Connect with us

Technology

Frontier fallout as 750K customers' data exposed in RansomHub cyberattack

Published

on

Frontier fallout as 750K customers' data exposed in RansomHub cyberattack

U.S. telecommunications company Frontier has experienced a serious data security breach that compromised the personal information of a significant number of its customers. The company confirmed that a security incident resulted in the unauthorized disclosure of full names and Social Security numbers belonging to more than 750,000 individuals. Frontier is currently notifying affected customers and has reported the incident to the appropriate regulatory authorities.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

Field engineer investigating data breach (Kurt “CyberGuy” Knutsson)

What happened in the Frontier data breach?

Frontier Communications is warning 750,000 customers that their information was exposed in a data breach. “On April 14, 2024, we detected unauthorized access to some of our internal IT systems. Our investigation identified your personal information among the data affected by this incident,” the telco wrote in a notification sent to affected customers.

The sample of the notice submitted to the Office of the Maine Attorney General has censored the types of data exposed in this incident. However, full names and Social Security numbers were confirmed as breached for 751,895 customers, according to a Bleeping Computer report. Frontier assures that no customer financial information was exposed due to this breach.

Advertisement

Frontier believes it contained the data breach shortly after the attack and restored normal business operations. However, the security incident forced the company to partially shut down some systems to prevent the threat actors from laterally moving through the network, which also led to some operational disruptions.

Frontier fallout as 750K customers' data exposed in RansomHub cyberattack

A woman working on her laptop (Kurt “CyberGuy” Knutsson)

PHARMA GIANT’S DATA BREACH EXPOSES PATIENTS’ SENSITIVE INFORMATION

Who’s behind the Frontier data breach?

Frontier hasn’t disclosed the exact cause of the data breach, but it confirmed a cybercrime group was behind it. “Based on the Company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information,” the telco wrote in a filing with the Securities and Exchange Commission.

Frontier hasn’t officially named the cybercrime group responsible for the attack. However, it’s worth noting that the RansomHub extortion group claimed responsibility for the attack this month, June 4, raising suspicion about the timing of Frontier’s data breach notification.

RansomHub says they hacked Frontier and stole data on 2 million customers. This data reportedly includes personal info like names, addresses, birthdays, Social Security numbers, email addresses and even details about your Frontier service. RansomHub put Frontier’s name on their dark web extortion site and gave the company a deadline to meet their ransom demands. If Frontier doesn’t respond to their demands, RansomHub says they’ll sell the stolen data to the highest bidder.

Advertisement

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

What is Frontier doing about the data breach?

Frontier says it responded swiftly to the cyberattack. It brought in leading cybersecurity experts to investigate and contain the breach while also fortifying its network defenses to prevent future intrusions. Law enforcement and regulators were notified.

The telecom giant is providing affected customers with free credit monitoring and identity theft resolution for one year. While Frontier mentions a deadline to enroll, it hasn’t specified the date. Act promptly to ensure you’re covered.

We reached out to Frontier for a comment but had not heard back by our deadline.

Frontier fallout as 750K customers' data exposed in RansomHub cyberattack

Illustration of a person investigating data breach (Kurt “CyberGuy” Knutsson)

AT&T DATA LEAK FROM 73 MILLION CUSTOMERS – WHAT YOU NEED TO DO NEXT

Advertisement

6 measures to take to protect yourself from a data breach

If you suspect you’ve been affected by this data breach, follow these steps to protect your personal data and privacy.

1) Invest in identity theft protection: If you think your personal data has been leaked, scammers may try to impersonate you to gain access to your private information. The best thing you can do to protect yourself from this type of fraud is to subscribe to an identity theft service. If you’re eligible, take the free Kroll subscription Frontier is offering.

Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

2) Place a fraud alert: Contact one of the three major credit reporting agencies (Equifax, Experian or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification.

3) Be cautious of phishing attempts: Be vigilant about emails, phone calls or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request.

Advertisement

The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

4) Check Social Security benefits: It is crucial to periodically check your Social Security benefits to ensure they have not been tampered with or altered in any way, safeguarding your financial security and preventing potential fraud.

5) Invest in personal data removal services: While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Remove your personal data from the internet with my top picks here.

