Senior Cyber Safety Briefing – September 21, 2025

 

🚨ALERTNew York Blood Center Breach Exposes Sensitive Data

A data breach at the New York Blood Center (NYBCe) has exposed nearly 194,000 people’s personal info: names, Social Security numbers, driver’s license or other IDs, financial info for those with direct deposit, and medical test results. 
👉Why it matters - If you donated, got tests done, or supplied financial info there, your identity could be at risk of fraud or phishing. Seniors are often targeted once this sort of data leaks.
📣Call to Action - Check your credit reports for unusual activity; request a free identity protection service or credit monitoring; be on guard for phishing or spoofed messages pretending to be from health providers.

📈ECONOMY & SECURITY ‑ FinWise Insider Attack Hits ~700,000 Customers
FinWise (in partnership with American First Finance) disclosed that a former employee accessed sensitive customer data after leaving the company, affecting about 700,000 people. 
👉Why it matters - Even trusted institutions can have weak spots, especially when employees leave. Compromised data could include what many of us consider private: name, loan/financial info, etc.—which scammers can use.
📣Call to Action - If you are (or were) a customer of FinWise / AFF or related, ask whether your data was exposed; consider freezing credit temporarily; monitor financial statements closely.

🔥PRIVACY & BIG TECH ‑ CISA (Cybersecurity Information Sharing Act) Faces Expiry Risk
A stopgap funding bill failed, putting the reauthorization of CISA 2015 in jeopardy as of September’s end. This law helps companies share cyber‑threat info with the government. 
👉Why it matters - Without this law in effect, threat reporting and cooperation between private and public sectors could slow. That may delay warning seniors about new scams or major threats.
📣Call to Action - Support advocacy or awareness efforts; keep devices and apps updated—don’t rely only on government / institutional protection.

🧠MUST‑READ ‑ AI Scams Targeting Medicare: Voice‑Cloning & Spoofing
Scammers are now using AI‑voice cloning and spoofed phone calls pretending to be from Medicare or doctors, asking for personal and medical details—increasingly realistic and dangerous. 
👉Why it matters - This hits seniors directly. Medicare identity theft or fraud can lead to medical bills, claims you didn’t request, or identity misuse. It’s not just annoyance—it has real costs.
📣Call to Action - If someone calls saying they’re Medicare, your doctor, or similar and asks for your Medicare number, hang up and call back using a known official number; check your Medicare statements; report deceptive calls to authorities.

💡OPPORTUNITY ‑ Strengthening Response Practices After Insider Incidents
The FinWise case underscores the importance of strong “offboarding” security (cutting access once employees leave), and general internal checks. For organizations and customers alike, better practices reduce risk. 
👉Why it matters - Many breaches happen from within or because someone kept access they shouldn’t. Learning about this means you can ask the right questions about privacy/security when dealing with any organization.
📣Call to Action - Ask service providers (banks, insurers, lenders) how they handle employee departures; ask if they’ve had a breach and what protections are available; consider using identity theft protection or credit freezes yourself.

✅Quick Safety Tip of the Day
Never share your Medicare number, Social Security number, or other sensitive identifiers on unsolicited calls or messages—if in doubt, hang up and verify.

(AI was used to create this article.)

🙋Closing Note
Stay safe, stay secure, stay curious, and remember my friends—you’re never too old to outsmart a scammer👋

Comments

Post a Comment

Popular posts from this blog

8-9-2024 Breaking Security News

Image
CISA and FBI Warn of Potential DDoS Attacks on Election Systems (August 8, 2024) : The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint alert about possible Distributed Denial of Service (DDoS) attacks targeting U.S. election infrastructure. These attacks could disrupt access to election-related information but will not affect the integrity of the voting process. This warning is part of efforts to safeguard the upcoming elections​ ( GovConWire ) ​ ( CISA ) . Apache HTTP Server Vulnerabilities Disclosed at Black Hat USA (August 9, 2024) : Researchers at Black Hat USA 2024 have exposed vulnerabilities in the Apache HTTP Server, a critical web server software used globally. These vulnerabilities could allow attackers to gain unauthorized access or disrupt services. Administrators are urged to apply the necessary patches to protect their systems​ ( Cyber Security News ) ​ ( Help Net Security ) . OPSWAT Enhances Cybersecurity Capabilities with InQu...
Read more