The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight a trend of compromised US and foreign government email addresses used to conduct fraudulent emergency data requests to US-based companies, exposing personally identifying information (PII).
While the concept of fraudulent emergency data requests was previously used by other threat actors, such as Lapsus$, the increase in postings on criminal forums regarding the process of emergency data requests and sale of compromised credentials has led to an increase of their use. The FBI encourages organizations to implement the recommendations in the Mitigations section to reduce the likelihood and impact from submission of fraudulent emergency data requests to attempt to gain unauthorized access to PII.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- With TikTok U.S. Ban Looming, Users Flock to Red Note – Another Chinese-Owned App
January 14, 2025
TikTok could be outlawed in the U.S. as soon as Jan. 19 over concerns about its Chinese ownership, unless it gets a reprieve from the Supreme Court or if Beijing-based parent company ByteDance complies with a federal law forcing it to sell its stake in the app. With that sword dangling over TikTok’s head, thousands of ...
- US state sues T-Mobile over 2021 data breach which leaked data of millions
January 7, 2025
As part of Washington’s lawsuit, the state claims T-Mobile failed to ‘adequately secure sensitive personal information of more than 2 million Washingtonians’. This failure, the state claims, left those consumers vulnerable to fraud and identity theft. The suit claims that the breach was ‘entirely avoidable’ and explains T-Mobile had years to fix key vulnerabilities in its ...
- Cybertruck driver used ChatGPT to plan Las Vegas attack
January 7, 2025
Police found a six-page manifesto on Matthew Livelsberger’s phone and said he used ChatGPT to plan his New Year’s Day bombing at the Trump International Hotel in Las Vegas, Sheriff Kevin McMahill said at a news conference Tuesday. A few of the entries posted in the application included “How much Tannerite is equivalent to 1 pound ...
- China protests US sanctions for its alleged role in hacking, complains of foreign hacker attacks
January 7, 2025
China has slammed a decision by the U.S. Treasury to sanction a Beijing-based cybersecurity company for its alleged role in multiple hacking incidents targeting critical U.S. infrastructure, while the Chinese cyber security agency complained Monday of attacks on Chinese networks. Asked about the sanctions against Beijing-based Integrity Technology Group, Chinese Foreign Ministry spokesperson Guo Jiakun said ...
- Pressure mounts on EU to use legal weapons against Musk’s interference
January 7, 2025
What are you waiting for, Brussels? Elon Musk’s decision to host German far-right leader Alice Weidel in a livestream on X is sparking fury from European Union leaders and lawmakers, who on Monday urged Brussels to deploy its full legal might to rein in the billionaire tech magnate. In response, the European Commission said the SpaceX ...
- Apple to pay $95 million to settle claims it used Siri to eavesdrop on customers
January 2, 2025
Apple has agreed to pay $95 million to settle a civil lawsuit accusing the privacy-minded company of deploying its virtual assistant Siri to eavesdrop on people using its iPhone and other trendy devices. The proposed settlement filed Tuesday in an Oakland, California, federal court would resolve a 5-year-old lawsuit revolving around allegations that Apple surreptitiously activated ...