6) Change your password: You can render a stolen password useless to thieves simply by changing it. Opt for a strong password, one that you don’t use elsewhere. Even better, consider letting a password manager generate one for you.

TICKETMASTER DATA BREACH EXPOSES 560 MILLION CUSTOMERS’ DATA, IT GROUP SAYS

Advertisement

Kurt’s key takeaway

Frontier says it is fortifying its systems to prevent the incident from happening again. While I appreciate the company’s steps to make things right, this incident shouldn’t have occurred in the first place, especially if customers are entrusting it with sensitive information. Frequent data breaches suggest a worrying gap in cybersecurity preparedness among large tech companies. You, as customers, must stay aware when sharing sensitive information and avoid any phishing attempts from scammers.

How important is online privacy to you? Have recent data breaches impacted your online behavior? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Advertisement

Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.

Advertisement
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Technology

Amazon is discontinuing my favorite Echo — the one with a dot-matrix clock

Published

on

Amazon is discontinuing my favorite Echo — the one with a dot-matrix clock

I have six Amazon Echo smart speakers in my house, and I’ve tested more, but my favorite is the Echo Dot with Clock. I love how the fabric-covered LED dot matrix display makes time unobtrusively accessible, beaming its gentle white light from my dresser across my blackout-curtained dark bedroom. (It definitely beats asking Alexa the time.)

So I’m sorry to be the bearer of bad news: Amazon has discontinued the Dot with Clock in favor of a more expensive, less eye-pleasing model.

Amazon didn’t tell us why it’s going away. At first, I mistakenly thought it might be due to hidden defects — my own Echo Dot with Clock began mysteriously freezing a few weeks back, completely unresponsive to voice commands and with images stuck on its display. Multiple resets didn’t help.

But after I successfully argued for Amazon to credit me for a replacement Echo, it began working again. (I had to hard reset it, then go through the setup process multiple times in the Alexa app to get it working.)

When I went looking for a replacement $60 Echo Dot with Clock, I was surprised to find Amazon didn’t stock it anymore — only refurbished models were available when I checked, even though the blue model is available again at Amazon and Target today. So instead, I took a chance on the company’s spiritual successor: the $80 Echo Spot, which replaces the dot-matrix display with a screen.

Advertisement

But despite being more expensive, I’m finding the Spot inferior for my purposes. While its screen isn’t too bright for a dim bedroom, it’s not what I’d call visually pleasing. It never lets me forget I’m staring at a cheap screen. Plus, the whole screen is tilted upwards, presumably for nightstand use, not my tall dresser. I have no nightstands in my bedroom.

The Echo Dot with Clock and the Echo Spot, flanked by other small smart displays.
Photo by Jennifer Pattison Tuohy / The Verge

My colleague Jennifer Pattison Tuohy is currently working on a full review of the Echo Spot, and she likes it a good bit better than me!

But she says it doesn’t sound quite as good as the Dot either (though audio’s more directional), and it still doesn’t let you do anything as basic as setting an alarm with touch like you can with other smart displays. The main benefits are music playback controls and the ability to display time, date, temperature, and the weather simultaneously.

Now that my Echo Dot with Clock is working again, I’ll be returning the Spot — and the money that Amazon credited me.

Advertisement
Continue Reading

Technology

What exactly is a data breach and why should I care?

Published

on

What exactly is a data breach and why should I care?

Data breaches have become common, and if you’ve actively used online services in the past year, you might have been affected by them. For example, the Advance Auto Parts breach exposed more than 2.3 million users’ personal information, while a recent AT&T incident allowed hackers to access around six months of customer call and text interactions. But what do bad actors do with all this data?

John from Jackson, Mississippi, asked a similar question that I want to highlight and address because it helps all of us:

“What do you mean when you say a company has exposed 2.3 million or whatever in a data breach? This happens often, but there is never any follow-up. It’s like throwing address labels in a trash can, and then they are carried to the landfill. So? What really happens with a data breach?”

I get what you’re saying, John. Data breaches make headlines, but you rarely hear about the fallout. It’s tough to link a specific breach to a specific problem later on. Below is a detailed look at what a data breach actually means.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

Advertisement

Illustration of a hacker at work (Kurt “CyberGuy” Knutsson)

Data breach explained

A data breach occurs when an unauthorized person gains access to information that is meant to be confidential, private, protected or sensitive. Think of it this way: You have personal information that you trusted a friend with, but while sharing it, someone who wasn’t supposed to know it overheard it.

