Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    Equifax security breach
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Equifax security breach

    What's your take?

    Comments

    • Some organisations must surely have the details of practically everyone alive in the Western world.

      Thanked by 1raindog308
    • I think it's great. I hope a few more security breaches happen so that the general population takes privacy more seriously.

    • NeoonNeoon Member
      edited September 2017

      @sarah said:
      I think it's great. I hope a few more security breaches happen so that the general population takes privacy more seriously.

      Hopefully.

    • Outdated Apache Struts. Keeping software up to date is one of the most basic things for security and they didn't even bother. Hilarious

    • MasonRMasonR Member
      edited September 2017

      Can't catch a break... first the OPM breach a couple of years ago, now the Equifax breach...

      SSN's shouldn't be authenticators. Sure, SSN + DOB = a unique identifier, but by no means should just these two pieces of information determine if the end user is you.

      I'd suggest all U.S. citizens freeze their credit to avoid any damage as a result of this. Currently fees from all three credit bureaus are being waived.
      Equifax: https://www.freeze.equifax.com/Freeze/Freeze.htm
      TransUnion: https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp
      Experian: https://www.experian.com/ncaconline/freeze

      Just got through freezing up my Wife's and my own credit.

      Thanked by 1Waldo19

      LowEndStorage | FreeMach - Free KVM Servers (LET Thread)
      Yet Another Bench Script (YABS) - Linux Server Benchmarking Script (dd, iperf, & Geekbench)

    • AlexJones said: Keeping software up to date is one of the most basic things for security and they didn't even bother.

      I don't think they're that advanced considering they kept SSN and passwords in plain text.

    • MasonR said: Can't catch a break... first the OPM breach a couple of years ago, now the Equifax breach...

      There hasn't been an xhamster breach, has there?

      Asking for a friend.

      For LET support, please visit the interim support desk.

      Over the past few months we have been met with many challenges within the moderation business. Some that have not been overcome.

    • MikeAMikeA Member, Provider

      @MasonR said:
      Can't catch a break... first the OPM breach a couple of years ago, now the Equifax breach...

      SSN's shouldn't be authenticators. Sure, SSN + DOB = a unique identifier, but by no means should just these two pieces of information determine if the end user is you.

      I'd suggest all U.S. citizens freeze their credit to avoid any damage as a result of this. Currently fees from all three credit bureaus are being waived.
      Equifax: https://www.freeze.equifax.com/Freeze/Freeze.htm
      TransUnion: https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp
      Experian: https://www.experian.com/ncaconline/freeze

      Just got through freezing up my Wife's and my own credit.

      How ironic.

    • @MikeA said: How ironic.

      Yeah.. They're getting slammed with requests right now. Took me a few tries to finally get it to go through (tried once every few hours).

      LowEndStorage | FreeMach - Free KVM Servers (LET Thread)
      Yet Another Bench Script (YABS) - Linux Server Benchmarking Script (dd, iperf, & Geekbench)

    • @raindog308 said: xhamster breach

      Not yet! But I hear their hamsters have chewed through their internet wires on a couple occasions.

      LowEndStorage | FreeMach - Free KVM Servers (LET Thread)
      Yet Another Bench Script (YABS) - Linux Server Benchmarking Script (dd, iperf, & Geekbench)

    • Probably the best coverage is by Krebs, and he has clear information on what to do as well.

    • Somebody must go to to jail and pay for this shit. Exec's are retiring while they can right now.

    • MikeAMikeA Member, Provider

      @Hxxx said:
      Somebody must go to to jail and pay for this shit. Exec's are retiring while they can right now.

      Well, companies have gotten away with much worse.. so.

    • I understand shit happen from time to time , etc. But this is literally getting virtually raped. Well shit, getting physically raped.

      Is not as simple as a credit card which you just cancel /reissue with a different number, in this case is your credit cards, the latest 7 years of financial history which includes where you live or had live, every credit request, every debt you have, your social security, your complete full name, where do you work, driver license, probably birth certificate in some cases, etc.

      In summary is the most complete cluster fuck that can happen. It can't be worst and everyone is chilling :) .

      @MikeA said:

      @Hxxx said:
      Somebody must go to to jail and pay for this shit. Exec's are retiring while they can right now.

      Well, companies have gotten away with much worse.. so.

      Thanked by 1vimalware
    • @Hxxx If identity theft happens, Equifax will have a fun time helping hundreds of thousands of people. I personally can't check my own because I'm Canadian.

      Who would've thought: Canadians are left out again.

      Thanked by 1Hxxx
    • I've heard Canada is a great place to live. Is that ~true or?

      @doghouch said:
      @Hxxx If identity theft happens, Equifax will have a fun time helping hundreds of thousands of people. I personally can't check my own because I'm Canadian.

      Who would've thought: Canadians are left out again.

    • Sorry to disappoint some but: the population will never take IT security seriously.

      For (at least) 2 reasons:

      • they expect the government to take care of it
      • they care about fun and gadgets, not about security

      The first one has been demonstrated again and again and I'm not even talking about the time since Snowden. Those who do care usually care in terms of "OK, I'll spend 29$ more per year for some [snakeoil]'security' app or service because security is important to me".

      Short and brutal version: About 99% confuse security and authority with authority either meaning state or large corp or (perceived as) security specialist company.

