Happy New Year 2025

Tag: data

  • Huge data leak exposes 14 million customer shipping records

    Huge data leak exposes 14 million customer shipping records

    ‘CyberGuy’: Protect your data

    Kurt Knutsson joins “FOX & Friends” to discuss how your smart home cameras could be spying on you and how to combat phone addiction.

    No industry is safe from data breaches. Over the past few months alone, we’ve seen security incidents hit almost every sector, including healthcare, finance and tech. Now, the shipping industry has joined the list, with a major global shipper that works with Amazon, eBay and Shopify exposing 14 million records.

    To make things worse, the open instance was found in December during the peak of international shipping when people are sending and receiving gifts all over the world. Researchers traced it back to an unprotected AWS bucket owned by Hipshipper.

    STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT’S THE CYBERGUY REPORT NOW

    Amazon boxes with labels on top. (Kurt “CyberGuy” Knutsson)

    What you need to know

    Hipshipper, a shipping platform used by sellers on eBay, Shopify and Amazon, accidentally exposed millions of shipping labels with personal customer information. Researchers at Cybernews found the exposed data in December 2024, but it wasn’t fixed until January, meaning it was open for at least a month. Hipshipper helps people ship packages to over 150 countries, offering tracking, free insurance and easy returns. The exposed shipping labels are important because they detail what’s inside the packages and where they’re supposed to go. 

    However, an unprotected AWS bucket held over 14.3 million records, mainly shipping labels and customs forms. Researchers from Cybernews said, “Cybercriminals can use leaked data to carry out scams and phishing attacks. For example, criminals might pretend to be trusted businesses and send fake messages using specific order details to trick people into sharing personal or financial information.”

    Huge data leak exposes 14 million customer shipping records

    Employees at a shipping facility. (Kurt “CyberGuy” Knutsson)

    THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

    What data was leaked?

    Researchers believe the exposed bucket contained sensitive information about buyers, including their full names, home addresses, phone numbers and order details such as mailing dates and parcel information. While there’s no direct evidence that cybercriminals accessed the exposed data, millions of malicious actors use automated bots to search the internet for similar leaks, hoping to find data they can use for harmful purposes. 

    These criminals could exploit the leaked information to launch scams and phishing attacks. For instance, they might pretend to be trusted companies and send fake messages that use specific order details to pressure people into urgently verifying personal or financial information. Unfortunately, retail companies are a prime target for hackers, and relying on large, well-known firms doesn’t always protect your information. Recent breaches involving companies like GrubhubMizuno and Hot Topic show that even big-name retailers can suffer significant security lapses.

    Huge data leak exposes 14 million customer shipping records

    Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

    FROM TIKTOK TO TROUBLE: HOW YOUR ONLINE DATA CAN BE WEAPONIZED AGAINST YOU

    7 ways you can protect yourself after a data breach like this

    1) Beware of phishing attempts and use strong antivirus software: After a data breach, scammers often use the stolen data to craft convincing phishing messages. These can come via email, text or phone calls, pretending to be from trusted companies. Be extra cautious about unsolicited messages with links asking for personal or financial details, even if they reference recent orders or transactions. The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

    2) Watch out for snail mail: While many security threats happen online, physical mail can also be a target. With home addresses exposed in data leaks, criminals may send fraudulent letters or fake invoices to trick you into providing further personal information or making payments. If you receive suspicious mail, avoid responding and report it to the company it claims to be from.

    3) Invest in identity theft protection: Given the exposure of personal data, such as names, addresses and order details, investing in identity theft protection services can provide an extra layer of security. These services monitor your financial accounts and credit report for any signs of fraudulent activity, alerting you to potential identity theft early on. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

    4) Enable two-factor authentication on accounts: Enabling two-factor authentication adds an extra layer of security to your online accounts. Even if hackers get hold of your login credentials, they won’t be able to access your accounts without the second verification step, such as a code sent to your phone or email. This simple step can significantly reduce the risk of unauthorized access to sensitive personal information.

    5) Monitor your credit reports regularly: You can request free credit reports from major credit bureaus to check for any suspicious activity or unauthorized accounts opened in your name.

    6) Update your passwords: Change passwords for any accounts that may have been affected by the breach and use unique, strong passwords for each account. Consider using a password manager. This can help you generate and store strong, unique passwords for all your accounts.

    7) Remove your personal data from public databases: If your personal data was exposed in this breach, it’s crucial to act quickly to reduce your risk of identity theft and scams by removing your personal information from the web. Check out my top picks for data removal services here.

    MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

    Kurt’s key takeaway

    It’s high time every industry took cybersecurity seriously. If your business operates online, you are just as responsible for protecting customer data as a tech company, possibly even more so, since tech companies typically have stronger safeguards in place. The fact that Hipshipper left a storage bucket containing 14 million records unprotected speaks volumes about how little they prioritize cybersecurity. And it’s not just Hipshipper. Many companies dealing with tech products aren’t even careful enough to password-protect their critical documents. This lack of basic security highlights a worrying trend across industries.

    Do you think businesses are doing enough to protect customer data? Let us know by writing us at Cyberguy.com/Contact.

    For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

    Ask Kurt a question or let us know what stories you’d like us to cover.

    Follow Kurt on his social channels:

    Answers to the most-asked CyberGuy questions:

    New from Kurt:

    Copyright 2025 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

  • ‘Catastrophic results’: Union, taxpayer groups take stab at DOGE in latest lawsuit over IRS data access

    ‘Catastrophic results’: Union, taxpayer groups take stab at DOGE in latest lawsuit over IRS data access

    In a lawsuit filed on Monday, multiple taxpayer and union groups alleged Elon Musk’s Department of Government Efficiency (DOGE) violated multiple laws in its quest to unearth and eliminate wasteful government spending.

