A year after the Internal Revenue Service said hackers used stolen Social Security numbers and other information gleaned from the agency’s system in an attempt to access hundreds of thousands of taxpayers’ accounts, the agency says that the Get Transcript tool at the heart of the attack is back online. [More]
After a data breach at popular kids’ toy maker VTech that put the personal information of nearly five million parents and children at risk, as well as reportedly exposing many of their photos and chat logs, the Hong Kong-based company says it’s bringing in the pros to help shore up its security.
When you log into your bank account online, you might see an image of a birdhouse, or a teapot, or some other object you selected when you signed up. Those pictures are supposed to help keep a customer’s account safe, by assuring them that the web page they’re viewing is, in fact, the bank’s website and not a scammy fake. But as cybercriminals are catching on, banks are choosing to ditch the images in favor of other security measures.
Patreon, a website that allows donors to give regularly to sites, artists, projects and other creators, yesterday evening that it’d been hit by a hack attack that accessed some registered names, email addresses and mailing addresses. And according to reports, 15GB of data was then dumped online, exposing information about donors and the projects they’ve funded.
If you’re not up to date on all your reality TV star news, perhaps you aren’t aware that the Kardashian/Jenner sisters recently launched new mobile apps and redesigned websites to stay even more connected with their adoring hordes than before. But while the family’s popularity has seen hundreds of thousands of people signing up for those sites, a new report says the personal information for many of those subscribers was available — albeit briefly — to anyone with the know-how to get it.
Almost every Internet user has come across a CAPTCHA security check — you know, the thing where you have to enter in a jumbled set of letters and numbers, often with lines drawn through them — and had absolutely no idea how to decipher it. This is frustrating and it’s not actually effective, so Google’s reCAPTCHA folks have come up with a new idea: Just asking if you’re a robot. [More]
If you’ve felt like there hasn’t been a day in the last year without a warning of some new hack on big businesses and services you use and have had to change your passwords and keep an eye on your accounts as a result, you’re not alone — not by a long shot. A new report says about half of American adults were the victims of hackers in the last 12 months. [More]
1-In-5 Internet Users Always Read Privacy Policies, But That Doesn’t Mean They Understand What They’re Reading
Though everyone is always saying “You’ve got to read the fine print,” most of us don’t do it. According to a new study, only 16% of Internet users claim to always read privacy policies of the sites and online services with which they share their private information. [More]
The future is here, folks. Soon it’ll be just like we imagined as kids — holodecks, computers as thin as thin can be and there better be some hovercrafts arriving soon. But even as technology marches on, there are certain things we might feel a little bit squirrelly about doing away with. Like our online passwords, which are pesky to remember but ultimately safeguard all our online information. Intel is banking on our annoyance with keeping track of passwords with its new tablet software that grants access via a biometric sensors.
Listen up if you’ve got an account with LastPass, a company that is designed to keep your passwords to multiple sites safe: The company says hackers may have gotten into their database and snatched information from up to 1.25 million customers.
If you spend a lot of time online, you’re probably aware of phishing scams and know what to look out for. In other words, you’re not one of those ignorant types who clicks on links and starts entering personal information without hesitation. Writer and blogger Cory Doctorow is what you might call hyper-vigilant–he keeps unique passwords, uses a VPN when going online in public, and generally knows not to trust strangers. Still, he got phished a couple of weeks ago.
William wrote to us this weekend to point out how little Microsoft does to fight phishing attacks on their hugely popular Xbox LIVE network. It’s unfortunate they don’t take this sort of crime more seriously, since so many kids—who by all rights should have less experience with phishing—are on Xbox LIVE. Below is what two different Xbox CSRs told William when he contacted them to complain about phishing attacks.
A Congressional panel is looking into drafting new online privacy laws, but Yahoo says such legislation isn’t necessary because the e-industry has done such a bang-up job of regulating itself.
DoomNasty tells us he’s been hit three times in the past week with phishing attempts. The first two were text messages from Alarion Bank, asking him to call 1-877-240-6149 “to find out why my debit/atm card was blocked. I do not have an account, and Privacy Assist shows no account was created behind my back.” The third was from 201-968-0007, but no message was left. He traced the number to Liquidity Solutions, Inc., who told him that “one of their numbers got hijacked and the hijacker is phishing for banking info.”
BoingBoing has the 500 worst passwords. We’ll sum it up: if your password is password, 123456, or 696969, say goodbye to your identity.
If you have a PayPal or eBay account, or use OpenID to login to participating sites, then for $5 you can add a second layer of security that is virtually impossible to break unless the thief physically locates you and steals a little plastic device. The PayPal Security Key is a small, keychain-ready fob with a unique ID that’s tied to your account. It generates a new six-digit code very 30 seconds, which you have to enter whenever you log in. The down side is you have to have your security key with you in order to read the code. But the benefits are huge: you basically have a 2nd password that changes 2,880 times every day—and that isn’t available anywhere online.