Technology
Ransomware attack exposes Social Security numbers at major gas station chain
NEWYou can now listen to Fox News articles!
Cybercriminals are happy to target almost any industry where data can be stolen. In many cases, less prepared and less security-focused companies are simply easier targets.
A recent ransomware attack on a company tied to dozens of gas stations across Texas shows exactly how this plays out. The incident exposed highly sensitive personal data, including Social Security numbers and driver’s license details, belonging to hundreds of thousands of people.
The breach went undetected for days, giving attackers ample time to move through internal systems and steal sensitive data. If you’ve ever paid at the pump or shopped inside one of these convenience stores, this is the kind of incident that should make you stop and pay attention.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
What happened in the Gulshan ransomware attack
According to a disclosure filed with the Maine Attorney General’s Office, Gulshan Management Services, Inc. reported a cybersecurity incident that impacted more than 377,000 individuals. Gulshan is linked to Gulshan Enterprises, which operates around 150 Handi Plus and Handi Stop gas stations and convenience stores across Texas.
WINDOWS 10 USERS FACE RANSOMWARE NIGHTMARE AS MICROSOFT SUPPORT ENDS IN 2025 WORLDWIDE
The company says it detected unauthorized access to its IT systems in late September. Investigators later determined that attackers had been inside the network for roughly ten days before anyone noticed. The intrusion began with a phishing attack, a reminder of how a single deceptive email can still open the door to massive breaches.
Ransomware attacks don’t just hit tech companies. Retailers like gas stations store sensitive customer and employee data that criminals actively target. (Kurt “CyberGuy” Knutsson)
During that window, the attackers accessed and stole personal data, then deployed ransomware that encrypted files across Gulshan’s systems. The compromised information includes names, contact details, Social Security numbers and driver’s license numbers. That combination is especially dangerous, since it can be used for identity theft, account takeovers and fraud that may surface months or even years later.
Why the lack of a ransomware claim still matters
So far, no known ransomware group has publicly taken credit for the attack. That might sound like good news, but it does not necessarily change the risk for affected individuals. In many ransomware cases, silence can mean one of two things. Either the attackers have not yet posted stolen data publicly, or the victim company may have resolved the incident privately.
Gulshan’s filing states that it restored its systems using known-safe backups. That detail often suggests a company chose to rebuild rather than negotiate with attackers. Even so, once data has been copied out of a network, there is no way to pull it back. Whether or not the stolen information ever appears online, the exposure alone puts affected people at long-term risk.
This incident also highlights a recurring pattern. Retail and service businesses handle huge volumes of personal data but often rely on legacy systems and frontline employees who are prime phishing targets. Gas stations may not feel like obvious hacking targets, but their payment systems, loyalty programs and HR databases make them valuable all the same.
We reached out to Gulshan Management Services for comment regarding the breach, but did not receive a response before our deadline.
A customer pumps gas at a gas station on Feb. 13, 2025, in Austin, Texas. (Brandon Bell/Getty Images)
10 steps you can take to protect yourself after a breach like this
If your information was exposed in this breach or any similar ransomware incident, there are concrete steps you can take to reduce the fallout.
1) Monitor your credit and identity closely
If the company offers free credit monitoring or identity protection, enroll in it. These services can alert you early if someone tries to open accounts or misuse your identity. If nothing is offered, consider signing up for a reputable identity theft protection service on your own.
Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.
2) Consider a personal data removal service
The less of your information that’s floating around data broker sites, the harder it is for criminals to target you. Data removal services can help reduce your digital footprint over time.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Even when no ransomware group claims responsibility, stolen data can still fuel identity theft, fraud, and account takeovers long after a breach occurs. (Kurt “CyberGuy” Knutsson)
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
3) Use a password manager
A password manager helps you create and store unique passwords for every account. If attackers try to reuse stolen data to break into your online accounts, strong, unique passwords can stop that attempt cold.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
FIBER BROADBAND GIANT INVESTIGATES BREACH AFFECTING 1M USERS
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
4) Turn on two-factor authentication (2FA) everywhere possible
2FA adds an extra barrier, even if someone has your personal details. Prioritize email, banking, cloud storage, and shopping accounts, since those are often targeted first.
5) Install and keep a strong antivirus software running
Strong antivirus software can help detect phishing attempts, malicious downloads, and suspicious activity before it turns into a full compromise. Keep real-time protection enabled and don’t ignore warnings.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
6) Watch for phishing and follow-up scams
After breaches like this, scammers often send fake emails or texts pretending to be the affected company or a credit monitoring service. Slow down, verify messages independently, and never click links you weren’t expecting.