      As for equifax my take is that they are - just like most other large corps - a bunch of ignorant assholes whose bean counting managers coldly calculated that a super disaster every 10 or so years is way cheaper than running an adequately professional operation.

      Oh and btw: people? Who cares a fuck about them.

      Thanked by 1flatland_spider

      My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

    • bsdguy said: Sorry to disappoint some but: the population will never take IT security seriously.

      For (at least) 2 reasons:

      Another would be that they think they're covered when they have bank, CC, or other financial insurance.

    • @bsdguy said:
      Sorry to disappoint some but: the population will never take IT security seriously.

      More to that point: Equifax CEO Hired a Music Major as the Company's Chief Security Officer

      LowEndStorage | FreeMach - Free KVM Servers (LET Thread)
      Yet Another Bench Script (YABS) - Linux Server Benchmarking Script (dd, iperf, & Geekbench)

    • @MasonR said:

      @bsdguy said:
      Sorry to disappoint some but: the population will never take IT security seriously.

      More to that point: Equifax CEO Hired a Music Major as the Company's Chief Security Officer

      Hmmm, that needn't mean a lot. For one it's long known that musical talent and mathematical talent often goes hand in hand. Also, Susan Mauldin (the equifax ciso) had other jobs in IT and banking for many years.
      Well noted, I don't mean to white wash her but simply looking at all angles.

      I'll stick to what I've said.

      My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

    • GamerTech24GamerTech24 Member
      edited September 2017

      -

    • Is all peaches and cream until somebody take a loan in your name. :)

    • MasonRMasonR Member
      edited September 2017

      @Hxxx said:
      Is all peaches and cream until somebody take a loan in your name. :)

      I'm a little lad that loves berries and cream!

      Thanked by 1Hxxx

      LowEndStorage | FreeMach - Free KVM Servers (LET Thread)
      Yet Another Bench Script (YABS) - Linux Server Benchmarking Script (dd, iperf, & Geekbench)

    • @Hxxx said:
      What's your take?

      They put as much effort into security as you have a thread.

      Thanked by 3Hxxx Aidan AlexJones

      I won't be back until @bsdguy is released.

    • @Hxxx said:
      I've heard Canada is a great place to live. Is that ~true or?

      @doghouch said:
      @Hxxx If identity theft happens, Equifax will have a fun time helping hundreds of thousands of people. I personally can't check my own because I'm Canadian.

      Who would've thought: Canadians are left out again.

      Clean air is about the only thing you'll have. (apart from the aging nuclear station 40km from me, I feel safe)

      Just to clarify, I CAN check my score, just not for free. Equifax = jerks :(

    • Doesn't make much sense why they aren't required to have some kind of security standard so its at least HARDER to fuck up by being this stupid.

    • jarjar Provider
      edited September 2017

      @AlexJones said:
      Doesn't make much sense why they aren't required to have some kind of security standard so its at least HARDER to fuck up by being this stupid.

      It does but you have to take a step back from accepted norms. As a culture, at least in the US, we've built a framework around these financial institutions that we think we're required to participate in. To be frank, it isn't true. They've grown into the system so deeply that not being a part of it will inconvenience you greatly, but you can exist outside of the private credit/banking system. A big problem is that you're highly likely to be a part of it before you realize that you don't have to be, because no public school (and likely no private school) is going to tell you that.

      HB | Block AS9009 (M247) for unfiltered abuse and ignoring abuse complaints

    • @jarland said:
      It does but you have to take a step back from accepted norms. As a culture, at least in the US, we've built a framework around these financial institutions that we think we're required to participate in. To be frank, it isn't true. They've grown into the system so deeply that not being a part of it will inconvenience you greatly, but you can exist outside of the private credit/banking system.

      See also: Trying to register a social media account without giving up your phone number.

      I won't be back until @bsdguy is released.

    • jarjar Provider

      @WSS said:

      @jarland said:
      It does but you have to take a step back from accepted norms. As a culture, at least in the US, we've built a framework around these financial institutions that we think we're required to participate in. To be frank, it isn't true. They've grown into the system so deeply that not being a part of it will inconvenience you greatly, but you can exist outside of the private credit/banking system.

      See also: Trying to register a social media account without giving up your phone number.

      Social media is a luxury :P

      Food, water, guns, and a cabin in the woods. Do eeet.

      Thanked by 1lazyt

      HB | Block AS9009 (M247) for unfiltered abuse and ignoring abuse complaints

    • @jarland said:
      Social media is a luxury :P

      Food, water, guns, and a cabin in the woods. Do eeet.

      I'm planning on similar.. except for the woods. Too old and broken to be more than a couple hours from a hospital.

      I won't be back until @bsdguy is released.

    • AlexJonesAlexJones Member
      edited September 2017

      @WSS said:

      @jarland said:
      It does but you have to take a step back from accepted norms. As a culture, at least in the US, we've built a framework around these financial institutions that we think we're required to participate in. To be frank, it isn't true. They've grown into the system so deeply that not being a part of it will inconvenience you greatly, but you can exist outside of the private credit/banking system.

      See also: Trying to register a social media account without giving up your phone number.

      Easy just use Russian Sims

    • @AlexJones said:
      Easy just use Russian Sims

      I don't have that expansion pack.

      I won't be back until @bsdguy is released.

    Sign In or Register to comment.