    The groups claim DOGE launched a “sweeping campaign to access highly-sensitive information systems” and violated laws that limit executive power, protect civil servants, and guard citizens’ data held by the government.

    The agency, which was created by an executive order earlier this year, remains a temporary organization within the White House and is tasked with optimizing the federal government, streamlining operations, and slashing spending in just 18 months.

    U.S. President Donald Trump is joined by Tesla and SpaceX CEO Elon Musk, and his son, X Musk, during an executive order signing in the Oval Office at the White House on February 11, 2025 in Washington, DC. (Andrew Harnik/Getty Images)

    LAWSUIT TRACKER: NEW RESISTANCE BATTLING TRUMP’S SECOND TERM THROUGH ONSLAUGHT OF LAWSUITS TAKING AIM AT EOS

    Noting recent DOGE action at the Treasury, Labor, Education and Health departments, as well as at the Consumer Financial Protection Bureau, Office of Personnel Management and Internal Revenue Service (IRS), the suit alleges DOGE’s access to sensitive information systems “lacks statutory authority.”

    Specifically, it claims DOGE violated the Tax Reform Act, Privacy Act and Administrative Procedures Act.

    “The results have already been catastrophic,” according to the suit.

    DOGE protesters march down the street.

    About 100 DOGE protesters gathered, fearing DOGE would cut the workforce at the Bureau of Fiscal Service. (Fox News Digital)

    Without the court’s intervention, the groups said they were concerned about DOGE having access to sensitive information including social security numbers, individuals’ finances, and bank account information.

    The lawsuit also asserted DOGE will have access to confidential business information, tax records and IRS investigations, which “could include investigations or reports pertaining to Mr. [Elon] Musk’s businesses or those of his competitors.”

    “No other business owner on the planet has acces to this kind of information on his competitors, and for good reason,” lawyers wrote in the suit.

    Musk in DC

    Tesla CEO Elon Musk, Co-Chair of the newly announced Department of Government Efficiency (DOGE), arrives on Capitol Hill on December 05, 2024 in Washington, DC. Musk and his Co-Chair, businessman Vivek Ramaswamy are meeting with lawmakers today about DOGE, a planned presidential advisory commission with the goal of cutting government spending and increasing efficiency in the federal workforce.  (Anna Moneymaker/Getty Images)

    DOGE SCORES BIG COURT WIN, ALLOWED ACCESS DATA ON 3 FEDERAL AGENCIES

    The groups — the Center for Taxpaper Rights, Main Street Alliance, National Federation of Federal Employees, and Communications Workers of America — are seeking a temporary restraining order to maintain the status quo until the court has an opportunity to review DOGE and Musk’s actions.

    Following the review, plaintiffs asked the court to declare DOGE’s access unlawful, halt its use of IRS systems, order that information obtained illegally be deleted, and establish new security protections.

    The lawsuit was filed prior to a federal judge’s ruling on Tuesday to not block DOGE from accessing government data or firing federal employees. 

    Rally

    Demonstrators rally in support of federal workers outside of the Department of Health and Human Services, Friday, Feb. 14, in Washington.  (AP/Mark Schiefelbein)

    U.S. District Judge Tanya Chutkan rejected a request for a temporary restraining order, pointing to the absence of evidence showing the agency’s access caused “irreparable harm.”

    However, Chutkan did question what “appears to be the unchecked authority of an unelected individual,” referencing Musk.

    She also expressed concerns about DOGE’s accountability to Congress.

    ‘WASTEFUL AND DANGEROUS’: DOGE’S TOP FIVE MOST SHOCKING REVELATIONS

    WASHINGTON, DC - FEBRUARY 14: Protesters demonstrate in support of federal workers outside of the U.S. Department of Health and Human Services on February 14, 2025 in Washington, DC. Organizers held the protest to speak on the Department of Government Efficiency (DOGE) cuts.

    Protesters demonstrate in support of federal workers outside of the U.S. Department of Health and Human Services on Feb. 14, 2025 in Washington, DC. Organizers held the protest to speak on the Department of Government Efficiency (DOGE) cuts. (Anna Moneymaker/Getty Images)

    Last week, more than a dozen Democratic state attorneys general sued to temporarily restrict DOGE’s access to federal data about government employees, citing concerns about Musk’s access and power.

    “There is no greater threat to democracy than the accumulation of state power in the hands of a single, unelected individual,” according to the lawsuit, filed by New Mexico Attorney General Raul Torrez.

    Attorneys general from Arizona, California, Connecticut, Hawaii, Maryland, Massachusetts, Michigan, Minnesota, Nevada, Oregon, Rhode Island, Vermont and Washington also signed onto the suit.

    CLICK HERE TO GET THE FOX NEWS APP 

    Fox News Digital’s Breanne Deppisch contributed to this report.

    Alexandra Koch is a breaking news writer for Fox News Digital. Prior to joining Fox News, Alexandra covered breaking news, crime, religion, and the military in the southeast.

  • Acting head of Social Security quits after clash with DOGE over data: Report

    Acting head of Social Security quits after clash with DOGE over data: Report

    Join Fox News for access to this content

    You have reached your maximum number of articles. Log in or create an account FREE of charge to continue reading.

    By entering your email and pushing continue, you are agreeing to Fox News’ Terms of Use and Privacy Policy, which includes our Notice of Financial Incentive.

    Please enter a valid email address.

    Having trouble? Click here.

    The acting head of the Social Security Administration (SSA) quit her job over the weekend after butting heads with the Elon Musk-led Department of Government Efficiency (DOGE), over efforts to access certain sensitive government records, according to reports.

    The Washington Post reported that three people familiar with Michelle King’s departure said on Monday that she stepped down from her position after the disagreement.

    In response to King’s departure, President Donald Trump reportedly appointed Leland Dudek to lead the agency as the president’s nominee to serve as commissioner of the SSA, Frank Bisignano, is vetted by federal lawmakers.