7) Review your credit reports regularly
Check your reports from all major credit bureaus for unfamiliar accounts or inquiries. You’re entitled to free reports, and catching issues early makes them much easier to fix.
8) Freeze your credit to stop new accounts from being opened
If criminals expose your Social Security number, place a credit freeze as soon as possible. A credit freeze blocks lenders from opening new accounts in your name, even when thieves have your personal details. The credit bureaus offer freezes for free, and you can temporarily lift one when you apply for credit yourself. This step stops identity theft before it starts, instead of alerting you after the damage is done. If you prefer not to freeze your credit, place a fraud alert instead. A fraud alert tells lenders to verify your identity before approving credit, which adds another layer of protection.
To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.”
In the Gulshan attack, hackers spent days inside internal systems, stealing personal data before deploying ransomware that locked down files. (Silas Stein/picture alliance via Getty Images)
9) Protect yourself from tax refund fraud with an IRS Identity Protection PIN
When Social Security numbers are stolen, tax fraud often follows. Criminals can file fake tax returns in your name to steal refunds before you ever submit your paperwork. An IRS Identity Protection PIN (IP PIN) helps prevent this by ensuring only you can file a tax return using your SSN. It’s a simple but powerful safeguard that can block a common form of identity theft tied to data breaches.
10) Lock down existing bank and financial accounts
Don’t just watch for new fraud, proactively secure the accounts you already have. Enable alerts on bank and credit card accounts for large transactions, new payees, or changes to contact information. If your SSN or driver’s license number was exposed, consider calling your bank to ask about additional protections or account notes. Acting early can prevent small issues from becoming major financial problems.
Kurt’s key takeaway
Your personal data doesn’t just live with banks and hospitals. Retailers, gas stations, and convenience store operators also hold information that can cause real harm if it falls into the wrong hands. When attackers get in through something as simple as a phishing email and stay undetected for days, the damage can spread fast. You can’t prevent these breaches yourself, but you can limit how much power stolen data gives criminals by locking down your accounts and staying alert.
Do you think everyday businesses like gas stations take cybersecurity seriously enough? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
Technology
Medical identity theft follows you into the doctor’s office
NEWYou can now listen to Fox News articles!
The Justice Department recently charged 455 people in its annual National Health Care Fraud Takedown. The cases involve more than $6.5 billion in alleged false claims. More state Medicaid units took part than in any prior year. Ninety of the accused are doctors or other licensed medical professionals. The DOJ says prosecutors still must prove the charges in court.
Many schemes used other people’s medical identities. Prosecutors also added aggravated identity theft charges in cases across dozens of states. In one case, the co-owner of a Virginia mental health company allegedly paid homeless people with hotel stays. Prosecutors say the company used their Medicaid numbers, then billed Medicaid for crisis services the patients never got.
For the people whose numbers got used, the case file may eventually close. Their medical records may not be so easy to fix. Once someone else’s treatment shows up under your name, it can add wrong information to your chart. It can also use up insurance benefits you may need later. That is harder to undo than canceling a credit card.
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
DR OZ WARNS MEDICARE SCAMMERS ARE STEALING BILLIONS — AND YOUR PERSONAL INFORMATION COULD BE NEXT
Medical identity theft can put someone else’s claims, prescriptions or diagnoses into your health records, creating problems that can follow you into a doctor’s office. (iStock)
The identity thief’s treatment gets written into your file
Medical identity theft happens when someone uses your name, Social Security number (SSN), health insurance account number, or Medicare number to see a doctor, fill a prescription, buy medical equipment, or submit a claim, according to the Federal Trade Commission (FTC).
When care is billed under your name, the thief’s health information can blend into yours. The FTC warns that mixed records can affect the care you’re able to get and the benefits you are able to use. A blood type, a drug allergy, a diagnosis, or a prescription that belongs to a stranger can sit in the file a physician reads before treating you.
Data breaches can feed the market for medical identity theft
Hospitals and insurers hold the exact records that make the fraud work, and those records are stolen often. This does not mean every healthcare breach leads to fraud. However, it explains why your insurance number, Medicare number, SSN and medical records can become valuable long after a breach notice arrives.
This spring, NYC Health + Hospitals reported that an intruder had copied files that may have included health insurance information, medical information, biometric data, billing data and other personal information. The breach was later reported to affect roughly 1.8 million current and former patients and employees.
