Connect with us

Technology

19 billion passwords have leaked online: How to protect yourself

Published

on

19 billion passwords have leaked online: How to protect yourself

Passwords are outdated, and it’s time for both tech companies and users to move on. There, I said it. Like it or not, the weakest link in cybersecurity is anything that relies on human input. While organizations continue to invest in firewalls and endpoint security, the most persistent vulnerability remains the human password.

The internet has long struggled with poor password practices, but a recent discovery highlights just how serious the problem is. 

Security researchers have uncovered more than 19 billion newly leaked passwords, collected from hundreds of breaches between April 2024 and April 2025. An astonishing 94% of these passwords were either reused, predictable or both.

Join The FREE CyberGuy Report: Get my expert tech tips, critical security alerts and exclusive deals — plus instant access to my free Ultimate Scam Survival Guide when you sign up!

Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

Advertisement

What you need to know

Between April 2024 and April 2025, data from nearly 200 separate cybersecurity incidents became publicly available, as discovered by Cybernews. These were not isolated events. They involved massive leak repositories including combolists, stealer logs and compromised databases. In total, over 3 terabytes of raw leaked data were analyzed, comprising more than 19 billion passwords. Only 6 percent of these, just over 1.1 billion, were unique.

Among the most used passwords, “123456” appeared in over 338 million instances. Words like “Password” and “admin” followed close behind, despite years of public warnings. Such defaults often originate from devices like routers or enterprise tools, where they are rarely changed and frequently reused elsewhere.

1.7 BILLION PASSWORDS LEAKED ON DARK WEB AND WHY YOURS IS AT RISK

Personal names remain a common pattern as well. The name “Ana” appeared in nearly 179 million passwords, followed by countless other first names and name-based combinations. Pop culture, food, cities and even swear words were frequent themes. Words like “Mario,” “love,” “pizza,” “Rome” and various profanities were not just creative choices. They are now security liabilities.

Even worse, attackers do not need to guess anymore. They have automation. Credential stuffing tools now run through billions of known passwords across hundreds of platforms, breaching accounts at success rates as high as two percent. That equates to thousands of compromised profiles, bank accounts, emails and cloud tools every single day.

Advertisement

Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

200 MILLION SOCIAL MEDIA RECORDS LEAKED IN MAJOR X DATA BREACH

The bigger problem

According to CyberNews researcher Neringa Macijauskaite, the core issue is not just weak passwords but how often they are reused. Only six percent of passwords are unique. For most users, security depends entirely on two-factor authentication, if it is enabled at all.

Most passwords fall between eight to 10 characters, with eight being the most common. Around 27 percent of them contain only lowercase letters and digits, making them highly vulnerable to brute force attacks. Less than 20 percent use a mix of cases and numbers, and only a small fraction includes symbols.

HOW SECURE IS MY PASSWORD? USE THIS TEST TO FIND OUT

Advertisement

Despite widespread education efforts, user habits remain stagnant, but one positive trend has emerged. In 2022, only one percent of passwords used a mix of lowercase, uppercase, numbers and symbols. Now that figure has grown to 19 percent, likely driven by stricter password requirements across platforms.

Get a free scan to find out if your personal information is already out on the web.

Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

HR FIRM CONFIRMS 4M RECORDS EXPOSED IN MAJOR HACK

A password manager is the solution

Reused or weak passwords pose a massive threat, not just to individuals but to organizations. A single compromised password can trigger a domino effect, exposing multiple accounts across services. Consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed Password Managers of 2025 here.

Advertisement

Four ways to stay safe from password-stealing scammers

Protecting your data requires a mix of smart security habits and reliable tools. Here are four effective ways to keep your information safe.

1. Enable two-factor authentication (2FA): Even if your password is stolen, 2FA adds an extra layer of security by requiring a second form of verification, such as a code from an authentication app or biometric confirmation. Cybercriminals rely on stolen usernames and passwords to break into accounts, but with 2FA enabled, they cannot gain access without the additional security step. Make sure to enable 2FA on important accounts like email, banking and work-related logins.

