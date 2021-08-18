 Skip to content
(NPR)   Yet another IT department leaks your private info. The good news is it's happened so often, no one wants to buy the data   (npr.org) divider line
vudukungfu [TotalFark]
‘’ 2 hours ago  
Do you fear me now?
 
beezeltown [TotalFark]
‘’ 1 hour ago  
This is where knowledge based authentication becomes important--your PII is fully available. But the car you owned in 2004 or the street you live on in 1996 are much more difficult bits of personal information to mine, particularly if the "quiz" times out in 30 seconds.

Which reminds me, I need to answer some of those fun Facebook games where you enter the make and model of your first car, mother's maiden name, and grandmother's first name to see what kind of candy bar you are...
 
Russ1642 [BareFark]
‘’ 35 minutes ago  
Why would you need to apply for credit with a mobile service provider? They have SSNs and everything.
 
Bowen [TotalFark]
‘’ 33 minutes ago  
Oh no, T-Mobile? Is my Discover card secure? Let me crack open a Diet Pepsi and think this over.
 
ajgeek [BareFark]
‘’ 33 minutes ago  

I did that one! I was an Almond Joy! Apparently I'm a little nuts. I wonder why?

/Seriously, don't do those games.
 
JessieL [TotalFark]
‘’ 32 minutes ago  

Russ1642: Why would you need to apply for credit with a mobile service provider? They have SSNs and everything.


Because most people don't want to pay a deposit for service and they make payments on their phone through their service provider instead of buying it outright.
 
rightClick [OhFark]
‘’ 28 minutes ago  
it's not like people are generating a whole lot of PII on a continuous basis, how much more can there be after the 38 other breaches of millions of users?

/still waiting for equifax to be held accountable
//will be waiting until my subatomic particles breakdown
 
DoganSquirrelSlayer
‘’ 27 minutes ago  
From statements they've made about what was breached and what wasn't, I think what they lost was their bad credit database. If you have really poor credit they (and most phone companies) either require a bunch of personal information or several months advance payment.

So the hackers basically stole PII from people that both have bad credit and also are poor. Whoops...


/Still waiting for someone to add some teeth and fines to those data breach laws.
//If the fines actually cost a lot of money, maybe everyone would hire some IT and pay for security?
///Still salty Equifax didn't get nuked down to the atomic level.
 
red5ish
‘’ 26 minutes ago  
Companies that collect and store our personal information have a peculiarly cavalier attitude about keeping it secure.
 
Russ1642 [BareFark]
‘’ 25 minutes ago  

So do I but I've never been asked for credit information. I pay monthly like almost everyone else.
 
Your Black Muslim Credit Union
‘’ 21 minutes ago  
Well lucky me I wasn't in this batch. I was in the credit rating firm leak a few years back. Personally I think some people should be in a federal prison for many years when this shiat happens as it's almost always due to lack of security and poor polices starting from the top down in cost savings measures. People's lives can be destroyed with how everything is linked to this information.
 
drjekel_mrhyde
‘’ 18 minutes ago  
Anyone wants T-Mobile user data? You're better off asking bums for their credentials.
 
Fireproof [OhFark]
‘’ 16 minutes ago  

I mostly just see people freaking out whenever there's a general comment-based post from a radio station or something that needs more comments asking a personal question that's never once been a security question.

"96.7 The Sturge asks: What's the fastest you've ever driven?"

Every third answer: "ZOMFG THEY'RE PHISHING FOR YOUR DATA DON'T ANSWER IT! ALSO, THEY'L BE ABLE TO MATCH IT TO YOUR BANK USERNAME SOMEHOW!"
 
Karma Chameleon
‘’ 14 minutes ago  

red5ish: Companies that collect and store our personal information have a peculiarly cavalier attitude about keeping it secure.


There are no consequences for not keeping it secure, and negligent companies often receive bailouts to fix the problems they cheaped out on fixing themselves. So why bother?
 
Fireproof [OhFark]
‘’ 12 minutes ago  

Uh, I can't name a bailout more recent that the auto industry one in like 2010.
 
DoganSquirrelSlayer
‘’ 7 minutes ago  

Equifax's settlement with the FTC essentially only required that they provide 1 year of free credit monitoring with their own system to impacted persons. Despite total loss of data they had on 147 million persons they didn't have to make a single restitution payment. If they did, they would not exist anymore. The FTC gave them a criminally sweetheart deal.

A bailout by any other name would smell as rotten.
 
JessieL [TotalFark]
‘’ 5 minutes ago  

It's barely been a year since the airlines got a $25 billion bailout, and the gas and oil Industries got their own $20 billion bailout.
 
tasteme
‘’ 4 minutes ago  

drjekel_mrhyde: Anyone wants T-Mobile user data? You're better off asking bums for their credentials.


Fark user imageView Full Size

Verizon and Sprint aren't too bad, either. Boobies!
 
waxbeans [TotalFark]
‘’ 4 minutes ago  

😂
No that's the tool they use in doing that. It not 100% needed it's just a business choice.
There is a loan company that lends people money without asking for a SSN.
 
NotThatGuyAgain
‘’ less than a minute ago  

Your Black Muslim Credit Union: Well lucky me I wasn't in this batch. I was in the credit rating firm leak a few years back. Personally I think some people should be in a federal prison for many years when this shiat happens as it's almost always due to lack of security and poor polices starting from the top down in cost savings measures. People's lives can be destroyed with how everything is linked to this information.


If you mean the Equifax breach you don't have to worry a whole lot about lives being destroyed because of it.  it wasn't criminals, per se, it was China.  They don't sell your data.

Besides, there are a zillion other ways to steal your identify and assets.

Imagine bad guys knowing what is coming to your mailbox and when it will arrive.  Then they steal it.  Welcome to USPS's Informed Delivery Service.

They now know where you have accounts based on what the envelope says on it.  Discover card, eh?  Oh, you have investments with Vanguard!  You bank at Wells Fargo!  And they have the account numbers.  Then all they have to do is order replacement cards and/or checks.  If your credit isn't frozen they'll try to open new accounts, not to mention use that fraudulent account to pay for further shenanigans like...

...getting a copy of your drivers license with your own damn picture on it, especially when your state has really shiatty knowledge based authentication.  "How much did you pay for the home you bought in 2007?"  You mean the one at the address the bad guys are looking at, where sale price is public information on the county tax assessor's site??  So now with a copy of your license all they do si...

...find someone that looks remotely like you to go get "I totally can't get into my account please unlock it" documents notarized.  How hard do you think that Notary looks at the picture on an ID?  "Oh, yea, i grew a beard since that pic was taken."

I didn't make any of that up.  I lived through it and so have thousands of others.  It took months to unf**k.  Matter of fact, it happened the day after this warning went out:  https://krebsonsecurity.com/201​8/11/u-​s-secret-service-warns-id-thieves-are-​abusing-uspss-mail-scanning-service/
 
