![Data Brokers Fuel $21 Billion Identity Theft Losses [Prime Cyber Insights]](/_next/image?url=https%3A%2F%2Fimg.transistorcdn.com%2FauPxQHk_DBCYdsVm-YjUtnopioMnTllhtHJBt56U6Lw%2Frs%3Afill%3A0%3A0%3A1%2Fw%3A1400%2Fh%3A1400%2Fq%3A60%2Fmb%3A500000%2FaHR0cHM6Ly9pbWct%2FdXBsb2FkLXByb2R1%2FY3Rpb24udHJhbnNp%2Fc3Rvci5mbS80NThm%2FNGM4ZDJiNTNmNTJj%2FODk0MTNiYjMzMTgw%2FZGQzYS5wbmc.jpg&w=3840&q=75)
Episode Summary
Today on Prime Cyber Insights, Aaron Cole and Lauren Mitchell are joined by security leader Chad Thompson to dissect the staggering $20.9 billion cost of data broker breaches. A new report released today from the Joint Economic Committee highlights how industry practices like 'no index' tags have obstructed consumer privacy, specifically naming firms like Comscore and Telesign. We also dive into the supply chain risks exposed by the ManoMano breach, where a third-party Zendesk account compromise in Tunis affected 38 million customers. On the technical side, we cover critical path traversal vulnerabilities in Trend Micro's Apex One platform, which carry a severity rating of 9.8 and require urgent patching. Finally, we look at NASA's successful Artemis II fueling test at Kennedy Space Center as they eye a March 6 launch date. The episode connects these high-stakes infrastructure successes with the ongoing fragility of consumer data ecosystems and the urgent need for enterprise-level operational resilience.
Show Notes
Congressional investigators have just revealed that data broker breaches have fueled nearly $21 billion in identity-theft losses, exposing the high cost of 'dark patterns' in privacy. In this episode, we break down the Joint Economic Committee's findings on hidden opt-out pages and the specific firms involved, including Comscore and 6sense. We also analyze the massive ManoMano data breach impacting 38 million customers through a third-party service provider and discuss critical patches for Trend Micro's Apex One. Plus, a status update on NASA’s Artemis II mission following a successful fueling test at Kennedy Space Center as they prepare for a historic lunar flyby.
Topics Covered
- 📊 The $20.9 billion impact of data broker security failures
- 🚨 ManoMano’s third-party breach affecting 38 million users
- 🛡️ Critical path traversal fixes for Trend Micro Apex One
- 🚀 NASA’s March 6 launch window for Artemis II
Disclaimer: The views expressed are those of the hosts and guests and do not constitute professional legal or security advice.
Neural Newscast is AI-assisted, human reviewed. View our AI Transparency Policy at NeuralNewscast.com.
- (00:06) - Introduction
- (00:06) - The $21 Billion Data Broker Crisis
- (00:06) - ManoMano and Trend Micro Vulnerabilities
Transcript
Full Transcript Available
[00:00] Lauren Mitchell: From Neural Newscast, this is Prime Cyber Insights,
[00:03] Lauren Mitchell: Intelligence for Defenders, Leaders, and Decision Makers.
[00:06] Aaron Cole: I'm Aaron Cole, and this is Prime Cyber Insights.
[00:09] Aaron Cole: We're tracking a massive financial fallout from the data broker industry
[00:13] Aaron Cole: and a critical vulnerability alert for enterprise security.
[00:17] Aaron Cole: Joining me is Lauren Mitchell.
[00:19] Lauren Mitchell: I'm Lauren Mitchell.
[00:20] Lauren Mitchell: We're also welcoming Chad Thompson, a director-level AI and security leader with a systems-level
[00:26] Lauren Mitchell: perspective on automation, enterprise risk, and operational resilience.
[00:30] Lauren Mitchell: Chad, it's great to have you here.
[00:31] Announcer: Lauren, let's start with today's bombshell report from the Joint Economic Committee.
[00:36] Announcer: Congressional Democrats are identifying over $20.9 billion in consumer losses tied to identity
[00:43] Announcer: theft from just four major data broker breaches, including Equifax and national public data.
[00:49] Lauren Mitchell: The details are concerning, Erin.