    Principal Deputy Press Secretary at the White House, Harrison Fields, said they expect Bisignano to be “swiftly confirmed in the coming weeks.”

    ELON MUSK SAYS MILLIONS IN SOCIAL SECURITY DATABASE ARE BETWEEN AGES OF 100 AND 159

    The logo of the US Social Security Administration is seen outside a Social Security building, November 5, 2020, in Burbank, California. (Photo by VALERIE MACON / AFP) (Photo by VALERIE MACON/AFP via Getty Images) (VALERIE MACON/AFP via Getty Images)

    “In the meantime, the agency will be led by a career Social Security anti-fraud expert as the acting commissioner,” Fields said without naming the replacement. “President Trump is committed to appointing the best and most qualified individuals who are dedicated to working on behalf of the American people, not to appease the bureaucracy that has failed them for far too long.”

    The three individuals who spoke to the Washington Post on the condition of anonymity, reportedly told the publication that Dudek posted positive remarks about DOGE’s efforts to seek out fraud and cut costs across federal agencies.

    The SSA did not respond to Fox News Digital’s request for comment on the matter.

    DEMOCRATS LOVED IDEA OF DOGE BEFORE TRUMP, WHITE HOUSE QUIPS

    Elon Musk

    Elon Musk speaks during an event in the Oval Office with President Donald Trump at the White House, Tuesday, Feb. 11, 2025, in Washington. (Photo/Alex Brandon) (AP Images)

    Musk is leading DOGE to aggressively slash government waste when it comes to federal spending under President Trump. The department was created via executive order and is a temporary organization within the White House that will spend 18 months carrying out its mission.

    One of the department’s most recent targets is the SSA, which was created by the Social Security Act under President Franklin D. Roosevelt in 1935 and tasked with establishing a federal benefits system for older Americans.

    As DOGE continues to find fraud and wasteful spending at SSA, Musk turned to X on Monday to say millions of people listed in a Social Security database are recorded as centenarians “with the death field set to FALSE!”

    TREASURY DEPARTMENT RECOUPS $31 MILLION IN IMPROPER GOVERNMENT PAYMENTS TO DEAD PEOPLE

    “According to the Social Security database, these are the numbers of people in each age bucket with the death field set to FALSE! Maybe Twilight is real and there are a lot of vampires collecting Social Security,” Musk posted, adding a couple of rolling on the floor laughing emojis.

    His post features a chart indicating there are more than 20 million listed with ages 100 and higher, including more than 3.9 million in the 130-139 age range, more than 3.5 million in the 140-149 range and more than 1.3 million in the 150-159 range.

    CLICK HERE TO GET THE FOX NEWS APP

    While the U.S. population count in the 2020 census was more than 331 million, the count of people ages 100 and older was more than 80,000, according to U.S. Census Bureau data.

    Fox News Digital’s Alex Nitzberg contributed to this report.

  • DOGE scores big court win, allowed access data on 3 federal agencies

    DOGE scores big court win, allowed access data on 3 federal agencies

    A federal judge in Washington on Friday handed Elon Musk’s government efficiency team a win by declining a request to temporarily block it from accessing sensitive data from at least three federal agencies.

    Unions and nonprofits attempted to stop Musk’s Department of Government Efficiency (DOGE) from accessing records at the Departments of Labor, Health and Human Services and the Consumer Financial Protection Bureau.

    U.S. District Judge John Bates wrote in an opinion that the government was likely correct in categorizing DOGE as an agency, thereby allowing it to detail its staff to other government departments. 

    A federal judge in Washington on Friday handed Elon Musk’s government efficiency team a win by declining a request to temporarily block it from accessing sensitive data from at least three federal agencies. (AP Images)

    LAWSUIT TRACKER: NEW RESISTANCE BATTLING TRUMP’S SECOND TERM THROUGH ONSLAUGHT OF LAWSUITS TAKING AIM AT EOS

    However, Bates called his finding a “close question,” noting that the government did not want DOGE to be considered an agency for purposes of another federal law, which would subject it to open records requests.

    Bates, who was appointed by President George W. Bush, said DOGE was a “Goldilocks entity: not an agency when it is burdensome but an agency when it is convenient.”

    “Plaintiffs have not shown a substantial likelihood that [DOGE] is not an agency. If that is so, [DOGE] may detail its employees to other agencies consistent with the Economy Act,” he wrote in part.

    The newly minted agency, a key promise of President Donald Trump’s reelection campaign, is aggressively slashing government waste when it comes to government spending. It was created via executive order and is a temporary organization within the White House that will spend 18 months carrying out its mission.

    ‘WASTEFUL AND DANGEROUS’: DOGE’S TOP FIVE MOST SHOCKING REVELATIONS

    The Justice Department has argued that the DOGE personnel in question are “detailed” U.S. government employees who have access to the information under provisions of the Economy Act.

    Musk hailed the decision by reposting the news on X with the caption: “LFG,” an abbreviation for “Let’s f—ing go.” 

    Judge Bates suggested earlier Friday that DOGE’s creation and its hierarchy were “odd,” noting that it “was created in a way to get it out of OMB [Office of Management and Budget] and instead answering to the chief of staff of the president.”

    People demonstrating with signs

    Demonstrators rally in support of federal workers outside the Department of Health and Human Services, Friday, Feb. 14, in Washington.  (AP/Mark Schiefelbein)

    DOGE “took great effort to avoid being an agency, but in this case, you’re an agency,” he said of DOGE. “It just seems to strain credulity.” 

    Attorneys for unions representing Labor Department employees argued during last week’s hearing that, absent court intervention, DOGE could access protected agency information, including the financial and medical records of millions of Americans, as well as employee safety and workplace complaints.

    The plaintiffs noted that Labor Department systems contain sensitive information about investigations into Musk-owned companies Tesla and SpaceX, as well as information about trade secrets of competing companies, sparking concerns about Elon Musk’s possible access to the information.

