General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsScary stuff, please read. (EDITED AGAIN)
Last edited Thu Feb 5, 2015, 06:05 PM - Edit history (1)
Target's customer info was hacked. Home Depot's customer information was hacked. Michael's (the arts/crafts store) customer information was hacked. Ditto Walmart and Macy's. The huge Anthem insurance company's customer information database was hacked today...and I was informed today of two other massively intrusive hacks that affect millions of people. They haven't been made public yet. I am precluded from disclosing them right now (source anonymity and protection), but at some point they will be made public, and when they are, your face will leap off your skull and fly around the room like a startled bat. You literally won't believe it.
Someone is assembling an absolutely monstrous, deeply detailed treasure trove of vital information on tens and tens and tens of millions of Americans. Names, addresses, Social Security numbers, financial information, as well as the information from the hacks I can't yet disclose. If it's a bunch of disparate groups working separately, that's one thing...but if it is one group stealing all this data, they have basically gathered unto themselves the ability to defenestrate the US economy with - quite literally - the push of a button.
When I can, I'll let you know about the face-bat-making hack. Stay tuned.
Edit: Update at 4pm EST with the name.
New Edit: The hack was TurboTax: http://www.democraticunderground.com/10026185351
marym625
(17,997 posts)Nothing can surprise me about this anymore.
And I think you are correct about what is happening and why.
Thanks for the post. Will wait to see if my head explodes.
In_The_Wind
(72,300 posts)Oh, and stick my face in the sand.
Prism
(5,815 posts)When that broke, I had a new credit card appear in the mail a few days later unasked. They were taking no chances.
NYC_SKP
(68,644 posts)It's more at an "Oh no not this shit again" scale.
But at any level it's unacceptable for data to be hacked.
Don't expect any major improvements in security-- hacking personal health data predates the modern Internet as a concern.
ReRe
(10,597 posts)NYC_SKP
(68,644 posts)If anything significantly bad comes from this I'll be surprised.
Anthem can't keep track of records for shit, anyone with access to them is probably on the edge of a building right now ready to jump!
... in this one, the hackers got more than just credit card numbers. They got SOS numbers, birth dates and addresses. What does the Credit Bureaus do in this day and time with all this hacking going on? Do they, themselves do anything to prevent identity theft?
magical thyme
(14,881 posts)you'll need to file a report with the local police and send them a copy to do that. or at least that's how it was when my ID was stolen back in '06. It may be different now. that means anybody who tries to get credit on your SSN will have extra hoops to jump through. if it's a fraudster, they'll give up and go away.
when that 7 years is coming due, you can do what I did and lock down your credit completely. Then nobody except you can access your credit without jumping through extra hoops.
technically, once your ID is stolen, you can lockdown your credit for free. In practicality, good luck. 2 of the 3 bureaus do not post information anywhere that I could find on their websites on how to do that. Nor do they post a phone number to call for information. the 3rd bureau does post how to lock it down for free, but they make it as painful as possible. You'll need to re-send the police report that you already sent them back when you got your fraud alert, among other things.
so I gave up and paid the $10/each to lock it down.
glinda
(14,807 posts)Response to WilliamPitt (Original post)
uppityperson This message was self-deleted by its author.
WillyT
(72,631 posts)KamaAina
(78,249 posts)If so, they have basically gathered unto themselves the ability to defenestrate the world economy with - quite literally - the push of a button.
ConservativeDemocrat
(2,720 posts)Hrm. I wonder what this is.
* Credit record scores?
* Public property records?
* Business/financial records?
* A phone book?
I await with baited breath. Sort-of.
- C.D. Proud Member of the Reality Based Community
BrotherIvan
(9,126 posts)OF COURSE hackers would exploit it. FFS.
Voice for Peace
(13,141 posts)nothing left to steal..
zeemike
(18,998 posts)enki23
(7,789 posts)And little money to help move the system in their favor if they are targeted by a fucking scammer.
