Our data has never been so vulnerable, as cyberattacks increase at an alarming rate



When the internet first arrived on the scene, it promised liberation from the chains of tyranny. It was supposed to empower us, connect us, and protect our individuality in ways previously unimaginable. But instead of fulfilling that promise, the internet has slowly eroded the very freedoms it was meant to safeguard. Today, it has not only stripped us of our privacy but also exposed our identities to the darkest corners of the digital world.

Under the Biden administration, this erosion has accelerated at an alarming pace. Catastrophic cyberattacks, once rare and isolated, have become grim and all too regular, escalating in frequency and severity. The recent breach involving nearly 3 billion personal records, including countless U.S. Social Security numbers, is a stark reminder of how dangerously vulnerable our data has become. A hacking group known as USDoD infiltrated the digital vaults of a Florida-based organization tasked with safeguarding some of the most sensitive information in the nation. The data was not just stolen; it was commodified and sold to the highest bidder in an online marketplace dedicated to stolen identities.

The lack of robust cybersecurity measures and the administration’s apparent complacency in the face of these threats have created a perfect storm of vulnerability and a perfect reason to vote against a Harris presidency.

This issue goes beyond mere information theft; it's about data being traded on the dark web, a clandestine corner of the internet where the most nefarious transactions take place. Unlike the traditional internet, which is accessible through standard search engines and browsers, the dark web operates in the shadows, requiring special software like Tor. This anonymity makes it a haven for criminal activity. Here, stolen data, including Social Security numbers, credit card information, and even biometric details (more on this in a moment), is sold to the highest bidder. But it’s not just identity thieves who operate in this underground marketplace. The dark web is also a hub for the most depraved individuals — pedophiles, human traffickers, drug dealers, and other criminals — who use this nebulous network to engage in their illicit trades. The consequences of this black market are dire. Once your information is on the dark web, it’s accessible to a global network of miscreants, leaving your identity, finances, and personal safety in constant jeopardy.

It’s important to emphasize that this breach, one of the largest in history, is emblematic of a broader crisis that has taken hold under the current administration. Cyberattacks have not only increased, but they have become more sophisticated, more destructive, and more targeted. The Biden administration’s response to this growing threat has been tepid at best, leaving tens of millions of Americans exposed to the ruthless tactics of cybercriminals. The systemic failure to protect our personal information is not just a lapse in security; it is a full-scale collapse of the safeguards that were supposed to defend us.

As Big Tech grows more powerful, more of our personal data — including our most intimate biometric markers, such as fingerprints, retinal scans, and voice patterns — is being stored in vast, insecure databases. The implications of this are terrifying. If you're in doubt, let me paint a quick, rather gruesome picture for you. Imagine a world where your voice can be replicated to fool your bank, where your fingerprints can be used to commit crimes in your name, and where your child's retinal patterns are exploited to create a digital double.

This is not a distant dystopia. Instead, it’s a very real threat that grows more imminent with each passing day. The Biden administration’s failure to address the escalating wave of cyberattacks has left the nation’s digital infrastructure in a precarious state.

With November fast approaching, this is something Trump and his team would do well to focus on. When we discuss borders, the focus is often on physical barriers — the walls, fences, and checkpoints that define the boundaries of nations. Yet in our increasingly digital world, we must also consider the importance of digital borders. Just as physical borders protect a country’s sovereignty and security, digital borders are essential for safeguarding our personal information and online privacy. Unfortunately, under the Biden administration, much like physical borders, digital borders have been left woefully unprotected.

The lack of robust cybersecurity measures and the administration’s apparent complacency in the face of these threats have created a perfect storm of vulnerability and a perfect reason to vote against a Harris presidency. A darling of Silicon Valley, Harris has deep ties to Big Tech, a sector that has been a significant source of support and campaign contributions throughout her political career. Should she become the next president, it is reasonable to expect that the already severe cyber threats will escalate even further. Her close relationship with these tech giants suggests she would be unlikely to pressure them to reform their intrusive, privacy-violating practices. Instead, we could see an even more lenient regulatory environment, one where the interests of Silicon Valley are prioritized over the security and privacy of ordinary Americans.

In short, our digital identities and personal data would be at even greater risk, with the full backing of a government that is more interested in maintaining its ties with powerful donors than in protecting its citizens.

'Nearly all' AT&T customers' data stolen in huge breach



AT&T issued a Friday press release that stated "nearly all" of its customers' call and text records were stolen in a massive data breach.

According to the telecommunication company, the sensitive information was "illegally downloaded from our workspace on a third-party cloud platform." It noted that it has launched an investigation into the incident, partnering with "leading cybersecurity experts to understand the nature and scope of the criminal activity."