    Attorney Mark Samburg argued that allowing DOGE access to this information could have a “chilling effect” on new employees coming forward, due to fear of unlawful disclosure or retaliation.

    “The sensitive information of millions of people is currently at imminent risk of unlawful disclosure,” Samburg said.

    The plaintiffs had urged Judge Bates to grant a temporary request to block DOGE’s access to the information, which they said would “force the agency to implement a more thoughtful process.”

    Trump signing executive order

    President Donald Trump signs executive orders in the Oval Office. DOGE was created via executive order and is a temporary organization within the White House that will spend 18 months carrying out its mission. (Anna Moneymaker/Getty Images)

    CLICK HERE TO GET THE FOX NEWS APP 

    Separately, on Friday, a federal judge extended a temporary order blocking DOGE from accessing payment systems within the Treasury Department.

    That extension came after 19 state attorneys general filed a lawsuit claiming DOGE illegally accessed the Treasury Department’s central payment system at the Trump administration’s behest.  

    Fox News’ Brie Stimson and Reuters contributed to this report.

    Michael Dorgan is a writer for Fox News Digital and Fox Business.

    You can send tips to [email protected] and follow him on Twitter @M_Dorgan.

  • Nokia picks Intel’s AI and data center leader Justin Hotard as new CEO

    Nokia picks Intel’s AI and data center leader Justin Hotard as new CEO

    Vice President JD Vance told world leaders in Paris that AI must be ‘free from ideological bias,’ and that American tech won’t be a censorship tool. (Credit: Reuters)

    • Nokia CEO Pekka Lundmark will step down and be replaced by Justin Hotard, the Finnish telecoms company said on Monday.
    • Hotard is currently the executive vice president and general manager of Data Center & AI Group at Intel, according to the chipmaker’s website.
    • Nokia shares are up 27.85% over the past year, but are down more than 90% since peaking in June 2000.

    Finnish telecoms company Nokia on Monday said Pekka Lundmark would step down as CEO, and that it has appointed Justin Hotard to take over his role.

    Hotard, who will take up the position on April 1, is currently the executive vice president and general manager of Data Center & AI Group at Intel, according to the chipmaker’s website.

    Telecom gear makers, struggling with lower sales of 5G equipment, have been looking for ways to diversify their markets and break into growing areas such as artificial intelligence.

    AI WILL HELP LOWER PRICES, BUT COULD BE USED BY AUTHORITARIAN GOVERNMENTS, OPENAI CEO SAM ALTMAN SAYS

    “He has a strong track record of accelerating growth in technology companies along with vast expertise in AI and data center markets, which are critical areas for Nokia’s future growth,” Nokia’s Chair Sari Baldauf said in a statement.

    Shares were up 1.6% at 4.7 euros by 0854 GMT on Helsinki’s stock exchange, which was up just 0.45%.

    JPMorgan analysts called the CEO transition a surprise as they said Lundmark had been successful at “steadying the ship.”

    Nokia’s current President and Chief Executive Officer, Pekka Lundmark, Nokia’s Chair of the Board of Directors Sari Baldauf and the next President and Chief Executive Officer of Nokia, Justin Hotard, attend the company’s press conference in Espoo, Fi (Lehtikuva/Markku Ulander/via Reuters / Reuters)

    “Given that a new CEO has already been appointed, it looks like this transition was in the works for some time. With the Datacentre and AI background of the new CEO, it is clear which areas Nokia wants to focus on,” they said in a note.

    This view was echoed by analysts at Inderes, who see the change as a strategic shift towards Nokia’s Network Infrastructure unit, where data centers and AI investments are fostering new growth opportunities.

    Last year, Nokia made a move to buy U.S. optical networking gear maker Infinera in a $2.3 billion deal to gain from the billions of dollars in investment pouring into data centers to cater to the rise of artificial intelligence.

    Lundmark, who was appointed as Nokia’s CEO in 2020, will stay on as an advisor to Hotard until the end of the year, the company said.

    In September, Nokia declined media reports saying the company was looking for a new chief executive.

    “The planning for this leadership transition was initiated when Pekka indicated to the Board that he would like to consider moving on from executive roles when the repositioning of the business was in a more advanced stage, and when the right successor had been identified,” Baldauf said.

    CLICK HERE TO READ MORE FROM FOX BUSINESS

    Nokia shares are up 27.85% over the past year, but are down more than 90% since peaking in June 2000.

    Its infrastructure business, increasingly integrating AI technologies, focuses on building and maintaining communication systems, including data centers, servers and routers.

    Its mobile networks unit concentrates on technologies and services enabling mobile communication, including the development and management of cell towers and 5G technologies.

  • Huge healthcare data breach exposes over 1 million Americans’ sensitive information

    Huge healthcare data breach exposes over 1 million Americans’ sensitive information

    The healthcare industry has recently been a major target for hackers. You might remember the 2024 Ascension attack, which led to significant disruptions. 

    The Change Healthcare breach was also on a massive scale. UnitedHealth initially claimed that 100 million Americans were affected, but later raised that number to 190 million. 

    There have been countless other incidents, and now you can add another to the list. Community Health Center, Inc. (CHC), a Connecticut-based federally qualified health center, has disclosed a data breach following a criminal cyberattack on its systems. 

    The attack has affected over a million people in the U.S.

    GET SECURITY ALERTS, EXPERT TIPS — SIGN UP FOR KURT’S NEWSLETTER — THE CYBERGUY REPORT HERE

    A healthcare professional working on her laptop. (Kurt “CyberGuy” Knutsson)

    What You Need to Know

    Community Health Center, Inc. (CHC) detected a data breach on Jan. 2 after identifying unusual activity within its computer systems. An investigation confirmed that a skilled hacker had accessed and extracted data but did not delete or lock any information. If CHC’s claims are accurate, this is a positive outcome, as hackers often deploy ransomware, a type of attack in which they lock systems and demand payment before restoring access.

