Home Page Featured 4

  • The Identity Theft Resource Center (ITRC) teams have seen an uptick in subscription renewal scams as a way of stealing your identity. Criminals send emails about auto-renewals for subscriptions in hopes you will click on a malicious link.
  • Identity criminals are after your personal information so they can use it to commit different forms of identity theft and identity fraud.
  • To avoid a subscription renewal scam, ignore any messages about auto-renewals claiming to be from a company where you don’t have a subscription. If it appears to be from a company where you do have a subscription, check the sender’s email address to ensure it’s from the correct company.
  • Don’t click on any links until you confirm the email is legitimate. If the email is a spoof, report it as spam, block the sender and delete the email.
  • To learn more, or if you believe you have received subscription renewal scams, contact the ITRC. Call toll-free by phone (888.400.5530) or live-chat at www.idtheftcenter.org to speak with an expert advisor.

Subscription renewal scams aren’t new. However, ITRC team members have seen a rise in the number of phishing emails claiming it’s time to renew an annual subscription. The phishing attempt pictured below is a subscription renewal scam one ITRC team member received, claiming to be from Geek Squad.

Scammers use emails like these to get you to click on a malicious link and steal your personal information so they can commit identity crimes with it. Many subscription renewal scams look legitimate. It is important you know how to spot one and the steps to stay safe so your sensitive information isn’t compromised.

Who are the Targets?

Text and email users

What is the Scam?

Criminals pose as a recognized company and send texts and emails to people informing them that their annual subscription has been renewed. The phishing emails go on to ask people to click on a link to review the summary details of their renewal. However, the link is malicious and either installs malware on your computer, steals your personal information or takes you to a fake website.

What They Want

Cybercriminals want you to respond to the subscription renewal scams or click on the malicious link in the message so they can steal your personal information. Identity criminals may proceed to use your information to commit an array of identity crimes.

How to Avoid Being Scammed

  • If you receive a text or email about a subscription renewal from a company you do not have a subscription with, ignore it. Don’t click on any links because they could contain malware. If you receive emails you are not expecting, go directly back to the source to see if the message is real.
  • Check the email sender’s address to make sure it is legitimate if you get an email from a company about a subscription renewal with which you have a subscription. If you are still unsure, reach out to the company directly to confirm the validity of the message.
  • If you know the email is a subscription renewal scam, report it as spam, block the sender and delete the email.

Contact the ITRC toll-free by calling 888.400.5530 or using the live-chat function at www.idtheftcenter.org if you’ve received any subscription renewal scams. ITRC expert advisors will help you create a resolution plan with the steps you need to take.

The number of individuals impacted by a data compromise is down 20 percent quarter-over-quarter 

SAN DIEGO, July 8, 2021 – Today, the Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, released its U.S. data breach findings for the first half (H1) of 2021. According to the data breach analysis, publicly-reported U.S. data breaches are up 38 percent in the second quarter (Q2) of 2021 (491 compromises) compared to the first quarter (Q1). However, the number of individuals impacted (52.8 million) is down 20 percent over that same timespan.  

For H1 2021, the number of compromises (846) makes up 76 percent of 2020’s total compromises. If the current attack pace continues, the increase in data breaches in 2021 will end with a record-setting number of compromises, exceeding the current highwater mark of 1,632 set in 2017.  

However, the number of victims (118.6 million) only makes up 38 percent of 2020’s total number of people impacted by data breaches, data exposures and data leaks. If the trend continues, 2021 could result in the lowest number of people impacted by data compromises since 2014.  

Phishing and ransomware attacks remain the top two root causes for data compromises, and supply chain attacks continue to increase (32 new attacks in Q2 compared to 27 in Q1 2021). The surge in phishing, ransomware and supply chain attacks is driving the pace of data compromises and the main reason 2021 could see a new record for total data breaches, data exposures and data leaks. 

According to the H1 2021 Data Breach Analysis by the ITRC, publicly-reported U.S. data breaches are up 38 percent in the second quarter (Q2) of 2021.

