https://hackread.com/data-breach-national-public-data-records-ssns-dumped/ That explains why I've been getting emails with content like: I locked my credit files with the three U.S. enslaverscredit bureaus a few years ago. You might want to think about doing something similar.
Oops No matter how many billions these corporations pay to keep systems in place there will always be someone smarter on the otherside !!! At this point no one's information is protected as much as they ever say it is.
And this is why nobody should ever think a national digital ID is a good thing. Even Elon trying to make his Twitter an "everything app" is the dumbest idea when you consider how many people lose their accounts every day. Imagine having your whole personal and financial life on one app.
It's the credit bureau's releasing the data to sell a monitoring package. No different than McAfee releasing viruses into the wild so that he could market a solution. 90% tongue in cheek
You're perhaps more right than you think. In cases of a SIM swap attack, it has been shown that its an inside job done by the workers for the cell phone company because they get a bribe. I also read in Canada, "Suspected auto theft ring involved Service Ontario employees: police" https://globalnews.ca/news/10152389...ired-service-ontario-employees-police-allege/ So you probably aren't too far off...
No. It's irresponsible behavior. It's possible to design systems where it is extremely unlikely to have data breaches like this but that takes actually giving a crap about protecting people's data. Generally 99.99% of people at a corporation should never need to be able to look up your full SSN. Even if they do, the requests to the server should be rate limited and automatically flagged if someone starts pulling SSNs from the database at a rate faster than someone could possibly do anything proper with them. These breeches happen because many corporations operate with minimal security, and almost no up front thought given to protecting user data. They just throw it in a big database on the same network as every employee and give everyone access. It's like keeping all your data in a regular file cabinet sitting on sidewalk in a major and saying "we locked it"
Do you really believe everything you hear on the internet? There are trillions, maybe I should say infinity different group of numbers all over the web, and just because 1 of them matches your SSN you think someone has stolen your identity? You need to chill out. If you see anything that doesn't make sense with your credit cards, you just cancel the payment, cancel the card, get a new card. Problem solved! There is no need to panic over some random number on the internet
Several data monitoring services reported they found my name and social security number along with addresses and emails leaked from National Public Data, and I posted a recent article that explains the leak. Your imagination about stolen identities, credit cards, and random numbers shows you don't seem to understand. I still suggest readers with U.S. social security numbers keep their credit files locked to avoid potential fraud.
I recently attended a science centre with my nephew and in one of the pavilions in the science centre, the topic was cybersecurity and attacks. And right at the entrance, there was a huge information blackboard that shows the origination and destination of cyberattacks and more than 50% of the cyberattacks originate from Asia. So if you want to beef up data security in the firms, you need to hire data security experts. And data security experts are hackers, the best one LOL Do you trust hackers from Asia? That's the question.
Not necessarily. The guys you call to demo a skyscraper aren't the same guys you call to build it. A decent design needs to realize that 0-day exploits are a fact of life and design a system that uses layed security. Say I'm building an E-commerce Web site and I need to handle people's credit card numbers.... I put them on a separate server. Behind a firewall. Regular employees can delete entries and add entries but the can't read back full credit card numbers for existing entries. The only place the server will send full credit card info is a pre-approved whitelist of payment processing companies, via encrypted message. Maybe have a second system on the network monitoring traffic looking for anything out of profile and killing the network connection to the server if an issue is detected. Use multiple hardware vendors. Use multiple operating systems. Assume individual pieces are going to get compromised and have a plan to detect and deal with it. Don't give a single person all the keys necessary to bypass the safeguards on a critical system. Once you factor in the need for test systems and redundant systems, you can see thing as a large project suited to a professional team. Sure the movies will tell you it's all done by one person, but really you need a team. You need to design, deploy, manage and update an complicated system. Somebody won't be doing it in their spare time while also running a full forensics lab.