pete_c
Guru
T-Mobile sent me a text today regarding a data breach on my account. In the text was a general statement for me to protect my account. Personally I would like to keep this account if possible.
That said I'm guessing it was an internal job done by a disgruntled employee as probably a few of the data breaches I have seen this past year.
T-Mobile data breach: More than 50 million people now affected
The company is reportedly now facing a class-action lawsuit, according to papers filed in a Washington court and seen by Vice.
The fallout from T-Mobile's latest data breach is going from bad to worse. In an update issued Friday, the mobile carrier reported that hackers had illegally accessed one or more associated customer names, addresses, dates of birth, phone numbers, IMEIs and IMSIs of 5.3 million current postpaid customers. T-Mobile also said it had identified an additional 667,000 accounts of former customers that were accessed, with customer names, phone numbers, addresses and dates of birth compromised.
I am guessing that Capital One did not fix their security from the last data breach they had.
Our Capital One cards were both breached with illicit charges on two Capital One cards this past week. Charges occurred on same dates. Guessing that Capital One is having an issue. Cards are not used much. (maybe one charge in the last couple of months on one of two cards). Personally cancelling this account as soon as possible after multiple phone calls to prove who we were talking to folks with a less than stellar command of the English language.
Updated 11:26 AM ET, Wed June 30, 2021
New York (CNN Business)The US Justice Department has filed additional charges against the hacker accused of illegally accessing more than 100 million Capital One customers' accounts and credit card applications in 2019.
Paige Thompson, a former Amazon engineer, now faces six counts of computer fraud and abuse, one count of access device fraud and one count of aggravated identity theft in addition to the original two charges. The superseding indictment also lists four additional victims of Thompson's hacking. She could serve up to 20 years in prison.
n 2019, Thompson allegedly gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to people's names, addresses, credit scores, credit limits, balances, and other information in, according to the bank and the US Department of Justice. The hack marked one of the largest data breaches in history.
Following the incident, Capital One entered into consent orders with the Fed and the Office of the Comptroller of Currency. The Fed then filed a cease and desist order, laying out steps the bank needed to take to improve its security, while the Office of the Comptroller of Currency filed an $80 million civil penalty against the bank.
In addition to accessing data, the Justice Department also alleges that Thompson shared details of the hack online.
The Department of Justice said Thompson posted about the tools she used to hack Capital One on GitHub, a software development site where programmers can post projects, using her full first, middle and last names.
The complaint also includes screenshots of a Slack channel in which Thompson, under the alleged alias "erratic," posted a list of Capital One files she claimed to possess and explained how she extracted the files.
The agency also alleges that Thompson made statements on other social media platforms about possessing Capital One data, listing a Twitter handle that allegedly belonged to Thompson, @0xa3a97b6c in the complaint. The account has since been suspended.
"Ive basically strapped myself with a bomb vest, f—ing dropping Capital One's dox and admitting it," Thompson allegedly wrote in a private message via Twitter.
Thompson's private Twitter messages also included references to distributing the names, Social Security numbers and dates of birth for the customers whose records she breached, according to the Justice Department.
Thompson's trial, which has been postponed several times for further discovery and because of the pandemic, is now set for March 14, 2022.
That said I'm guessing it was an internal job done by a disgruntled employee as probably a few of the data breaches I have seen this past year.
T-Mobile data breach: More than 50 million people now affected
The company is reportedly now facing a class-action lawsuit, according to papers filed in a Washington court and seen by Vice.
The fallout from T-Mobile's latest data breach is going from bad to worse. In an update issued Friday, the mobile carrier reported that hackers had illegally accessed one or more associated customer names, addresses, dates of birth, phone numbers, IMEIs and IMSIs of 5.3 million current postpaid customers. T-Mobile also said it had identified an additional 667,000 accounts of former customers that were accessed, with customer names, phone numbers, addresses and dates of birth compromised.
I am guessing that Capital One did not fix their security from the last data breach they had.
Our Capital One cards were both breached with illicit charges on two Capital One cards this past week. Charges occurred on same dates. Guessing that Capital One is having an issue. Cards are not used much. (maybe one charge in the last couple of months on one of two cards). Personally cancelling this account as soon as possible after multiple phone calls to prove who we were talking to folks with a less than stellar command of the English language.
Updated 11:26 AM ET, Wed June 30, 2021
New York (CNN Business)The US Justice Department has filed additional charges against the hacker accused of illegally accessing more than 100 million Capital One customers' accounts and credit card applications in 2019.
Paige Thompson, a former Amazon engineer, now faces six counts of computer fraud and abuse, one count of access device fraud and one count of aggravated identity theft in addition to the original two charges. The superseding indictment also lists four additional victims of Thompson's hacking. She could serve up to 20 years in prison.
n 2019, Thompson allegedly gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to people's names, addresses, credit scores, credit limits, balances, and other information in, according to the bank and the US Department of Justice. The hack marked one of the largest data breaches in history.
Following the incident, Capital One entered into consent orders with the Fed and the Office of the Comptroller of Currency. The Fed then filed a cease and desist order, laying out steps the bank needed to take to improve its security, while the Office of the Comptroller of Currency filed an $80 million civil penalty against the bank.
In addition to accessing data, the Justice Department also alleges that Thompson shared details of the hack online.
The Department of Justice said Thompson posted about the tools she used to hack Capital One on GitHub, a software development site where programmers can post projects, using her full first, middle and last names.
The complaint also includes screenshots of a Slack channel in which Thompson, under the alleged alias "erratic," posted a list of Capital One files she claimed to possess and explained how she extracted the files.
The agency also alleges that Thompson made statements on other social media platforms about possessing Capital One data, listing a Twitter handle that allegedly belonged to Thompson, @0xa3a97b6c in the complaint. The account has since been suspended.
"Ive basically strapped myself with a bomb vest, f—ing dropping Capital One's dox and admitting it," Thompson allegedly wrote in a private message via Twitter.
Thompson's private Twitter messages also included references to distributing the names, Social Security numbers and dates of birth for the customers whose records she breached, according to the Justice Department.
Thompson's trial, which has been postponed several times for further discovery and because of the pandemic, is now set for March 14, 2022.