Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for November 14, 2025. I’m Tim Walden, and thanks to SentiLink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we’re talking about something that rarely makes headlines but is often a damaging form of identity and data crime: hidden identity and insider threats. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for November 7, 2025. I’m Tatiana Cuadras, Communications Assistant for the ITRC. Thanks to SentiLink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we discuss how artificial intelligence (AI) search tools can be fooled by fake content, a form of AI manipulation that’s reshaping how systems learn and interpret information. I assume that we are all aware of how AI is reshaping how we access and process information. However, it turns out some of these “smart” systems aren’t as smart as we thought. In fact, new research shows that AI can be fooled easily. Think of it like your mom seeing an AI-generated photo of you and Michael Jackson on Facebook and telling all her coworkers that you actually met the Michael Jackson. The image looks so real that she believes it even though it’s completely fake. That’s exactly how some AI systems get “fooled” by realistic but false information. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Fraudian Slip, the Identity Theft Resource Center’s (ITRC) podcast, where we talk about all things identity theft, fraud and scams that impact people and businesses. This week, we published our 2025 Consumer Impact Report by ITRC. Typically, on this podcast, we’d introduce a topic, a guest expert, and our CEO, Eva Velasquez. This month, we’re focusing on one of our signature reports, the 2025 Consumer Impact Report. In a webinar earlier this week, Eva reviewed the Consumer Impact Report, which goes beyond the basic financial implications of identity theft, fraud, and scams and explores the emotional and physical impacts as well as lost opportunities experienced by victims resulting from the crimes. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for October 24, 2025. I'm Tatiana Cuadras, Communications Assistant for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we will discuss pixnapping attacks. Never heard of it? Well, let us tell you. A team of researchers at the University of California, Berkeley, the University of California, San Diego, the University of Washington and Carnegie Mellon University recently uncovered a new class of Android attacks that can steal sensitive information like multifactor authentication (MFA) credentials displayed by other apps and websites. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on X: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center’s (ITRC’s) Weekly Breach Breakdown for October 17, 2025. I’m Tim Walden, Communications Leader for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today we’re talking about a serious NSA Popup Warning affecting iPhone and Android users. If you see certain popups on your phone, don’t just swipe away, they could be malicious. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on X: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for October 10, 2025. I'm Alex Achten, Senior Director of Communications & Media Relations for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we will examine our Q3 2025 data breach findings. The last time we inspected the latest data breach trends was in our H1 2025 Data Breach Report. At that time, we were on pace to track a record number of compromises in 2025. Cyberattacks were the primary cause of data breaches where personal information was stolen. Sixty-nine (69) percent of data breach notices did not include information about the root cause of the attack. What changed in the third quarter of the year? The short answer? Not much. Let’s dive into the Q3 2025 data breach numbers. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on X: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center's (ITRCs) Weekly Breach Breakdown for October 3, 2025. I'm Tatiana Cuadras, Communications Assistant for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we are going to break down a warning from the FBI about the phantom hacker scam making the rounds and the financial impacts it is having on consumers. Many people are familiar with the comic book hero The Phantom. In the very first Phantom story, the phrase “The phantom only warns once” was uttered to describe the uncompromising justice of the Ghost Who Walks and the finality of his warnings. There are no acts of justice or heroism to be celebrated regarding the type of phantom we are about to discuss. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for September 26, 2025. I’m Tim Walden. Thanks to SentiLink for their support of the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. This week, we’re discussing a new wave of tools designed to help us combat one of the oldest identity crime tactics: phone scams. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Fraudian Slip, the Identity Theft Resource Center’s (ITRC) podcast, where we talk about all things identity theft, fraud and scams that impact people and businesses. This month’s episode focuses on child identity theft. How does child identity theft occur in 2025? What should parents know and do as their kids head back to school? Here to establish the current landscape from Javelin Strategy & Research’s perspective is their Director of Cybersecurity, Tracy Goldberg. ITRC CEO Eva Velasquez also joins us to highlight the ITRC’s on-the-ground experience with victims. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center's (ITRC) Weekly Breach Breakdown for September 12, 2025. I'm Tatiana Cuadras, Communications Assistant for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we are going to talk about rats – not those medium-sized rodents, but rather different types of rats: remote access trojans. A rat can be many different things. It can be the furry rodents that some consider pests and others have as pets. It can also be a term to describe a deceitful person. Some may have heard the term “The Rat Race”, which is a metaphor for the cycle of competition for money, power and status in the pursuit of wealth and success – also a great movie from the 1960s. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center's (ITRC) Weekly Breach Breakdown for September 5, 2025. I'm Tatiana Cuadras, Communications Assistant for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we are going to look at how identity criminals are using QR code phishing in new attacks. Many of you probably have heard the phrase “Gone Fishing” before. For those who have not, “Gone Fishing” is another way someone might say one is absent, left or no longer present. It can also be an excuse for not being around. The hackers are not “Gone Fishing”; they are “Gone Quishing”. See what I did there? On a more serious note, that is the title of this week’s podcast because they are weaponizing QR codes in new “quishing” attacks. