Security news aggregator

Latest coverage for Identity Theft

Identity theft occurs when stolen personal data is used to impersonate someone, access accounts, commit fraud, or bypass security controls.

1 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Identity theft is the unauthorized use of another person’s personal information or account credentials to impersonate them or obtain money, services, or access. Stolen names, government identifiers, payment details, passwords, and authentication tokens can support account takeover, fraudulent purchases, new-account applications, or synthetic identities assembled from real and fabricated data. Information may be obtained through phishing, infostealer malware, social engineering, SIM swapping, or exposed databases.

For security teams, the key concerns are limiting exposure of personal data and detecting misuse after credentials or identifiers are compromised. Useful controls include data minimization, strong access controls and encryption, phishing-resistant multifactor authentication, rapid password and session revocation, and monitoring for unusual logins, account changes, or applications. When theft is suspected, incident response should determine which identities and data were affected, contain active access, preserve evidence, and provide appropriate notifications or fraud-protection guidance. Privacy and breach-reporting obligations may apply depending on the data and jurisdiction.

Showing 1 most recent headlines Filtered view

A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration (NASA), research universities, and private companies