nlinecomputers
Well-Known Member
- Reaction score
- 8,592
- Location
- Midland TX
[WARNING] Samsung says customer data stolen in July data breach
- Thread starter nlinecomputers
- Start date
Markverhyden
Well-Known Member
- Reaction score
- 11,005
- Location
- Raleigh, NC
SOSDC
nlinecomputers
Well-Known Member
- Reaction score
- 8,592
- Location
- Midland TX
nlinecomputers
Well-Known Member
- Reaction score
- 8,592
- Location
- Midland TX
Same ol' sh-t different company?
britechguy
Well-Known Member
- Reaction score
- 4,722
- Location
- Staunton, VA
I don't know why anyone is surprised by this, ever. It's been a feature (or bug) of cyber life for decades now.
It's never going to end, either, as this is all a big cat and mouse/spy vs spy thing. Some clever hacker will always, eventually, figure a way around existing defenses.
If anyone thinks that the day will ever dawn where data breaches are a thing of the past, I have some oceanfront property in Omaha you should have a look at.
[But it's still worth knowing when these have happened so that you can determine if you even could have been a part of the breach or not.]
On Fri, Sep 2, 2022 at 05:46 PM, Amanda Lee wrote:
[full topic here on Groups.io: Samsung's U.S. site Hack]
It's never going to end, either, as this is all a big cat and mouse/spy vs spy thing. Some clever hacker will always, eventually, figure a way around existing defenses.
If anyone thinks that the day will ever dawn where data breaches are a thing of the past, I have some oceanfront property in Omaha you should have a look at.
[But it's still worth knowing when these have happened so that you can determine if you even could have been a part of the breach or not.]
On Fri, Sep 2, 2022 at 05:46 PM, Amanda Lee wrote:
and she's an end user.
[full topic here on Groups.io: Samsung's U.S. site Hack]
Markverhyden
Well-Known Member
- Reaction score
- 11,005
- Location
- Raleigh, NC
Information breaches are literally centuries old. As the nature of communications and information storage and transmission have changed so has method and volume of those breaches. It's inevitable that with the current state of technology large amounts of data can be p0wnd because large amounts of data get's aggregated.
Sky-Knight
Well-Known Member
- Reaction score
- 5,539
- Location
- Arizona
Also, names, addresses, and even social security numbers are all basically public domain at this point.
britechguy
Well-Known Member
- Reaction score
- 4,722
- Location
- Staunton, VA
I disagree about SSNs, but certainly not about current (and even prior) names, addresses, phone numbers, and lots of other data.
Much of what our parents' generations took for granted with relation to privacy was the result of "security through obscurity" and the need to do legwork to access public records. Now that public records are accessible by computer over the internet, it takes mere seconds of searching to find out all sorts of information about anyone about whom you have a very basic data set. And, of course, there have been many businesses aggregating all of this data and selling it for literally decades now.
Then when you add in that "the internet never forgets" and how stupid many (not all, but many) people are about what they put out on the internet about their private lives, and not just in things like Facebook and Instagram, any hope of what used to be considered a typical "private life" are gone.
I've probably got one of the lowest "publicly available profiles" out there, but you can still find my address history going back decades, probably to my childhood home in certain spots. And that's all culled from public records and the ability of "big data" to link things together that were never easy to link together in the not so distant past.
nlinecomputers
Well-Known Member
- Reaction score
- 8,592
- Location
- Midland TX
Sky-Knight
Well-Known Member
- Reaction score
- 5,539
- Location
- Arizona
@britechguy The bad guys use machine learning to scan archives of data dumps and connect the dots then sell updated datasets.
Doing a dark web search of any US citizen generally results in name, address, SSN, and in many cases CC numbers.
So while SSNs are not public domain by definition, and certainly not available for casual scan. You can use the Social Security Administration's tool : https://www.ssa.gov/employer/ssnv.htm To test name and number pairs. Given enough time, and enough bots just trying random numbers relative to random names will return positive matches.
So if there's a digital entry point of any kind that can verify SSNs, in effect given enough time and resources all SSNs are now publicly known.