    In a regulatory filing with the Maine Attorney General’s Office, CHC said that 1,060,936 people were affected by the data breach. The type of information compromised varies depending on an individual’s relationship with CHC. Patient data that may have been accessed includes names, dates of birth, addresses, phone numbers, email addresses, diagnoses, treatment details, test results, Social Security numbers and health insurance information.

    WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

    For individuals who are not regular CHC patients but received COVID-19 services at a CHC clinic, the breached data may include names, dates of birth, phone numbers, email addresses, addresses, gender, race, ethnicity and insurance details if provided. Additional information, such as test dates, results and vaccine details, including type, dose and administration date, may also have been affected. In rare cases, Social Security numbers were also included in the breach.

    The organization did not disclose how the hackers gained access to the data or whether proper cybersecurity measures were in place at the time of the breach. While CHC has assured that its systems are no longer at risk, the same cannot be said for its patients, who may now be targets of various cyberattacks.

    healthcare worker

    A healthcare worker looking at information on his phone. (Kurt “CyberGuy” Knutsson)

    THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

    CHC’s response

    CHC said the hacker’s access was terminated within hours, and daily operations were not disrupted. To strengthen cybersecurity, CHC claims it has implemented advanced monitoring software and reinforced system protections. The organization said there is no evidence at this time that the compromised data has been misused.

    The health center is offering free identity theft protection services for all patients and COVID-19 service recipients whose Social Security numbers were involved in the breach. The organization is also encouraging individuals whose Social Security numbers were not affected to take additional steps to protect their information.

    GET FOX BUSINESS ON THE GO BY CLICKING HERE

    hacker

    Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

    HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET 

    6 ways to protect yourself from Change Healthcare data breach

    1. Remove your personal information from the internet: The breach has exposed sensitive personal data, making it essential to reduce your online footprint. While no service can guarantee complete data removal, a reputable data removal service can significantly limit your exposure. These services systematically monitor and erase your personal information from numerous websites and data brokers. Check out my top picks for data removal services here.

    2. Be wary of mailbox communications: With addresses among the compromised data, scammers may exploit this breach to send fraudulent letters. Be aware of mail claiming missed deliveries, account suspensions or security alerts. Always verify the authenticity of such communications before responding or taking action.

    3. Be cautious of phishing attempts and use strong antivirus software: Scammers may use your compromised email or phone number to target you with phishing attacks. Be wary of messages asking for personal information or containing suspicious links. To protect yourself, ensure strong antivirus software is installed on all your devices. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

    4. Monitor your accounts: Given the scope of this breach, regular monitoring of your bank accounts, credit card statements and other financial accounts is critical. Look for unauthorized transactions or suspicious activity, and report any issues immediately to your bank or credit card provider.

    5. Recognize and report a Social Security scam: If your Social Security number is exposed, you could become a target for related scams. Official communication regarding Social Security issues usually comes via mail, not phone calls or emails. Learn more about spotting and reporting scams by visiting the Social Security Administration’s scam information page.

    6. Invest in identity theft protection: Data breaches happen every day, and most never make the headlines, but with an identity theft protection service, you’ll be notified if and when you are affected. An identity theft protection service can monitor personal information like your Social Security number (SSN), phone number and email address and alert you if it is being sold on the dark web or being used to open an account. It can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

    One of the best parts of using an identity theft protection service is that it might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft. 

    MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

    Kurt’s key takeaway

    The CHC breach may not be as large as the UnitedHealth attack, but with over a million individuals affected, it’s still a serious incident. Cybercriminals can exploit stolen data in various ways, from identity theft to targeted phishing scams. While CHC has taken steps to secure its systems, those impacted should remain vigilant. Be wary of unexpected emails, calls or messages requesting personal information, and consider monitoring financial and medical accounts for any suspicious activity.

    CLICK HERE TO GET THE FOX NEWS APP

    Do you think these companies are doing enough to protect your data, and is the government doing enough to catch those behind cyberattacks? Let us know by writing us at Cyberguy.com/Contact

    For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

    Ask Kurt a question or let us know what stories you’d like us to cover.

    Follow Kurt on his social channels for the latest tech tips and tricks:

    Answers to the most-asked CyberGuy questions:

    New from Kurt:

    Copyright 2025 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

  • Democratic AGs from 19 states sue Trump admin over DOGE access to sensitive, personal data at Treasury

    Democratic AGs from 19 states sue Trump admin over DOGE access to sensitive, personal data at Treasury

    Democratic attorneys general from 19 states have filed a federal lawsuit against the Trump administration over the Department of Government Efficiency’s (DOGE) access to sensitive, personal data belonging to Americans at the Treasury Department. 

    The lawsuit claims the Elon Musk-run agency illegally accessed the Treasury Department’s central payment system at the Trump administration’s behest. 

    On Thursday, the Treasury agreed to limit the Musk team’s access to its payment systems while a judge hears arguments in a previous lawsuit filed by a group of employee unions and retirees. 

    The lawsuit, filed Monday, claimed Musk’s team violated the law by being given “full access” to the Treasury’s payment systems.

    FEDERAL JUDGE ORDERS LIMITED DOGE ACCESS TO SENSITIVE TREASURY DEPARTMENT PAYMENT SYSTEM RECORDS 

    Democratic attorneys general from 19 states have filed a federal lawsuit against the Trump administration over the Department of Government Efficiency’s access to sensitive, personal data belonging to Americans at the Treasury Department.  (Anna Moneymaker/Getty Images)

    The payment systems have information about Americans’ Social Security, Medicare and veterans’ benefits, tax refund information and much more. 

    U.S. Treasury Secretary Scott Bessent told FOX Business Wednesday the concerns are not valid. 

