Latest news with #identityTheft
Yahoo
4 hours ago
- Yahoo
Major data breach exposes 86M AT&T customer records, including social security numbers — here's how to know if you were affected
AT&T has experienced a massive personal data breach, so if you're one of the more than 100 million people who use the company, you'll want to be on guard. According to a report from Hack Read, more than 86 million customers have been affected with leaked details ranging from full names to dates of birth, phone numbers, email addresses and physical addresses. It's reported that more than 44 million Social Security Numbers were also included in the data leak. While each of these data sets poses privacy risks on their own, together they could create full identity profiles that could be exploited for fraud or identity theft. The stolen data is reportedly fully decrypted and was first posted to a Russian cybercrime forum on May 15 before being re-uploaded on the same forum on June 3. Hackers reportedly accessed data by getting into accounts that lacked multi-factor authentication, and this leak appears to be linked to an original hack by the ShinyHunters group in April 2024. 'It is not uncommon for cybercriminals to re-package previously disclosed data for financial gain,' an AT&T spokesperson told Hack Read in a statement. 'We just learned about claims that AT&T data is being made available for sale on dark web forums, and we are conducting a full investigation.' The original seller of the exposed data claimed that this leak is 'originally one of the databases from the Snowflake breach' — but according to Hack Reads analysis, there are about 16 million more records in this breach than the previous one. AT&T also acknowledged the security researchers' doubts that this breach was linked to the original 2024 breach. 'After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024,' the company said in a statement. 'Affected customers were notified at that time. We have notified law enforcement of this latest development.' If you're an AT&T customer, it's possible your personal and private data could be part of the leak. Though if your data was leaked in this hack, it's likely because it was already unprotected in the August 2024 National Public Data breach, which exposed 'three decades' worth of Social Security numbers on the online black market.' To check if your information was leaked in that breach, you can check through Pentester, a cybersecurity firm, by going to and entering your information, which will allow you to see a list of your breached accounts. Security experts are also urging customers to keep an eye on their credit reports. AT&T said it 'offered credit monitoring and identity theft protection to those customers whose sensitive personal information was compromised as part of the notice in 2024.'
Phone Arena
12 hours ago
- Phone Arena
Video shows how cops stopped a couple from stealing AT&T iPhones right off the delivery truck
The Wall Street Journal found that many of these iPhones had been ordered by AT&T customers. Some of the thieves eventually arrested by the long arm of the law were found to have a short list containing tracking numbers of iPhone shipments coming from AT&T . So this is why we're not surprised about a video found on YouTube that shows how a couple had a scheme that allowed them to steal new iPhone models as they were being delivered. Unlike some of the other incidents, this one had some differences. While the previously mentioned phones that were stolen by porch pirates were legitimately ordered by AT&T customers, in this case a consumer in Martin County, Florida had his identity stolen for the second time. Armed with the victim's personal data, the thieves ordered an iPhone 16 Pro Max from AT&T for $1,200. The victim also started receiving emails from AT&T confirming the purchase of the phone. The next email said the order had shipped and included a tracking number and an estimated delivery date. The consumer called the Martin County cops. We should point out the six months before, the same exact thing happened to the same guy except that phones were ordered through T-Mobile and the delivery truck was intercepted. Using fake ID, the thieves were able to get the driver to hand over the phones to them. This time, armed with the tracking data, on the expected delivery date the cops called the UPS driver and confirmed that his current shipment contained an iPhone delivery to the victim's address. The cops told the driver to alert them if anyone tried to take the package. Additionally, unmarked police cars followed the UPS truck as the driver went about his daily routine. A vehicle stopped by the UPS truck attempting to cut it off. A woman approached the UPS driver which is when the cops pounced on her and her husband and arrested them. We are only three months away from the unveiling of the iPhone 17 series and you need to be alert when you order an iPhone. Because of the popularity of the brand (in the U.S. especially), most thieves focus on stealing the iPhone as opposed to say, a Google Pixel handset or even a pricey Samsung Galaxy S Ultra model. That's because it is easier for the thieves to convert a stolen iPhone into cash than a high-end Pixel phone. If you do order a new iPhone-or any model really-from your carrier (they often have the best deals), make sure to arrange to have the package require a signature to be delivered. Verizon and T-Mobile won't leave a package without a signature but as of last year, AT&T 's default position was to allow phones to be delivered without a signature which makes them easier to steal. Last year, AT&T noted that requesting that UPS collect a signature for a delivery would cost it an additional $7.50. It's hard to believe that many iof these thefts could have been avoided had a huge corporation like AT&T spent an extra $7.50 on each iPhone shipped to a customer. Hopefully, we don't see another rash of such blatant rip-offs this year. It is frightening to consider that obtaining UPS tracking numbers of iPhones being shipped to AT&T subscribers could indicate the presence of rogue employees getting paid off to help a criminal enterprise conduct its "business."
