List of data breaches and cyber attacks in April 2018 – 72,611,721 records leaked

This month’s list sees the usual mix of breaches and hacks, and as always is dominated by healthcare incidents.

One incident that really stands out is Equifax’s latest. The consumer credit reporting agency, which suffered a massive data breach in 2017 that exposed the personal information of nearly 150 million consumers, has been sending out the incorrect notification letters to a “small percentage” of those affected.

What is it they say? There’s no such thing as bad publicity? This month’s total of leaked records is 72,611,721.

> Read entire article List of data breaches and cyber attacks in April 2018 – 72,611,721 records leaked | Lewis Morgan | IT Governance

6 scary news for Halloween!

Amazon Key is a new service that lets couriers unlock your front door!

The natural evolution of supply chain, or a step too far?

Read more

Pollution kills nine million people a year

Pollution has been linked to nine million deaths worldwide in 2015, a report in The Lancet has found.

Read more

Halloween 2017 Supply Chain Infographics

Consumers are expected to spend a record $9.1 billion for Halloween 2017, making it the largest spending for the spooky holiday to date.

Read more

How one boy became a terrorist

This, dear readers, is how terrorism happens! At least in the case of one young boy in Ireland in the 1970s. A text by Phil Gurski.

Read more

6 horrors from the Equifax CEO’s congressional hearing

The initial drama over Equifax’s September data breach has mostly subsided, but the actual damage will play out for years. And indeed, there turns out to be plenty of spectacle and public controversy left.

It was all on display at a Tuesday Congressional hearing, in which lawmakers questioned Equifax’s former CEO Richard Smith in an attempt to make sense of how things went so wrong.

Before delving into the hearing itself—which went poorly enough—it’s worth mentioning that it was bracketed by further unfortunate Equifax revelations. The company announced Monday that the total number of people impacted by its breach is not 143 million—the amount it first disclosed—but in fact 145.5 million.

Equifax’s former CEO attempts to make sense of how things went so wrong

Its ability to casually misplace 2.5 million lives upended by the breach is alarming, as is Tuesday afternoon’s revelation that the IRS awarded Equifax a no-bid, multimillion-dollar fraud-prevention contract last week.

And there’s a lot more where that came from. Here are six important (and astonishing, disappointing, you name it) tidbits that came out of Tuesday’s hearing.

1. The timeline of when executives knew what about the breach is both disheartening and suspect

Equifax has previously said that it was breached on May 13 and that it first discovered the problem on July 29. The company notified the public on September 7.

But during Tuesday’s hearing, former CEO Smith added that he first heard about “suspicious activity” in a customer-dispute portal, where Equifax tracks customer complaints and efforts to correct mistakes in their credit reports, on July 31. He moved to hire cybersecurity experts from the law firm King & Spalding to start investigating the issue on August 2. Smith claimed that, at that time, there was no indication that any customer’s personally identifying information had been compromised.

Smith further testified that he didn’t ask for a briefing about the “suspicious activity” until August 15, almost two weeks after the special investigation began and 18 days after the initial red flag.

Read entire post 6 fresh horrors from the Equifax CEO’s congressional hearing | WIRED

List of data breaches and cyber attacks in September 2017 – 174 million records leaked

The cyber security news has been dominated by just one story all month: Equifax, which suffered one of the largest reported corporate data breaches in history.

But, as always, there were plenty of other data breaches and cyber attacks.

Many of them go unreported, and even those that are reported tend to be swept under the carpet – until they make this list, that is.

By my count, there have been 174,429,805 known leaked records this month. Let me know if I have missed any.

See the list of data breaches and cyber attacks in September 2017

So, Equifax says your data was hacked. Now what?

As widely reported, the credit reporting bureau Equifax was recently hacked. If you have a credit report, you’re likely one of the 143 million Americans whose data may have been exposed, according to the Federal Trade Commission.

According to Equifax, the breach lasted more than a month, from mid-May until July of this year. The hackers gained access to people’s names, Social Security numbers, birth dates, addresses, and even some driver’s license numbers. They also got credit card numbers for 209,000 people and dispute documents with personal information for 182,000 consumers.

Unfortunately, at least some of your information was likely involved in this breach if you had a credit file with Equifax. I can tell you that my data was compromised. Let’s walk through what you need to do to first determine whether your information was compromised. Then we’ll look at what you can do about it.

The first step is to visit to find out if your information was exposed. The site includes a Potential Impact tab, where you can enter your last name and the last six digits of your social security number. (Be sure you’re on a secure computer and internet connection when you’re doing this!) This will tell you whether or not your information was compromised.

Enroll in free credit monitoring even if the site doesn’t say you were affected. You’ll be able to find out when you can enroll at the site linked above. You’ll have from that date until November 21, 2017 to enroll for a free year of credit monitoring.

Here I should add that one year of free credit monitoring is totally inadequate. The Equifax data theft can have life-long consequences for consumers. When a credit card number is stolen, you simply get a new card with a new number. You can’t, however, get a new date of birth or Social Security number.

Source: Forbes