Normal view

How cyberattacks on companies affect everyone

23 April 2026 at 17:34

If you use the internet, you’ve likely been affected by cybercrime in some way. Even when an attack is aimed at a company, the fallout usually lands on ordinary people.

The most obvious harm is stolen data. When attackers break into a business, it is usually customer information that ends up in criminal hands, and that can lead to identity theft, tax fraud, credit card fraud, and a long tail of scam attempts that can continue for months or years. For consumers, the breach itself is often just the start of the cleanup.

That work is annoying, time-consuming, and sometimes expensive. People may have to freeze credit, replace cards, change passwords, be on the lookout for suspicious transactions, and dispute charges. The Federal Trade Commission (FTC) specifically advises consumers to use IdentityTheft.gov after a breach and recommends steps like credit freezes and fraud alerts to reduce the chance of further abuse.

When sensitive data is exposed, the harm is not only financial. Medical, insurance, and other deeply personal records can be used to create more convincing phishing or extortion attempts, and the stress of knowing that private information is circulating among criminals can linger long after the technical incident is over. In other words, breach victims are not just cleaning up a data problem, they are dealing with a loss of trust.


Breaches happen every day. Don’t be the last to know.


Cybercrime also hits consumers through service disruption. Ransomware and intrusion campaigns can interrupt payment systems, telecom services, shipping, energy distribution, booking platforms, and other infrastructure people rely on every day. In those cases, the consumer impact is immediate: you may not be able to pay, travel, call, buy, or even work normally. The CSIS timeline and Canada’s cyberthreat assessment both show that these disruptions are increasingly tied to high-value targets and can be part of broader state or criminal campaigns.

Not all these incidents are driven by cybercriminals. Recently, Britain’s cybersecurity chief warned that the UK is handling 4 nationally significant cyberincidents every week, with the majority now traced back to foreign governments rather than cybercriminal groups.

Another cost is easy to overlook: disinformation and confusion. When attackers steal data, disrupt services, or impersonate trusted brands, they can also flood the public with fake support messages, scam calls, refund schemes, and phishing emails pretending to be the breached company. The breach becomes a launchpad for more fraud, and consumers are left trying to separate legitimate notifications from those sent by attackers.

Then there is the security backlash. After a breach, companies usually tighten access rules, add more multi-factor authentication prompts, force reauthentication, shorten sessions, and increase fraud checks. Those measures are often necessary, but they also make ordinary digital life more cumbersome. The consumer ends up paying with time and frustration for security problems they did not create.

That is why company-targeted cybercrime is not really only a business problem. It is a consumer issue, a public-trust issue, and sometimes even a national security issue. A single breach can leak data, trigger fraud, interrupt essential services, amplify scams, and make using the internet more frustrating for everyone else. The real cost is rarely confined to the company that got hit.

Knowing this, it’s worth thinking carefully about which companies to trust with your data and how much you’re willing to share . You cannot stop every attack against every company you deal with, but you can limit the fallout by being more selective. Some considerations:

  • Do they need all the information they are asking for?
  • Would it hurt anything if you leave some fields blank or give less specific answers?
  • Has this company been breached in the past, and how did they handle it?
  • How long will they store the data you provide?
  • Can you easily have your data removed at your request?

Your name, address, and phone number are probably already for sale.  

Data brokers collect and sell your personal details to anyone willing to pay. Malwarebytes Personal Data Remover finds them and gets your information removed, then keeps watch so it stays that way. 

Booking.com breach gives scammers what they need to target guests

16 April 2026 at 10:02

Travel companies love telling you your data is safe. Booking.com just reminded everyone why that’s a hard promise to keep.

The Amsterdam-based booking giant began notifying customers on April 13 that “unauthorized third parties” had accessed guest reservation data.  The compromised information includes booking details, names, email addresses, physical addresses, and phone numbers—essentially everything you’d need to convincingly impersonate a hotel contacting a guest. 

The criminals appear to have accessed the data by compromising Booking.com’s hotel partners. A Microsoft report blames the ClickFix phishing technique, which gets victims (in this case, hotel employees) to install malware disguised a computer “fix.”

