WYOMING — A caring reminder comes from central Wyoming, where an elderly resident unintentionally shared her Social Security Number and/or Medicare number over the phone. This incident occurred late on a Friday afternoon, a time when banks were closed, amplifying concerns about potential risks that could unfold over the weekend. In response to this situation, the following steps are recommended for individuals facing a similar scenario or those assisting a loved one:
Credit Freeze: Immediately freeze credit at major bureaus - Equifax, Transunion, and Experian - to prevent unauthorized access and protect against potential identity theft.
Bank Notification: On Saturday, either visit the bank in person or use the bank’s answering service to report the incident promptly. This step aims to secure the individual’s financial accounts and limit potential damage.
Social Security Administration (SSA) Contact: Look up the nearest Social Security Administration (SSA) office and call them first thing on Monday to seek advice on further protective measures.
Log into your secure Medicare account or call 1-800-MEDICARE to report potential fraud.
Legal Authorities Involvement: In case of suspected financial loss, promptly contact local law enforcement and also contact the FBI through ic3.gov, the Internet Crime Complaint Center, to initiate investigations and take appropriate legal actions.
CyberWyoming Note: There have been several Medicare scams reported throughout the state including “we are replacing your paper card with a plastic one” and “because you are on Wyoming Medicare we are changing the card colors to brown and gold.” While these scenarios sound plausible, remember that the real Medicare people won’t ask you for your number over the phone or contact you out of the blue.
Global Atlantic Gambit
A Jackson retiree annuity client received a fraudulent email with the subject “Global Atlantic Annuity Transaction Confirmation.” Despite the email appearing legitimate, the client recognized it as a scam and reported it to the annuity carrier. The email urged the recipient to click a link to access their transaction confirmation in the electronic document library and provided a phone number for inquiries. CyberWyoming
Note: This situation highlights the potential risks and dangers posed by phishing scams targeting retirees and emphasizes the importance of verifying such communications to prevent financial fraud.
26 Billion Records Exposed in Supermassive Breach
A colossal data breach, dubbed the Mother of all Breaches (MOAB), has unleashed a staggering 26 billion records, making it one of the largest ever discovered. The leak amalgamates data from various platforms, including LinkedIn, Twitter, and Tencent, spanning 12 terabytes of information.
How Scams Operate:
Cybersecurity researcher Bob Dyachenko and the Cybernews team uncovered the MOAB. Leak-Lookup identified a “firewall misconfiguration” as the cause, now rectified.
What to Be Aware Of:
The MOAB contains a mix of previously exposed and potentially new data.
MOAB includes sensitive information, potentially leading to identity theft and cyberattacks.
What to Do
23andMe tells victims it’s their fault that their data was breached: Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch. … “Rather than acknowledge its role in this data security disaster, 23andMe has apparently decided to leave its customers out to dry while downplaying the seriousness of these events,” Hassan Zavareei, one of the lawyers representing the victims who received the letter from 23andMe, told TechCrunch in an email. … In December, 23andMe admitted that hackers had stolen the genetic and ancestry data of 6.9 million users, nearly half of all its customers. … The data breach started with hackers accessing only around 14,000 user accounts. The hackers broke into this first set of victims by brute-forcing accounts with passwords that were known to be associated with the targeted customers, a technique known as credential stuffing.
Secure The Village
MS-ISAC and CISA Patch Now Alert: The Multi-State Information Sharing and Analysis Center (MS-ISAC) or the Cybersecurity & Infrastructure Security Agency (CISA) has published a patch now (update your software) alert for Jenkins, Trend Micro uiAirSupport, Google Chrome, and Ivanti Products. If you use these products, make sure the software (or firmware) is updated.