2. Use strong antivirus software and be cautious with downloads and links: Infostealer malware is the root cause of why your password is out there. It often spreads through malicious downloads, phishing emails and fake websites. Avoid downloading software or files from untrusted sources, and always double-check links before clicking them. Attackers disguise malware as legitimate software, game cheats or cracked applications, so it is best to stick to official websites and app stores for downloads.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

3. Keep software updated: Cybercriminals exploit outdated software to deliver malware. Keeping your operating system, browsers, and security software up to date ensures that known vulnerabilities are patched. Enable automatic updates whenever possible, and install reputable antivirus or endpoint protection software that can detect and block infostealer threats before they compromise your system.

Advertisement

4. Consider a personal data removal service: These services can help remove your personal information from data broker sites, reducing your risk of identity theft, spam and targeted scams. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here.

SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES

Kurt’s key takeaways 

When it comes down to it, passwords just aren’t cutting it anymore. The sheer number of leaked passwords and the fact that so few are unique show how vulnerable we really are. Cybercriminals are getting smarter and faster, but we don’t have to make it easy for them. By using password managers, enabling two-factor authentication, keeping our software updated and considering extra privacy tools, we can take back some control over this situation. It might take a little effort to change old habits, but the peace of mind you get is worth it.

How many of your accounts use the same password or a variation of it? Let us know by writing us at Cyberguy.com/Contact

Advertisement

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Advertisement

Copyright 2025 CyberGuy.com. All rights reserved.  

Technology

Google turns old phones into cloud servers

Published

on

Google turns old phones into cloud servers

NEWYou can now listen to Fox News articles!

That old phone sitting in your drawer may have more life left in it than you think. You may look at it and see a dead battery, an outdated camera or a screen that no longer feels worth using. Google and researchers at the University of California San Diego see something else: a tiny computer that may still have useful processing power.

Their idea is called phone cluster computing. Instead of treating retired smartphones as electronic waste, researchers remove the motherboard and redeploy it as part of a low-carbon computing system.

Google says UC San Diego plans to launch a data center built from 2,000 Pixel smartphones in fall 2026. The goal is to provide low-cost cloud computing for students and researchers while reducing the need for newly manufactured server hardware.

That means the next chapter for an old phone may not be a junk drawer. It may be a server rack.

Advertisement

YOU COULD GET PAID FROM GOOGLE’S ANDROID DATA LAWSUIT

Researchers plan to launch a 2,000-phone data center at UC San Diego in fall 2026 to support students and research workloads. (Kurt “CyberGuy” Knutsson)

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

What is phone cluster computing?

Phone cluster computing takes retired smartphones and turns their core hardware into a computing platform. The process starts by stripping each phone down to the motherboard. That board holds the processor, memory and storage. The display, battery, cameras, chassis and other phone-specific parts are removed.

That step is important because a full phone does not belong in a data center. Batteries can create safety issues. Screens and cameras waste space. The motherboard is the part that still offers computing value.

Once the board is removed, researchers load a general-purpose Linux system onto it. Android already runs on Linux at its core, but Android is built for mobile apps and personal devices. A data center needs something more flexible for cloud workloads. After that, the phone boards can be grouped into clusters. Many small boards then work together like a collection of tiny servers.

Advertisement

Why Google wants old Pixel phones for cloud computing

The AI boom has created a huge appetite for computing power. Data centers need more chips, more electricity and more cooling. At the same time, billions of phones fall out of use around the world.

This Google-backed project takes that conversation in a different direction by asking whether some useful computing can come from hardware we already made.

The project focuses on embodied carbon. That means the emissions created before a device ever turns on. Mining, manufacturing and shipping all add to that carbon footprint.

If a phone motherboard already exists, reusing it can avoid some of the environmental cost tied to manufacturing new hardware. Google says the motherboard accounts for about half of a phone’s embodied carbon, which makes it the most valuable part to recover.