Once a name, SSN, insurance number, Medicare number or medical record reaches a criminal marketplace, it can be resold to operators who bill under someone else’s identity.
Treat your insurance card like a credit card
Your health insurance and Medicare numbers are what these operations need, so the FTC recommends guarding them the way you would a payment card.
- Keep enrollment forms, benefit statements, and prescription labels somewhere secure, and shred them before throwing them out.
- When a doctor’s office asks for your SSN, ask whether it can use another identifier or the last four digits instead.
- Be wary of anyone who calls, texts, or emails offering free braces, genetic tests, or medical supplies in exchange for your Medicare number; several of the schemes in the June takedown billed Medicare for exactly those items.
- If you are on Medicare, create or log in to your secure Medicare account and review your claims. You can also check your Medicare Summary Notice for services, supplies or equipment you do not recognize. If something looks wrong, call 1-800-MEDICARE.
HOSPICE FRAUD USES STOLEN IDENTITIES FOR FAKE PATIENTS
Experts urge patients to treat insurance cards like credit cards and quickly challenge unfamiliar medical bills, claims or benefits notices. (iStock)
Your credit report may never flag this fraud
Because a fraudulent medical claim runs through insurance and provider systems instead of a credit check, it skips the alerts most people rely on.
Here’s what the FTC says you should look out for:
- A bill or an Explanation of Benefits (EOB) statement for care you never received
- A call from a debt collector about a medical debt you do not owe
- A medical collection you do not recognize on your credit report
- A notice from your insurer that you have reached your benefit limit
- A Medicare Summary Notice that lists services, supplies or equipment you never received
What to do first if a medical claim looks wrong
If a bill, EOB or Medicare notice shows care you never received, move quickly and keep everything in writing.
1) Call your insurer or Medicare directly
Call your insurer or Medicare using the number on your card, not a number from a random text, email or voicemail.
2) Get the claim details
Ask for the provider name, date of service, claim number and service details.
3) Request the records in writing
Contact the provider in writing and request the medical or billing records tied to that claim.
4) Report the error
Report the error to your insurer’s fraud department.
5) File an identity theft report
File a report at IdentityTheft.gov if your medical identity was used. That gives you a recovery plan and documentation you may need if fraudulent bills or collections show up later.
6) Save every document
Keep copies of every bill, EOB, letter, portal message, police report and case number.
Correcting a medical file is slower than disputing a charge
Request your records from every provider, clinic, pharmacy, lab and insurer the thief may have used, then report each error in writing. Under HIPAA, a provider generally has 30 days to give you access to your records after a written request, with a possible 30-day extension.
Fixing the record itself can take longer. HHS says a covered provider or health plan usually has up to 60 days to act on a request to amend a medical record, with a possible 30-day extension in certain cases. If the provider or plan created the wrong information, it must amend inaccurate or incomplete information.
There’s one catch, though: a provider may refuse to release records that now contain a stranger’s information, citing that person’s privacy. If that happens, ask for the provider’s privacy officer or patient advocate. You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you do not get your records or an explanation within the required window.
TEXAS DATA BREACH HITS 3M LICENSE CUSTOMERS
Stolen Medicare, Medicaid or insurance numbers can be used to bill for care, medical equipment or prescriptions patients never received. (kali9/Getty Images)
A credit freeze alone won’t stop a claim under your insurance
A freeze blocks new accounts, but it does nothing about a claim filed with your insurance number. Because medical identity theft can move without touching your credit file, monitoring where your personal information appears is the earliest way to act on it.
An identity theft protection service can monitor the dark web, data broker sites and people-search sites for exposed SSNs, driver’s license numbers, medical ID numbers and email addresses. It can also track all three credit bureaus for medical collections that may follow and flag public-record changes tied to your name.
If misuse happens, some services include fraud resolution support to help you request records, dispute fraudulent claims and work with providers, insurers and credit bureaus. Some plans also include identity theft insurance for eligible recovery costs.
No service can prevent every misuse of your medical identity. However, ongoing monitoring may flag exposed information before another person’s treatment reaches your records and your insurance.
See my tips and best picks on Best Identity Theft Protection at CyberGuy.com.
Kurt’s key takeaways
Medical identity theft hits in a place most of us rarely check: our health records. A stolen credit card can usually be canceled quickly. A stolen Medicare or insurance number can create fake claims, wrong diagnoses and benefit headaches that follow you long after the fraud case ends. I would not wait for a credit alert here. Check your EOBs, Medicare Summary Notices and insurer portals for visits, prescriptions or equipment you never received. Also, treat your insurance card like a payment card. Do not give the number to anyone who calls, texts or emails out of nowhere with a free offer. The most important thing is to act fast. Call your insurer or Medicare, ask for the claim details and request your medical records in writing. Then file at IdentityTheft.gov, so you have the paperwork you need if fraudulent bills or collections show up later.
