Equifax lost all your data. All gone.
-
@1 said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@blakeyrat said in Equifax lost all your data. All gone.:
the US has no nation-wide ID number
FWIW, my ID number is 5670703057705.
My ID number is 1. Ha!
-
@jazzyjosh said in Equifax lost all your data. All gone.:
@xaade said in Equifax lost all your data. All gone.:
No. What we should do is enforce credit bureaus to report to the individual all data they've collected on them.
Meaning, personal credit monitoring is free.We do.
Yeah, find out 9 months too late... yay!
-
-
@1 said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@blakeyrat said in Equifax lost all your data. All gone.:
the US has no nation-wide ID number
FWIW, my ID number is 5670703057705.
My ID number is 1. Ha!
But I'm not 777174. I'm only 3½!
-
@dangeruss said in Equifax lost all your data. All gone.:
@polygeekery Isn't' it still insider trading?
Anyone who works for a company dealing in shares with that company is always insider trading. I think the term you're grasping for is 'illegal insider trading.'
@the_quiet_one said in Equifax lost all your data. All gone.:
Can we just have a way for us to reset our SSNs?
How about producing a system that doesn't abuse something that was never intended for such use?
The nearest equivilent to the SSN in the UK is the National Insurance number. It is used for
- tax (recording National Insurance payemtns - a payroll tax in everything but name. Doubles up as credits towards your state pension.)
- HMRC (think IRS)
- ISAs (tax-free savings accounts - i.e. income tax is not taken from interest.)
and that's it. Equifax (and the others) do provide an identity/credit check, but the questions/answers are based on more than just a single number, and generally require you providing (and Equifax confirming) your current address (and previous up to so many years - think it's generally at least 6.)
Your current address must (if you want a good 'score') also be on the electoral roll.
The backup if that is insufficient is generally supplying hard-copies of things that both prove who you are (passport, driving licence e.g.,) and where you live (statements/letters from banks or government branches.)
@yamikuronue said in Equifax lost all your data. All gone.:
@lolwhat said in Equifax lost all your data. All gone.:
Don't fucking enroll in that TrustedID Premier shit, or you'll waive your right to sue Equifax. Behold the Terms of Use (LOL PHP file):
They've indicated that that clause doesn't apply here.
http://www.snopes.com/equifax-credit-monitoring-class-action/
Fakeedit: Yeah - that onebox adds nothing. Relevant:
Those who user*[sic]* TrustedID Premier do not give up their right to participate in a class-action lawsuit or arbitration against Equifax over the 2017 data breach.
@unperverted-vixen said in Equifax lost all your data. All gone.:
Or better yet: don't treat SSNs as the secret passwords they're incorrectly used as. Treat them as the primary keys that they were meant to be.
No. They're not suitable even for that. The most egregious example is 078-05-1120
-
@pjh said in Equifax lost all your data. All gone.:
@unperverted-vixen said in Equifax lost all your data. All gone.:
Or better yet: don't treat SSNs as the secret passwords they're incorrectly used as. Treat them as the primary keys that they were meant to be.
No. They're not suitable even for that. The most egregious example is 078-05-1120
Interesting.
In later years she observed: "They started using the number. They thought it was their own. I can't understand how people can be so stupid. I can't understand that."
I can. And I bet some of them weren't stupid, and instead used the number for fraud.
-
@unperverted-vixen said in Equifax lost all your data. All gone.:
Or better yet: don't treat SSNs as the secret passwords they're incorrectly used as. Treat them as the primary keys that they were meant to be.
Same goes for credit card numbers.
No wait, those actually were meant to be both passwords and primary keys.
-
@anonymous234 said in Equifax lost all your data. All gone.:
@unperverted-vixen said in Equifax lost all your data. All gone.:
Or better yet: don't treat SSNs as the secret passwords they're incorrectly used as. Treat them as the primary keys that they were meant to be.
Same goes for credit card numbers.
No wait, those actually were meant to be both passwords and primary keys.
But not proofs of identity.
-
@anonymous234 said in Equifax lost all your data. All gone.:
Same goes for credit card numbers.
No wait, those actually were meant to be both passwords and primary keys.Well there is still the CVV (number at the back, needed to make online payment) or PIN (needed to make payment in terminal).
-
@pjh said in Equifax lost all your data. All gone.:
They've indicated that that clause doesn't apply here.
Note that it WAS true, and they only changed the language after NY Attorney General bitched.
-
@pjh said in Equifax lost all your data. All gone.:
Equifax (and the others) do provide an identity/credit check, but the questions/answers are based on more than just a single number, and generally require you providing (and Equifax confirming) your current address (and previous up to so many years - think it's generally at least 6.)
Your current address must (if you want a good 'score') also be on the electoral roll.