Bad Granny
(28 posts)up for ourselves, and society.
I have worked in medical research for decades and have dealt with "privacy" and "confidentiality" and other similar concepts related to the care and feeding of data.
Here is my take...
There is NO WAY to really protect data from being exposed to those not "authorized" to view it. No matter what security is created, the system WILL BE BREACHED.
My solution is to back off of the limitations and security mandates a bit (for the most part, because they are not all that effective).
Instead, there should be SEVERE penalties for the misuse of that information, however it was obtained.
For example - even our medical information can be hacked. Sure, have rules to limit the "leakage" - but please make it easier for legitimate users to access and use that information.
BUT, for those who misuse it - to the gallows with them. If a company "acquires" medical info and uses it to target someone for pharmaceutical ads, or to deny something not legitimately related to the medical info - the penalties should be close to a death penalty for the offending company and definitely involve jail time for the businessmen who committed the offense.
Knowledge cannot really be contained, whether those seeking it have good or bad intentions.
Let's just punish those who use it for those bad intentions.
padfun
(1,786 posts)There is NO WAY to really protect data from being exposed to those not "authorized" to view it. No matter what security is created, the system WILL BE BREACHED.
That is true of ALL data on all servers. Expecially when all backups are required to be offsite. Too many people have access to the "secured" data. And too many back doors have been implemented into software programs.
LiberalArkie
(15,719 posts)I had to have a good security background check as they stored FED info and a lot of bank servers. I had to get approval to get on the floor and get approval to do any kind of work. Now the cleaning people (off the street, no checks) the electricians (different ones all the time just whoever their company sent over) the HVAC people (different ones all the time), none of those needed background checks or approval of any kind to do any work on the floor. Only the employees of the actual company owning the data center had to be checked out and had to log into the data floor, all the unnamed unknown people could come and go as they wanted.
We caught one of the electricians installing a fiber tap box on a server one time and asked hi what he was doing and he just said I supposed to put this here.
Yep, no way to secure any thing any where, unless you keep it in your own place.
nc4bo
(17,651 posts)Think China or Russian whatever foreign country would agree to let us have at 'em?
Somehow I doubt it.
sendero
(28,552 posts)..... that these data breaches are not going away. Basically, it is almost impossible to really secure a large computer system to which thousands of people have access. There is always going to one doofus whose password is "1234" or "password".
And good luck punishing the perps and users of the information, 90%+ of them are in Russia, China or India.
H2O Man
(73,558 posts)I'm looking forward to hearing more on this.
Recommended.
maindawg
(1,151 posts)Theres no billionaires.
Hestia
(3,818 posts)KansDem
(28,498 posts)I look forward to more details...
ramapo
(4,588 posts)Privacy has been dead for a long time. It is possible for anybody to very easily assemble a complete dossier on anybody else, including all financial information, very quickly and cheaply. The proliferation of private data in the past ten years has been unmatched by the efforts or abilities to protect it. The only thing that saves any one of us individually is that, out of hundreds of millions of possible victims, the odds are you'll be ok. But fraudulent use of our credit cards has become so commonplace that it is just a cost of functioning in day-to-day life.
I laugh when people rant about the government having access to our private data. Well of course they do but the worry about what they'll do with it compared to what the private & criminal sectors want to use it for is trivial.
Nay
(12,051 posts)think THEY are safe, of course, but they're full of shit. There is no recourse, even if you want to unhook yourself from electronic payments -- your bank, your doctor, your insurance company, your credit card companies do all their crap electronically and may, like Sony, be so cheap with their IT dept. that their protection isn't very good.
Ultimately, conducting most daily buying with cash is probably a good idea. I suspect that many people may go back to that custom to at least keep their info out of the hands of so many retailers.
sybylla
(8,513 posts)Scammers who want you to think they've made you safe after you've goven them tons of money maybe. Or corporate/government officials who have no idea about what they're talking about or have something to hide.
