Data Breaches, Identity Theft, Thursday Threats

Texas Department of Insurance data breach affects millions; personal data of VPN users leaked on Telegram

Thursday Threats 5/19

You’ve likely read a story about or have been notified of a data breach where information was exposed for a lengthy period of time. Personally identifiable information is sometimes at risk for years before a company takes action. This can be concerning, especially if it’s your data that’s out in the open.

In some instances, a data breach goes undetected because the organization in question didn’t know there was a problem. Other times the organization is aware of the cyberattack, but chooses to withhold the information for one reason or another. 

But thanks to state data breach notification and healthcare privacy and security laws, many organizations now have a set period of time to report the data breach once it’s discovered.  Companies can no longer hide anything from you, as they can face financial penalties and reputation damages from keeping these cybersecurity incidents secret. 

In this week’s BlackCloak Thursday Threat Update, we’ll take a look at a pair of data breaches where information was exposed for an extended period of time, but only now are the victims first finding out that their data was compromised. One of these breaches affected a state’s insurance department while the other impacted millions of VPN users.

Texas Department of Insurance data breach affects nearly two million

What we know: A state audit found that the Texas Department of Insurance leaked the personal data of 1.8 million workers who filed compensation claims from March 2019 to January 2022. The information was made publicly available, and included data points such as workers’ names, addresses, dates of birth and Social Security numbers, as well as details about the injuries they suffered. When the audit was completed, the department said it was not aware of the issue until January.

Recommendations: The Department of Insurance said it will provide 12 months of free credit monitoring and identity protection services to anyone affected by the breach. If you receive a data breach notification letter in the mail, it will include information on how to sign up for these services. In addition to protecting your identity, make sure to monitor and review your accounts for any suspicious activity that may have taken place during the time period when the information was exposed.

Millions of VPN user records leaked on Telegram

What we know: The records of 21 million VPN users were leaked onto the Telegram messaging app. The leaked records belong to users of VPN services such as GeckoVPN, SuperVPN and ChatVPN and includes information dated back to February 2021. Compromised information includes full names, usernames, email addresses, password strings, billing details and the country of origin.

Recommendations: If you are a user of one of the VPN services listed above, the first action you should take is to reset your account password. If you use the same password for any other accounts, you should reset those as well; and use this opportunity to create unique passwords for every service you use. In addition, be on the lookout for any suspicious messages you may receive through your email. With the data points gathered in this breach, cybercriminals may use them to conduct phishing attacks, where they will try and coerce you into turning over even more sensitive information, which will increase your risk of becoming a victim of identity fraud.

In data breach prevention, proactivity is the name of the game

The data breach threat may seem ominous, but as long as you are proactive, you can minimize your overall risk radius both before and after an incident takes place. These BlackCloak blogs explain how you can create strong passwords, and store them safely and when to place a credit freeze and fraud alert on your accounts.