The epidemic of data breaches continues unabated. The latest major data breach involves concert and event ticket distribution company Ticketfly. which suffered a data breach in which names, addresses, email addresses and phone numbers of more than 26 million people were stolen. Some of this information has already been posted online and the hacker who identifies himself as IShAkDz is threatening to make public more of the stolen information unless he is paid a ransom. According to the hacker, he or she had contacted TicketFly numerous times prior to the hack informing them of the company’s vulnerability to being hacked and asking for a payment of one Bitcoin (presently valued at $7,544) to fix the problem, but TicketFly did not respond to his or her communications. The threat of identity theft to you posed by a data breach is very much dependent on how sensitive is the personal information stolen. At its most benign, email addresses or other similar information, such as was compromised in this data breach may be used by hackers to formulate spear phishing emails and text messages to lure you into clicking on malware infected links which may include ransomware or keystroke logging malware that can lead to your becoming a victim of identity theft. At its worst, such as in the Equifax data breach, sensitive personal information such as your Social Security number can be used directly to make you a victim of identity theft.
TIPS
While the information directly stolen from TicketFly cannot be used directly to make TicketFly customers victims of identity theft, it can be used, as indicated above, to formulate spear phishing emails that may appear to be legitimate and lure you into clicking on links and downloading harmful malware. Therefore, if you were a TicketFly customer, you should be particularly vigilant in not clicking on links in any emails or text messages unless you have absolutely confirmed that the email is legitimate. It is also important to make sure that you have installed security software on all of your electronic devices including your computer and phone as well as download the latest security updates as soon as they become available.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”