[00:51] Lauren Mitchell: I mean, Senator Maggie Hassan's inquiry found that companies like Comscore and Telesign
[00:58] Lauren Mitchell: were using no-index code to hide opt-out pages from search engines.
[01:05] Lauren Mitchell: It's a classic dark pattern that makes it nearly impossible for consumers to pull their
[01:10] Lauren Mitchell: sensitive data before scammers get to it.
[01:13] Aaron Cole: It's a systemic failure.
[01:15] Aaron Cole: When these brokers prioritize data accumulation over transparency, they create massive honeypots.
[01:22] Aaron Cole: The report shows that 30% of victims in these major breaches end up facing identity theft,
[01:27] Aaron Cole: which represents a massive enterprise risk for the financial sector.
[01:31] Aaron Cole: Speaking of massive exposures, we've seen a third-party breach hit the French e-commerce
[01:36] Aaron Cole: giant Mono Mono.
[01:38] Aaron Cole: 38 million customers have had their names, emails, and phone numbers exfiltrated because
[01:43] Aaron Cole: of a compromised Zendesk account in Tunis.
[01:46] Aaron Cole: Chad, this feels like another supply chain nightmare.
[01:49] Aaron Cole: Exactly.
[01:50] Aaron Cole: The threat actor Indra didn't even have to breach Mono Mono directly.
[01:55] Aaron Cole: By targeting a subcontractor's support console, they gained access to a decade's worth
[02:00] Aaron Cole: of communication.
[02:01] Aaron Cole: It shows why operational resilience must extend to every third-party vendor in your stack.
[02:08] Lauren Mitchell: We're also seeing Trend Micro issue a critical warning for its Apex One platform.
[02:13] Lauren Mitchell: Two path traversal flaws, CVE 2025-71210 and 71211, both have a 9.8 severity score.
[02:23] Lauren Mitchell: Erin, you know this isn't something IT teams can sit on.
[02:27] Lauren Mitchell: It allows for a full system takeover.
[02:29] Announcer: It's urgent.
[02:30] Announcer: Trend Micro has already released patch build 14136 for on-prem users.
[02:36] Announcer: If you have an exposed management console IP, you are in the crosshairs.
[02:42] Announcer: On a more optimistic note, NASA just reported a successful fueling test for Artemis II,
[02:48] Announcer: clearing a major hurdle after those hydrogen leaks earlier this month.
[02:51] Lauren Mitchell: For sure, the SEALs held at 1.6% hydrogen, well below the safety limit.
[02:58] Lauren Mitchell: We're now looking at a March 6 launch window to send four astronauts around the Moon.
[03:03] Lauren Mitchell: It's a massive win for systems engineering after the delays we saw in early February.
[03:08] Aaron Cole: The Artemis success proves that rigorous testing and iterative fixes work,
[03:13] Aaron Cole: whether it's rocket SEALs or data broker opt-out tools.
[03:17] Aaron Cole: Transparency and precision are what ultimately protect the mission and the agent.
[03:25] Chad Thompson: A vital reminder as we wrap up.
[03:27] Chad Thompson: I'm Aaron Cole.
[03:28] Chad Thompson: Thanks for joining us for this deep dive into the risks and recoveries defining the digital landscape.
[03:33] Lauren Mitchell: And I'm Lauren Mitchell.
[03:35] Lauren Mitchell: We'll see you next time on Prime Cyber Insights.
[03:39] Lauren Mitchell: For the latest updates, visit pci.neuralnewscast.com.
[03:44] Lauren Mitchell: Stay secure.
[03:46] Lauren Mitchell: Neural Newscast is AI-assisted, human-reviewed.
[03:50] Lauren Mitchell: View our AI transparency policy at neuralnewscast.com.
[03:55] Lauren Mitchell: This has been Prime Cyber Insights on Neural Newscast.
[03:58] Lauren Mitchell: Intelligence for defenders, leaders, and decision makers.
[04:02] Lauren Mitchell: Neural Newscast uses artificial intelligence in content creation
[04:06] Lauren Mitchell: with human editorial review prior to publication.
[04:09] Lauren Mitchell: While we strive for factual, unbiased reporting, AI-assisted content may occasionally contain
[04:14] Lauren Mitchell: errors. Verify critical information with trusted sources. Learn more at neuralnewscast.com.
✓ Full transcript loaded from separate file: transcript.txt
Loading featured stories...