“CyberGuy”: Protect your data
Kurt Knutsson joins “Fox & Friends” to discuss how smart home cameras are spying on you and how to combat phone addiction.
There is no industry safe from data breaches. In the past few months alone, security incidents have occurred that have hit almost every sector, including healthcare, finance and technology. The shipping industry is currently on the list, with leading global shippers working with Amazon, eBay and Shopify to publish 14 million records.
Worse, the open instance was discovered in December at the peak of international transport, when people were sending and receiving gifts around the world. Researchers followed it into an unprotected AWS bucket owned by hip-shippers.
Amazon box with labels above. (Kurt “Cyberguy” Knutsson)
What you need to know
Hipshipper, a transportation platform used by eBay, Shopify and Amazon sellers, accidentally exposed millions of transportation labels with personal customer information. Researcher at CyberNews Exposed data was found in December 2024, but it was not fixed until January. That means it was open for at least a month. Hipshipper helps people ship packages to over 150 countries, offering tracking, free insurance and easy returns. The exposed transport labels are important as they detail the inside of the package and where to go.
However, the unprotected AWS buckets held more than 14.3 million records, primarily transporting labels and customs formats. CyberNews researchers said, “Cybercriminals can use leaked data to carry out fraud and phishing attacks. For example, criminals pretend to be trustworthy business and give details about specific orders. Use it to send fake messages to share personal and financial information and trick people.”
Transportation facility employee. (Kurt “Cyberguy” Knutsson)
Hidden Costs of Free Apps: Your Personal Information
What kind of data was leaked?
Researchers believe the exposed bucket contains sensitive information about the buyer, including their full name, home address, telephone number, and order details such as postal date and parcel information. There is no direct evidence that cybercriminals have access to exposure data, but millions of malicious actors use automated bots to search the internet for similar leaks and for harmful purposes. I’m hoping to find data that can be used.
These criminals may exploit and release leaked information scam and Phishing Attack. For example, they may pretend to be a trustworthy company and send fake messages that use the details of a particular order to pressure people to urgently verify their personal or financial information. . Unfortunately, retail companies are the main targets of hackers, and relying on large, well-known companies may not always protect your information. Recent violations involving companies like Grubhub, Mizuno and hot topic Show that even well-known retailers can suffer serious security revocation.
Hacker illustration at work. (Kurt “Cyberguy” Knutsson)
From Tiktok to Trouble: How to weaponize your online data against you
Seven ways to protect yourself after such a data breach
1) Beware of phishing attempts and use powerful antivirus software. After a data breaches, scammers often use stolen data to create persuasive phishing messages. These can come by email, text, or call, pretending to be from a trusted company. Please be particularly careful about unsolicited messages with links requesting personal or financial details, even if you are referring to a recent order or transaction. The best way to protect yourself from malicious links is to install antivirus software on all your devices. This protection can also warn you that it will phish email and ransomware scams and keep your personal information and digital assets safe. Get the best 2025 Antivirus Protection Winners picks for Windows, Mac, Android and iOS devices.
2) Beware of snail mail: Many security threats arise online, but physical email can also be targeted. Because your home address is published in Data Leak, criminals will send fraudulent letters or fake invoices to provide further personal information or make payments. If you receive suspicious emails, avoid responding and report them to the company that claims it is from.
3) Invest in protecting identity theft: Given the exposure of personal data such as name, address, and order details, investment in identity theft protection services can provide an extra layer of security. These services monitor financial accounts and credit reports for signs of fraudulent activity and alert you to early potential identity theft. They can also help freeze bank and credit card accounts to prevent further fraudulent use by criminals. See my tips and best choices on how to protect yourself from identity theft.
4) Enable two-factor authentication on your account. Enabling Two factors certification Add an additional layer of security to your online account. Even if a hacker gets his login credentials, he will not be able to access his account without a second verification step, such as a code sent to a phone or email. This simple step can significantly reduce the risk of unauthorized access to sensitive personal information.
5) Monitor your credit reports regularly: You can request a free credit report from your major credit bureau to see suspicious activity or fraudulent accounts opened in your name.
6) Update your password: Change the passwords of accounts that may have been affected by the violation and use a unique and strong password for each account. Consider using Password Manager. This will help you generate and store strong and unique passwords for all your accounts.
7) Delete personal data from the public database. If your personal data is made public in this violation, it is important to act promptly to reduce the risk of identity theft and fraud by deleting your personal information from the web. Check out our top picks for data deletion services.
Massive security flaws put the most popular browsers at risk with MAC
Important points of cart
It’s when all industries take cybersecurity seriously. If your business is run online, tech companies are usually responsible for protecting their customer data the same as tech companies, as they are more powerful safeguards in place. The fact that Hipshipper left behind a storage bucket containing 14 million unprotected records speaks volumes about how little cybersecurity is prioritized. And it’s more than just a hipshopper. Many companies with high-tech products are not as careful as password-protecting important documents. This lack of basic security underscores a worrying trend across the industry.
Do you think businesses are doing enough to protect their customer data? Write us and let us know cyberguy.com/contact.
For more information about my tech tips and security alerts, sign up for our free Cyberguy Report Newsletter cyberguy.com/newsletter.
Ask us a question in our cart or let us know what you want us to cover.
Follow your cart on his social channels:
Answers to the most accused Cyber Guy questions:
New from Cart:
Copyright 2025 cyberguy.com. Unauthorized reproduction is prohibited.
