Scam of the day – May 31, 2025 – Another Supply Chain Data Breach

by | May 30, 2025 | Scam of the day

It seems like every week I am reporting to you about another major data breach.  This week the victim is LexisNexis Risk Solutions which is a data broker that gathers consumers’ personal data and provides it to its corporate clients for purposes of risk management.  This particular data breach resulted in the names, dates of birth, phone numbers, addresses, email addresses and Social Security numbers of 364,000 people being stolen by hackers.  This information can be used by criminals for identity theft.  This particular data breach wasn’t of the computers of LexisNexis, but rather of a third party company it used for software development.  This is part of a trend where hackers target companies with less security who have access to the data of the company that is the real target of the criminals.  Often it takes the form of infecting  malware into software developed by companies that is later used by other companies or government agencies that allows the criminals access to their targeted victims’ data.

TIPS

One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible.  For example, your doctor doesn’t need your Social Security number for his or her records.

You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger.  If your information is compromised in a data breach, you should immediately change the password for that account.

If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.

Freezing your credit is also something everyone should do.  It is free and easy to do.  In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:
 Regularly monitoring your credit reports for indications of fraud is also something we all should do.  The three major credit reporting agencies now provide free weekly access to your credit reports so you can monitor your credit reports easily on your own.  Here is the only link to use to get your free credit reports.https://www.annualcreditreport.com/index.action
Some scammers have websites that appear to offer “free” credit reports, but if you read the fine print, you often may find that you have signed up for unnecessary services.
As for the significant threat of supply chain attacks, while there is little that we as individuals can do to protect ourselves, the Cybersecurity and Infrastructure Security Agency  (CISA) is working together with private industry released new best practices guidelines for companies to implement to reduce the threat of supply chain attacks.  While these best practice guidelines are not mandatory, it is hoped that companies will follow them.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/