Phone Arena
3 days ago
- Phone Arena
AT&T customer's birthdates, social security numbers show up online in plain text
AT&T subscribers need to be on alert. Back in 2024, 86 million records belonging to customers of the nation's third-largest carrier were supposedly stolen by the ShinyHunters group. The hackers were able to take advantage of major security flaws to access and steal the data. The database might have been repackaged and has turned up twice recently on a Russian cybercrime forum. It first appeared on May 15th of this year and showed up again on June 3rd, less than a week ago, and it has been spotted on other forums since then. According to the leaked data recently posted includes data points that by themselves could help expose AT&T customers. But putting the data all together can create customer account profiles that can be used for malicious purposes. The data can be used to help the hackers commit identity theft and take other fraudulent actions. In theory, the cyber crooks could use this data to request new SIM cards and perform a SIM swap. AT&T customer records stolen in a 2024 data breach are recently posted online. | Image By putting a requested SIM card replacement into a burner phone, the hackers could take control of an AT&T customer's phone, change all of the passwords, and clean out the victim's financial accounts. The data breach covers tens of millions of AT&T customers. The data stolen in the attack and posted online includes: Full names Date of birth Phone numbers Email addresses Physical addresses 44 Million Social Security Numbers (SSN) Even though the Date of Birth and Social Security numbers were originally encrypted, they are now in plain text. If you are an AT&T customer, your social security number might have leaked making this an extremely serious threat even if this repackaged data was stolen over a year ago. Screenshot of stolen data belonging to AT&T customers. | Image AT&T responded to the news by releasing the following statement: "It is not uncommon for cybercriminals to repackage previously disclosed data for financial gain. We just learned about claims that AT&T data is being made available for sale on dark web forums, and we are conducting a full investigation." The wireless provider added, "After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024. Affected customers were notified at that time. We have notified law enforcement of this latest development." If you are an AT&T customer, it is likely that your data was already leaked last year. Still, to be safe, even if AT&T reset your passwords or passcodes last year, you might want to do it again. Set up fraud alerts and change your credentials for financial apps including those you use for banking, stock trading, and your crypto holdings. Switch to Total 5G+ Unlimited 3-Month plan or Total 5G Unlimited and get a free iPhone. We may earn a commission if you make a purchase This offer is not available in your area.
