Armand here, RPost’s armadillo product evangelist. Perhaps with all the dancing at the various political conventions you may have missed reading about the largest personal data breach likely effecting every person in the United States. Or, perhaps you read about it and shrugged your shoulders thinking, “Not novel.”
I think the news about this news is that this news was not really even news that caused anxiety for most. Today’s news of a breach seems to not even be news!?
Just to recap, National Public Data (NPD) is a company that scrapes data from public record databases, national and state databases, and court records, including nonpublic sources. It then sells this private data to a wide range of organizations, including background check websites, investigators, app developers, and data resellers. A few months ago, a cybercriminal group called "USDod" reportedly breached NPD's systems and stole private information on Americans collected by the company and claimed on the dark web that they had stolen the personal data of 2.9 billion people and offered to sell the database for millions of dollars. Now, that is a lot of people, 2.9 billion, considering there are about 8 billion people on the planet.
The data reportedly is in a database format making it easy to query on names, address histories, relatives, and Social Security numbers dating back at least three decades, and more.
So, what does this mean to you?
Bottom line, your information is out there, all of it, and readily accessible for those cybercriminals who are looking to target you OR THOSE WHO YOU KNOW with a GenAI clone of you or them, with a ton of contextual information.
I would believe this cements the fact that we have to start looking at how to see the unseen, see these cybercriminal lures in their early stages, to thwart them. We have to assume they will target you, they will target everyone with money or power to spend or invest others’ money.
As we mentioned last week, if one can spot cybercriminals OUTSIDE of one’s network inside email accounts that they have compromised (at your recipient for example), you can thwart the cybercriminal activity before they get the useful content and insights (from your content exposed in others’ email accounts) that they would otherwise use to build a sophisticated (and now GenAI-enabled deep fake) phish lure.
Essentially, as we mentioned, it seems more important than ever to really crush the phish eggs, the phish caviar, before they develop into GenAI powered up phish.
Now the good news. RPost can auto-kill all copies of your documents or information when RPost detects a cybercriminal is attempting to access it, like a pre-emptive remote-control document kill switch, so that cybercriminals with knowledge of you cannot see your business correspondence or transactional data to build their sophisticated phish lures. We call this RPost PRE-Crime™ tech.
With a few clicks, RPost plugs into one’s existing Gmail, Microsoft, or it can be automated at the security gateway, and quietly hunts for threats that often are lurking outside of one’s own system and in fact in the email account of those recipients they communicate with. The American Land Title Association recently published a case study showing these lures in action, where the deal closer for a real estate transaction was notified by RPost PRE-Crime tech in real time, that the transaction detail was being eavesdropped on by cybercriminals emanating from Moscow.
November 20, 2024
November 12, 2024
November 06, 2024
November 01, 2024
October 29, 2024