Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday September 15 2017, @02:54AM   Printer-friendly
from the someone-always-pays dept.

Renowned security researcher Bruce Schneier has a story up on his blog On the Equifax Data Breach:

Last Thursday, Equifax reported a data breach that affects 143 million US customers, about 44% of the population. It's an extremely serious breach; hackers got access to full names, Social Security numbers, birth dates, addresses, driver's license numbers -- exactly the sort of information criminals can use to impersonate victims to banks, credit card companies, insurance companies, and other businesses vulnerable to fraud.

Many sites posted guides to protecting yourself now that it's happened. But if you want to prevent this kind of thing from happening again, your only solution is government regulation (as unlikely as that may be at the moment).

The market can't fix this. Markets work because buyers choose between sellers, and sellers compete for buyers. In case you didn't notice, you're not Equifax's customer. You're its product.

This happened because your personal information is valuable, and Equifax is in the business of selling it. The company is much more than a credit reporting agency. It's a data broker. It collects information about all of us, analyzes it all, and then sells those insights.

Its customers are people and organizations who want to buy information: banks looking to lend you money, landlords deciding whether to rent you an apartment, employers deciding whether to hire you, companies trying to figure out whether you'd be a profitable customer -- everyone who wants to sell you something, even governments.

It's not just Equifax. It might be one of the biggest, but there are 2,500 to 4,000 other data brokers that are collecting, storing, and selling information about you -- almost all of them companies you've never heard of and have no business relationship with.

Surveillance capitalism fuels the Internet, and sometimes it seems that everyone is spying on you. You're secretly tracked on pretty much every commercial website you visit.

Bruce continues with observations about the data gathering activities of such on-line behemoths as Google and Facebook, as well as companies as mundane as your cell phone provider. Sadly, massive data breaches such as what happened at Target, Home Depot, and Yahoo! gathered media attention for a while, but after a matter of time faded from public awareness and concern.

He suggests the only solution is government regulation. Maybe. But that also runs up against the problem of regulatory capture.

What, if anything, can be done? Mandate a minimum payment of, say, $100.00 to each person who had information disclosed? That would certainly boost a company's willingness to implement security best-practices.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by anubi on Friday September 15 2017, @05:41AM (4 children)

    by anubi (2828) on Friday September 15 2017, @05:41AM (#568309) Journal

    Kinda doubt it as its still your number, unique, and won't change like a phone number, and it is assigned to you.

    What I do see changing is businesses ability to collect debts, as debtors will find it easier than ever before to avoid payback by pointing to inconclusive evidence that it was he who incurred the debt. Especially at big institutional businesses where the credit was extended without ever seeing the guy.

    As identity theft fomented by the abundance of leaked info gets into the public, I see businesses increasingly being asked to prove that some particular individual incurred the obligation, and things on the compromised databases won't count, as anyone could have put that on the forms. Retinal Scans?

    Even DNA samples aren't a good proof as it is easy to get a sample of someone else's DNA. Especially if they are a smoker. Even seasoned crooks often fail at eradicating all of their DNA from a crime scene.

    Hope the big guys aren't considering microchipping us...geez, that would be a hacker field-day. People will be spoofing that as much as telemarketers spoof caller-ID.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
    Starting Score:    1  point
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  

    Total Score:   3  
  • (Score: 4, Interesting) by VLM on Friday September 15 2017, @11:57AM

    by VLM (445) Subscriber Badge on Friday September 15 2017, @11:57AM (#568389)

    My guess is the hand of the markets will have strange effects.

    Some jackass steals my data on the other side of the country and gets credit and walks away, means the CC fee for retail cash and carry will become extremely high, like 5%, 10%, who knows how high. We may see the death of retail credit card use out of this. Its just too dangerous to allow people to walk off with valuable merchandise merely for waving a trivially faked plastic card. And you can't train illegal aliens and teenagers to do clearance-agency level ID checks on customers. Oh you'd like to buy that sweater? In addition to your CC you'll need fingerprints, blood test, seven forms of picture ID, and a cavity search, or we can just ship it to your house of record address for free, or you can pay cash...

    On the other hand, the CC charge rate offered to Amazon will likely drop to zero. Look, dude, this is the third time you ordered a New Balance model 623 size 11-wide male walking shoe delivered to your home address, and you're claiming this time, a hacker invented the whole damn thing and stole your tennis shoes so you want a refund/credit? LOL dude... Amazon already freaks out if you buy gifts and don't tag them as "gift" now they're gonna get cops involved. I, note, I, have a history of buying electronics hobby stuff so I can buy an oscilloscope online, but YOU don't, so if YOU order a scope the cops will be dispatched with the delivery asking to verify your ID.

    The great transition away from retail and toward online might not solely be shopping experience driven; might be credit driven. A world where you can only use plastic for delivery to addresses of record... interesting.

    That would also cut down on fraud, or at least push it exclusively toward technology based crime. You can't steal my CC from a retail gas station if retail facilities no longer accept CC. Given that action and reaction I suspect the balance will involve marginal retail players getting frozen out of credit as a payment offer.

    Meanwhile short term services online will be unable to use CC because they're stolen. We're going to a weird world where you can't buy things in a store but the only way to obtain services will be in person at a store. Long term services will be OK. Expect "seasoning" you pay $15 for a domain with a possibly stolen CC and it doesn't work for a month or until the registrar thinks the CC is not stolen and not going to be declined.

    Writing a check is fundamentally accepting credit at the retail level. More than a quarter century ago I was a kid working retail after school and people took the transition to network based check acceptance very poorly. You can't just scrawl on a piece of paper and call it money and even up later if at all. Now we're in a similar transition where a piece of plastic with 16 digits proves roughly nothing and is probably fake.

  • (Score: 2) by MichaelDavidCrawford on Saturday September 16 2017, @01:18AM (2 children)

    by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Saturday September 16 2017, @01:18AM (#568783) Homepage Journal

    Pretty Boy Flood IIRC.

    Whenever he robbed a bank, he would destroy all their promissory notes.

    --
    Yes I Have No Bananas. [gofundme.com]
    • (Score: 1) by anubi on Saturday September 16 2017, @07:09AM

      by anubi (2828) on Saturday September 16 2017, @07:09AM (#568865) Journal

      That was damned nice of him... betcha he made a helluva lot of friends amongst the "common folk".

      ( Incidentally, there is a Biblical passage telling us of the wisdom of doing similar things [biblegateway.com]... about the wisdom of the shrewd manager. )

      Now, that one really took me by surprise!

         

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
    • (Score: 0) by Anonymous Coward on Saturday September 16 2017, @08:03AM

      by Anonymous Coward on Saturday September 16 2017, @08:03AM (#568883)

      *Floyd