Download the ITRC’s 2021 First Half Data Breach Analysis and Key Takeaways  

“We are seeing a shift with the increase in data breaches in 2021 compared to 2020, primarily because of the growing number of phishing attacks, ransomware attacks and supply chain attacks,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “While it is discouraging to see the number of compromises up, it is encouraging that we could see the fewest number of people impacted in seven years. Criminals continue to exploit organizations of all sizes through single points-of-attack, making good cyber-hygiene practices more important than ever.” 

Other findings in the analysis include: 

  • Data compromises are rising in half of the sectors tracked by the ITRC. Manufacturing & Utilities and Professional Services are seeing significant increases, while Healthcare and Retail are seeing data compromises drop. This dynamic reflects the broader trend of cybercriminals shifting their attacks to critical infrastructure entities that are too important to remain idle, and targets with less robust cybersecurity protections in hopes of securing larger ransomware payments.  
  • The 58 supply chain attacks through June 30, 2021, a 19 percent increase in Q2, compares to 70 malware-related compromises, which indicates that third-party risks are poised to surpass malware as the third most common root cause of data events by the end of the year. 
  • The July 2, 2021 supply chain attack on Kaseya, a security software provider, also indicates that the scope and complexity of supplier attacks are increasing. 

For more information about recent data breaches, or the increase in data breaches discussed in the latest trend analysis, consumers and businesses should visit the ITRC’s data breach tracking tool, notified.   

For consumers who have been victims of a data breach, the ITRC recommends downloading its free ID Theft Help app to manage the various aspects of an individual’s data breach case.  

Anyone can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting www.idtheftcenter.org to live-chat.  

About the Identity Theft Resource Center     

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nonprofit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its website live-chat idtheftcenter.org, toll-free phone number 888.400.5530 and ID Theft Help app. The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified.      

Media Contact    

Identity Theft Resource Center    
Alex Achten    
Earned & Owned Media Specialist    
888.400.5530 Ext. 3611    

  • A T-Mobile repeat data breach event resulted from unauthorized access to 200,000 customer accounts, including call records.
  • It is the fourth time T-Mobile has sent a data breach notification since 2018. The T-Mobile data breach in December was the second one in 2020.
  • An investigation into the SolarWinds data hack has not revealed any evidence suggesting the attackers sought or stole mass amounts of personal information. The target appears to be either intellectual property or the personal information of particular individuals for espionage purposes.
  • For information about recent data breaches, consumers and businesses should visit the Identity Theft Resource Center’s (ITRC) new data breach tracking tool, notifiedTM.
  • Keep an eye out for the ITRC’s 15th Annual Data Breach Report. The 2020 Data Breach Report will be released on January 27, 2021. 
  • For more information, or if someone believes they are the victim of identity theft, consumers can contact the Identity Theft Resource Center toll-free at 888.400.5530 or via live-chat on the company website. 

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for January 8, 2021. Each week, we look at the most recent and interesting events and trends related to data security and privacy. We started this podcast and a sister monthly program in 2020 in response to the shifts in privacy, security and identity issues: the changes in how criminals collect and use consumer and, increasingly, business information.

One of the trends that the ITRC has identified, and will explore in a report this spring, is the rise in the number of repeat data breaches, even as the overall number of data events is declining. That leads us to the title of this week’s episode – “Second Verse, Same as the First.”

While most of us were prepping for a socially distanced Christmas celebration, one of the largest mobile telephone companies posted a data breach notice on its website. It was not the first time T-Mobile issued a breach notice; it was the fourth time since 2018.

T-Mobile Repeat Data Breach Event

T-Mobile announced that an unauthorized party accessed a small percent of customer accounts, about 200,000 accounts, in early December 2020. The compromised data may have included call records — such as when a call was made, how long the call lasted, the phone numbers called and other information that might be found on a customer’s bill.

T-Mobile says the hackers did not access names, home or email addresses, financial data and account passwords or PINs. An investigation is on-going.

