Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Equifax security breach
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Equifax security breach

What's your take?

«1

Comments

  • Some organisations must surely have the details of practically everyone alive in the Western world.

    Thanked by 1raindog308
  • I think it's great. I hope a few more security breaches happen so that the general population takes privacy more seriously.

  • NeoonNeoon Community Contributor, Veteran
    edited September 2017

    @sarah said:
    I think it's great. I hope a few more security breaches happen so that the general population takes privacy more seriously.

    Hopefully.

  • Outdated Apache Struts. Keeping software up to date is one of the most basic things for security and they didn't even bother. Hilarious

  • MasonRMasonR Community Contributor
    edited September 2017

    Can't catch a break... first the OPM breach a couple of years ago, now the Equifax breach...

    SSN's shouldn't be authenticators. Sure, SSN + DOB = a unique identifier, but by no means should just these two pieces of information determine if the end user is you.

    I'd suggest all U.S. citizens freeze their credit to avoid any damage as a result of this. Currently fees from all three credit bureaus are being waived.
    Equifax: https://www.freeze.equifax.com/Freeze/Freeze.htm
    TransUnion: https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp
    Experian: https://www.experian.com/ncaconline/freeze

    Just got through freezing up my Wife's and my own credit.

    Thanked by 1Waldo19
  • AlexJones said: Keeping software up to date is one of the most basic things for security and they didn't even bother.

    I don't think they're that advanced considering they kept SSN and passwords in plain text.

  • "Oops"

    Thanked by 1PUSHR_Victor
  • raindog308raindog308 Administrator, Veteran

    MasonR said: Can't catch a break... first the OPM breach a couple of years ago, now the Equifax breach...

    There hasn't been an xhamster breach, has there?

    Asking for a friend.

  • MikeAMikeA Member, Patron Provider

    @MasonR said:
    Can't catch a break... first the OPM breach a couple of years ago, now the Equifax breach...

    SSN's shouldn't be authenticators. Sure, SSN + DOB = a unique identifier, but by no means should just these two pieces of information determine if the end user is you.

    I'd suggest all U.S. citizens freeze their credit to avoid any damage as a result of this. Currently fees from all three credit bureaus are being waived.
    Equifax: https://www.freeze.equifax.com/Freeze/Freeze.htm
    TransUnion: https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp
    Experian: https://www.experian.com/ncaconline/freeze

    Just got through freezing up my Wife's and my own credit.

    How ironic.

  • MasonRMasonR Community Contributor

    @MikeA said: How ironic.

    Yeah.. They're getting slammed with requests right now. Took me a few tries to finally get it to go through (tried once every few hours).

  • MasonRMasonR Community Contributor

    @raindog308 said: xhamster breach

    Not yet! But I hear their hamsters have chewed through their internet wires on a couple occasions.

  • Probably the best coverage is by Krebs, and he has clear information on what to do as well.

  • Somebody must go to to jail and pay for this shit. Exec's are retiring while they can right now.

  • MikeAMikeA Member, Patron Provider

    @Hxxx said:
    Somebody must go to to jail and pay for this shit. Exec's are retiring while they can right now.

    Well, companies have gotten away with much worse.. so.

  • I understand shit happen from time to time , etc. But this is literally getting virtually raped. Well shit, getting physically raped.

    Is not as simple as a credit card which you just cancel /reissue with a different number, in this case is your credit cards, the latest 7 years of financial history which includes where you live or had live, every credit request, every debt you have, your social security, your complete full name, where do you work, driver license, probably birth certificate in some cases, etc.

    In summary is the most complete cluster fuck that can happen. It can't be worst and everyone is chilling :) .

    @MikeA said:

    @Hxxx said:
    Somebody must go to to jail and pay for this shit. Exec's are retiring while they can right now.

    Well, companies have gotten away with much worse.. so.

    Thanked by 1vimalware
  • @Hxxx If identity theft happens, Equifax will have a fun time helping hundreds of thousands of people. I personally can't check my own because I'm Canadian.

    Who would've thought: Canadians are left out again.

    Thanked by 1Hxxx
  • I've heard Canada is a great place to live. Is that ~true or?