A real-life example is the AT&T data breach mentioned earlier. Your call logs and text interactions that were meant to be private and which you trusted AT&T to protect ended up in the hands of hackers. These details can now be used by bad actors to scam you.

Data breaches can happen in a few ways. Hackers might target specific organizations or launch broad attacks hoping to steal certain kinds of data. They can also use targeted cyberattacks to go after specific individuals.

Advertisement

Sometimes, data breaches occur due to honest mistakes or oversights by employees. Weaknesses in an organization’s systems and infrastructure can also leave them vulnerable to data breaches.

hacker on keyboard

Illustration of a hacker at work (Kurt “CyberGuy” Knutsson)

MASSIVE DATA BREACH EXPOSES 3 MILLION AMERICANS’ PERSONAL INFORMATION TO CYBERCRIMINALS

Anatomy of a deliberate data breach

Here’s what typically happens in a data breach that’s deliberately caused:

Research: Cybercriminals often begin by identifying a target, such as a large corporation like AT&T, focusing on the type of data they want, which could include personal customer information. They search for weaknesses in the company’s security, which might involve exploiting system flaws or targeting network infrastructure.

Attack: The attackers make their initial move using either a network or social attack. Common methods include phishing attacks, where individuals are tricked into revealing personal information; malware attacks that can steal or encrypt data; and denial-of-service attacks that disrupt services. These tactics can compromise the personal information of customers, such as names, addresses, phone numbers and even payment information.

Advertisement

Exfiltration: Once inside the company’s systems, cybercriminals tunnel their way to confidential data. For individuals, this means that their personal information can be extracted and sold on the dark web, used for identity theft or for other malicious purposes. The impact on individuals can be severe, including financial loss, damage to credit scores and the emotional stress of having personal information exposed and misused.

hacker typing

Illustration of a hacker at work (Kurt “CyberGuy” Knutsson)

WORLD’S LARGEST STOLEN PASSWORD DATABASE UPLOADED TO CRIMINAL FORUM

What happens once the hackers have the data?

Once the hackers obtain protected and confidential data, they have various ways to profit from it. They can use compromised data for illegal activities, including identity theft, financial fraud, spamming or even extortion. Information such as email addresses and phone numbers can be used in phishing scams.

Sometimes, this data is also posted on dark web forums for sale. It can be purchased by other criminals, who may use it for various illicit activities. Just as you don’t hear about every burglary, homicide or battery, you don’t hear about each instance of these criminal activities.

They only make headlines when something significant occurs, such as the incident where hackers scammed a Colorado woman out of $25,000 or when a man was arrested for scamming a Kalispell, Montana, woman of $150,000.

Advertisement

Data breaches impact not only customers but also the companies involved. These companies may face government fines or lawsuits. For example, AT&T is currently dealing with a class-action lawsuit due to a security breach in 2022 that exposed months’ worth of data from nearly all its customers. Similarly, T-Mobile is facing a lawsuit related to a data breach that affected millions of people.

hacker at work

Illustration of a hacker at work (Kurt “CyberGuy” Knutsson)

CYBERCRIMINALS TAKING ADVANTAGE OF CROWDSTRIKE-LINKED GLOBAL COMPUTER OUTAGE

How to protect yourself from data breaches?

It’s primarily the responsibility of companies or online services to keep your data safe, but if it gets exposed, here are some tips to keep in mind:

1. Change your passwords

If hackers have recorded your passwords, they could access your online accounts and steal your data or money. ON ANOTHER DEVICE (i.e., your laptop or desktop), you should change your passwords for all your important accounts, such as email, banking, social media, etc. You want to do this on another device so that the hacker isn’t recording you setting up your new password on your hacked device. And you should also use strong and unique passwords that are hard to guess or crack. You can also use a password manager to generate and store your passwords securely.

2. Enable two-factor authentication

Activate two-factor authentication (2FA) for an extra layer of security on all your important accounts, including email, banking and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data.

Advertisement

3. Monitor your accounts and transactions

You should check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, immediately report it to the service provider or authorities. You should also review your credit reports and scores to see if there are any signs of identity theft or fraud.