How retired smartphones become low-carbon servers

You cannot plug a pile of old phones into a rack and call it a data center. The process requires careful teardown, new software and a way to manage many boards at once. Google says the project uses containerized applications managed by Kubernetes. That helps coordinate the work across many devices.

Advertisement

The phones are organized into self-managing clusters of about 25 to 50 boards. Each board works as a small Linux machine. Together, they can handle tasks that would otherwise run on traditional cloud servers. That does not make one phone equal to one server. A server has many more processor cores, more memory and data center-grade hardware. A phone board has fewer resources and tighter limits. Still, some jobs do not need a giant machine. They need enough compute to run efficiently without wasting resources.

GOOGLE ENGINEER STOLE AI SECRETS FOR CHINA, SENATE HEARS IN EXPLOSIVE TESTIMONY

Google and UC San Diego are testing a cloud computing system built from retired Pixel phone motherboards, giving old smartphones a possible second life. (Google)

Can old phone processors handle cloud workloads?

The technical case is stronger than you may expect. Google says the single-threaded performance of modern smartphone performance cores can match or beat the per-core performance of some modern multicore servers. In one comparison, a 2023 Pixel Fold was tested against an ASUS RS720A-E11 server using SPEC benchmarks. The Pixel Fold’s performance cores beat the baseline data center server core on many of the tests. That sounds impressive, but there is an important catch.

A smartphone board has a smaller memory limit and fewer cores. It also lacks the management tools and hardware durability that servers are built around. So the project needs the right workloads.

Advertisement

UC San Diego is starting with educational and research computing. That makes sense because many classroom tasks can run on small cloud instances. Google says early experiments showed that a 20-phone cluster could support peak submission rates for a class of more than 75 students. The grading latency also came in below the default AWS backend used in the comparison.

Why UC San Diego is testing a 2,000 Pixel phone data center

UC San Diego plans to use the 2,000-phone cluster to support computer science classes and research workloads. Google says the deployment could support about 100 classes at once. It also describes the system as providing about 50 server-equivalents worth of compute at a fraction of the usual cost.

For a university, that could be a major advantage. Cloud computing costs can rise quickly, especially when many students submit assignments at the same time. If a reused phone cluster can handle some of that load, schools may save money while reducing demand for newly manufactured servers.

This also gives researchers a chance to test phone-based computing at scale. A small lab demo can look promising. A 2,000-board deployment will show much more about reliability, maintenance and day-to-day performance.

Phone cluster computing still has big limits

Phone cluster computing sounds promising, but it still has a lot to prove. Your smartphone was made for daily use in your hand, not nonstop work inside a data center. Data center servers are built to run for years with steady cooling, fast repairs and constant monitoring. Phone motherboards come from devices made for pockets, backpacks and kitchen counters. That alone raises some big questions.

Advertisement

The boards could fail faster than expected. Cooling may also become a challenge once thousands of tiny processors run side by side. Then there is the labor problem, because someone has to safely remove batteries, screens and other parts before the boards can be reused. Cost will be the deciding factor. If teardown, maintenance and replacement work get too expensive, this idea may stay in the research lab.

Phone clusters also will not replace the massive GPU systems that power advanced AI training. They make more sense for smaller cloud jobs, classroom tools and research tasks that fit within smartphone hardware limits. That still leaves plenty of useful work. After all, not every cloud task needs the newest chip.

Why old smartphones could help cut e-waste

The world’s e-waste problem is growing fast. The Global E-waste Monitor projects that electronic waste could climb to 82 million tonnes by 2030, while formal collection and recycling rates are expected to fall to 20%. Old phones are a big part of that problem because many never make it to a proper recycling program. They sit in drawers, land in closets or get tossed out with valuable parts still inside. Even when a phone no longer feels useful to you, its processor, memory and storage may still have work left to do.

CyberGuy has covered related second-life ideas before, including old smartphones being turned into tiny data centers and repurposed EV batteries helping power AI data centers. The common theme is hard to ignore. Some of the hardware already in circulation may still have useful work left to do.

