With data breaches impacting organizations on what seems like a daily basis, there’s a very good chance that your personal information has been compromised — and once it is leaked onto the Dark Web, you are vulnerable forever. According to the 2018 End-of-Year Data Breach Report, the total number of data breaches decreased in 2018, however, the number of stolen records climbed more than 126 percent. Not only is that a significant increase in the amount of Personal Identifiable Information (PII) that is now in the hands of cybercriminals, but it is also an indication that breaches have become larger, exposing more pieces of data per incident. Continue reading
Cybercriminals are Playing Dirty
Online gamers of all ages may not realize the real-life dangers of sharing personal information, leaving them susceptible to vulnerabilities such as fraud, swatting, and identity theft.
The Global Game Market Report estimates that downloaded, digital game revenues took 91% of the global video game market in 2018 ($125.3 billion), with boxed games making up the remainder. This gamer ecommerce channel opens a massive gateway for cybercriminals to hack and commit fraud by preying on unsuspecting online players.
Game Over: Personal Information Exposed
As new games are introduced to the market, players’ excitement to jump into the latest adventure skyrockets—and so do the watchful eyes of cyberthieves. Young gamers are particularly vulnerable to fraud and are less likely to notice when their accounts have been hacked.
In 2019, two major internet-connected video games exposed Personally Identifiable Information (PII) of their users:
- January 2019 was the second time in less than a year that Fortnite, one of the most popular online video games, experienced a security incident. In the most recent breach, the account information of over 80 million players was exposed. The revealed data allowed hackers to take over accounts, make purchases with the game’s virtual currency, and eavesdrop and record conversations among players.
- Also in January this year, the usernames, email addresses, and passwords of 7.6 million of Town of Salem players was hacked through an unprotected game server.
Malicious Use of Shared Information
Personal information is not only stored by individual games but is often shared in seemingly innocent game chats that can take a turn for the worst. Spiteful players have used this PII to their advantage: taking over accounts to make in-app purchases, impersonating and damaging the victim’s online reputation, or stealing their identity for financial gains.
In a much more dangerous scheme, malicious gamers have used this shared personal information, such as a home address, to commit “swatting” attacks. Swatting, essentially a high-stakes prank, occurs when police receive a phony tip regarding illegal activity in progress at the victim’s location, causing the police or a SWAT team to show up unexpectedly — and usually in full-force — at the victim’s home. Swatting is a serious offense and perpetrators will face criminal charges.
Be aware, and stay vigilant, about the information you or your children share while playing your favorite online video games. Practice safe gaming habits to prevent falling victim to online threats.
Tips to Protect Yourself from Online Gaming Vulnerabilities
- Beware of what is shared. Educate kids on what is considered personal information, and that it is not safe to share such details with strangers online.
- Disable devices when not in use. Block and disable your video game console, webcams, and microphones when not in use.
- Create an anonymous gamer tag. Refrain from using personal information such as real name, location, or age when creating your online gaming profile.
- Avoid clicking suspicious links. Links received through a game chat or on your mobile device may contain malware designed to infiltrate your devices and accounts for hostile purposes.
Continue following Fighting Identity Crimes to get the latest breach and scam updates, ID protection news & tips from our industry experts!
Follow us on social!
From Data Dump to Dark Web Database
On Dec. 5, 2017, a massive database with data from over 300 data breaches was discovered on the Dark Web. This Dark Web database contains over 1.4 billion unique clear text, or publicly viewable, login credentials, which experts have confirmed are legitimate pairings.
To make a long story short, 41GB of publicly viewable data was dumped on the Dark Web. From there, the information became accessible via a “Dark Web database,” allowing hackers to search the aggregated data by password type, user, breach event and more.
Unlike a single data breach event, this database aggregates breached data from hundreds of big-name data breaches like Netflix, LinkedIn, Minecraft and Bitcoin. The database is even more concerning because the information was found in clear text – meaning that anyone with access to it can view it. Continue reading
Educational Institutions Take on Data Breaches
In 2016, 9 percent of all data breaches came from the education sector. While hackers may not be interested in snooping through your old grades, they’re looking for any personal information the institution has on file to commit any number of identity crimes.
Educational institutions are targeted because they hold large amounts of sensitive information. Once criminals gain access into an institution’s network, they capture your personal information from admissions applications, third-party online homework apps, campus Wi-Fi networks and more. An education data breach can also reach far and wide, affecting faculty, students and alumni alike. Continue reading