CNET
4 days ago
- CNET
Is It Worth Reporting Scams? Why I Do and Why You Should Too
Reporting fraud to the FTC and the FBI helps educate the public and can help authorities catch at CNET commonly suggest victims contact the Federal Trade Commission or the FBI's Internet Crime Complaint Center to share their experience if they've endured any type of fraud or identity theft. But even if you didn't suffer monetary loss or mistakenly coughed up your personal information — like your Social Security number — you should still report a scam. According to the FTC, only 38% of fraud reports to the agency in 2024 involved monetary losses. Fraud reports help the FTC and FBI inform and educate the public about popular scams, and they aid local and federal authorities in catching criminals. The latter especially is why I've reported fraud in the past, even though I didn't lose money. The scam on social media was just so clever, I thought others may fall for it because I almost did. If you fall victim to a scam, there are other steps you can take, like signing up for identity theft protection, freezing your credit reports or reaching out to your bank or credit card company to recover stolen funds. Just don't forget to let the FTC and FBI know about it. Why should you report instances of fraud? When you report fraud, you're being a good samaritan, and you may help reduce the chances of a scam hurting someone else. Both the FTC and the FBI's IC3 division study trends and update the public about popular swindles orchestrated by cybercriminals using information provided by everyday Americans. Some popular scams the agencies have warned about in recent months include toll road scams, fake Postal Service texts about online orders and cons related to hurricane relief. "The more information the FTC and IC3 receive, the better statistics they can get and use to alert consumers," said Chelsea Binns, a certified fraud examiner and associate professor at CUNY John Jay College of Criminal Justice. The FTC and IC3 also release annual reports that detail trends from the previous year using submitted complaints. Data is broken down by age, state, the frequency of specific crimes and dollars lost to each fraud type. Both agencies allow consumers to receive email alerts about popular scams year-round. To sign up for FTC alerts, click here. To sign up for IC3 alerts, click here. The FTC and IC3 also work with law enforcement to help catch cybercriminals. When you file a report with the FTC, it's added to its Consumer Sentinel database, which 2,800 federal, state, and local law enforcement partners across the country can access. Trained IC3 analysts similarly review and research complaints and pass along information to authorities. "This is how they can potentially build cases against fraudsters," Binns said. How do I report fraud to the FTC and FBI? You can report scams to the FTC at Cyber-related crimes should also be reported to IC3 at Combined, these agencies received over 3.4 million complaints last year. Keep in mind it's unlikely that you'll hear from the FTC or IC3 after you file a report, despite your complaint being used to corroborate information or inform trends. If someone posing as a government official reaches out to you and demands money, offers you a prize or threatens to arrest you, it's a scam. If you're a victim of identity theft, a specific category of fraud, you can report your case to the FTC at or by calling 1-877-438-4338. The FTC will lay out steps to recover your identity based on the information you provide. Each of these steps, like calling bill collectors and contacting bank fraud departments, can be time-consuming and may cost you money, especially if you have a lawyer handle it for you. If you have an identity theft protection service with white glove restoration services, this checklist can be completed for you. Can I get my money back after a scam? Unauthorized debit and credit card purchases are usually easier to reverse. But if you send money to scammers yourself, like in a gold bar scam, then getting your money back is more difficult. You should contact your bank immediately so they can potentially cancel a transaction. In cases where cryptocurrency is involved, payments are pretty much irreversible. Depending on the type of fraud you suffered, you'll want to take basic steps like changing your password, enrolling in two-factor authentication and turning on alerts for purchases made on your credit and debit cards. You should also consider deleting saved payment info from websites, Binns said. In the weeks and months after falling victim to fraud, it's essential to be on guard against any stranger who contacts you promising to get your money back. "What will happen is the original fraudster will come to you posing as an organization or service that is going to help you recover the funds you've lost," she said. "And, in turn, it'll just be another scam."