The backup if that is insufficient is generally supplying hard-copies of things that both prove who you are (passport, driving licence e.g.,) and where you live (statements/letters from banks or government branches.)
That is theoretically true here as well. When I sign up for a credit card or loan, just providing the SSN is not enough. The problem is usually in these leak cases, the thieves has all of this extra verification info in what they stole, and it can be easy to manipulate a bank to just go with "good enough" info. (E.g. yes I know my address doesn't match but I just moved or there was a clerical error, etc)
Fun fact: my first mortgage had a typo in my SSN where it was off by a digit, which stuck there for a year before I found out. Ironically it was harder to correct it after the fact than it was to have it incorrectly applied in the first place, leading me to further doubt the security of this whole process. The typo was not from myself or the bank, but the broker who signed me up.
-
@the_quiet_one said in Equifax lost all your data. All gone.:
Fun fact: my first mortgage had a typo in my SSN where it was off by a digit, which stuck there for a year before I found out. Ironically it was harder to correct it after the fact than it was to have it incorrectly applied in the first place, leading me to further doubt the security of this whole process. The typo was not from myself or the bank, but the broker who signed me up.
And it's a huge pain because they give you this long lecture about how they have such "careful checks" on the data.
Then you ask the guy, "if your checks are so careful, how'd you get the wrong number in the first place?" and that kind of stuns them into silence.
(Recent experience correcting an address on a 401k account.)
-
LOL:
A f***in' music major responsible for one of the most sensitive databases in the world?
Also:
Of course, there's plenty of blame to go around:
-
@heterodox said in Equifax lost all your data. All gone.:
I have no idea how to fix it either. I'm a realist; more regulations = more lip service, more willful shortcuts.
Big-ass fines if an accident happens, and mandatory insurance to cover those fines.
The insurers will then have a big real incentive to not lose the data, so they will force those companies to adopt proper measures. Incompetent insurers will go bankrupt, competent insurers will grow bigger. Meaning you harnessed the power of the market to optimize regulations themselves.
At least that's the theory. I suspect it doesn't work as well in real life.
-
-
-
@anonymous234 I doubt Equifax is going to survive the lawsuits that will come out of this. Even with their stupid waiver, they are going to be class actioned to 1929.
-
@unperverted-vixen said in Equifax lost all your data. All gone.:
@the_quiet_one said in Equifax lost all your data. All gone.:
Can we just have a way for us to reset our SSNs? At this rate, we might as well just start from a clean slate and then enact a mandatory 20 year sentence for people who store SSNs in plain text on a flash drive that they hide under a brick in their patio for safekeeping.
Or better yet: don't treat SSNs as the secret passwords they're incorrectly used as. Treat them as the primary keys that they were meant to be.
Pointers, more like.
-
@blakeyrat said in Equifax lost all your data. All gone.:
And it's a huge pain because they give you this long lecture about how they have such "careful checks" on the data.
Yeah, that's always bullshit. One of the credit bureaus never gives me my annual report because it doesn't recognize the (correct) information I provide; I can't remember which one, but it actually may be Equifax. And the incorrect information that either they or some other financial institution has propagates like crazy. Whenever I get an e-QIP, I never bother to fill out the security questions since I know at least one will be wrong; I just contact the appropriate FSO to have them reset it and tell them what the correct answers should be. Last time I got a Taser product, I was told that the background check on me failed because my date of birth "didn't match" my SSN.
: "What does that even mean? I know my date of birth and I know my SSN, obviously. This is on you guys to fix."
: "Well, we can't fix it; we only have permissions to read the data but not change it."
: "Can you tell me what the nature of the mismatch is?"
: "Oh no, we can't do that."
: "Well, you're going to have to do something, as the product I bought from you is currently a paperweight and I'm about to send it back COD."
: "Let me contact someone about an override."Which they promptly gave me a few minutes later, invalidating the whole process. Great.
-
@groaner said in Equifax lost all your data. All gone.:
@heterodox said in Equifax lost all your data. All gone.:
Well, given the first three just designate where you were born (generally)
When will the embed-information-in-keys brain worms die?
Filed under: I'm also looking at you, Vehicle Identification Numbers.
The "embed-information-in-keys" thing isn't really about embedding the info, it's about partitioning, which can make distribution and allocation easier. EAN and UPC also do this.
-
@the_quiet_one said in Equifax lost all your data. All gone.:
@anonymous234 I doubt Equifax is going to survive the lawsuits that will come out of this. Even with their stupid waiver, they are going to be class actioned to 1929.
Somehow they're going to get out of it. I'm just interested to see how.
-
@groaner said in Equifax lost all your data. All gone.:
@blakeyrat said in Equifax lost all your data. All gone.:
@groaner said in Equifax lost all your data. All gone.:
When will the embed-information-in-keys brain worms die?
