A massive global data leak linked to IDMerit has exposed 1 billion personal records, including national IDs and emails, across the US, Europe, and Asia.
“At this scale, downstream risks include account takeovers, targeted phishing, credit fraud, SIM swaps, and long-tail privacy harms. Industry-wide, the case underlines how third-party identity vendors have become critical infrastructure and can become single points of catastrophic failure,” our team explained."
Wouldn’t Username + Password + SIM = 2FA password reset?
It would for all the financial industry that refuses to move to a real 2 factor system.