The December data event is the second time an attacker accessed customer information in the same year. Just months into 2020, a breach of the T-Mobile employee email system allowed criminals to see customer data and potentially misuse it. Information about more than one million prepaid customers was exposed in 2019, and cybercriminals compromised nearly two million accounts in 2018.

A Shift in Data Thieves Tactics

Research conducted by the ITRC shows the number of consumers who report being the victim of more than one identity crime has increased 33 percent in the past 18 months. It comes at a time when data thieves are shifting their tactics and targets. Our research shows they are focusing more on business data and less on mass amounts of consumer personal data.

While data breaches are dropping, cyberattacks are rising. The two are not the same. That’s an important distinction as a large and consequential cybersecurity breach occurred in late December 2020 and is likely still underway.

SolarWinds Data Hack Update

We talked about the attack in our last podcast before the holiday break, but the scope of this attack warrants an update.

Here’s what happened: A group of professional cybercriminals affiliated with the Russian government’s intelligence service was able to insert software into a common technology service used by governments and private companies, known as SolarWinds. An estimated 18,000 organizations have been exposed to the malware, including some of the largest agencies in the U.S. government – the Departments of Commerce, Treasury, Justice, State and most of the Fortune 500.

The good news for consumers is at this point, after nearly a month of investigation, there is no indication the attackers sought or stole mass amounts of personal information. As is common with this particular group of threat actors, the target appears to be intellectual property or the personal information of specific individuals for espionage purposes – not profit.

We will release a detailed report on the impact of identity-related crimes in May. We will issue our report on 2020 data breaches and trends on January 27, just a few weeks from now.

Contact the ITRC

If you have questions about how to protect your information from data breaches and data exposures, visit www.idtheftcenter.org, where you will find helpful tips on this and many other topics.

If you think you have already been the victim of an identity crime or a data breach and you need help figuring out what to do next, contact us. You can speak with an expert advisor on the phone (888.400.5530), chat live on the web or exchange emails during regular business hours. Just visit www.idtheftcenter.org to get started.

Next week listen to our sister podcast, The Fraudian Slip, which focuses on identity-related fraud when we talk with the Deputy Chief of the Internal Revenue Service’s Criminal Division about identity crimes and how they might impact your taxes.

In 2019, the Identity theft Resource Center (ITRC) saw a 17 percent increase in data breaches compared to 2018. Credential stuffing attacks exploded in 2019, as well as third-party contractors being breached. 2020 has been a different story.

While scams are up due to COVID-19, publicly-reported data breaches are down in the U.S. Despite millions of Americans shifting to working from home – where cybersecurity and data protections may not be as strong as their regular workspace, the number of data breaches has dropped by one-third (nearly 33 percent) in the first six months of 2020 compared to 2019. The data compromise decrease statistics do not stop there. More significantly, the number of individuals impacted by breaches dropped by 66 percent over the same time period one year ago.

Year -over-year January – June 2020 data breach trends provided by ITRC

The 2020 data breach statistics are good news for consumers and businesses overall. However, the emotional and financial impacts on individuals and organizations are still significant. In fact, the impact on individuals might be even more catastrophic as criminals use stolen personally identifiable information (PII) to misappropriate government benefits intended to ease the impact of the COVID-19 pandemic.

External threat actors continue to account for most successful data compromises (404), compared to internal threats from employees (83) and third-party contractors (53). Internal threat data compromises are the lowest they have been since 2018.

In comparison, January 1, 2019 to June 30, 2019 saw 588 breaches caused by an external threat actor, 126 breaches caused by an internal threat actor and 89 involved a third-party. The data compromise decrease can be attributed, in part, to more people working from home.

Due to the increase in remote work, employees have less access to the data and systems necessary to easily steal PII. However, businesses and employees are also hyper-focused on preventing identity theft.

Unless there is a significant uptick in data compromises reported, 2020 is on pace to see the lowest number of data breaches and data exposures since 2015.

