A security lapse exposed the PINs of approximately 6 million Verizon customers.

If you're a Verizon customer who's called customer service in the past six months, it's probably a good idea to update your PIN, or the four-digit billing password that protects your account from people trying to impersonate you over the phone.

An Israel-based company called Nice Systems, a Verizon partner, reportedly exposed as many as 14 million records of subscriber calls on an unprotected Amazon S3 storage server, downloadable by anyone with the server's web address. The records show the subscriber's name, phone number, and account PIN. Security firm UpGuard detailed exactly what data was vulnerable in a recent blog post.

Verizon claims that no loss or theft of customer information occurred. In a statement emailed to BuzzFeed News, a Verizon spokesperson said the leaked dataset included the information of approximately 6 million subscribers. "Verizon is committed to the security and privacy of our customers. We regret the incident and apologize to our customers," the statement said.

Why is that bad?

That last bit of data — the security PIN — is especially sensitive information, as it would grant anyone with the four digit number access to your Verizon account. Verizon representatives use this account code (which, BTW, is different than the code you use to access your smartphone) to verify a customer's identity during a customer service call.

With this PIN, hackers can more easily gain access to online accounts (email, social media, banking, etc.) protected by two-factor authentication, which requires a code typically provided by text message in addition to a password.

Hackers would be able to call cell providers, impersonate the user, and change the SIM card on record to their own (which is what happened to Black Lives Matter activist DeRay Mckesson, when his Twitter account was hacked last year). This method of attack essentially reroutes the security code to another device, allowing hackers to bypass two-factor authentication for any account with it enabled.

I'm a Verizon customer, what should I do?

The first thing you should do is change your account PIN, just in case. You can never be too careful with your online privacy. Call customer service at (800) 922-0204, visit a retail store with government identification, or go to vzw.com/PIN. Note that the code *can't* be the last four digits of your Social Security number or cell number.

If you've reused that same PIN for other accounts, make sure you update those, too. It's best to keep all of your PINs unique. Those who have trouble remembering all of their PINs can store them safely in a password manager like Last Pass and Dashlane.

Source: Nicole Nguyen

Nebula Consulting is now an official authorized dealer for Siedle Security Systems. Siedle secures homes and buildings with precisioned technological mastery and uncommon elegance. For over 70 years, Siedle has designed high-end commercial and residential security systems featuring anti-burglary, card access, IP intercoms and closed circuit TV providing secure video door IP intercom functions. Click here for more info. Commonly known as the Mercedes of Intercom systems, Siedle's custom solutions are perfect for apartment & condominium complexes, video gate door access systems, parking garages, hotels, hospitals, and commercial buildings. If you are looking for a high-end, modern solution, Siedle is the perfect solution.

Covering all of New England, we claim the largest territory of any Siedle dealer in the area. For a free consultation, call a security engineer today at 617-477-2337 or email us at info@nebulanewengland.com.

The internet can be a dangerous place, particularly when sensitive personal information, such as medical records, are involved. One such internet-based crime is medical identity theft, which can become a living nightmare for unlucky victims. One of the most common problems associated with this kind of ID theft is having your credit rating damaged. If your medical information is tampered with, you may encounter life-threatening consequences when you access medical care and possibly end up with thousands of dollars in medical bills.

We hope this never happens to you, but here are some medical identity theft detection and prevention tips – just in case.

Medical Identity Theft – What Is It? Medical identity theft occurs when someone uses your personal health-related information without your knowledge or consent for acquiring medical treatment, submitting claims or obtaining goods and services. These thieves target personal information including your name, Social Security number (SSN) or health insurance ID.

How to Detect Medical Identity Theft The easiest way to stay vigilant when it comes to medical identity theft is to regularly check your medical purchase history. Take a visit to the hospital where you get your medication and ask if any purchases were made on your account. You don’t need to do this all the time, but check when you have a suspicion that your identity has been compromised. Also, don’t throw away receipts so that you can keep track of your purchase history.

The Three Main Sources of Medical Identity Theft

1. Hackers: There are people who earn money by selling personal and medical information to those who want to use another person’s identity to obtain medical goods and services. Additionally, the recent increase in the prevalence of electronic health records, or EHRs, is giving these hackers a greater chance of illegally accessing private information.
2. Friendly Fraud: This threat occurs when a family member or a friend illegally uses the identity and medical information of another person. Studies show that approximately 33-50 percent of all medical identity theft is committed by victims’ family members or friends. Friendly fraud may also occur when an employee gives out a plan number or insurance card in an attempt to help a friend in need.
3. Providers: Identity thieves may come in the form of dishonest staff from the offices of healthcare providers, including doctors, nurses, receptionists, technicians or other individuals. These criminals steal your private information with the intention to sell what they have gathered to those who will assume the victim’s identity. They can also use your information to fool insurance companies into paying out false claims.