FIVE DATA BROKER OPT-OUT MYTHS THAT LEAVE RETIREES EXPOSED

Advertisement

Google says reusing smartphone motherboards could cut hardware waste and reduce the carbon cost of building new data center servers. (Yawar Nazir/Getty Images)

How to safely recycle or reuse your old phone

This research does not mean you should toss your old phone into a random donation bin tomorrow. Before you recycle, donate, trade in or sell an old phone, you need to protect your data. Back up anything you want to keep. Then sign out of your accounts and securely wipe the device.

CyberGuy has a helpful guide on how to securely get rid of your old cell phone. Privacy comes first whenever you part with a device.

You can also consider trade-in programs, certified refurbishers or reputable electronics recycling programs. If the phone still works, buying refurbished can also keep devices in use longer. CyberGuy has covered what to know before buying refurbished electronics, which is helpful if you want to save money without taking a gamble. The key is to avoid letting old devices sit forgotten forever. A phone in a drawer helps no one.

What this means to you

That old phone in your drawer may not be as useless as it looks. Even if the battery is tired or the camera feels outdated, the processor inside may still have real value.

Advertisement

Now, you probably will not be mailing your old phone to a Google data center anytime soon. Still, this project points to a bigger shift in how we think about retired tech. Instead of sending every old device straight to recycling or letting it collect dust, companies, schools and researchers may find smarter ways to reuse the parts that still work.

There is also a money lesson here. If your current phone still runs well, you may not need to rush into an upgrade just because a newer model comes out. A battery replacement, trade-in or refurbished option could save you money while keeping perfectly good hardware in use longer. To me, that is the real takeaway. The phone you forgot about could possibly still have a job to do.

Watch the CyberGuy Live replay: Lock Down Your Phone in 30 Minutes

Your phone holds your email, passwords, photos, banking apps and personal data. In this free CyberGuy Live replay, Kurt the CyberGuy walks you step by step through simple phone security fixes you can do at your own pace. You’ll learn how to improve your privacy settings, spot the latest phone scams, use trusted security tools and walk away with a simple checklist to stay protected. Watch the replay and get our checklist here: CyberGuyLive.com.

Kurt’s key takeaways

Google and UC San Diego are testing how to turn retired Pixel phone motherboards into a low-carbon cloud computing platform. The project could give old smartphones a second life while reducing the need for newly manufactured servers. That is important as AI data centers keep demanding more computing power and more electricity. The first major test is expected in fall 2026 with a 2,000-phone data center at UC San Diego. If it works, the cluster could support students and researchers at a lower cost than traditional cloud infrastructure. However, this idea still has to prove it can handle the grind of daily use. Reliability, cooling, teardown labor and maintenance will determine whether phone cluster computing can grow beyond just research. To me, the most relatable part is sitting in your junk drawer. That old phone may seem useless, but its processor could still be powerful enough to help run cloud jobs. Maybe the future of computing starts with hardware we already forgot we owned.

Would you feel good knowing your old phone could help power cloud computing? Let us know by writing to us at CyberGuy.com.

Advertisement

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Advertisement
Continue Reading

Technology

Google’s Nest Thermostat has hit its best price of the year

Published

on

Google’s Nest Thermostat has hit its best price of the year

If you’re looking for a relatively affordable way to cut down on cooling costs, Google’s Nest Thermostat can help. It’s packed with smart controls and energy-saving features, and right now it’s on sale in white for $79 ($50 off), which is its best price of the year, at Amazon.

The smart thermostat is quick to install and makes it easy to adjust your home’s temperature whether you’re relaxing in bed or on your way home thanks to the Google Home app. You can also create schedules and control it with your voice using Google Assistant, Alexa, or another Matter-compatible voice assistant.

Once it’s set up, the Nest Thermostat can automatically turn the temperature down when you’re away to help reduce unnecessary energy use, while Google’s Savings Finder feature suggests additional ways to save over time. It also monitors your HVAC system and can alert you if something doesn’t seem right, making it easier to stay on top of maintenance before small issues become bigger, more expensive ones. If you’re eligible, Nest Renew can also automatically shift some of your heating and cooling to times when electricity is cleaner or cheaper.

