Slashdot Mirror

← Back to Stories (view on slashdot.org)

100 Million Victims of Data Theft

Posted by kdawson on from the and-counting dept.

jcatcw writes "With the latest significant data breach — theft of a Boeing laptop with unencrypted personal information on 382,000 employees — the Privacy Rights Clearinghouse estimates that the total number of data breach victims has passed 100 million since they started tracking in February 2005. The director, Beth Givens, admits 'the number 100 million is largely a fictional number,' but it surely errs on the low side. Since California is still the only state with disclosure laws, incidents are difficult to analyze fully. However, Congress this week passed a bill requiring that the Department of Veterans Affairs report breaches."

2 of 115 comments (clear)

  1. I was counted twice! by Aphoric · · Score: 5, Interesting

    I have been counted at least twice though. I am a veteran and got a letter from the VA with a previous theft, and that was just a few months after I got a letter from Boeing telling me that my info was stolen. Have not heard anything about this latest one, I do appreciate the free credit monitoring I get now, but I am not convinced it would do me any good if someone was really using my info. Plus it is only for one year, that is a relatively short period of time, the info has an unlimited life.

    --
    People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf.
  2. Re:We need to think how transactions are processed by bluefoxlucid · · Score: 4, Interesting

    I solved this problem ages ago. Some guy, actually two of them, invented something called the Diffie-Hellman Public Key Encryption Algorithm. Since then we've had dozens of these show up and now have RSA and DSA/ElGamal out there. Pretty much, with huge (1024 byte!) challenges and hardware devices with your key in them, as well as transferable One Time Pads (so you can let someone else use your credit card once, twice, for $5, for $10...), you can make it so everyone along the way can verify your identity and nobody along the way can pretend to be you.

    The system drawn out isn't that complex. It's lazy distributed too; anyone can cache your public key, so anyone can independently verify you over and over again. This means that the store can verify your card isn't a spoofer and not pester the credit card company with it if it is; and if it's not, then the credit card company can also verify your card isn't a spoofer (and that the store isn't sliding in extra charges after you've signed for the price) and not pester the national PKI network with it.

    --
    Support my political activism on Patreon.