Microsoft blames a criminal group called Storm-1865 for the caper, and caught it running exactly this kind of campaign against hotel workers across across North America, Oceania, South and Southeast Asia, and Europe, deploying nasty malware like XWorm and VenomRAT through fake CAPTCHA pages. 

Booking.com’s customer notification warned that the exposed data could be used for phishing and said it would never ask for sensitive information or bank transfers.

But scammers have a proven playbook for turning stolen booking data into cash. They can hijack a reservation by impersonating a hotel, message guests demanding a further payment, or credit card details for “payment verification.” The stolen data gives them everything they need to convince the hotel customer they’re legit.

The UK’s Action Fraud received 532 reports of Booking.com scams like this between June 2023 and September 2024, with victims losing £370,000 (around $470,000).

This has happened to Booking.com partners and customers before. In 2018, criminals phished hotel employees and accessed data belonging to Booking.com customers.  Scammers also conducted a voice phishing campaign later that year that targeted 40 hotels in the UAE. Over 4,000 customers’ data was stolen, including credit card data from 300 people. Booking.com was late reporting the breach to the Dutch privacy regulator, which imposed a €475,000 fine (around $560,000) in 2021. 

The travel industry’s recurring breach problem

Breaches like these are a pattern in the travel business. In January 2026, Eurail disclosed a breach that spilled passport numbers, addresses, and, for some travelers, photocopies of IDs and health data. KLM and Air France had customer data swiped in August 2025. Hertz, Dollar, and Thrifty were all caught in the Cl0p gang’s exploitation of Cleo file transfer software, with criminals pilfering drivers’ licenses and credit card data.

What’s interesting about all of these incidents is that like the Booking.com data heist, all involve compromise of third parties rather than the travel operations themselves. The travel industry sits on enormous troves of passport numbers, payment cards, and itineraries. And its security posture of sprawling supply chains, franchised operations, and third-party platforms makes it a soft target.

What you can do

How many customers were affected? Booking.com isn’t saying.  For a platform with over 100 million active mobile app users and 500 million monthly website visits, that silence is concerning. 

If you’ve used Booking.com recently, here’s the practical guide to protection. Don’t trust messages asking you to “verify” payment details, even if they arrive through the platform itself.

Here is Booking.com’s own advice about these scams, issued before this latest incident:

“If there is no pre-payment policy or deposit requirement outlined, but you’re asked to pay in advance to secure your booking, it is likely a scam.”

Check your booking confirmation email for what you actually owe and when. If anything seems off, contact the property directly, rather than through a link someone sends you. And watch your bank statements. The scammers who exploit this kind of data don’t always strike immediately.


Something feel off? Check it before you click.  

Malwarebytes Scam Guard helps you analyze suspicious links, texts, and screenshots instantly.  

Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.  

Try it free → 

Hackers may have breached FBI wiretap network via supply chain

10 March 2026 at 11:38

Investigators are worried that a recent attack on a critical FBI system was more than just a random hit, and that another nation-state might have been involved.

On February 17, the FBI flagged irregular network activity that led straight to its Digital Collection System Network. That system contains sensitive data related to court-authorized wiretaps, pen registers, and FISA warrants, along with personal information on active FBI targets.

The bureau claims it has “identified and addressed” the suspicious activity. That’s it. No word on whether this was ransomware, state-sponsored espionage, or something else entirely.

Now the White House, DHS, and the NSA have joined the investigation, which isn’t the kind of guest list you’d see for a minor incident.

The breach path? Through a vendor’s internet service provider, according to reports. Not a frontal assault on FBI systems, but a side door through their supply chain. The hackers apparently exploited an ISP that served as a vendor to the agency, bypassing direct FBI defenses entirely.

The Wall Street Journal reports that US investigators suspect that hackers affiliated with the Chinese government were behind the breach.

It wouldn’t be the first time that Chinese state-linked groups have hit a target via a third-party telecommunications system. Hackers tied to Salt Typhoon hit AT&T and Verizon in 2024. The campaign compromised call records and private communications of politicians, exposing anyone involved in government activity, while also going after law enforcement systems.

A year earlier, ransomware operators breached the US Marshals Service and walked away with employee information, legal documents, and administrative data. Then Russian hackers targeted federal courts last year. The judiciary described it as an escalation in cyberattacks while scrambling to protect case files that could expose confidential informants.

This trend of attacks on government systems suggests that nation-state actors are actively collecting intelligence. Law enforcement systems are attractive targets because they contain large volumes of sensitive information. This latest incident indicates these attacks are getting more sophisticated, not less.

How secure are FBI systems?

The Digital Collection System Network stores personally identifiable information on FBI investigation subjects, including wiretap returns and other surveillance data. This includes “pen register” data, which reveals metadata about which numbers a monitored phone line called, and which numbers called that line.

Lawmakers are calling for action. In December 2024, Sen. Ron Wyden (D-Ore) proposed legislation to tighten up security of the nation’s phone networks.

In 1994, Congress passed lawful access legislation designed to allow government access to telcos’ systems. That law also enabled the FCC to issue regulations that would force telecom providers to secure their systems against unauthorized access by third parties, but Wyden said that was never done.

Introducing the Secure American Communications Act, he said:

“It was inevitable that foreign hackers would burrow deep into the American communications system the moment the FCC decided to let phone companies write their own cybersecurity rules.”

The draft legislation didn’t go any further, though.

February’s breach raises an uncomfortable question. If attackers can slip through vendor ISPs into the FBI’s wiretapping infrastructure, what else sits exposed?

The bureau says it “identified and addressed” the suspicious activity. Beyond that, little detail has been released. What is clear is that federal law enforcement systems face sustained and sophisticated attacks, and the pressure on those defenses is growing.


What do cybercriminals know about you?

Use Malwarebytes’ free Digital Footprint scan to see whether your personal information has been exposed online.

Betterment data breach might be worse than we thought

18 February 2026 at 18:09

Betterment LLC is an investment advisor registered with US Securities and Exchange Commission (SEC). The company disclosed a January 2026 incident in which an attacker used social engineering to access a third‑party platform used for customer communications, then abused it to send crypto‑themed phishing messages and exfiltrate contact and identity data for more than a million people.

What makes this particularly concerning is the depth of the exposed information. This isn’t just a list of email addresses. The leaked files include retirement plan details, financial interests, internal meeting notes, and pipeline data. It’s information that gives cybercriminals real context about a person’s finances and professional life.

What’s worse is that ransomware group Shiny Hunters claims that, since Betterment refused to pay their demanded ransom, it is publishing the stolen data.

Shiny Hunters claim

While Betterment has not revealed the number of affected customers in its online communications, general consensus indicates that the data of 1.4 million customers was involved. And now, every cybercriminal can download this information at their leisure.

We analyzed some of the data and found one particularly worrying CSV file with detailed data on 181,487 people. This file included information such as:

  • Full names (first and last)
  • Personal email addresses (e.g., Gmail)
  • Work email addresses
  • Company name and employer info
  • Job titles and roles
  • Phone numbers (both mobile and work numbers)
  • Addresses and company websites
  • Plan details—company retirement/401k plans, assets, participants
  • Survey responses, deal and client pipeline details, meeting notes
  • Financial needs/interests (e.g., requesting a securities-backed line of credit for a house purchase)

See if your personal data has been exposed.


This kind of data is a gold mine for phishers, who can use it in targeted attacks. It has enough context to craft convincing, individually tailored phishing emails. For example:

  • Addressing someone by their real name, company, and job title
  • Referencing the company’s retirement or financial plans
  • Impersonating Betterment advisors or plan administrators
  • Initiating scam calls about financial advice

Combined with data from other breaches it could even be worse and lead to identity theft.