'Incredibly sensitive pieces of personal information.'

AT&T said that it believes at least one individual involved in the breach has already been apprehended by law enforcement, but it continues to work with authorities to arrest all of those responsible and "close off the illegal access point."

The company's investigation has so far determined that the hackers swiped the call and text records of "nearly all of AT&T's cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T's wireless network, as well as AT&T's landline customers who interacted with those cellular numbers between May 1, 2022 - October 31, 2022."

"The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included," AT&T shared in its press release.

The company noted that the stolen data does not include the content of its customers' calls or texts. Hackers also did not obtain any personally identifiable information, including Social Security numbers or dates of birth. Additionally, the data breach did not include usage details, such as call and text time stamps, it noted.

"While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number," AT&T added. "At this time, we do not believe that the data is publicly available."

According to a May Securities and Exchange Commission filing, the telecommunications company learned about the data breach on April 19, 2024, stating that a "threat actor claimed to have unlawfully accessed and copied AT&T call logs."

The SEC filing stated that the Department of Justice previously advised AT&T to "delay" informing the public about the discovery, pursuant to Item 1.05(c) of Form 8-K.

NBC News reported that the DOJ and the FBI are working with AT&T to investigate the incident. The Federal Communications Commission launched its own investigation.

Thomas Rid, a professor of strategic studies and the director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University, told the news outlet, "If you have somebody's metadata, you know when they go to work, where they go to work, where they sleep every night."

In a statement to NBC News, John Scott-Railton, a senior researcher at the University of Toronto's Citizen Lab, said, "These are incredibly sensitive pieces of personal information and, when taken together at the scale of information that appears to be included in this AT&T breach, they presetent a massive NSA-like window into Americans' activity."

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

Over 575,000 Roku accounts exposed to 'malicious actors' as hackers make purchases with users' stored payment methods



Smart TV operating system Roku was on the receiving end of a low-level hacking incident during which hundreds of thousands of accounts were accessed. Some users had purchases made with their accounts.

After 15,000 Roku accounts were breached in March 2024, an April 2024 attack was discovered by the company, which was said to have affected another 576,000 accounts.

A cyberattack known as "credential stuffing" was used, according to Variety, where online thieves use login credentials taken from other hacks to attempt to log in to a different online account, in this case Roku.

Roku reportedly claimed that the original source for user login credentials was not its network.

In terms of what the "malicious actors" had access to, Roku stated that the hackers were able to use the accounts to make unauthorized purchases of streaming service subscriptions and/or Roku hardware products. This was done in fewer than 400 cases, the company claimed, or approximately 0.07% of the accounts that were compromised.

Those accounts were refunded or had charges reversed.

Additionally, Roku said that hackers did not gain access to sensitive personal information, such as full credit card numbers or other payment information. It is unclear how the criminals were able to access the accounts and make purchases while not seeing the less-sensitive data.

In response, Roku reset the passwords of all affected accounts and enabled two-factor authentication for all Roku account logins.

"While the overall number of affected accounts represents a small fraction of Roku’s more than 80 million active accounts, we are implementing a number of controls and countermeasures to detect and deter future credential stuffing incidents," the company said, per Variety.

"[W]e sincerely regret that these incidents occurred and any disruption they may have caused. ... [Y]our account security is a top priority, and we are committed to protecting your Roku account," Roku added.

Other Data Breaches

In a not-so-funny April Fools' report, AT&T reported that the personal information of a whopping 73 million current and former customers was posted on the dark web. The data breach reportedly included users' Social Security numbers.

"Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders," AT&T noted.

DNA mapping company 23andMe, on the other hand, denied fault for its massive data security breach from 2023 and shifted blame to users who "recycled" their passwords, according to a letter obtained by TechCrunch.

The security breach impacted 6.9 million 23andMe accounts, almost half the company's users, and resulted in dozens of lawsuits.

This hack was also accomplished by credential stuffing that opened up access to 14,000 user accounts, which then allowed hackers to access the data of millions of 23andMe users who had opted in to the website's DNA Relatives feature.

"Users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe," the company letter claimed.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

AT&T data breach leaks 73M current, former users’ Social Security numbers on dark web



Telecommunications company AT&T announced Saturday that a recent data breach leaked the personal information, including Social Security numbers, of 73 million current and former customers on the dark web, TechCrunch reported.

A company press release explained that the sensitive data was published online approximately two weeks ago.

“While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed,” the company stated.

AT&T has launched an investigation into the incident with the support of internal and external cybersecurity experts.

“Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders,” AT&T added.

The telecommunications firm reset passcodes for the millions of affected accounts after TechCrunch informed the company about the leaked data, the news outlet reported. Passcodes are usually four-digit PINs that are used as an added layer of security.