Toss in messes like the Equifax breach and the final loop closes. ID theft is serious business. But it's also not rocket science to protect yourself either.
Doing a dark web search of any US citizen generally results in name, address, SSN, and in many cases CC numbers.
So while SSNs are not public domain by definition, and certainly not available for casual scan. You can use the Social Security Administration's tool : https://www.ssa.gov/employer/ssnv.htm To test name and number pairs. Given enough time, and enough bots just trying random numbers relative to random names will return positive matches.
So if there's a digital entry point of any kind that can verify SSNs, in effect given enough time and resources all SSNs are now publicly known.
Toss in messes like the Equifax breach and the final loop closes. ID theft is serious business. But it's also not rocket science to protect yourself either.
britechguy
Well-Known Member
- Reaction score
- 4,722
- Location
- Staunton, VA
I was one of "the Equifax millions."
No identity theft monitoring service (and since I was also one of the Anthem folks, too, I've got several) has ever encountered any of my information "in the wild" or on "the dark web." This has been being done, monthly, ever since each one of these breaches.
This kind of data has a very limited shelf life as well, because information is shared between firms about exactly what needs to be watched for. I don't lie awake at night all these years later thinking my identity will be sold/stolen, as the window for that is now long past.
Again, I look at what's probable. What's remotely possible, but highly improbable, isn't ever going to be my focus.
"Given enough resources" virtually anything is possible. But lets face it, when it comes to theft, including cyber theft and identity theft, it's generally "smash and grab" and then get what you can, while you can, which is generally a very short window indeed.
No identity theft monitoring service (and since I was also one of the Anthem folks, too, I've got several) has ever encountered any of my information "in the wild" or on "the dark web." This has been being done, monthly, ever since each one of these breaches.
This kind of data has a very limited shelf life as well, because information is shared between firms about exactly what needs to be watched for. I don't lie awake at night all these years later thinking my identity will be sold/stolen, as the window for that is now long past.
Again, I look at what's probable. What's remotely possible, but highly improbable, isn't ever going to be my focus.
"Given enough resources" virtually anything is possible. But lets face it, when it comes to theft, including cyber theft and identity theft, it's generally "smash and grab" and then get what you can, while you can, which is generally a very short window indeed.
Sky-Knight
Well-Known Member
- Reaction score
- 5,539
- Location
- Arizona
@britechguy I wasn't suggesting all this information in the wild was a risk, because history has proven... it isn't.
Vigilance sorts out most things just by itself.
Which is why when I heard about the Samsung breach, I didn't even bother to post the news here. I simply yawned and moved on in that instant. Anyone that's a business owner has all this junk in the wild already just in our incorporation documents. What's this on top of that?
Vigilance sorts out most things just by itself.
Which is why when I heard about the Samsung breach, I didn't even bother to post the news here. I simply yawned and moved on in that instant. Anyone that's a business owner has all this junk in the wild already just in our incorporation documents. What's this on top of that?
nlinecomputers
Well-Known Member
- Reaction score
- 8,592
- Location
- Midland TX
Such information is more useful after your death. If you get hit by a bus and have no immediate family and good credit someone might slip in and take over your ID. But that takes a lot of work and credit checks to find the very rare useable profile.
Sky-Knight
Well-Known Member
- Reaction score
- 5,539
- Location
- Arizona
It does, sadly most of that work is automated now.
britechguy
Well-Known Member
- Reaction score
- 4,722
- Location
- Staunton, VA
To be honest, and I'm not being flippant, either, but if someone wants to even attempt to steal my identity after my death, that's the least of my worries.
If you have a good executor, news of your demise (and not of the "greatly exaggerated" sort) should reach the entities that deal with your credit, banking, etc., in pretty short order. There is a very limited window where someone can continue to claim to be you after your passing once a death certificate has been produced and "the network of contacts" begins based upon that information.
Word gets 'round - fast!
If you have a good executor, news of your demise (and not of the "greatly exaggerated" sort) should reach the entities that deal with your credit, banking, etc., in pretty short order. There is a very limited window where someone can continue to claim to be you after your passing once a death certificate has been produced and "the network of contacts" begins based upon that information.
Word gets 'round - fast!
Similar threads