What to do if your data was in a breach

If you think you have been affected by a data breach, here are steps you can take to protect yourself:

  • Check the company’s advice. Every breach is different, so check with the company to find out what’s happened and follow any specific advice it offers.
  • Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
  • Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password, but 2FA that relies on a FIDO2 device can’t be phished.
  • Watch out for impersonators. The thieves may contact you posing as the breached platform. Check the official website to see if it’s contacting victims and verify the identity of anyone who contacts you using a different communication channel.
  • Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
  • Consider not storing your card details. It’s definitely more convenient to let sites remember your card details, but it increases risk if a retailer suffers a breach.
  • Set up identity monitoring, which alerts you if your personal information is found being traded illegally online and helps you recover after.

Use Malwarebytes’ free Digital Footprint scan to see whether your personal information has been exposed online.


We don’t just report on threats—we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your, and your family’s, personal information by using identity protection.

AI chat app leak exposes 300 million messages tied to 25 million users

9 February 2026 at 16:17

An independent security researcher uncovered a major data breach affecting Chat & Ask AI, one of the most popular AI chat apps on Google Play and Apple App Store, with more than 50 million users.

The researcher claims to have accessed 300 million messages from over 25 million users due to an exposed database. These messages reportedly included, among other things, discussions of illegal activities and requests for suicide assistance.

Behind the scenes, Chat & Ask AI is a “wrapper” app that plugs into various large language models (LLMs) from other companies, including OpenAI’s ChatGPT, Anthropic’s Claude, and Google’s Gemini. Users can choose which model they want to interact with.

The exposed data included user files containing their entire chat history, the models used, and other settings. But it also revealed data belonging to users of other apps developed by Codeway—the developer of Chat & Ask AI.

The vulnerability behind this data breach is a well-known and documented Firebase misconfiguration. Firebase is a cloud-based backend-as-a-service (BaaS) platform provided by Google that helps developers build, manage, and scale mobile and web applications.

Security researchers often refer to a set of preventable errors in how developers set up Google Firebase services, which leave backend data, databases, and storage buckets accessible to the public without authentication.

One of the most common Firebase misconfigurations is leaving Security Rules set to public. This allows anyone with the project URL to read, modify, or delete data without authentication.

This prompted the researcher to create a tool that automatically scans apps on Google Play and Apple App Store for this vulnerability—with astonishing results. Reportedly, the researcher, named Harry, found that 103 out of 200 iOS apps they scanned had this issue, collectively exposing tens of millions of stored files. 

To draw attention to the issue, Harry set up a website where users can see the apps affected by the issue. Codeway’s apps are no longer listed there, as Harry removes entries once developers confirm they have fixed the problem. Codeway reportedly resolved the issue across all of its apps within hours of responsible disclosure.

How to stay safe

Besides checking if any apps you use appear in Harry’s Firehound registry, there are a few ways to better protect your privacy when using AI chatbots.

  • Use private chatbots that don’t use your data to train the model.
  • Don’t rely on chatbots for important life decisions. They have no experience or empathy.
  • Don’t use your real identity when discussing sensitive subjects.
  • Keep shared information impersonal. Don’t use real names and don’t upload personal documents.
  • Don’t share your conversations unless you absolutely have to. In some cases, it makes them searchable.
  • If you’re using an AI that is developed by a social media company (Meta AI, Llama, Grok, Bard, Gemini, and so on), make sure you’re not logged in to that social media platform. Your conversations could be linked to your social media account, which might contain a lot of personal information.

Always remember that the developments in AI are going too fast for security and privacy to be baked into technology. And that even the best AIs still hallucinate.


We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.

AT&T breach data resurfaces with new risks for customers

3 February 2026 at 12:48

When data resurfaces, it never comes back weaker. A newly shared dataset tied to AT&T shows just how much more dangerous an “old” breach can become once criminals have enough of the right details to work with.

The dataset, privately circulated since February 2, 2026, is described as AT&T customer data likely gathered over the years. It doesn’t just contain a few scraps of contact information. It reportedly includes roughly 176 million records, with…

  • Up to 148 million Social Security numbers (full SSNs and last four digits)
  • More than 133 million full names and street addresses
  • More than 132 million phone numbers.
  • Dates of birth for around 75 million people
  • More than 131 million email addresses

Taken together, that’s the kind of rich, structured data set that makes a criminal’s life much easier.