Year-over-year data breach trends 2020 provided by ITRC
Year-over-year data breach trends 2020 provided by ITRC

With that said, there is reason to believe the lower number of breaches is only temporary. Cybercriminals have been using the billions of data points stolen in data breaches during the last five years to execute different types of scams and attacks, which include phishing, credential stuffing and other exploits that require PII. With so much data being consumed and so much focus on improved cyber-hygiene, both at work and at home, the available pool of useful data is being reduced.

At some point, cybercriminals will have to update their data, which should lead to a return of the normal threat pattern. While there are signs of increased cyberattacks that – if successful – could lead to PII being compromised, it is too early to tell when the uptick may occur. Even then, it is more likely to be a “dimmer switch” approach rather than just flipping on a light switch, meaning it will not happen all at once.

The ITRC will continue to monitor all of the publicly-reported data breaches daily and analyze them to keep businesses and consumers educated on what the cybercriminals are doing.

If someone believes they have had their information exposed as part of a data compromise, or is a victim of identity theft due to a data breach, they can live-chat with an ITRC expert advisor. They can also call toll-free at 888.400.5530. Advisors can help victims create action plans that are tailored to them.

Victims can also download the free ID Theft Help App. The app lets them track their case in a case log, access resources and tips to help them protect their identity and more.

For more information on the ITRC’s data breach tracking and trend analysis, or if your organization would like to subscribe to our monthly data breach product, please email notifiedbyITRC@idtheftcenter.org.

Many professionals view air-travel days as an opportunity to get some extra work done, pay bills online, or distract themselves during their commute by surfing the internet. The convenience and ease of use of modern laptops and iPads have made it easy to stay connected in route. As a result, public Wi-Fi is now commonplace in most major airports and even becoming more common on the airplanes themselves. As with most technological conveniences these days, in addition to the obvious advantages, wifi in airports pose additional risk to consumers who may not be aware that they’re in potentially dangerous ‘hot zones’ for identity theft.

Public wifi is a beacon for those who would seek to harvest your personal information through your internet connection. Free wireless networks are usually not password protected, or have a password that’s publicly available. This means that every time you sign on to a public wifi connection, you’re essentially sharing a connection with any and all strangers in the area. In an airport especially, even more so than in a coffee shop or other place usually associated with public wifi, the number of strangers in your immediate vicinity is usually much higher. Any and all of those have the potential ability to access the same network connection you’re using. All it takes is one malicious user on your network to cause you a lot of trouble.

Anytime you access public connections to the internet, your computer is more exposed to the threats of malware or viruses which may be present on another’s laptop, not to mention the threat of a nefarious fellow traveler snooping through your shared files, shoulder surfing to watch you input your passwords, or otherwise monitoring your internet activity. Most people don’t realize that when sharing a network internet connection with someone, there is no additional firewall or security in place to protect the information stored on your computer. This quite naturally makes places like airports and other areas that offer free public wifi very attractive to would-be identity thieves.

If you can avoid using public wifi altogether, do so…if you just can’t resist checking the scores or the weather while waiting to board your flight or arrive at your intended destination, try to avoid doing potentially dangerous activities like online banking, filing tax returns, or checking any email accounts that might have valuable information stored in it; as this information could be harvested from your machine and used against you. If you know you will be traveling often and find yourself using public wifi normally you may want to look into getting a personal VPN. A personal Virtual Private Network will help protect you against the dangers of public wifi.

If using public wifi unprotected, be wary of any wireless network that shows up with a stronger signal than the network offered by the known provider (in other words, if you’re in the American Airlines terminal, you shouldn’t choose that random linksys server over the one labeled “Americanterminal1access” for example). Often potential hackers will generate their own network signal to have others “hook up” to them, exposing all their information. Other network users will see the stronger signal and connect to it unwittingly, without realizing that they’ve just voluntarily offered up anything that isn’t independently password protected for viewing by the thief.

When using your home wireless connection, ensure that it’s always password protected. Remember, you never know who else may be online.