June 19, 2024 at 09:09AM Amtrak’s Guest Rewards program experienced a three-day security breach, with miscreants accessing user data between May 15-18. The breach potentially compromised email addresses, contact information, payment details, and more. Amtrak is mandating two-factor authentication for affected users and advising them to change their passwords. This is the second breach for … Read more
April 15, 2024 at 11:40AM Roku is requiring 2FA for all accounts after attackers accessed around 591,000 customer accounts through credential stuffing attacks. Users affected by the compromise have been reimbursed, and no sensitive information was accessed. Roku emphasized the need for unique passwords and vigilant monitoring of suspicious activity. All users are encouraged to … Read more
March 4, 2024 at 05:25PM American Express notified customers of a breach involving a third-party service provider. The company’s own systems were not compromised, but credit card information such as account numbers and names are at risk. Potentially affected users are advised to monitor their accounts for fraudulent activity and enable notifications on the American … Read more
January 23, 2024 at 03:25PM X, formerly Twitter, introduces passkeys for iOS users in the U.S., providing enhanced security against breaches and phishing attacks. Passkeys, utilizing public key cryptography, offer protection linked to the device and eliminate the need for complex passwords. While recommended, they are not mandatory following recent account hijacking incidents. Key Takeaways … Read more
December 17, 2023 at 04:44PM Summary: Receiving an unprompted one-time passcode (OTP) in an email or text suggests stolen credentials, highlighting the theft of legitimate corporate network access. Cyberattacks exploit these credentials for data theft, espionage, ransomware, and financial fraud. Multi-factor authentication (MFA) enhances security, reducing successful breaches but caution is advised with SMS and … Read more