On their own, any one of these data points would be inconvenient but manageable. An email address fuels spam and basic phishing. A phone number enables smishing and robocalls. An address helps attackers guess which services you might use. But when attackers can look up a single person and see name, full address, phone, email, complete or partial SSN, and date of birth in one place, the risk shifts from “annoying” to high‑impact.

That combination is exactly what many financial institutions and mobile carriers still rely on for identity checks. For cybercriminals, this sort of dataset is a Swiss Army knife.

It can be used to craft convincing AT&T‑themed phishing emails and texts, complete with correct names and partial SSNs to “prove” legitimacy. It can power large‑scale SIM‑swap attempts and account takeovers, where criminals call carriers and banks pretending to be you, armed with the answers those call centers expect to hear. It can also enable long‑term identity theft, with SSNs and dates of birth abused to open new lines of credit or file fraudulent tax returns.

The uncomfortable part is that a fresh hack isn’t always required to end up here. Breach data tends to linger, then get merged, cleaned up, and expanded over time. What’s different in this case is the breadth and quality of the profiles. They include more email addresses, more SSNs, more complete records per person. That makes the data more attractive, more searchable, and more actionable for criminals.

For potential victims, the lesson is simple but important. If you have ever been an AT&T customer, treat this as a reminder that your data may already be circulating in a form that is genuinely useful to attackers. Be cautious of any AT&T‑related email or text, enable multi‑factor authentication wherever possible, lock down your mobile account with extra passcodes, and consider monitoring your credit. You can’t pull your data back out of a criminal dataset—but you can make sure it’s much harder to use against you.

What to do when your data is involved in a breach

If you think you have been affected by a data breach, here are steps you can take to protect yourself:

  • Check the company’s advice. Every breach is different, so check with the company to find out what’s happened and follow any specific advice it offers.
  • Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
  • Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password, but 2FA that relies on a FIDO2 device can’t be phished.
  • Watch out for impersonators. The thieves may contact you posing as the breached platform. Check the official website to see if it’s contacting victims and verify the identity of anyone who contacts you using a different communication channel.
  • Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
  • Consider not storing your card details. It’s definitely more convenient to let sites remember your card details, but it increases risk if a retailer suffers a breach.
  • Set up identity monitoring, which alerts you if your personal information is found being traded illegally online and helps you recover after.

Use Malwarebytes’ free Digital Footprint scan to see whether your personal information has been exposed online.


We don’t just report on threats—we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your, and your family’s, personal information by using identity protection.

Match, Hinge, OkCupid, and Panera Bread breached by ransomware group

30 January 2026 at 15:23

The ShinyHunters ransomware group has claimed the theft of data containing 10 million records belonging to the Match Group and 14 million records from bakery-café chain Panera Bread.

Claims posted by ShinyHunters
Claims posted by ShinyHunters

The Match Group, that runs multiple popular online dating services like Tinder, Match.com, Meetic, OkCupid, and Hinge has confirmed a cyber incident and is investigating the data breach.

Panera Bread also confirmed that an incident occurred and has alerted authorities. “The data involved is contact information,” it said in an emailed statement to Reuters.

ShinyHunters seems to be gaining access through Single-Sign-On (SSO) platforms and using voice-cloning techniques, which has resulted in a growing number of breaches across different companies. However, not all of these breaches have the same impact.

The impact

For the Match Group, ShinyHunters claims:

“Over 10 million records of Hinge, Match, and OkCupid usage data from Appsflyer and hundreds of internal documents.”

Match says there is no evidence that logins, financial data, or private chats were stolen, but Personally Identifiable Information (PII) and tracking data for some users are in scope. A notification process has been set in motion.

For Panera Bread, ShinyHunters claims to have compromised 14 million records containing PII.

Panera Bread reassures users that there is no indication that the hackers accessed user login credentials, financial information, or private communications.

ShinyHunters also breached Bumblr, Carmax, and Edmunds among others, but I wanted to use Panera Bread and the Match Group as two examples that have very different consequences for users.

When your activity on a dating app is compromised, the impact can be deeply personal. Concerns can range from partners, family members, or employers discovering dating profiles to the risk of doxxing. For many people, stigma around certain apps can lead to fears of being outed, accused of infidelity, or even extorted.