That said, this is Google’s entry-level model from 2020, so you do miss out on some of the premium features found on the latest Nest Learning Thermostat. Unlike the flagship version, it won’t learn your schedule automatically over time, for example, and lacks support for Nest Temperature Sensors that let you prioritize the temperature in a specific room. Even so, if all you want is an easy way to adjust your home’s temperature remotely and potentially lower your energy bills, the Nest Thermostat is still a solid investment at this price.

Continue Reading

Technology

Medical identity theft follows you into the doctor’s office

Published

on

Medical identity theft follows you into the doctor’s office

NEWYou can now listen to Fox News articles!

The Justice Department recently charged 455 people in its annual National Health Care Fraud Takedown. The cases involve more than $6.5 billion in alleged false claims. More state Medicaid units took part than in any prior year. Ninety of the accused are doctors or other licensed medical professionals. The DOJ says prosecutors still must prove the charges in court.

Many schemes used other people’s medical identities. Prosecutors also added aggravated identity theft charges in cases across dozens of states. In one case, the co-owner of a Virginia mental health company allegedly paid homeless people with hotel stays. Prosecutors say the company used their Medicaid numbers, then billed Medicaid for crisis services the patients never got.

For the people whose numbers got used, the case file may eventually close. Their medical records may not be so easy to fix. Once someone else’s treatment shows up under your name, it can add wrong information to your chart. It can also use up insurance benefits you may need later. That is harder to undo than canceling a credit card.

Sign up for my FREE CyberGuy Report

Advertisement
  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

DR OZ WARNS MEDICARE SCAMMERS ARE STEALING BILLIONS — AND YOUR PERSONAL INFORMATION COULD BE NEXT

Medical identity theft can put someone else’s claims, prescriptions or diagnoses into your health records, creating problems that can follow you into a doctor’s office. (iStock)

The identity thief’s treatment gets written into your file

Medical identity theft happens when someone uses your name, Social Security number (SSN), health insurance account number, or Medicare number to see a doctor, fill a prescription, buy medical equipment, or submit a claim, according to the Federal Trade Commission (FTC).

When care is billed under your name, the thief’s health information can blend into yours. The FTC warns that mixed records can affect the care you’re able to get and the benefits you are able to use. A blood type, a drug allergy, a diagnosis, or a prescription that belongs to a stranger can sit in the file a physician reads before treating you.

Data breaches can feed the market for medical identity theft

Hospitals and insurers hold the exact records that make the fraud work, and those records are stolen often. This does not mean every healthcare breach leads to fraud. However, it explains why your insurance number, Medicare number, SSN and medical records can become valuable long after a breach notice arrives.

This spring, NYC Health + Hospitals reported that an intruder had copied files that may have included health insurance information, medical information, biometric data, billing data and other personal information. The breach was later reported to affect roughly 1.8 million current and former patients and employees.

Advertisement

Once a name, SSN, insurance number, Medicare number or medical record reaches a criminal marketplace, it can be resold to operators who bill under someone else’s identity.

Treat your insurance card like a credit card

Your health insurance and Medicare numbers are what these operations need, so the FTC recommends guarding them the way you would a payment card.

  • Keep enrollment forms, benefit statements, and prescription labels somewhere secure, and shred them before throwing them out.
  • When a doctor’s office asks for your SSN, ask whether it can use another identifier or the last four digits instead.
  • Be wary of anyone who calls, texts, or emails offering free braces, genetic tests, or medical supplies in exchange for your Medicare number; several of the schemes in the June takedown billed Medicare for exactly those items.
  • If you are on Medicare, create or log in to your secure Medicare account and review your claims. You can also check your Medicare Summary Notice for services, supplies or equipment you do not recognize. If something looks wrong, call 1-800-MEDICARE.

HOSPICE FRAUD USES STOLEN IDENTITIES FOR FAKE PATIENTS

Experts urge patients to treat insurance cards like credit cards and quickly challenge unfamiliar medical bills, claims or benefits notices. (iStock)

Your credit report may never flag this fraud

Because a fraudulent medical claim runs through insurance and provider systems instead of a credit check, it skips the alerts most people rely on.