Health Line
7 days ago
- Business
- Health Line
Medicare Scams: How to Spot and Avoid Them
Medicare scams are a significant problem. They cost billions of dollars each year. Scams may include identity theft, false claims, and durable medical equipment (DME) fraud. Medicare scams occur when someone pretends to be from Medicare or connected to the program to obtain your personal information or money. These scams tend to rise during Medicare's open enrollment period (October 15 to December 7). This is the time of year when Medicare beneficiaries are encouraged to review their coverage and make any necessary changes. It is important to know the signs of scams and understand how to protect yourself from them. Do not give your personal information to anyone who contacts you unexpectedly and claims to be from or connected to Medicare. How to protect yourself from Medicare scams It is important to protect yourself from Medicare scams. In 2024, Medicare fraud and scams resulted in a loss of $1.6 billion. Medicare scams not only take money from the United States taxpayers, government, and Medicare, but they also cost Medicare beneficiaries in: time stress money health However, there are various ways you can protect yourself from Medicare scams. Avoid sharing your Medicare number Only share your Medicare number or Social Security Number with your doctor, pharmacy, or people who work with Medicare. If you receive an unexpected phone call from someone claiming to be connected with Medicare, do not share any personal information with them. Medicare will not usually call you unless it is in response to a request you have sent. If a Medicare representative does call you, they won't need your personal information because they will already have it. Don't trust your caller ID Scammers can spoof (fake) a phone number. This means that your caller ID may show Medicare's name or number, even if Medicare isn't calling you. To be sure the call is legitimate, hang up and call Medicare directly at 800-633-4227. Don't click suspicious links Not only can scammers fake phone numbers, but they can also fake emails. They can make it appear that an email is coming from Medicare. These emails can even take you to a website that looks authentic. Do not respond to any unexpected emails or texts, and do not click on any links. If you need to update your information or receive a text or email telling you to do so, go directly to and log in to your account. You can also call Medicare at 800-633-4227. Don't be afraid of threats Scammers may threaten that your Medicare benefits will be terminated if you don't do what they're asking. This often involves signing up for a specific plan. If you are eligible for Medicare, your benefits cannot be terminated for these reasons. Ignore persuasions to choose a certain plan If someone tries to sell you a plan that is 'preferred by Medicare,' do not speak with them. Medicare does not endorse any specific plans or policies. Destroy your old Medicare card Some scammers may claim you need to return your old card to Medicare. This is not true. If you receive a new Medicare card, destroy the old one immediately by cutting it up or shredding it. Medicare does not need your old card back. Protect your health records, and don't accept unexpected genetic testing kits Do not allow anyone but your doctor and other healthcare professionals to review your personal medical records. If you receive a shipment of a genetic testing kit that your doctor did not order, refuse the shipment and return it to the sender. It is important that you review your Medicare summary notice carefully for any unexpected charges. A summary notice is a letter Medicare will send you that lists all the healthcare services, supplies, and equipment you received. »Learn more: Medicare fraud and abuse Finding unbiased Medicare advice If you're looking for unbiased advice on Medicare coverage, plans, or scams, you can contact the State Health Insurance Assistance Program (SHIP). You can contact SHIP by calling 877-839-2675 or locating your local SHIP office. Signs of a Medicare scam It helps to be aware of certain signs of Medicare scams so you can protect yourself against them. Offers of free items or services You should be suspicious of any offers that involve free medical services, supplies, or prescription medications. Scammers will often offer older adults valuable medical equipment. They then ask for your Medicare number and file high cost Medicare claims in your name. You should also be wary of any genetic testing or screenings your doctor did not order. This is a known scam where scammers bill Medicare for unnecessary genetic testing. Pressure to switch your Medicare plan Scammers claiming to be associated with Medicare may claim that you are preapproved for a new healthcare plan or prescription drug plan that has lower payments and better benefits. They may also tell you there is a fee to enroll in this new plan. Threats to cancel your coverage Scammers may call you and state that there is an issue with your Medicare account, like fraudulent activity. They may then tell you that your benefits will be canceled if you don't verify your personal information and enroll in a new plan. Claims you are eligible for a refund A common tactic for scammers is to tell older adults that, due to changes in their coverage, they are eligible for a Medicare refund. The scammer may ask for your Medicare number and bank account information. Takeaway Medicare scams are on the rise. They tend to be more common during Medicare's open enrollment period. Medicare scams can happen to anyone. It is important to know the signs, how to protect yourself, and how to report scams and fraud. To report scams and fraud directly to Medicare, call 800-633-4227. The information on this website may assist you in making personal decisions about insurance, but it is not intended to provide advice regarding the purchase or use of any insurance or insurance products. Healthline Media does not transact the business of insurance in any manner and is not licensed as an insurance company or producer in any U.S. jurisdiction. Healthline Media does not recommend or endorse any third parties that may transact the business of insurance.