The impact of the Panera Bread breach will be very different. “I just ordered a sandwich and now some criminals have my home address?” Data like this is useful to enrich existing data sets. And the more they know, the easier and better they can target you in phishing attempts.

Protecting yourself after a data breach

If you think you have been affected by a data breach, here are steps you can take to protect yourself:

  • Check the company’s advice. Every breach is different, so check with the company to find out what’s happened and follow any specific advice it offers.
  • Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
  • Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password, but 2FA that relies on a FIDO2 device can’t be phished.
  • Watch out for impersonators. The thieves may contact you posing as the breached platform. Check the official website to see if it’s contacting victims and verify the identity of anyone who contacts you using a different communication channel.
  • Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
  • Consider not storing your card details. It’s definitely more convenient to let sites remember your card details, but it increases risk if a retailer suffers a breach.
  • Set up identity monitoring, which alerts you if your personal information is found being traded illegally online and helps you recover after.

You can use Malwarebytes’ free Digital Footprint scan to find out if your private information is exposed online.


We don’t just report on threats—we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your, and your family’s, personal information by using identity protection.

Under Armour ransomware breach: data of 72 million customers appears on the dark web

22 January 2026 at 13:02

When reports first emerged in November 2025 that sportswear giant Under Armour had been hit by the Everest ransomware group, the story sounded depressingly familiar: a big brand, a huge trove of data, and a lot of unanswered questions. Since then, the narrative around what actually happened has split into two competing versions—cautious corporate statements on one side and mounting evidence on the other that strongly suggests a large customer dataset is now circulating online.

Public communications and legal language talk about ongoing investigations, limited confirmation, and careful wording around “potential” impact. For many customers, that creates the impression that details are still emerging and that it’s unclear how serious the incident is. Meanwhile, a class action lawsuit filed in the US alleges negligence in data protection and references large‑scale exfiltration of sensitive information, including customer—and possibly employee—data during a November 2025 ransomware attack. Those lawsuits are, by definition, allegations, but they add weight to the idea that this is not a minor incident.

The Everest ransomware group claimed responsibility for the breach after Under Armour allegedly “failed to respond by the deadline.”

Everest Group leak site
Everest Group leak site

From the cybercriminals’ perspective, that means negotiations are over and the data has been published.

The Everest leak site also states that:

“After the full publication, all the data was duplicated across various hacker forums and leak database sites.”

Which seems to be confirmed by posts like this one, where the poster claims the data set contains full names, email addresses, phone numbers, physical locations, genders, purchase histories, and preferences. The data set contains 191,577,365 records including 72,727,245 unique email addresses.

Data made available on the Dark Web

So where does that leave Under Armour customers? The cautious corporate framing and the aggressive cybercriminal claims can’t both be entirely accurate, but they do not carry equal weight when it comes to assessing real-world risk. Ransomware groups sometimes lie about their access, but spinning up a major leak entry, publishing sample data, and distributing it across underground forums is a lot of work for a bluff that could be quickly disproven by affected users. Combined with the “Database Leaked” status on the Everest site, the balance of probabilities suggests that a substantial customer database is now in the wild, even if not every detail in the attackers’ claims is accurate.

Protecting yourself after a data breach

If you think you have been affected by a data breach, here are steps you can take to protect yourself:

  • Check the company’s advice. Every breach is different, so check with the company to find out what’s happened and follow any specific advice it offers.
  • Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
  • Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password, but 2FA that relies on a FIDO2 device can’t be phished.
  • Watch out for impersonators. The thieves may contact you posing as the breached platform. Check the official website to see if it’s contacting victims and verify the identity of anyone who contacts you using a different communication channel.
  • Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
  • Consider not storing your card details. It’s definitely more convenient to let sites remember your card details, but but it increases risk if a retailer suffers a breach.
  • Set up identity monitoring, which alerts you if your personal information is found being traded illegally online and helps you recover after.

We don’t just report on threats—we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your, and your family’s, personal information by using identity protection.

❌