POSTS

Government Technology: Tax Fraud and the Dark Web in 2019

Government Technology: Tax Fraud and the Dark Web in 2019.
https://www.govtech.com/blogs/lohrmann-on-cybersecurity/tax-fraud-and-the-dark-web-in-2019.html

In a summary of the findings Carbon Black found these scary statistics with specific numbers showing the low cost to get sensitive data:

  • W-2s and 1040s are available on the dark web at relatively low cost, ranging from $1.04 to $52. Names, social security numbers and birthdates can be obtained for a price ranging from $0.19 to $62
  • For $1K, a relatively inexperienced hacker can purchase authenticated access to a U.S.-based bank account, file a false tax return,
  • Claim the IRS refund and cash out via a cryptocurrency exchange for a 100+% return on investment.
  • How-to guides for cashing out other people’s tax returns are available for around $5 but one offer, claiming to be the most comprehensive guide for tax refund cash out, was listed for $70
  • A hacker can now provide stolen/purchased identity information (Name, DOB, SSN, etc.) and receive an original image of some person holding a forged passport with matching picture/information and scans of the forged identity documents.

Indianapolis Star: Millions of Hoosiers were affected by data breach. Equifax didn’t protect them, AG says

Indianapolis Star: Millions of Hoosiers were affected by data breach. Equifax didn’t protect them, AG says.
https://www.indystar.com/story/money/2019/05/06/indiana-sues-equifax-over-massive-2017-data-breach/1120448001/

POLITICO: Chinese nationals charged for Anthem hack, ‘one of the worst data breaches in history’

POLITICO: Chinese nationals charged for Anthem hack, ‘one of the worst data breaches in history’.
https://www.politico.com/story/2019/05/09/chinese-hackers-anthem-data-breach-1421341
The Anthem hack, disclosed in February 2015, compromised the sensitive personal data of approximately 78.8 million Americans.
Investigators found intrusions into the Anthem network as early as May 13, 2014. The indictment mentions intrusions into the other victims’ networks in September 2014, October 2014 and January 2015. The hackers continued breaching Anthem computers during this period.