Sen. Ron Wyden – WindowsTechs.com

Identity Thieves Bypassed Experian Security to View Credit Reports

Posted on January 9, 2023 by BrianKrebs

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number. Continue reading Identity Thieves Bypassed Experian Security to View Credit Reports→

Senators Urge FTC to Probe ID.me Over Selfie Data

Posted on May 18, 2022 by BrianKrebs

Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company ID.me for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service, which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me. Continue reading Senators Urge FTC to Probe ID.me Over Selfie Data→

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Posted on March 31, 2022 by BrianKrebs

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes. Continue reading Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill→

IRS: Selfies Now Optional, Biometric Data to Be Deleted

Posted on February 22, 2022 by BrianKrebs

The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs the agency’s identity proofing system. The IRS also said any biometric data already shared with ID.me would be permanently deleted over the next few weeks, and any biometric data provided for new signups will be destroyed after an account is created. Continue reading IRS: Selfies Now Optional, Biometric Data to Be Deleted→

IRS To Ditch Biometric Requirement for Online Access

Posted on February 7, 2022 by BrianKrebs

The Internal Revenue Service (IRS) said today it will be transitioning away from requiring biometric data from taxpayers who wish to access their records at the agency’s website. The reversal comes as privacy experts and lawmakers have been pushing the IRS and other federal agencies to find less intrusive methods for validating one’s identity with the U.S. government online. Continue reading IRS To Ditch Biometric Requirement for Online Access→

When Security Takes a Backseat to Productivity

Posted on June 17, 2020 by BrianKrebs

“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” -CIA’s Wikileaks Task Force.

So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division. The analysis highlights a shocking series of security failures at one of the world’s most secretive organizations, but the underlying weaknesses that gave rise to the breach also unfortunately are all too common in many organizations today. Continue reading When Security Takes a Backseat to Productivity→

FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data

Posted on February 28, 2020 by BrianKrebs

The U.S. Federal Communications Commission (FCC) today proposed fines of more than $200 million against the nation’s four largest wireless carriers for selling access to their customers’ location information without taking adequate precautions to prevent unauthorized access to that data. While the fines would be among the largest the FCC has ever levied, critics say the penalties don’t go far enough to deter wireless carriers from continuing to sell customer location data. Continue reading FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data→

Lock Him Up: Why Wyden Says Zuckerberg needs ‘Prison Term’

Posted on September 6, 2019 by Richi Jennings

Sen. Ron Wyden (D-Ore.) blurts out his most outspoken criticism yet of Mark Zuckerberg. The Facebook CEO stands accused of lying to and hurting the American people. I’m not 100% sure those are specific crimes. But the good senator from the Beaver Stat… Continue reading Lock Him Up: Why Wyden Says Zuckerberg needs ‘Prison Term’→

FEC: Campaigns Can Use Discounted Cybersecurity Services

Posted on July 11, 2019 by BrianKrebs

The U.S. Federal Election Commission (FEC) said today companies can offer discounted cybersecurity services to political campaigns without running afoul of existing campaign finance laws, provided they already do the same for other non-political entities. The decision comes amid much jostling on Capitol Hill over election security at the state level, and fresh warnings from U.S. intelligence agencies about impending cyber attacks targeting candidates in the lead up to the 2020 election. Continue reading FEC: Campaigns Can Use Discounted Cybersecurity Services→

FEC considers whether its legal for campaigns to accept discounted anti-spearphishing services

Posted on June 7, 2019 by Shannon Vavra

In its latest effort to provide cybersecurity companies clarity on whether they can lawfully provide cybersecurity protection to political campaigns for free or at a low-cost, the Federal Election Commission indicated this week it could be close to greenlighting anti-spearphishing services in a case currently before the commission. That tentative conclusion, not guaranteed until the FEC issues a formal advisory opinion, was reached Thursday during a commissioners’ meeting on a request from anti-spearphishing company Area 1 Security. It marked a shift from how the FEC appeared to be leaning on the issue earlier this week. The FEC’s legal team on Monday issued two draft opinions which both recommended blocking Area 1 from providing anti-spearphishing services at a discounted rate over concerns the lower rates would effectively serve as an in-kind contribution that could curry political favor with politicians in the future. Existing campaign finance law bars corporate contributions to campaigns, an issue that has given campaigns reason to pause on signing up […]

The post FEC considers whether its legal for campaigns to accept discounted anti-spearphishing services appeared first on CyberScoop.

Continue reading FEC considers whether its legal for campaigns to accept discounted anti-spearphishing services→