U.S. Federal Trade Commission

The Not-so-True People-Search Network from China

Posted on March 21, 2024 by BrianKrebs

It’s not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it’s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities. Continue reading The Not-so-True People-Search Network from China→

A Close Up Look at the Consumer Data Broker Radaris

Posted on March 8, 2024 by BrianKrebs

If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs. It also appears many of their businesses have ties to a California marketing firm that works with a Russian state-run media conglomerate currently sanctioned by the U.S. government. Continue reading A Close Up Look at the Consumer Data Broker Radaris→

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Posted on May 2, 2023 by BrianKrebs

A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. The leaked records indicate the network’s chief technology officer in Pakistan has been hacked for the past year, and that the entire operation was created by the principals of a Tennessee-based telemarketing firm that has promoted USPS employment websites since 2016. Continue reading Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data→

FCC Proposal Targets SIM Swapping, Port-Out Fraud

Posted on October 1, 2021 by BrianKrebs

The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identity. Continue reading FCC Proposal Targets SIM Swapping, Port-Out Fraud→

Former Uber CSO criminally charged with covering up 2016 data breach

Posted on August 20, 2020 by Jeff Stone

U.S. prosecutors have charged the former Chief Security Officer at Uber with allegedly covering up a data breach at the ride-hailing company that exposed information tied to roughly 57 million people. Joe Sullivan was charged Thursday in the U.S. District Court in San Francisco with failing to disclose details of the security incident to the proper authorities. Sullivan, who now works as the chief information security officer at Cloudflare, allegedly committed two felonies by not informing investigators about the hack while they probed the circumstances surrounding a prior data breach. Sullivan was charged with obstruction of justice and misprision of a felony. The maximum sentence if convicted on both charges is eight years in prison. The complaint pertains to a 2016 incident in which two hackers contacted Uber via email to report that they had accessed personal information about 57 million Uber users and drivers, including driver’s license numbers. The […]

The post Former Uber CSO criminally charged with covering up 2016 data breach appeared first on CyberScoop.

Continue reading Former Uber CSO criminally charged with covering up 2016 data breach→

Twitter prepares to pay up to $250 million for using security data for advertising

Posted on August 4, 2020 by Jeff Stone

Twitter acknowledged it could pay up to $250 million to the U.S. Federal Trade Commission for directing targeted advertising to users based off data submitted for security purposes. In a financial filing submitted to the Securities and Exchange Commission, Twitter estimated it would pay between $150 million and $250 million to the FTC. The penalty comes after the FTC drafted a complaint on July 28 alleging that Twitter used “phone number and/or email address data provided for safety and security purposes for targeted advertising during periods between 2013 and 2019,” Twitter said in the SEC filing. The complaint suggests Twitter violated a 2011 FTC consent order that required the company to establish a data security program, which required them to be transparent with users about the security and privacy measures in place. In October 2019, the company said it used email addresses and phone numbers to improve targeted advertising efforts. […]

The post Twitter prepares to pay up to $250 million for using security data for advertising appeared first on CyberScoop.

Continue reading Twitter prepares to pay up to $250 million for using security data for advertising→

When Your Used Car is a Little Too ‘Mobile’

Posted on February 6, 2020 by BrianKrebs

Many modern vehicles let owners use the Internet or a mobile device to control the car’s locks, track location and performance data, and start the engine. But who exactly owns that control is not always clear when these smart cars are sold or leased anew. Here’s the story of one former electric vehicle owner who discovered he could still gain remote, online access to his old automobile years after his lease ended. Continue reading When Your Used Car is a Little Too ‘Mobile’→