CLICK HERE FOR MORE US NEWS

4. Contact your bank and credit card companies

If hackers have obtained your bank or credit card information, they could use it to make purchases or withdrawals without your consent. You should inform your bank and credit card companies of the situation. They can help you freeze or cancel your cards, dispute any fraudulent charges and issue new cards for you.

You should also contact one of the three major credit reporting agencies (Equifax, Experian or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification. You can even freeze your credit, if need be.

5. Use personal data removal services

Consider investing in personal data removal services that specialize in continuously monitoring and removing your personal information from various online databases and websites. These services employ advanced tools and techniques to identify and eliminate your data from people-search sites, data brokers and other platforms where your information might be exposed. By using a data removal service, you can minimize the risk of identity theft and fraud, especially after a data breach. Additionally, these services often provide ongoing monitoring and alerts, keeping you informed of any new instances of your data appearing online and taking immediate action to remove it. Check out my top picks for data removal services here.

Advertisement

6. Sign up for identity theft protection

Identity theft protection companies can monitor personal information like your home title, Social Security Number, phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

7. Alert your contacts

If hackers have accessed your email or social media accounts, they could use them to send spam or phishing messages to your contacts. They could also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any messages from you that seem suspicious or unusual.

Kurt’s key takeaway

The impact of a data breach may not be immediate, but once your data is on the internet, it can be misused by bad actors. They can steal your hard-earned money, cause emotional and mental harm or affect your loved ones. So, even if you don’t see the immediate impact of a data breach, take action. Ensure your devices are protected, and keep a close eye on your bank accounts.

Have you ever noticed unusual activity in your accounts after a data breach was reported? Let us know by writing us at Cyberguy.com/Contact.

Advertisement

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.

Advertisement

Continue Reading

Technology

AMD is slightly delaying its Ryzen 9000 desktop CPUs ‘out of an abundance of caution’

Published

on

AMD is slightly delaying its Ryzen 9000 desktop CPUs ‘out of an abundance of caution’

AMD was set to launch its new Zen 5 processors on July 31st, including the 16-core, 32-thread Ryzen 9 9950X, a chip it’s calling “the world’s most powerful desktop consumer processor.” Instead, it’s now announcing a one- to two-week delay “out of an abundance of caution.” The Ryzen 7 9700X and Ryzen 5 9600X will now launch on August 8th, while the Ryzen 9 9950X and Ryzen 9 9900X will go on sale on August 15th.

This is not because AMD’s found any issues with the actual chips, spokesperson Stacy MacDiarmid tells The Verge. Rather, AMD discovered some of its chips didn’t go through all of the proper testing procedures, and the company wants to make sure they do.

Here’s the full statement from AMD computing and graphics SVP Jack Huynh:

We appreciate the excitement around Ryzen 9000 series processors. During final checks, we found the initial production units that were shipped to our channel partners did not meet our full quality expectations. Out of an abundance of caution and to maintain the highest quality experiences for every Ryzen user, we are working with our channel partners to replace the initial production units with fresh units. As a result, there will be a short delay in retail availability. The Ryzen 7 9700X and Ryzen 5 9600X processors will now go on sale on August 8th and the Ryzen 9 9950X and Ryzen 9 9900X processors will go on-sale on August 15th. We pride ourselves in providing a high-quality experience for every Ryzen user, and we look forward to our fans having a great experience with the new Ryzen 9000 series. 

AMD already recalled the chips that needed the additional testing before they could go on sale, and it sounds like that testing is going smoothly; AMD’s engineers are confident the chips won’t be delayed further, according to MacDiarmid.

AMD’s new desktop chips also include the Ryzen 9 9900X, Ryzen 7 9700X, and Ryzen 5 9600X.
Image: AMD
Advertisement

Tom’s Hardware reports that those crashing Intel chips have been permanently degraded and will need to be returned to Intel; we’ve reached out to Intel with a list of questions about how it’s handling the situation.

AMD is about to launch its Zen 5 laptop chips, too, codenamed Strix Point and formally known as Ryzen AI 9 300. AMD recently revealed a new higher-end chip in that lineup, the Ryzen AI 9 HX 375, with a more powerful 55 TOPS NPU.

Continue Reading

Trending