Hide Transcript Show Transcript

WEBVTT MONITORING SERVICES ARE PROMISING TO BE ABLE TO TRACK WHETHER OR NOT YOUR INFOMATION IS FOR SALE ON THE DARK WEB. JIM: WHAT CAN YOU DO TO PROTECT YOURSELF? HERE’S WESH 2’S STEWART MOORE WITH THE ANSWERS, ALL NEW TONIGH STEWART: IT LOOKS LIKE A VIDEO GAME, BUT THE BEAMS OF LIGHT YOU SEE FLYING ACROSS THESE MAPS IS ANYTHING BUT FUN. THESE ARE ACTIVE CYBER ATTACKS AND THEY ARE COUNTED IN THE MILLIONS PER DAY. >> TRYING TO GET INTO COMPUTER SYSTEMS, TRYING TO GET INFORMATION FROM COMPUTE SYSTEMS OR DATA CENTERS. STEWART: SOME OF THOSE ATTACKS HIT THE MARK, AND THE MARK IS YOUR PERSONAL INFORMATION. ERIC BELARDO HAS BEEN WORKING IN CYBER SECURITY FOR 30 YEARS, HONING HIS SKILLS WITH THE NSA, FBI AND MANY OTHERS GOVERNMENT AGENCIES. NOW WITH FORTRESS INFORMATION SECURITY IN ORLANDO, HE SAYS THE HUGE BREACHES OF INFORMATION HAVE LIKELY EXPOSED YOU. >> 150 MILLION AMERICANS INFORMATION FROM EQUIFAX IS ALREADY ON THE DARK WEB. THERE’S A 50/50 CHANCE YOU’RE ONE OF THOSE PEOPLE. STEWART: BUT WHERE DOES YOUR INFORMATION GO ONCE IT’S BEEN STOLEN? IT LIKELY LANDS ON THE DARK WEB. ERIC LOGGED ONTO THE DARK WEB SECURELY FOR US. AS HE SCROLLS THROUGH JUST TWO OF THE MARKETPLACES, WE FIND EVERYTHING FOR SALE. >> YOU’VE GOT DRUGS, EDIBLES, PARAPHANELIA. IT’S NOT JUST DRUGS; THERE’S YOUR ACCOUNT INFORMATION. STEWART: CAPITOL ONE IS ONE OF THE CREDIT CARD COMPANIES ON THE DARK WEB SEARCHING FOR INFORMATION THAT WAS STOLEN. >> WE ARE SCANNING INFORMATION THAT IS FOR SALE, VARIOUS HACKERS PLACES WHERE THEY’VE POSTED DATA BREACHES. POSTED INFORMATION THAT THEY STOLEN. WE ARE LOOKING FOR SOCIAL SECURITY NUMBERS AND PEOPLES EMAIL ADDRESSES, PASSWORDS THAT MIGHT BE INCLUDED. STEWART: AND IF YOU SIGN UP FOR CREDIT WISE, FOR FREE, AND THEY FIND YOUR INFO THEY WILL NOTIFY YOU IMMEDIATELY. >> MONITOR FOR YOUR EMAIL AND SOCIAL SECURITY NUMBER ON THE DARK WEB, AND IT WILL TELL YOU IF ANYONE IS ATTEMPTING TO USE HER SOCIAL SECURITY NUMBER WITH THE DIFFERENT NAME. STEWART: WHAT CAN YOU DO ONCE YOU KNOW YOUR SOCIAL SECURITY NUMBER AND IDENTITY IS ON THE DARK WEB? MONITOR YOUR CREDIT REPORT, AND THAT DOESN’T COST A THING. >> WE RECOMMEND PEOPLE VISIT ANNUAL CREDIT REPORT.COM. YOU CAN DO THAT UP TO ONCE A YEAR AND FOR FREE YOU CAN DOWNLOAD YOUR CREDIT FILE FROM ALL 3 OF THE CREDIT BUREAUS. IF YOU SEE SOMETHING ON THERE YOU DON’T RECOGNIZE, CONTACT THAT LENDER IMMEDIATELY AND LET THEM KNOW. >> CHANGE YOUR PASSWORDS REGULARLY. MONITOR WHERE YOU’RE POSTING YOUR INFORMATION. IF YOU’RE DOING E-COMMERCE ON THE WEB, MAKE SURE YOU SEE THE LOCK ON THE TOP OF YOUR BROWSER. STEWART: BOTTOM LINE, DON’T STRESS ABOUT YOUR INFORMATION ON THE DARK WEB. CALL YOUR CREDIT CARD COMPANY OR CREDIT REPORTING AGENCY AND ASK THEM IF THEY OFFER A DARK WEB SEARCH FOR FREE, TO SEE IF YOUR INFO IS UP FOR SALE. FINALLY, THERE’S A WEBSITE TO CHECK AND SEE IF YOUR INFO HAS BEEN COMPROMISED BEFORE.

Advertisement Thanks to a data breach, at least 50K American license plate numbers are available on dark web Share Shares Copy Link Copy

At least 50,000 American license plate numbers have been made available on the dark web after a company hired by Customs and Border Protection was at the center of a major data breach, according to CNN analysis of the hacked data. What's more, the company was never authorized to keep the information, the agency told CNN."CBP does not authorize contractors to hold license plate data on non-CBP systems," an agency spokesperson told CNN.The admission raises questions about who's responsible when the US government hires contractors to surveil citizens, but then those contractors mishandle the data." keeps seeking to amass more information in a way that is concerning from a privacy and civil liberties standpoint, but also from a security standpoint, given that they've not demonstrated they can safeguard that information," Neema Singh Guliani, senior legislative counsel at the American Civil Liberties Union, told CNN.CBP collects license plate information to track which vehicles cross the border.A CNN analysis of data hacked from CBP subcontractor Perceptics, which is now available on the dark web, shows records of what appear to be at least 50,000 unique American license plate numbers. That figure had not previously been made public.In specific instances, CBP contractors are authorized to access Americans' license plate images to adjust their systems, like when a state issues a new license plate design and the system needs to calibrate it. But those periods are brief. "This data does have to be deleted," the CBP spokesperson said, though the agency didn't clarify the specifics of the policy that would apply to Perceptics.In many cases, it's not clear whether the license plate numbers were collected for CBP or for one of Perceptics' other government or law enforcement contracts. Some portion, however, was for CBP, the spokesperson said. Perceptics didn't respond to multiple requests for comment.In a statement when the breach was announced last week, CBP said it learned on May 31 that a subcontractor "had transferred copies of license plate images and traveler images collected by CBP to the subcontractor's company network. The subcontractor's network was subsequently compromised by a malicious cyber-attack."Last week, CBP said in a statement that "none of the image data has been identified on the Dark Web or internet," though CNN was able to still find it.In addition to the license plate data, last week a CBP spokesperson said that photos of some travelers -- fewer than 100,000 -- had also been compromised.CNN first obtained the information on the license plates records from the online archivist group Distributed Denial of Secrets, which has published some emails and contracts leaked from the Perceptics hack. They plan to publish far more, including a library of emails that will eventually be searchable, DDoS co-founder Emma Best told CNN.CNN analyzed a list of hacked folder files and isolated entries that appeared to be images, resulting in nearly 300,000 apparent images of license plate numbers, then omitted duplicates and plates that appeared to be missing a state or plate number, or were from a country other than the US.