Verizon Confirms Breach Affecting Business Customers

Verizon has released a statement confirming that “Verizon Enterprise Solutions recently discovered and fixed a security vulnerability on our enterprise client portal.  Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers.”  Experts believe the exposure of the clients’ contact information leaves them more vulnerable to phishing attacks. 

IRS Taxpayer Accounts Breached

IRS: 100,000 Taxpayer Accounts Breached

100,000 taxpayer accounts were breached via the IRS Get Transcript service.  Taxpayers’ transcripts were accessed after hackers authenticated to the system using the service’s multi-step authentication process.  Several pieces of personal information were utilized to successfully authenticate to the system.  It is likely that the attackers acquired the personal data utilized in this breach from a previous data breach unrelated to the IRS.

Apple Pay Exploit #2

How Apple Pay Is Exploited For Fraud

The technology of Apple Pay has not been exploited; however, weaknesses in setting up Apple Pay do exist. The first method, reported earlier this year, involved fraudsters setting up stolen credit cards on Apple Pay due to weak or non-existent customer authentication methods. Now fraudsters are continuing this practice; however, this time they are using out-of-band authentication methods, such as verification by phone. The fraudsters are porting phone numbers, most commonly customers’ landlines.