AT&T has not found evidence that the data breach resulted from unauthorized access. Additionally, it does not believe the sensitive leaked information included personal financial data or call history.

“The information varied by customer and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and passcode,” it reported.

AT&T noted that it is in communication with impacted customers via email and mail and will offer complimentary identity theft and credit monitoring services. Customers were encouraged to set up fraud alerts through the national credit bureaus.

“As of today,” the company stated Saturday, “this incident has not had a material impact on AT&T’s operations.”

In 2021, a hacker claimed to have stolen 73 million customer records, but AT&T denied the data breach. In March, the allegedly stolen information was published on a cybercrime forum, TechCrunch reported. Some customers have since confirmed that their sensitive data was leaked.

Last year, AT&T acknowledged that information for 9 million customers was hacked by one of its vendors, Fox Business reported. The data leak included Customer Proprietary Network Information, such as names, account numbers, phone numbers, and email addresses.

A company spokesperson stated at the time, “A small percentage of impacted customers also had exposure of rate plan name, past due amount, monthly payment amount, various monthly charges and/or minutes used. The information was several years old.”

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

Georgia Democrats Vote To Keep Election Software At Center Of Chinese Data Controversy

After news broke last week that the CEO of elections software company, Konnech, was arrested by the L.A. County District Attorney on suspicion of theft of personal information charges, municipalities across the country have ended their contract with the firm. But oddly, DeKalb County, Georgia, has decided to keep its relationship with Konnech. In a 3-2 […]

California leaks gun owners' names, home addresses in massive privacy breach



California Attorney General Rob Bonta on Monday released private information on thousands of gun owners Monday in a major breach of privacy.

The California Department of Justice launched its 2022 Firearms Dashboard Portal Monday to "improve transparency and information sharing for firearms-related data." However, the website went live with publicly accessible files that included identifying information on Californians who hold concealed carry permits.

The leaked files included the gun owner's full name, home address, date of birth, and date their concealed weapons permit was issued, the Reload reported. It also showed the type of permit issued, indicating if the permit holder is a judge or member of law enforcement.

A database for Los Angeles County contained 244 judge permits, according to the Reload. These files contained the personal information of each permit holder. Additionally, there was data on seven custodial officers, 63 people with a place of employment permit, and 420 reserve officers.

Overall, 2,891 people in Los Angeles County with standard concealed carry licenses had their personal data compromised in the leak, the Reload reported.

Video reviewed by the outlet reportedly showed that the databases published by California's Department of Justice were easily downloaded from the website.

\u201cCalifornia appears to have leaked the names, addresses, and ages of every person in the state who holds a concealed carry permit. That includes judges, cops, and regular civilians. \n\nI was able to review the Los Angeles data and it's extensive. https://t.co/uiooUyFv5A\u201d
— Stephen Gutowski (@Stephen Gutowski) 1656435808

Posts on social media first called attention to the data leak. A Reddit thread posted by user lokiriver on Monday described how information on firearms safety certificates was also leaked, which included dates of birth and driver's license numbers belonging to gun owners.

\u201cIt *appears* they have now removed the ability to download data, but unclear if any other security weaknesses remain. \n\nThis is totally unacceptable @AGRobBonta. You need to be transparent about what happened and what measures you are taking now.\u201d
— Konstadinos Moros (@Konstadinos Moros) 1656393727

As of Tuesday, California's firearms dashboard has been taken down and an error message appears when users attempt to visit the website.

The California Department of Justice did not immediately respond to a request for comment.

In a press release announcing the launch of the firearms database, Attorney General Bonta said "transparency" is important to build trust between law enforcement and the communities they serve.

“As news of tragic mass shootings continue to dominate the news cycle, leaving many with feelings of fear and uncertainty, we must do everything we can to prevent gun violence," Bonta said. "One of my continued priorities is to better provide information needed to help advance efforts that strengthen California’s commonsense gun laws. Today’s announcement puts power and information into the hands of our communities by helping them better understand the role and potential dangers of firearms within our state.”

The press release said the California DOJ would "balance its duties to provide gun violence and firearms data to support research efforts while protecting the personal identifying information in the data the Department collects and maintains."

Gun rights activists with the California Rifle & Pistol Association blasted the data breach and told the Reload they were considering legal action against the state.

“Vindictive sore loser bureaucrats have endangered people’s lives and invited conflict by illegally releasing confidential private information,” Chuck Michel, CRPA president, said. “CRPA is working with several legislators and sheriffs to determine the extent of the damage caused by DOJ’s doxing of law abiding gun owners. Litigation is likely.”