Here’s what the FTC says you should look out for:

Advertisement
  • A bill or an Explanation of Benefits (EOB) statement for care you never received
  • A call from a debt collector about a medical debt you do not owe
  • A medical collection you do not recognize on your credit report
  • A notice from your insurer that you have reached your benefit limit
  • A Medicare Summary Notice that lists services, supplies or equipment you never received

What to do first if a medical claim looks wrong

If a bill, EOB or Medicare notice shows care you never received, move quickly and keep everything in writing.

1) Call your insurer or Medicare directly

Call your insurer or Medicare using the number on your card, not a number from a random text, email or voicemail.

2) Get the claim details

Ask for the provider name, date of service, claim number and service details.

3) Request the records in writing

Contact the provider in writing and request the medical or billing records tied to that claim.

4) Report the error

Report the error to your insurer’s fraud department.

5) File an identity theft report

File a report at IdentityTheft.gov if your medical identity was used. That gives you a recovery plan and documentation you may need if fraudulent bills or collections show up later.

Advertisement

6) Save every document

Keep copies of every bill, EOB, letter, portal message, police report and case number.

Correcting a medical file is slower than disputing a charge

Request your records from every provider, clinic, pharmacy, lab and insurer the thief may have used, then report each error in writing. Under HIPAA, a provider generally has 30 days to give you access to your records after a written request, with a possible 30-day extension.

Fixing the record itself can take longer. HHS says a covered provider or health plan usually has up to 60 days to act on a request to amend a medical record, with a possible 30-day extension in certain cases. If the provider or plan created the wrong information, it must amend inaccurate or incomplete information.

There’s one catch, though: a provider may refuse to release records that now contain a stranger’s information, citing that person’s privacy. If that happens, ask for the provider’s privacy officer or patient advocate. You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you do not get your records or an explanation within the required window.

TEXAS DATA BREACH HITS 3M LICENSE CUSTOMERS

Advertisement

Stolen Medicare, Medicaid or insurance numbers can be used to bill for care, medical equipment or prescriptions patients never received. (kali9/Getty Images)

A credit freeze alone won’t stop a claim under your insurance

A freeze blocks new accounts, but it does nothing about a claim filed with your insurance number. Because medical identity theft can move without touching your credit file, monitoring where your personal information appears is the earliest way to act on it.

An identity theft protection service can monitor the dark web, data broker sites and people-search sites for exposed SSNs, driver’s license numbers, medical ID numbers and email addresses. It can also track all three credit bureaus for medical collections that may follow and flag public-record changes tied to your name.

If misuse happens, some services include fraud resolution support to help you request records, dispute fraudulent claims and work with providers, insurers and credit bureaus. Some plans also include identity theft insurance for eligible recovery costs.

No service can prevent every misuse of your medical identity. However, ongoing monitoring may flag exposed information before another person’s treatment reaches your records and your insurance.

Advertisement

See my tips and best picks on Best Identity Theft Protection at CyberGuy.com.

Kurt’s key takeaways

Medical identity theft hits in a place most of us rarely check: our health records. A stolen credit card can usually be canceled quickly. A stolen Medicare or insurance number can create fake claims, wrong diagnoses and benefit headaches that follow you long after the fraud case ends. I would not wait for a credit alert here. Check your EOBs, Medicare Summary Notices and insurer portals for visits, prescriptions or equipment you never received. Also, treat your insurance card like a payment card. Do not give the number to anyone who calls, texts or emails out of nowhere with a free offer. The most important thing is to act fast. Call your insurer or Medicare, ask for the claim details and request your medical records in writing. Then file at IdentityTheft.gov, so you have the paperwork you need if fraudulent bills or collections show up later.

Have you ever spotted a medical bill, insurance claim or EOB for care you never received? Let us know by writing to us at CyberGuy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

Advertisement
  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Continue Reading
Advertisement

Trending