The Texas Workforce Commission has detected 738 instances of fraudulent claims for benefits this year that involved identity theft. The cases often involve stolen identities being used to apply for benefits or bank account information being fraudulently switched after benefits have been approved.
Facebook has disclosed that roughly 5,000 third-party app developers were able to access personal details from accounts that had been inactive for more than 90 days, breaking the guidelines the company established after the Cambridge Analytica crisis in 2018. The company says it has fixed the issue and is adding new policies to its developer platform regarding third-party sharing and safeguarding of user data.
Learning platform OneClass' Elasticsearch database was left unsecured, exposing 8.9 million records, including personal data of more than 1 million students. Those whose records were exposed are now at risk of fraud and identity theft, says vpnMentor, which discovered the vulnerability.
Nearly 133 million user records from 14 company databases have been posted for sale on a hacker forum, all containing usernames and hashed passwords. The compromised companies span various industries, including online gaming, fashion, sports streaming, finance and food delivery, and indications point to the Shiny Hunters group as the perpetrator.
Bipartisan legislation to create a national cybersecurity director was introduced in the House last week on the recommendation of the Cyberspace Solarium Commission. The director would serve as a White House adviser on tech issues and would be responsible for creating a national cybersecurity strategy.