    “DOGE is not going to fail,” he said. “They are moving a lot of people’s cheese here in the capital, and when you hear this squawking, then some status quo interest is not happy.

    “At the Treasury, our payment system is not being touched. We process 1.3 billion payments a year. There is a study being done — can we have more accountability, more accuracy, more traceability that the money is going where it is? But, in terms of payments being stopped, that is happening upstream at the department level.”

    ELON MUSK DUNKS ON SEN. CHUCK SCHUMER, DECLARING ‘HYSTERICAL REACTIONS’ DEMONSTRATE DOGE’S IMPORTANCE

    DOGE was launched to root out wasteful spending in the government, and it has already come close to closing the U.S. Agency for International Development (USAID). 

    treasury building

    The lawsuit claims the Elon Musk-run agency illegally accessed the Treasury Department’s central payment system at the Trump administration’s behest.  (AP Photo/Patrick Semansky)

    The lawsuit was filed in New York by the office of New York Attorney General Letitia James, a vocal Trump critic. 

    It includes attorneys general from Arizona, California, Colorado, Connecticut, Delaware, Hawaii, Illinois, Maine, Maryland, Massachusetts, Minnesota, Nevada, New Jersey, North Carolina, Oregon, Rhode Island, Vermont and Wisconsin.

    “President Trump does not have the power to give away Americans’ private information to anyone he chooses, and he cannot cut federal payments approved by Congress,” James said in a statement. “Musk and DOGE have no authority to access Americans’ private information and some of our country’s most sensitive data.”

    James announces Trump verdict

    The lawsuit by the attorneys general was filed in New York by the office of New York Attorney General Letitia James, a vocal Trump critic.  (Michael M. Santiago/Getty Images)

    CLICK HERE TO GET THE FOX NEWS APP

    Treasury officials on Wednesday denied violating privacy laws, saying only two members of the DOGE team had been given “read-only” access to information in the payment systems. 

    The Associated Press and Reuters contributed to this report. 

  • Army recruiting is up, but data show trend began before the election, current and former Army officials say

    Army recruiting is up, but data show trend began before the election, current and former Army officials say

    Defense Secretary Pete Hegseth and Sen. Tom Cotton attributed increased Army recruiting numbers to “America First” leadership and “the Trump effect.” However, data indicates that recruiting numbers began to improve months before the U.S. Presidential election, according to current and former officials.

    “You had some number of young men and women who didn’t want to join the army over the last four years under Joe Biden and Christine Wormuth, the former secretary of the Army, when they thought it was more focused on Wokeness and DEI and climate change,” Cotton told Fox’s America’s Newsroom. “That’s not why young men and women join our military. They do it because they love the country.” 

    The uptick in recruiting started months before the election on November 5.

    “No, it did not all start in December,” former Army Secretary Christine Wormuth, who served until Jan. 20, said in an interview with Fox News.

    ARMY RECRUITING SHATTERS RECORDS AFTER PRESIDENT TRUMP ELECTION WIN

    Sen. Tom Cotton, R-Ark., praised President Donald Trump’s election for having a positive effect on Army recruitment, but the numbers tell a different story.  (Bill Clark/CQ-Roll Call, Inc via Getty Images)

    “Army’s recruiting started getting better much earlier. We really started seeing the numbers, the monthly numbers, go up in February of 2024. We were seeing sort of in the high 5000 contracts per month, and that accelerated, you know, into the spring all the way into August, when the Army really hit a peak.”

    Starting in Oct. 2023, the Army put 1,200 more recruiters in the field. By Sept. 2024, before the election, the Army announced it had exceeded its recruiting goals. 

    The groundwork was laid that October when Wormuth and Gen Randy George, the Army chief, began a sweeping initiative to help those who did not meet academic standards or fitness requirements. The six-week pre-boot camp, called the Future Soldier Prep Course, helps lower-performing recruits meet enlistment standards. They also moved away from just recruiting in high schools to posting on job message boards. Recruiters got trained by Amazon, Wells Fargo and other industry leaders in talent acquisition. And the Army brought back the “Be All That You Can Be” branding campaign from the 1980s.

    “We’ve been selecting soldiers who have personalities that are more suited to recruiting. We improved our marketing very dramatically in terms of being very data driven and very targeted. And then, of course, the future Soldier Prep course, which the Army established some time ago, has been a big success and has accounted last year for about 25% of the new recruits that came in,” Wormuth said. “If you look at our Army ads, we show young people, you know, jumping out of helicopters. We show kids doing, you know, night patrols in the jungle.”

    DEMOCRATS PRESS ARMY SECRETARY NOMINEE IF ‘READINESS’ AFFECTED BY SOUTHERN BORDER DEPLOYMENTS

    Army soldiers stand in formation

    U.S. Soldiers of the 330th Movement Control Battalion stand in formation at Zagan, Poland, April 1, 2022. (U.S. Army photo by Sgt. Joseph Aleman)

    Army data shows the Army has struggled with recruiting numbers since COVID, including a shortfall of 15,000 recruits in 2022.

    It reported record-breaking recruitment in Dec. 2024, with nearly 350 recruits enlisting daily and the total number of active duty soldiers reaching 5877 recruits that month. Secretary Hegseth praised the recruiting numbers in a post on X:

    “@USArmy: @USAREC had their most productive December in 15 years by enlisting 346 Soldiers daily into the World’s greatest #USArmy!

    “Our Recruiters have one of the toughest jobs – inspiring the next generation of #Soldiers to serve.

    “Congratulations and keep up the great work!”

    But August of last year, three months prior to the election, saw a higher number of recruits than in December – 7,415 recruits compared to the 5,877 in December. And January 2025 still has not surpassed August 2024 for the highest monthly count of the past year. 

    In other words, the positive recruiting trend began before the election.

