleging inadequate encryption and weak security governance. Experts say robust protection requires not only encryption but effective key management, strict access controls, and proactive monitoring. Vendor solutions such as D.AMO are presented as integrated platforms combining encryption, an isolated KMS, and centralized control to mitigate insider risk.

Four Bottlenecks Slowing Enterprise GenAI Adoption

🔒 Since ChatGPT’s 2022 debut, enterprises have rapidly launched GenAI pilots but struggle to convert experimentation into measurable value — only 3 of 37 pilots succeed. The article identifies four critical bottlenecks: security & data privacy, observability, evaluation & migration readiness, and secure business integration. It recommends targeted controls such as confidential compute, fine‑grained agent permissions, distributed tracing and replay environments, continuous evaluation pipelines and dual‑run migrations, plus policy‑aware integrations and impact analytics to move pilots into reliable production.

SnakeStealer Infostealer Surges to Top of Detections

🔒 SnakeStealer is an infostealer family that surged in early 2025 to top ESET's infostealer detection charts. First seen in 2019 and originally linked to tools marketed as 404 Keylogger/Crypter, it spread widely by abusing Discord and cloud hosting and through phishing attachments, archived payloads and pirated software. Offered as malware‑as‑a‑service, it harvests credentials, clipboard contents, screenshots and keystrokes while using evasion and persistence tricks. Reduce risk by keeping systems updated, enabling MFA, treating unsolicited attachments with caution, changing passwords from clean devices and running reputable security software.

UK Contractor Breach Exposes Sensitive RAF and Navy Sites

🔒 A ransomware attack on contractor Dodd Group reportedly allowed Russian-linked attackers to exfiltrate hundreds of sensitive Ministry of Defence documents, including details on RAF Lakenheath, RAF Portreath and RAF Predannack. The company confirmed an incident and said it contained access, while the MoD suspects the Lynx group is behind the intrusion. Leaked files published on the dark web allegedly include site plans and personnel data, and the case is now under investigation amid a wider rise in UK cyber incidents.

Experian Fined €2.7m by Dutch Regulator for GDPR Breach

🔒 Experian Netherlands has been fined €2.7m by the Dutch Data Protection Authority for breaching GDPR requirements after collecting and processing personal data from public and private sources without proper notice or consent. The regulator found Experian compiled extensive databases using information from the Chamber of Commerce and data sold by telecom and energy firms, and that its credit scores influenced contract terms, deposits and denials. Experian acknowledged the violations, will not appeal, has ceased Dutch operations and plans to delete the database by year-end.

ChatGPT privacy and security: data control guide 2025

🔒 This article examines what ChatGPT collects, how OpenAI processes and stores user data, and the controls available to limit use for model training. It outlines region-specific policies (EEA/UK/Switzerland vs rest of world), the types of data gathered — from account and device details to prompts and uploads — and explains memory, Temporary Chats, connectors and app integrations. Practical steps cover disabling training, deleting memories and chats, managing connectors and Work with Apps, and securing accounts with strong passwords and multi-factor authentication.

Hackers Leak Personal Data of Hundreds of US Agents

🔓 A hacking collective known as The Com has posted alleged personal details — names, addresses, and phone numbers — of hundreds of US government employees on private Telegram channels. Reporting by 404 Media indicates spreadsheets containing roughly 680 DHS entries, over 170 FBI email addresses, and more than 190 Department of Justice records were shared; the origin of the information is unclear. The group, which has ties to known ransomware and extortion actors, suggested further doxing and even solicited criminal collaboration, raising concerns about threats and physical safety for affected personnel and their families.

Experian Netherlands fined €2.7M for unlawful data use

🔍 Experian Netherlands was fined EUR 2.7 million by the Dutch Data Protection Authority for collecting and using personal data from multiple public and private sources without properly informing individuals or obtaining consent. The AP found the company aggregated information from the Chamber of Commerce, telecom and energy firms to produce credit assessments that affected interest rates and upfront deposits. Experian acknowledged the violations, will not appeal, has ceased operations in the Netherlands, and pledged to delete its database of personal data before year-end.

Significant Satellite Traffic Found Transmitted Unencrypted

⚠️Researchers used a commercial off-the-shelf satellite dish to perform the most comprehensive public study yet of geostationary satellite communications. They discovered a shockingly large volume of sensitive traffic—critical infrastructure telemetry, internal corporate and government communications, private voice calls and SMS, and consumer Internet streams such as in-flight Wi‑Fi—being broadcast unencrypted. Much of this data can be passively observed by anyone with a few hundred dollars of consumer-grade hardware, and a single transponder's footprint may cover up to 40% of the Earth's surface.

Prosper Data Breach Exposes Personal Data of 17.6M

🔒 Prosper has confirmed a data breach that may have exposed personal information for approximately 17.6 million customers. The company said unauthorized queries were made against customer and applicant databases and that the activity was shut down and access revoked on September 2. Prosper reported no operational disruptions or evidence of unauthorized account access or fund theft, has notified US law enforcement, and will offer affected customers credit monitoring once the scope is confirmed.

Hackers Steal Customer Data from Spanish Retailer Mango

🔒An external marketing service provider detected unauthorized access to customer personal data for the Spanish fashion company Mango. The attackers obtained first name, country, postal code, email address and telephone number for some customers, while last names, bank details and passwords were not accessed. Mango says its own systems remain secure and has notified the Spanish data protection authority (AEPD). Customers are urged to remain vigilant for phishing attempts via email, SMS or phone.

Sotheby's Breach Exposes Employee Financial Data Records

🔐 Sotheby's disclosed a cybersecurity incident first detected on July 24, 2025, after threat actors removed data from its environment. A two-month investigation found exposed information included full names, Social Security numbers and financial account details. The company notified impacted individuals and offered 12 months of identity protection and credit monitoring through TransUnion. An October update clarified the breach involved employees, not customers.

Sotheby's Data Breach Exposes Customer Financial Records

🔒 Sotheby's has notified customers that an intrusion detected on July 24 resulted in removal of sensitive data from its systems. After a two-month investigation the company determined exposed information includes full names, Social Security numbers and financial account details. Impacted individuals are being offered 12 months of free identity protection and credit monitoring through TransUnion while Sotheby's continues to assess the scope.