SSN was invented before you could make a quick API call to a central server to obtain a unique GUID. It had to be assigned to people living in shacks miles away from any towns without running water, electricity, or phone service. I'm sure similar problems were faced by those creating the VIN system.
People who created it weren't stupid, and calling it a "brain worm" is very disingenuous when you probably wouldn't have come up with anything better in their situation.
The great thing about GUIDs (and the overall purpose of them, pretty much) is that you shouldn't need a central server to generate them.
The first few characters of the VIN I can accept (i.e. North America, GM/Ford/Chrysler, etc.). But then you have characters which designate which engine options a car has, and it becomes embedding information about the key within the key. And I've been repeatedly told this is a Bad Thing™ by relational theory curmudgeons like Fabian Pascal and Joe Celko, so it must be true!
Embedding info about the key into the key can be useful for security in long-lived, easily forgeable keys like VINs.
your VIN specifies a 1985 Ford, but this is clearly a BMW. Registration denied, now please go with the nice police officer.
-
@lolwhat said in Equifax lost all your data. All gone.:
Don't fucking enroll in that TrustedID Premier shit, or you'll waive your right to sue Equifax. Behold the Terms of Use (LOL PHP file):
ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.
It didn't appear in the document when I searched on mobile.
-
@dreikin said in Equifax lost all your data. All gone.:
@lolwhat said in Equifax lost all your data. All gone.:
Don't fucking enroll in that TrustedID Premier shit, or you'll waive your right to sue Equifax. Behold the Terms of Use (LOL PHP file):
ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.
It didn't appear in the document when I searched on mobile.
They edited it after they got some flack about it. I believe @blakeyrat mentioned that upthread.
-
Infosec folks are having a field day with Equifax systems:
-
@the_quiet_one said in Equifax lost all your data. All gone.:
@anonymous234 I doubt Equifax is going to survive the lawsuits that will come out of this. Even with their stupid waiver, they are going to be class actioned to 1929.
We heard the same thing about Volkswagen. I doubt it will happen.
It should happen. Credit bureaus are fucking evil. But I doubt that it will.
-
@polygeekery said in Equifax lost all your data. All gone.:
@masonwheeler said in Equifax lost all your data. All gone.:
@polygeekery said in Equifax lost all your data. All gone.:
The concept of first-world, second-world and third-world did not exist yet in 1935.
Didn't it come out of the Cold War?
Yep. First-world is capitalism, second-world is Communism, third-world is everything else.
Technically, wasn't it more like:
- First-world: Super Power A (USA) + allies,
- Second-world: Super Power B (USSR) + allies,
- Third-world: Everybody else
The division between capitalist and communist doesn't carry down into third world, I think.
-
@polygeekery said in Equifax lost all your data. All gone.:
@the_quiet_one said in Equifax lost all your data. All gone.:
@anonymous234 I doubt Equifax is going to survive the lawsuits that will come out of this. Even with their stupid waiver, they are going to be class actioned to 1929.
We heard the same thing about Volkswagen. I doubt it will happen.
The worst that happened was sales and the share price dropped a bit, and Audi pulled out of Le Mans.
-
@dreikin said in Equifax lost all your data. All gone.:
@polygeekery said in Equifax lost all your data. All gone.:
@masonwheeler said in Equifax lost all your data. All gone.:
@polygeekery said in Equifax lost all your data. All gone.:
The concept of first-world, second-world and third-world did not exist yet in 1935.
Didn't it come out of the Cold War?
Yep. First-world is capitalism, second-world is Communism, third-world is everything else.
Technically, wasn't it more like:
- First-world: Super Power A (USA) + allies,
- Second-world: Super Power B (USSR) + allies,
- Third-world: Everybody else
The division between capitalist and communist doesn't carry down into third world, I think.
I think you are more correct.
-
@raceprouk said in Equifax lost all your data. All gone.:
@polygeekery said in Equifax lost all your data. All gone.:
@the_quiet_one said in Equifax lost all your data. All gone.:
@anonymous234 I doubt Equifax is going to survive the lawsuits that will come out of this. Even with their stupid waiver, they are going to be class actioned to 1929.
We heard the same thing about Volkswagen. I doubt it will happen.
The worst that happened was sales and the share price dropped a bit, and Audi pulled out of Le Mans.
Yeah, but lots of people forecasted the imminent bankruptcy of Volkswagen. I was never convinced. Even though the liability for their deception could easily have exceeded their market cap, I did not think it would ever come to that.
It hasn't. We are now in the era of "Too big to fail".
-
@polygeekery said in Equifax lost all your data. All gone.:
Yeah, but lots of people forecasted the imminent bankruptcy of Volkswagen.