    ARMY SEC NOMINEE QUESTIONS WHETHER MILITARY PILOTS SHOULD TRAIN NEAR DC AIRPORT

    A U.S. Army recruiting event in Florida

    Miami Beach, Florida, Hyundai Air & Sea Show, Military Village vendor, Army soldier recruiter, goarmy.com, Warriors Wanted truck.  (Jeffrey Greenberg/Universal Images Group via Getty Image)

    The increased recruiting numbers resulted from more women joining. Women made up 19% of the recruits last year, the highest rate to date. 

    “For example, right now, 16% of the overall Army is women. And so, having a year where almost 20% of the new recruits are women is a notable increase,” Wormuth said. “In 2024, we also had the highest ever recruiting year for Hispanics.” 

    There is a lag of about 10–12 weeks from the time a recruit enters a recruiting office and actually signs up due to medical exams and other paperwork.

    “The biggest reasons young people are hesitant to join the Army is because of fear of death or injury, fear of leaving their families, a sense that maybe somehow, you know, joining the Army will put their lives on hold for a period of time,” Wormuth said. “Concerns about so-called wokeness are very low on the list of obstacles for most young people. And the last time the Army ran that survey, we didn’t really see a change. That remains to be a small concern.” 

    During its recruiting crisis, the Army had seen a drop in the number of families who typically send their children to serve, families whose members have served for generations. Many of those families tended to be white and from one of the 10 states that make up nearly half of the recruits: Texas (13.3%), California (10.5%), Florida (9.7%), Georgia (5.1%), North Carolina (4.6%), New York (4.3%), Virginia (2.9%), Ohio (2.8%), Illinois (2.6%) and Pennsylvania (2.4%). 

    There is no data suggesting a surge in white males joining the Army last year. In FY2024, 40% of the Army recruits were Caucasian, 25% were Black and 26% were Hispanic.

    “From the data we saw, there was no discernible change in young white men joining the Army compared to the spring of 2024. The Army had about 7400 recruits in August, and in December it was about 5800,” Wormuth said.

    The Army is also set to expand its basic training capacity in the spring.

    CLICK HERE TO GET THE FOX NEWS APP

    “U.S. Army Recruiting Command is on track to exceed the fiscal year 2025 recruitment goal of 61,000 new Soldiers and an additional 10,000 in the Delayed Entry Program,” Madison Bonzo, U.S. Army Recruiting Command spokeswoman, said in a statement. “As of today, USAREC has contracted 59% of the current FY25 goal. Our success couldn’t be possible without the hard work of our Recruiters, continued transformation of the recruiting enterprise and modernization initiatives to attract qualified talent into America’s most lethal fighting force.” 

    Wormuth said: “I would say we saw in the Army recruiting numbers, we started seeing us really get traction in February of 2024.”  

    “And we continued to build those numbers up to about, you know, high 5,000, 6,000 a month in August. And the Army has continued that momentum going into the end of the year. And I think the winds are at the Army’s back for coming into 2025,” she continued. 

    Former Army officials warn that it is dangerous to link Army recruiting successes to the election cycle, since the military is supposed to be apolitical. Soldiers sign up not to serve a president or a party but to serve the Constitution.

    Jennifer Griffin currently serves as a national security correspondent for FOX News Channel (FNC) and is based out of the Washington D.C. bureau. She joined the network in October 1999 as a Jerusalem-based correspondent.

  • ‘Power grab’: Jeffries unveils data protection bill amid DOGE crackdown

    ‘Power grab’: Jeffries unveils data protection bill amid DOGE crackdown

    House Democrats unveiled legislation on Thursday that seeks to secure the personal data of Americans amid the Department of Government Efficiency’s (DOGE) spending sweep.

    House Democrats unveiled the Taxpayer Data Protection Act to “shield the American people from this out-of-control power grab, permanently, and make sure that the financial, personal, medical, and confidential information of the American people is protected.”

    Musk and his team at DOGE have spent the past two weeks going into various government departments and identifying “wasteful” spending where cuts can be made. 

    Musk was recently granted access to the Treasury Department, which manages federal finances and taxes, where he has “read only” access to the government’s payment system, a Treasury Department official told members of Congress on Tuesday.

    USAID HAS ‘DEMONSTRATED PATTERN OF OBSTRUCTIONISM,’ CLAIMS TOP DOGE REPUBLICAN IN LETTER TO RUBIO

    House Minority Leader Hakeem Jeffries speaks at a press conference. (Drew Angerer/Getty Images)

    Democrats have vocally opposed the sweep, suggesting during a press conference on Thursday that Musk is gaining access to the personal access of Americans and introducing legislation to circumvent any efforts. 

    Rep. Hakeem Jeffries, D-N.Y., claimed that Republicans are “working for Elon Musk and doing the bidding of an unelected, unaccountable, out of control billionaire puppet master.”

    MEET THE YOUNG TEAM OF SOFTWARE ENGINEERS SLASHING GOVERNMENT WASTE AT DOGE: REPORT

    “Why does Elon Musk and his minions need access to the names, Social Security numbers, addresses, and birthdates of millions of Americans?” Jeffries asked. 

    Elon Musk

    Elon Musk and his team at DOGE have spent the past two weeks going into various government departments and identifying “wasteful” spending. (Justin Sullivan/Getty Images)

    “What are they doing with that information, and why aren’t House Republicans stopping them?” Jeffries said, adding that a Senate companion bill is expected to be introduced shortly.

    Amid Democratic opposition to the spending sweep, Treasury Secretary Scott Bessent defended Musk and DOGE.

    “Elon Musk is the greatest entrepreneur of this generation,” Bessent told FOX Business host Larry Kudlow. “DOGE is not going to fail. They are moving a lot of people’s cheese here in the capital, and when you hear this squawking, then some status quo interest is not happy.”

    USAID building in DC

    A security guard stands at the entrance to the U.S. Agency for International Development headquarters on Feb. 3, 2025, in Washington, D.C. (Getty Images)

    On Thursday, a federal judge temporarily blocked DOGE from obtaining access to certain Treasury Department payment records. 