How to Prevent Medical Identity Theft Preventing medical identity theft may not be as difficult as it seems. Besides keeping your information as secure as possible, your best defense is to always be vigilant and review your bills, medical records and insurance information carefully. Here are several tips you can follow to help prevent medical identity theft:

• Watch your medical records for accuracy. Check all your mail, email and records related to your healthcare. Review statements and other communications from your healthcare providers and insurance company closely, checking for any strange or suspicious items and services. In many cases, identity thieves may accidentally add their own information to your records. Monitoring your own medical history is an ideal way to nip thefts in the bud.
• Keep your information secure. Make a point to share as little personal data as you can. The less information you give out, the less there is to be used against you. Sometimes, sharing sensitive information is not necessary, so only give this kind of data on a need-to-know basis. It’s always a good idea to flat out ask if information such as your driver’s license, SSN and date of birth are really required to process you as a patient. Lastly, always be careful about storing your medical information, whether digital or physical, and take the necessary steps to keep it from leaking.
• Learn to spot phishing emails. Phishing is an illegal practice where unauthorized persons attempt to trick individuals into revealing private information, such as passwords, SSNs, credit card and bank account numbers. This is accomplished by installing malware on your connected devices or send legitimate-looking emails claiming to be from reputable companies. Learn to spot phishing emails by verifying the email address from which the email was sent. After clicking on a link provided by an email, ensure that the domain in the address field is the same company you believe you’re dealing with. When in doubt – if something looks suspicious – ignore or delete it.
• Avoid using public WiFi. Public WiFi can be notoriously unsafe. However, people still choose to use it and put themselves at risk. Know that any time you access information via a public network, anyone else using the service can see the information you are sending. The sites you visit, the text you send and your login information are all put on display for identity thieves to see. It’s best to avoid using these networks and/or limit your use to casual browsing without entering sensitive information. In instances when you absolutely need to log in to a public wireless network, be sure that your firewall is turned on and you have up-to-date malware protection. You can also consider using a virtual private network (VPN).

Millions of people are faced with the threat of medical identity theft on a day-to-day basis. If you become a victim, the repercussions may be devastating to both you and your family. As soon as you notice something that isn’t right, it’s best to resolve the issue immediately. Always remember these safety precautions to help decrease the chances of these security breaches.

Source: NCSA

As of July 2017, Nebula Consulting is an an authorized dealer for Hanwha Samsung Security Surveillance products. Hanwha Techwin, formerly Samsung Security, is a surveillance company that specializes in IP-based & CCTV security cameras, network video recorders, digital video recorders and advanced surveillance analytical software. For more info, check out our product listings: https://nebulanewengland.com/surveillance.php

Video surveillance is essential for businesses as it protects the company, protects the employees and increases productivity. Our engineers will analyze the requirements and design a solution that best fits your environment. Our IP-based solutions integrate with your existing infrastructure, significantly reducing cost. Security feeds can be securely accessed via your phone, tablet or computer - from anywhere in the world! Our business is designed around cyber security - we will ensure your security feeds are private and secure.

Nebula Consulting will ensure your company and customers are safe so you can focus on what you do best - running your business. Call a security engineer today at 617-477-2337 or email us at info@nebulanewengland.com.

https://youtu.be/0nfMBtOPOAc Yealink’s upgraded DECT phone W56P is developed to enhance communication for on-the-go workers and works with Nebula's on premise and cloud-based phone systems. Featuring a big 2.4-inch color screen, an elegant industrial design, excellent battery performance and other multiple usability and phone management upgrades, the W56P ensures busy workers can enjoy a pleasant user experience and are always online.

Features: . Exceptional HD sound with wideband technology . Up to 4 simultaneous voice calls . Up to 5 DECT cordless handsets . Up to 5 Multiple Lines . 2.4" 240 x 320 color screen with intuitive user interface . Up to 30 hours talk time, Up to 400 hours standby time . Quick charging: 10 mins charge time for 2 hours talk time . USB Charger Cradle . Headset connection via 3.5 mm jack . Charger wall mountable . New belt clip with better user experience

Specifications: . Up to 4 simultaneous calls . Up to 5 handsets, up to 5 VoIP accounts . Handset select for receiving  call . Handset and Number select for making call . Paging, intercom, auto answer . Call hold, call transfer, 3-way conferencing . Switching between calls . Call waiting, mute, DND . Caller ID display, redial . Anonymous call, anonymous call rejection . Call forward (always/busy/no answer) . Speed dial, voicemail, silence . Message Waiting Indication (MWI) . Local phonebook for up to 500 entries (store in the base) . Remote phonebook/LDAP . Phonebook search/import/export . Call history utgoing/missed/accepted) . Direct IP call without SIP proxy . Reset to factory, reboot . Keypad lock, emergency call . Dial Plan, music on hold . Broadsoft directory, BroadSoft Call Log . Broadworks feature key synchronization

Personalization: . 9 ringer melodies . Screen saver . Multi-language support

Physical Features: . Indoor Range: 20m~50m (The ideal distance is 50m) . Outdoor Range: 300m (In ideal conditions) . Standby Time: 400h (In ideal conditions) . Talk Time: 30h . 2 4’’ 240x320 pixels color display . Desktop or wall mountable . LCD backlit, key backlit . Energy-saving ECO mode/ECO Mode+ . 12 key numerical keypad, 5 navigation keys 2 softkeys, 6 function keys, 6 shortcut keys . 3 LEDs on Base: 1 x power, 1 x Network, 1 x Call . Charger: DC 5V/600mA Output . Phone size: 175mm x 53mm x 20.3mm . Base station size: 153.5mm x 108.5mm x 45mm . Operating humidity: 10 ~ 95% . Operating temp: -10 ~ +50°C