“CyberGuy”: Protect your data
Kurt Knutsson joins “Fox & Friends” to discuss how smart home cameras are spying on you and how to combat phone addiction.
There is no industry safe from data breaches. In the past few months alone, security incidents have occurred that have hit almost every sector, including healthcare, finance and technology. The shipping industry is currently on the list, with leading global shippers working with Amazon, eBay and Shopify to publish 14 million records.
Worse, the open instance was discovered in December at the peak of international transport, when people were sending and receiving gifts around the world. Researchers followed it into an unprotected AWS bucket owned by hip-shippers.
Be protected and informed! Get security alerts and expert technical tips – Sign up for The CyberGuy Report in Cart now
Amazon box with labels above. (Kurt “Cyberguy” Knutsson)
What you need to know
Hipshipper, a transportation platform used by eBay, Shopify and Amazon sellers, accidentally exposed millions of transportation labels with personal customer information. CyberNews researchers found exposed data in December 2024, but were not fixed until January. That means it was open for at least a month. Hipshipper helps people ship packages to over 150 countries, offering tracking, free insurance and easy returns. The exposed transport labels are important as they detail the inside of the package and where to go.
However, the unprotected AWS buckets held more than 14.3 million records, primarily transporting labels and customs formats. CyberNews researchers said, “Cybercriminals can use leaked data to carry out fraud and phishing attacks. For example, criminals pretend to be trustworthy business and give details about specific orders. Use it to send fake messages to share personal and financial information and trick people.”
Transportation facility employee. (Kurt “Cyberguy” Knutsson)
Hidden Costs of Free Apps: Your Personal Information
What kind of data was leaked?
Researchers believe the exposed bucket contains sensitive information about the buyer, including their full name, home address, telephone number, and order details such as postal date and parcel information. There is no direct evidence that cybercriminals have access to exposure data, but millions of malicious actors use automated bots to search the internet for similar leaks and for harmful purposes. I’m hoping to find data that can be used.
These criminals could misuse leaked information to launch fraud or phishing attacks. For example, they may pretend to be a trustworthy company and send fake messages that use the details of a particular order to pressure people to urgently verify their personal or financial information. . Unfortunately, retail companies are the main targets of hackers, and relying on large, well-known companies may not always protect your information. Recent violations involving companies like Grubhub, Mizuno and Hot Topic have shown that even well-known retailers can suffer serious security.
Hacker illustration at work. (Kurt “Cyberguy” Knutsson)
From Tiktok to Trouble: How to weaponize your online data against you
Seven ways to protect yourself after such a data breach
1) Beware of phishing attempts and use powerful antivirus software. After a data breaches, scammers use the stolen data to create persuasive phishing messages. These can come by email, text, or call, pretending to be from a trusted company. Please be particularly careful about unsolicited messages with links requesting personal or financial details, even if you are referring to a recent order or transaction. The best way to protect yourself from malicious links is to install antivirus software on all your devices. This protection can also warn you that it will phish email and ransomware scams and keep your personal information and digital assets safe. Get the best 2025 Antivirus Protection Winners picks for Windows, Mac, Android and iOS devices.
2) Beware of snail emails: While many security threats arise online, physical emails can also be targeted. Because your home address is published in Data Leak, criminals will send fraudulent letters or fake invoices to provide further personal information or make payments. If you receive suspicious emails, avoid responding and report them to the company that claims it is from.
3) Investing in Personal Information Theft Protection: Given the exposure of personal data such as name, address, order details, investment in identity theft protection services may provide an additional layer of security . These services monitor financial accounts and credit reports for signs of fraudulent activity and alert you to early potential identity theft. They can also help freeze bank and credit card accounts to prevent further fraudulent use by criminals. Check out my tips and best choices on how to protect yourself from identity theft.
4) Enabling 2-Factor Authentication on your account: Enabling 2-Factor Authentication adds an additional layer of security to your online account. Even if a hacker gets his login credentials, he will not be able to access his account without a second verification step, such as a code sent to a phone or email. This simple step can significantly reduce the risk of unauthorized access to sensitive personal information.
5) Regularly monitor your credit reports: You can request free credit reports from major credit departments to see suspicious activities or fraudulent accounts opened in your name.
6) Update Password: Change the password for accounts that may have been affected by the violation and use a unique, strong password for each account. Consider using a password manager. This will help you generate and store strong and unique passwords for all your accounts.
7) Delete personal data from public databases: If personal data is published for this violation, it is important to act promptly to reduce the risk of identity theft and fraud by deleting personal information from the web. is. Please see the top picks for data deletion services.
Massive security flaws put the most popular browsers at risk with MAC
Important points of cart
It’s when all industries take cybersecurity seriously. If your business is run online, tech companies are usually responsible for protecting their customer data the same as tech companies, as they are more powerful safeguards in place. The fact that Hipshipper left behind a storage bucket containing 14 million unprotected records speaks volumes about how little cybersecurity is prioritized. And it’s more than just a hipshopper. Many companies with high-tech products are not as careful as password-protecting important documents. This lack of basic security underscores a worrying trend across the industry.
Do you think businesses are doing enough to protect their customer data? Please let us know by writing to cyberguy.com/contact.
For more information about my tech tips and security alerts, head to cyberguy.com/newsletter and subscribe to our free Cyberguy Report newsletter.
Please ask Cart questions or tell us what stories you would like us to cover.
Follow your cart on his social channels:
Answers to the most accused Cyber Guy questions:
New from Cart:
Copyright 2025 cyberguy.com. Unauthorized reproduction is prohibited.