    CLICK HERE TO GET THE FOX NEWS APP

    According to a temporary restraining order, Treasury officials “will not provide access to any payment record or payment system of records maintained within the [Treasury] Bureau of Fiscal Service,” Judge Colleen Kollar-Kotelly wrote.

    Aubrie Spady is a Writer for Fox News Digital.

  • UnitedHealth cyberattack exposes 190 million in largest US healthcare data breach

    UnitedHealth cyberattack exposes 190 million in largest US healthcare data breach

    UnitedHealth’s Change Healthcare unit suffered a data breach in February 2024, the news of which surfaced Feb. 21. 

    Initially reported to have affected around 100 million individuals, the U.S. health insurance giant has now revealed that the actual number is significantly higher: 190 million. This makes it the largest breach of medical data in U.S. history, affecting nearly half the country’s population. 

    A breach of this magnitude can have devastating consequences for the American people as malicious actors could exploit the data for a range of attacks if it finds its way to the dark web.

    I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

    A doctor looking at patient’s private information (Kurt “CyberGuy” Knutsson)

    The updated impact assessment

    UnitedHealth confirmed on Friday, Jan. 24, 2025, that the ransomware attack on its Change Healthcare unit affected approximately 190 million people in the United States. The company had previously estimated the number of affected individuals to be around 100 million in its preliminary analysis filed with the Office for Civil Rights, a division of the U.S. Department of Health and Human Services that investigates data breaches.

    WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

    UnitedHealth stated that the majority of those impacted have already been notified, either directly or through substitute notice. The final tally of affected individuals will be confirmed and submitted to the Office for Civil Rights at a later date.

    The company tells CyberGuy it is “not aware of any misuse of individuals’ information as a result of this incident and has not seen electronic medical record databases appear in the data during the analysis.” However, UnitedHealth did not disclose when it became aware of the additional 90 million victims, how the revised figure was determined or what changes led to the updated number.

    hacker

    Illustration of a hacker at work (Kurt “CyberGuy” Knutsson)

    THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

    What you need to know about the data breach

    The cyberattack on Change Healthcare in February caused widespread disruptions across the U.S. healthcare sector, as the company took its systems offline to contain the breach. This shutdown impacted critical services such as claims processing, payments and data sharing, which many healthcare providers rely on.

    The stolen data varied by individual but included a broad range of personal and sensitive information, such as names, addresses, dates of birth, phone numbers, email addresses and government ID numbers, including Social Security, driver’s license and passport details.

    Plus, hackers may have accessed health-related information, including diagnoses, medications, test results, imaging records, care and treatment plans, and health insurance details. Financial and banking information tied to claims and payment data was also reportedly compromised.

    The breach was the result of a ransomware attack carried out by ALPHV/BlackCat, a Russian-speaking ransomware and extortion group. The attack, a form of malware intrusion, locks victims out of their data unless a ransom is paid. ALPHV/BlackCat later took credit for the attack.

    During a House hearing in April, Change Healthcare admitted that the breach was made possible due to inadequate security measures, specifically the absence of two-factor authentication to protect its systems.

    GET FOX BUSINESS ON THE GO BY CLICKING HERE

    another hacker

    Illustration of a hacker at work (Kurt “CyberGuy” Knutsson)

    FROM TIKTOK TO TROUBLE: HOW YOUR ONLINE DATA CAN BE WEAPONIZED AGAINST YOU

    6 ways to protect yourself from Change Healthcare data breach

    1. Remove your personal information from the internet: The breach has exposed sensitive personal data, making it essential to reduce your online footprint. While no service can guarantee complete data removal, a reputable data removal service can significantly limit your exposure. These services systematically monitor and erase your personal information from numerous websites and data brokers. Check out my top picks for data removal services here.

    2. Be wary of mailbox communications: With addresses among the compromised data, scammers may exploit this breach to send fraudulent letters. Be aware of mail claiming missed deliveries, account suspensions or security alerts. Always verify the authenticity of such communications before responding or taking action.

    3. Be cautious of phishing attempts and use strong antivirus software: Scammers may use your compromised email or phone number to target you with phishing attacks. Be wary of messages asking for personal information or containing suspicious links. To protect yourself, ensure strong antivirus software is installed on all your devices. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

    4. Monitor your accounts: Given the scope of this breach, regular monitoring of your bank accounts, credit card statements and other financial accounts is critical. Look for unauthorized transactions or suspicious activity and immediately report any issues to your bank or credit card provider.

    5. Recognize and report a Social Security scam: If your Social Security number is exposed, you could become a target for related scams. Official communication regarding Social Security issues usually comes via mail, not phone calls or emails. Learn more about spotting and reporting scams by visiting the Social Security Administration’s scam information page.

    6. Invest in identity theft protection: Data breaches happen every day, and most never make the headlines, but with an identity theft protection service, you’ll be notified if and when you are affected. Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

    MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

    Kurt’s key takeaway

    It’s surprising that a company of UnitedHealth’s scale failed to implement even basic cybersecurity measures when handling customer data. A breach affecting 190 million people – nearly half of the U.S. population – is staggering, leaving almost anyone at risk of becoming a target for hackers. While the company is still assessing the full extent of the breach, you can take precautions now by being cautious with any unknown links or unsolicited calls. Bad actors may use a variety of tactics to cause harm.

    CLICK HERE TO GET THE FOX NEWS APP

    Do you think these companies are doing enough to protect your data, and is the government doing enough to catch those behind cyberattacks? Let us know by writing us at Cyberguy.com/Contact.

    For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

    Ask Kurt a question or let us know what stories you’d like us to cover.

    Follow Kurt on his social channels:

    Answers to the most asked CyberGuy questions:

    New from Kurt:

    Copyright 2025 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.