Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

Search Engine Lists Stolen Data

TrustedID launches free service to help consumers find out if their data has been compromised

Experts now estimate that about half of all computer users have had their personal information compromised or stolen at some point in their lives.

Which half are you in?

A new, free service from TrustedID, an identity management tool vendor, aims to help consumers find out. The service, called StolenID Search, lets users search more than two million pieces of compromised information to see if their information is on the list.

StolenID Search, unveiled yesterday, will initially cover two types of information: credit cards and Social Security numbers. Individuals can enter their information into a secure search engine, and the search results will return a simple "found" or "not found" response, telling the user whether their data matches any held by TrustedID.

Individuals who receive notification of a match will be directed to additional resources that will help show them how to protect themselves, the company says.

"Identity theft is a growing issue for consumers today and one that is an immense financial and time consuming strain on resources," says Jay Foley, co-founder and executive director of the Identity Theft Resource Center, a nonprofit organization that focuses on identity theft. "A service such as StolenID Search is providing an important step in the awareness education of consumers by allowing them to verify exposed data and take steps to defend themselves."

"The knowledge that your information has been compromised can be critically important in preventing identity theft," says Scott Mitic, CEO and founder of TrustedID. "The key is to find out about the compromise before the information is used to perpetrate a crime. Often, individuals are not even aware that their information has been breached, or that the breach may be ongoing."

According to a study by Javelin Group, a research firm, identity theft victims typically don't discover their information has been stolen until 12 months after a thief first used it. But there is an advantage to finding out quickly, the research firm says. Victims who detected the crime by monitoring their accounts online had average loses of $551; victims who relied on monitoring paper statements had average loses of $4,543.

— Tim Wilson, Site Editor, Dark Reading

  • TrustedID Inc. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Navigating Security in the Cloud
    Diya Jolly, Chief Product Officer, Okta,  12/4/2019
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Current Issue
    Navigating the Deluge of Security Data
    In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
    Flash Poll
    Rethinking Enterprise Data Defense
    Rethinking Enterprise Data Defense
    Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2019-19642
    PUBLISHED: 2019-12-08
    On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareNa...
    CVE-2019-19637
    PUBLISHED: 2019-12-08
    An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.
    CVE-2019-19638
    PUBLISHED: 2019-12-08
    An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.
    CVE-2019-19635
    PUBLISHED: 2019-12-08
    An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c.
    CVE-2019-19636
    PUBLISHED: 2019-12-08
    An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.