    @doghouch said:
    @Hxxx If identity theft happens, Equifax will have a fun time helping hundreds of thousands of people. I personally can't check my own because I'm Canadian.

    Who would've thought: Canadians are left out again.

  • Sorry to disappoint some but: the population will never take IT security seriously.

    For (at least) 2 reasons:

    • they expect the government to take care of it
    • they care about fun and gadgets, not about security

    The first one has been demonstrated again and again and I'm not even talking about the time since Snowden. Those who do care usually care in terms of "OK, I'll spend 29$ more per year for some [snakeoil]'security' app or service because security is important to me".

    Short and brutal version: About 99% confuse security and authority with authority either meaning state or large corp or (perceived as) security specialist company.

    As for equifax my take is that they are - just like most other large corps - a bunch of ignorant assholes whose bean counting managers coldly calculated that a super disaster every 10 or so years is way cheaper than running an adequately professional operation.

    Oh and btw: people? Who cares a fuck about them.

    Thanked by 1flatland_spider
  • bsdguy said: Sorry to disappoint some but: the population will never take IT security seriously.

    For (at least) 2 reasons:

    Another would be that they think they're covered when they have bank, CC, or other financial insurance.

  • MasonRMasonR Community Contributor

    @bsdguy said:
    Sorry to disappoint some but: the population will never take IT security seriously.

    More to that point: Equifax CEO Hired a Music Major as the Company's Chief Security Officer

  • @MasonR said:

    @bsdguy said:
    Sorry to disappoint some but: the population will never take IT security seriously.

    More to that point: Equifax CEO Hired a Music Major as the Company's Chief Security Officer

    Hmmm, that needn't mean a lot. For one it's long known that musical talent and mathematical talent often goes hand in hand. Also, Susan Mauldin (the equifax ciso) had other jobs in IT and banking for many years.
    Well noted, I don't mean to white wash her but simply looking at all angles.

    I'll stick to what I've said.

  • GamerTech24GamerTech24 Member
    edited September 2017

    -

  • Is all peaches and cream until somebody take a loan in your name. :)

  • MasonRMasonR Community Contributor
    edited September 2017

    @Hxxx said:
    Is all peaches and cream until somebody take a loan in your name. :)

    I'm a little lad that loves berries and cream!

    Thanked by 1Hxxx
  • @Hxxx said:
    What's your take?

    They put as much effort into security as you have a thread.

    Thanked by 3Hxxx Aidan AlexJones
  • @Hxxx said:
    I've heard Canada is a great place to live. Is that ~true or?

    @doghouch said:
    @Hxxx If identity theft happens, Equifax will have a fun time helping hundreds of thousands of people. I personally can't check my own because I'm Canadian.

    Who would've thought: Canadians are left out again.

    Clean air is about the only thing you'll have. (apart from the aging nuclear station 40km from me, I feel safe)

    Just to clarify, I CAN check my score, just not for free. Equifax = jerks :(

  • Doesn't make much sense why they aren't required to have some kind of security standard so its at least HARDER to fuck up by being this stupid.

  • jarjar Patron Provider, Top Host, Veteran
    edited September 2017

    @AlexJones said:
    Doesn't make much sense why they aren't required to have some kind of security standard so its at least HARDER to fuck up by being this stupid.

    It does but you have to take a step back from accepted norms. As a culture, at least in the US, we've built a framework around these financial institutions that we think we're required to participate in. To be frank, it isn't true. They've grown into the system so deeply that not being a part of it will inconvenience you greatly, but you can exist outside of the private credit/banking system. A big problem is that you're highly likely to be a part of it before you realize that you don't have to be, because no public school (and likely no private school) is going to tell you that.

  • @jarland said:
    It does but you have to take a step back from accepted norms. As a culture, at least in the US, we've built a framework around these financial institutions that we think we're required to participate in. To be frank, it isn't true. They've grown into the system so deeply that not being a part of it will inconvenience you greatly, but you can exist outside of the private credit/banking system.

    See also: Trying to register a social media account without giving up your phone number.

Sign In or Register to comment.