ADVERTISEMENT

Credit reporting firm Equifax - data breach could potentially affect 143 million US consumers

sglowrider

sglowrider

Hall of Famer
Apr 9, 2012
27,513
23,645
113
Tiny Red Dot
Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers
  • Equifax said data on 143 million U.S. customers was obtained in a breach.
  • The breach was discovered July 29.
  • Personal data including birth dates, credit card numbers and more were obtained in the breach.
  • Three Equifax executives sold shares in the company days after the breach was discovered
https://www.cnbc.com/2017/09/07/cre...entially-affect-143-million-us-consumers.html






How to Protect Your Information Online
https://www.nytimes.com/interactive...ct-data-online.html?smid=tw-nytimes&smtyp=cur
 
This is crazy. The only need I can think of for social security numbers is to identify someone. As in a user types it in to be verified. Do not store the social security number, store a hash.

For credit cards, store the last 3 digits and hash the rest. There is no reason for this sort of data to be stored unhashed in my opinion.
 
Marvin the Martian said:
This is crazy. The only need I can think of for social security numbers is to identify someone. As in a user types it in to be verified. Do not store the social security number, store a hash.

For credit cards, store the last 3 digits and hash the rest. There is no reason for this sort of data to be stored unhashed in my opinion.
Click to expand...

My understanding is that Equifax doesnt get the personal data from you but from banks etc.
 
sglowrider said:
My understanding is that Equifax doesnt get the personal data from you but from banks etc.
Click to expand...
Right. Here is what we do, but not with banks. We get personal data to identify people on our websites. We take data that is critical, like a social security number, and hash it. That way you can be discovered if you know that info, but there is no way of getting that info. So even we cannot write a query to return your number. But if you enter it correctly, the math is applied and we can verify you are you.
 
sglowrider said:
Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers
  • Equifax said data on 143 million U.S. customers was obtained in a breach.
  • The breach was discovered July 29.
  • Personal data including birth dates, credit card numbers and more were obtained in the breach.
  • Three Equifax executives sold shares in the company days after the breach was discovered
https://www.cnbc.com/2017/09/07/cre...entially-affect-143-million-us-consumers.html

View embedded media


View embedded media



How to Protect Your Information Online
https://www.nytimes.com/interactive...ct-data-online.html?smid=tw-nytimes&smtyp=cur
Click to expand...
That talks about using password managers but seems like to me it's only a matter of time until they break into those systems and then they have all your passwords.
 
If my understanding is correct, on account of undeserved benefits accumulated over a lifetime following the unfortunate happenstance of being born Caucasian (high cheekbones notwithstanding), I'm positive most of us here deserved to be hacked.
 
  • Like
Reactions: IUBBALLAWOL
NPT said:
That talks about using password managers but seems like to me it's only a matter of time until they break into those systems and then they have all your passwords.
Click to expand...
You need to do some research into how password management systems operate and store data. While no system is 100% foolproof, it would be virtually impossible for someone to hack into one and obtain all of your passwords. There isn't something like one giant database with everyone's passwords in text form. On top of that, the best ones even allow you to automatically change your password on hundreds of websites automatically. For those, any hacked data would be useless pretty quickly.
 
The hack was discovered on July 29. On August 1 three Equifax senior execs including the CFO and President of US Information Services cashed in stock claiming no prior knowledge of the hack. It will be interesting to learn, and learn we will, whether they in fact did not have such knowledge. I think it's a stretch.

Oops
 
NPT said:
That talks about using password managers but seems like to me it's only a matter of time until they break into those systems and then they have all your passwords.
Click to expand...

That's why I am sticking to my ol' 123456 routine. Too obvious but hey...
 
They knew. Otherwise far too coincidental they all sold at same time. Insider trading will nix the sales
 
Marvin the Martian said:
This is crazy. The only need I can think of for social security numbers is to identify someone. As in a user types it in to be verified. Do not store the social security number, store a hash.

For credit cards, store the last 3 digits and hash the rest. There is no reason for this sort of data to be stored unhashed in my opinion.
Click to expand...
Infortunately, the bad guys are increasingly using cell phone numbers to hack people. People are not as cautious about disclosing their 10-digit phone numbers as their soc. numbers but there still is no reason for a grocery store or clothing store to ask for your cell phone number, because they are not going to call you -- instead they are going to use the phone number to file your data and then in all likelihood sell the data to other marketers. Marsh Supermarkets definitely used to do this because I asked.

Apparently, having your cell phone number is better for the hackers because it gives them ways to get into your cell phone (which you use for banking, credit card payments etc.) but I don't know exactly how that works.
 
Cream&Crimson said:
The hack was discovered on July 29. On August 1 three Equifax senior execs including the CFO and President of US Information Services cashed in stock claiming no prior knowledge of the hack. It will be interesting to learn, and learn we will, whether they in fact did not have such knowledge. I think it's a stretch.

Oops
Click to expand...
So ..... Equifax knew about the breach on July 29, kept quiet, sold stock, announced the breach yesterday (five weeks later) and now offers a one-year "service" to, ahem, "protect" the victims which requires an arbitration agreement so the victims can't join the class action lawsuits.

Did I miss anything?
 
  • Like
Reactions: i'vegotwinners
Stuffshot said:
Infortunately, the bad guys are increasingly using cell phone numbers to hack people. People are not as cautious about disclosing their 10-digit phone numbers as their soc. numbers but there still is no reason for a grocery store or clothing store to ask for your cell phone number, because they are not going to call you -- instead they are going to use the phone number to file your data and then in all likelihood sell the data to other marketers. Marsh Supermarkets definitely used to do this because I asked.

Apparently, having your cell phone number is better for the hackers because it gives them ways to get into your cell phone (which you use for banking, credit card payments etc.) but I don't know exactly how that works.
Click to expand...
I know I am old fashioned on this one, I don't do any kind of payments on my phone. It seems like a disaster waiting to happen.
 
Marvin the Martian said:
I know I am old fashioned on this one, I don't do any kind of payments on my phone. It seems like a disaster waiting to happen.
Click to expand...
I'm a real dinosaur. I have a dumb TracFone, do my banking in person, and make payments with checks. OTOH, I'm an accomplished computer tech (client side), am active in the Linux community, and run Linux exclusively in my personal environment. I just never got on the smartphone bandwagon and haven't missed it at all. In my few travels, a small netbook sized laptop and the occasional stop at McD's keeps me connected.
 
UncleMark said:
I'm a real dinosaur. I have a dumb TracFone, do my banking in person, and make payments with checks. OTOH, I'm an accomplished computer tech (client side), am active in the Linux community, and run Linux exclusively in my personal environment. I just never got on the smartphone bandwagon and haven't missed it at all. In my few travels, a small netbook sized laptop and the occasional stop at McD's keeps me connected.
Click to expand...

Yeap. I have been in the Internet business since 93/94. My notebook I use is connected via a Cat 7 cable. No payment wirelessly. Multiple passwords for different levels of activities/site; on Facebook since 2006 but barely have 20 friends on it. We are over-connected right now.
And photos -- thats another area that is so easy to steal and be misused, plus never mind that once its there... if you see what my nieces post on Instagram... :rolleyes: their evangelical Catholic mum will not be best pleased.
 
You must log in or register to reply here.

Similar threads

S

Could the Big 10, Pac-12, and ACC form an alliance creating the four million club?

Replies
0
Views
1K
IU Football Board
Spartan4ever
S
ADVERTISEMENT

Latest posts

ADVERTISEMENT
Top Bottom
Back