My SO is a computer engineer and has said since the start of his education in the 80's that there is no such thing as completely safe data on a computer. Ever. Corporations spend great gobs of money developing protocols and firewalls that evolve to meet new security threats.
There are an awful lot of computer nerds who spend whole careers working on security. That fact puts the lie to your use of "all."
Duval
(4,280 posts)frightening, and thanks for the "heads' up", WRP.
shanti
(21,675 posts)Hassin Bin Sober
(26,330 posts)Between the hackers and my lobster claw hands losing my cards...
salin
(48,955 posts)ProdigalJunkMail
(12,017 posts)Kelvin Mace
(17,469 posts)Corporate or government?
If corporate the worst breach would be a credit bureau. If government, the IRS, SSA or one of the TLA cloak and dagger shops.
WilliamPitt
(58,179 posts)jeff47
(26,549 posts)Sure, they'll lose unimportant things like twitter accounts or public web sites, but they do fairly well with important information. They are, after all, target #1 for a whole lot of very sophisticated attacks.
The corporate world, OTOH, doesn't give a fuck. Doing it right costs more than their liability when they do it wrong. So they do it wrong.
Kelvin Mace
(17,469 posts)so I am going with my guess of a credit bureau or intermediary database that credit bureaus to collect information.
Cracking a CB database would be a dream come true for identity thieves and con men. They have a file on practically everyone.
glinda
(14,807 posts)gerryatwork
(64 posts)... is they have our SS numbers which completes the picture of all information someone would need to pull off anything they wanted to. Generally I don't think Target or Michael's has SS numbers
raven mad
(4,940 posts)but I don't shop at a single one of those stores......... not that that matters, if one can be hacked, all can be.
WilliamPitt
(58,179 posts)Presser pushed 30 minutes. I will post the release when it's in hand.
countryjake
(8,554 posts)I'm sorry for not giving a fuck, but not having a pot to piss in often will bring out that type of response to any encroachment on the business-as-usual capitalist dream world.
As I watch people's lives crumble around me, hard-working victims of the "American Dream", sometimes I'd like to have a button like the one you've described, myself.
Tho, whatever has happened will most likely have severe repercussions for millions more people, it's funny to me that most only seem to care when it's their own personal finances that are involved. Our government is allowed to get away with destroying someone's character, interfere with their personal well-being and health, take away a person's freedom, and even murder innocents, but damn, touch the collective pocketbook, and there is hell to pay.
BlueJazz
(25,348 posts)RebelOne
(30,947 posts)uberblonde
(1,215 posts)That would scare the crap out of me.
Kelvin Mace
(17,469 posts)but not catastrophically bad in a "wreck the economy" sense that is being hinted at.
If this is for real, a credit bureau would be on that level.
blackspade
(10,056 posts)TurboTax? Not good.
Paper Roses
(7,473 posts)Who is giving the presser and on what network, does anyone know?
cwydro
(51,308 posts)Guess we'll find out.
Kablooie
(18,634 posts)At least for a year when my Sony paid security subscription runs out.
boston bean
(36,221 posts)and the other Bank of America??
Maven
(10,533 posts)this is why i read your posts. the imagery.
oh, and, i'm insured by anthem and a longtime user of turbotax.
WilliamPitt
(58,179 posts)glinda
(14,807 posts)WilliamPitt
(58,179 posts)I'm told it's a credit card company. All I can say.
defacto7
(13,485 posts)No one ever listens. These are very late wake up calls. Individuals as well as government infrastructure "responsible parties" had better heed the warnings... although it's too late to fend off a major portion of the damage. Apathy and complacency must die a quick death.
I'm probably on your ignore list so.... ironic...
EndlessMaze
(46 posts)Thanks Mr. William Pitt for all of the hard work that you do. I don't post a lot on DU. I mostly read, think, and do stuff to help in my area out here in California. I bought and read one of you books back is 2005. It changed me for ever,... for the better.
WilliamPitt
(58,179 posts)Reading that is a hell of a nice way to start the day.