Have you ever spotted a medical bill, insurance claim or EOB for care you never received? Let us know by writing to us at CyberGuy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
Technology
Meta is reportedly working on smart glasses that would be recording all the time
Meta might be the next company to make an always-on AI wearable. The company is working on prototype “super sensing” always-aware smart glasses that could continuously record audio and snap photos “every few seconds,” according to the Financial Times. The wearer could then ask Meta AI about the captured audio and images.
However, the images and audio might not be directly available to the user. Here’s how the FT describes one way the glasses could use the data:
In one proposed system, raw footage and audio would not be stored by Meta or made available to the user, several people said. Instead, the metadata from that audio and images would be extracted and uploaded to the server for Meta’s AI to query, which proponents argue would have fewer privacy implications.
But currently, Meta is planning for the LED recording indicator to remain off in “super sensing” mode, the FT reports. In a July 2025 whitepaper, the company said that it would reserve the LED indicator for “active capture” scenarios where the user is saving photos or videos, and leave it off during “AI Feature” use — such as scanning a menu — to avoid users becoming too used to the indicator. (If the indicator was on during the “super sensing” mode, it might also be harder to know when the glasses are actually recording video.)
Meta is also discussing if it would use the captured data for training its AI models. It may also bring the “super sensing” features to glasses it has already released, the FT says.
“While we don’t comment on internal prototypes, we’re committed to getting our glasses right because they need to be loved by both people wearing them and those around them,” Meta spokesperson Dave Arnold says in a statement to The Verge. Arnold also notes that “Our approach has been to develop new technologies that will help people throughout their day, with privacy built in from the ground up.”
Meta hasn’t been shy about some type of always-aware glasses being a possibility. CEO Mark Zuckerberg, in the company’s Q1 2026 earnings call, said that he was “really excited to see the glasses evolve from being able to answer questions to being able to be a personal agent that’s with you all day long, helping you remember things and achieve your goals.” In a March blog post about new Ray-Ban Meta glasses, the company wrote that “with ongoing software updates, Meta AI on glasses will transition from something you have to prompt with a question each time, to a more continuous, in-the-moment assistant that can help throughout the day.”
Technology
Get a $30 credit when you reserve Samsung’s upcoming Galaxy phones
Even though they haven’t been officially announced yet, Samsung is giving you a chance to save some cash when you preorder what we’re expecting to be the brand’s updated Galaxy Z Fold phones. The next Galaxy Unpacked event will take place on July 22nd, 2026, and features the tagline “A new shape unfolds.” In addition to seeing updated versions of the existing Flip and Fold form factors, we anticipate the debut of a new, wider foldable phone. If you register your interest ahead of time and end up preordering one of the new phones shortly after they’re announced, Samsung will give you a $30 store credit at checkout.
There are some caveats to this offer. You have to use the credit when you preorder the phone. No saving it for later. Also, the credit can’t be applied to the cost of the phone either, so you’ll have to put it towards the cost of accessories or extra services. Samsung specifically calls out that select Galaxy rings, earbuds, watches, and tablets are eligible, or you can use it to help pay for Samsung Care Plus.
There are no downsides to registering your interest, so if you think you might be interested in buying one of the upcoming phones, it’s worth filling out the form. As long as you use the same email during checkout, the credit will be automatically applied.
-
Health2 minutes agoDr Oz links obesity to chronic disease surge, says GLP-1s can ‘jumpstart’ better health
-
Sports5 minutes agoPirates star pitcher makes unfortunate history after being taken out in middle of perfect game bid
-
Technology10 minutes agoMedical identity theft follows you into the doctor’s office
-
Business17 minutes agoCalifornia soccer fans sue StubHub after it fails to deliver expensive World Cup tickets
-
Entertainment20 minutes agoLucas Museum to give free annual passes to South L.A. neighbors, host community preview day
-
Lifestyle25 minutes agoMeow Wolf taps famed L.A. animation house for its new Los Angeles venue
-
Politics32 minutes ago
Column: Trump decries ‘communism’ while his government takes ownership of companies
-
Science35 minutes ago‘I’d rather my house burn down than get cancer’: Herbicide use upends California’s fight to save forests