Or, more accurately, a small number of loudmouth vultures were desperate to pick the carcass clean, so tried to convince everyone VW was going to fail in a self-fulfilling prophecy.
@polygeekery said in Equifax lost all your data. All gone.:
Even though the liability for their deception could easily have exceeded their market cap, I did not think it would ever come to that.
That would have required every VW customer to sue, and I'm willing to bet most VW customers didn't even know about the scandal, let alone know that they could sue.
-
-
@heterodox said in Equifax lost all your data. All gone.:
@the_quiet_one said in Equifax lost all your data. All gone.:
@anonymous234 I doubt Equifax is going to survive the lawsuits that will come out of this. Even with their stupid waiver, they are going to be class actioned to 1929.
Somehow they're going to get out of it. I'm just interested to see how.
Money. That's always the answer in these sorts of situations.
-
@1 said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@blakeyrat said in Equifax lost all your data. All gone.:
the US has no nation-wide ID number
FWIW, my ID number is 5670703057705.
My ID number is 1. Ha!
WRONG. My ID number is 1. Yours is 142156.
-
@polygeekery I still have no idea what gamergate is. Is it some kind of gaming-themed presidential spy conspiracy? With less hydration or something?
-
@djls45 said in Equifax lost all your data. All gone.:
Now I'm curious about shared SSNs in the case that someone went missing, was declared dead, their number was reused, and then they turn up alive and well. Do both people just continue to use that SSN, or does one person or the other get a new one?
Hollywood, are you listening
-
@polygeekery said in Equifax lost all your data. All gone.:
@masonwheeler said in Equifax lost all your data. All gone.:
@boomzilla Hmm... that's possible, I suppose. Kinda thought that happened at birth though.
It happens whenever they get filed for. I did not have a SSN until they were required for dependent tax deductions. The same year that 7million children silently vanished from the United States and no one spoke about it.
Were there that many people being falsely claimed as dependents on tax returns? Or was there something else that occurred?
-
@djls45 the first one.
-
-
@ben_lubar said in Equifax lost all your data. All gone.:
142156
Holy crap! There have been 141259 user registrations since I joined?!?!
-
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
142156
Holy crap! There have been 141259 user registrations since I joined?!?!
Community Server users have higher IDs than Discourse users, except for the ones that were also on Discourse.
-
@raceprouk said in Equifax lost all your data. All gone.:
@polygeekery said in Equifax lost all your data. All gone.:
Even though the liability for their deception could easily have exceeded their market cap, I did not think it would ever come to that.
That would have required every VW customer to sue, and I'm willing to bet most VW customers didn't even know about the scandal, let alone know that they could sue.
IIRC, it applied only to the customers whose vehicle had a diesel engine. Gas engines weren't part of the smog test cheating. (And I recall reading somewhere that the diesel engines at their "most smoggy" setting for highest performance were actually still less polluting than gas vehicles due to the differing fuel efficiencies between gas and diesel.)
-
@ben_lubar said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
142156
Holy crap! There have been 141259 user registrations since I joined?!?!
Community Server users have higher IDs than Discourse users, except for the ones that were also on Discourse.
.... So @1 was a Community Server user but not a Discourse user?
-
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
142156
Holy crap! There have been 141259 user registrations since I joined?!?!
Community Server users have higher IDs than Discourse users, except for the ones that were also on Discourse.
.... So @1 was a Community Server user but not a Discourse user?
Users that registered after the NodeBB import have the highest IDs of all.
-
-
@ben_lubar said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
142156
Holy crap! There have been 141259 user registrations since I joined?!?!
Community Server users have higher IDs than Discourse users, except for the ones that were also on Discourse.
.... So @1 was a Community Server user but not a Discourse user?
Users that registered after the NodeBB import have the highest IDs of all.
-
@ben_lubar said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
142156
Holy crap! There have been 141259 user registrations since I joined?!?!
Community Server users have higher IDs than Discourse users, except for the ones that were also on Discourse.
At least it is consistent.
-
@polygeekery said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
@tsaukpaetra said in Equifax lost all your data. All gone.:
@ben_lubar said in Equifax lost all your data. All gone.:
142156
Holy crap! There have been 141259 user registrations since I joined?!?!
Community Server users have higher IDs than Discourse users, except for the ones that were also on Discourse.
At least it is consistent.
CumDiscoNodeBsistant?
-
@polygeekery said in Equifax lost all your data. All gone.:
@karla said in Equifax lost all your data. All gone.:
'd, by me.
I figured.
https://pics.me.me/great-minds-think-alike-but-dirty-minds-work-together-jussayin-3823204.png
-
@karla Dirty minds apparently don't pay a lot of attention to aspect ratio.