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Fraudian Slip, the Identity Theft Resource Center’s (ITRC) podcast, where we talk about all things identity theft, fraud and scams that impact people and businesses. This month’s episode focuses on the hot topic of fake jobs. Chances are that sometime in the past week or this week, you will receive a text from someone claiming to be a job recruiter. It will be fake. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for August 22, 2025. I’m Timothy Walden. Thanks to SentiLink for their support of the ITRC and this podcast. Each week, we break down the latest data security incidents making headlines. Today, we’re focusing on a recent incident involving Instagram that exposed sensitive information for millions of users through a little-known feature called Instagram Map. Earlier this month, Instagram rolled out a new feature called Instagram Map. The idea sounds harmless enough: a way to see your friends’ real-time locations, similar to Snapchat’s Snap Map or Apple’s Find My. However, here’s the issue: Instagram Map prompts you to share your precise location every time you open the app, even if you’re not posting. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome back to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown, supported by Sentilink. I’m James E. Lee, the ITRC’s President, and this is the episode for August 15, 2025. Each week, we take a look at the latest news and trends related to data security and privacy. For 20 years now, the CODB, along with the ITRC’s U.S. Data Breach Report (DBR) and Verizon’s global Data Breach Investigation Report (DBIR), have been part of the triumvirate that looks at data breach costs by region around the world, along with how long it takes to find and fix a data breach. The CODB, along with the DBR and DBIR, are proof that those of us in the cybersecurity world love our acronyms. That makes this episode – LITTOB – Love in the Time of Breaches (with apologies to the makers of Love in the Time of Cholera). Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for August 8, 2025. I'm Alex Achten, Senior Director of Communications & Media Relations of the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we are going to look at how a weak password at a large corporation led to the exposure of millions of people’s personal information, and explore good password practices. In the past on this podcast, we have joked about the password “123456”. It is a very weak password and, according to the 2025 Hive Systems Password Table, it would be cracked instantly by an identity criminal. This weak password provides no security, and while you’d think no one would use it today, it is still commonly used. In fact, NordPass reports that it is the most commonly used password worldwide, with a count of 3,018,050. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for August 1, 2025. I’m Timothy Walden. Thanks to SentiLink for their support of the ITRC and this podcast. Each week, we examine the latest events and trends in data security and privacy. This week, we’re looking at an Amazon phishing scam that could impact more than 200 million Amazon Prime members. It’s the latest version of a phishing attack that tries to trick you into handing over your login credentials, payment information and more. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Fraudian Slip, the Identity Theft Resource Center’s (ITRC) podcast, where we talk about all things identity theft, fraud and scams that impact people and businesses. You’ve probably heard of Ride or Die, one of those slang terms that seems to be everywhere at one time or another. Today, the phrase you can’t escape no matter how hard you try is artificial intelligence, or AI. That’s why we’re calling today’s episode “Ride or AI.” We discuss the impacts of AI. AI is already changing business and social norms and will continue to do so. What will be the impacts of AI on identity theft, fraud and scams? Who will be responsible for protecting people and businesses when AI makes a mistake? Which is the more likely scenario: a Star Trek-style all-knowing computer or Skynet from the Terminator? Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on X: twitter.com/IDTheftCenter

Welcome back to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown, supported by Sentilink. I’m James E. Lee, the ITRC’s President, and this is the episode for July 18, 2025. Each week, we take a look at the latest news and trends related to data security and privacy. This week, the ITRC released our H1 2025 Data Breach Analysis that looks at what happened in the first six months of 2025 when it comes to U.S. data compromises. Let’s talk about the trends, but first, some housekeeping with some numbers: A total of 1,732 data compromises were reported in the first half of 2025, resulting in a little more than 165.7 million breach notices. That’s about five percent ahead of where we were at this time last year in terms of compromises. It’s also more reported compromises than at the halfway point in 2023, when we set the current high-water mark for data compromises. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on X: twitter.com/IDTheftCenter

NOTE: Police in the UK have indicted four members of Scattered Spider. The suspects — two 19-year-old men, a 17-year-old man and a 20-year-old woman — are being held on suspicion of violating the Computer Misuse Act, blackmail, money laundering and participating in organized crime activities, according to the NCA. For more information, click here: https://www.cybersecuritydive.com/news/uk-arrest-four-retail-cyberattack/752682/ =========== Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for July 11, 2025. I'm Alex Achten, Senior Director of Communications & Media Relations of the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we will take a deeper look at the works of a ransomware group that ITRC President James E. Lee discussed on the podcast just last month. We are discussing Scattered Spider attacks. Have you ever been bitten by a spider? It hurts so bad! The good news is that most spider bites are harmless. However, some are worse than others, especially black widow and brown recluse spiders. As James said in June, not all scary spiders are of the 8-legged freak. There is one that does not have eight legs and can inflict harm as nasty as a black widow or brown recluse bite. We are again discussing the ransomware group Scattered Spider, which continues to dominate the headlines and target companies. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for July 3, 2025. I’m Timothy Walden. Thanks to SentiLink for their support of the ITRC and this podcast. Each week, we break down the latest data security incidents making headlines. Today, we’re focusing on a significant lawsuit settlement— the AT&T data privacy settlement. This settlement affected millions of AT&T customers and underscores the increasing complexities of data breach litigation. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter