Slashdot Mirror
Equifax Breach Included 10 Million US Driving Licenses (engadget.com)
An anonymous reader quotes a report from Engadget: 10.9 million U.S. driver's licenses were stolen in the massive breach that Equifax suffered in mid-May, according to a new report by The Wall Street Journal. In addition, WSJ has revealed that the attackers got a hold of 15.2 million UK customers' records, though only 693,665 among them had enough info in the system for the breach to be a real threat to their privacy. Affected customers provided most of the driver's licenses on file to verify their identities when they disputed their credit-report information through an Equifax web page. That page was one of the entry points the attackers used to gain entry into the credit reporting agency's system.
...having a sub-500 credit score can be a good thing.
Someone needs to get handed a few decades of jail time for this. By somone, I mean someone with Director, or C_O after their name. Better yet a few someones.
First law of people: People are generally stupid.
Anything going on in science these days?
Even if Equifax is completely disbanded and sold off, those responsible should spend time in jail and be fined into bankruptcy. Unfortunately, the right ones won't. There will be patsies and those who don't know enough or can't afford enough lawyers and time to defend themselves while the ones responsible will just take $$$ parachutes and waltz off.
Our justice system is run by money, not justice. I wish I had a solution to propose.
On the one hand you take life too seriously, and on the other, you do not take playful existence seriously enough. Seth
You know, it's really starting to bug me that the media, including those that really ought to know better, keeps referring to the victims of the Equifax hack as their "customers". With the exception of those who actually signed up to Equifax's credit checking service of their own volition they, or more accurately the data Equifax has about them, are either victims or the *product*. Equifax's actual customers are the banks, employers, stores, and other companies that buy the data Equifax holds on the victims of the hack, most of whom have no direct business relationship with Equifax beyond an agreement with a third party to have their credit checked that probably didn't even make it clear that it would be Equifax doing the checks.
UNIX? They're not even circumcised! Savages!
I don't think any amount of identity monitoring can make up for this bullshit. Not only did my credit information get leaked, my salary and now my ID. This was bound to happen eventually, we need to really rethink about who gets our information, how long they can keep it, who is authorized to have it and hold them to a universal standard across the board for securing it. At which when a company falls out of compliance, they get 1 warning and after that they are permanently barred from storing this data.
It has taken a lot of shared pain for me to see an upside to this.
Sure does get worse as the days go bye. The kicker is, you don't have a choice if places like Equifax has your information. I guess maybe if you paid cash for everything and never got a loan. My Parents were like that, never a credit card, paid cash for most everything but their house. I now realize how smart that was.
At this point wouldn't it be quicker to list things that were not compromised by Equifax?
Yes there needs to be house cleaning (without parachutes but that will never happen) and yes the FTC needs to open a huge can of woopass on them and yes they should be sued into insolvency but jail time?
Let's put the pitchforks away for a minute and realize it's not *if* a data breach happens it's when and no one is immune.
The bad thing here is, like others, they are pussyfooting around with what/why/when/how and some of it may be to ignorance but a lot is probably damage control. In a sensible system there would be laws in place that any company with PII *must* cooperate 100% to publicly identify what was accessed and how as soon as they know. These things should be learning experiences not exercises in PR/damage control.
Stolen?
<goes to get wallet >
Hey, my driver's license is gone!
Curse you Equifax!!
The information can be used to file taxes. When one gets those "your taxes have already been filed" letters from the IRS is because someone used your SSN and other information and filed taxes to get a refund and other credits.
That information is also used to get jobs. Illegal aliens use fake credentials to get jobs - and file taxes to get refunds and EIC, CTC, ACTC, AOTC or other credits.
That information is also used for other nefarious reasons.
And if that information is abused, it's up to the victim to correct it - if they can - and cover the costs.
And most of the things that are done last forever. Even debt. Debt collectors are all unethical sacks of shit and they'll bully folks to pay to debt that isn't there's - including folks who have had their identities stolen. So, after having to deal with the identity theft, you will have to deal with assholes who will lie about the law to collect on debt that isn't yours.
Suck it up my fellow peon.
Equifax should be shut down, their C-level executives fired without pay, pensions or golden parachutes and the stockholders have their shares valued worthless - they shouldn't have invested in a company with an unethical business model and deserve the bad karma.
I have been victim of Anthem's (lying cocksuckers) break-in, Equfax' (unethical lying fucks) and another one - I'm tired of getting letters that say my data was part of a data breech.
We must have European regulations and laws regarding our data and privacy. Business is incapable of acting ethically, fairly and honestly.
Store your data behind a "skinny pipe" to the outside world.
Make "skinny" just big enough for "normal" traffic for any given time of day plus a fudge-factor to allow for busy days.
This way if someone wants to steal your data they will have to "sip it slowly" to avoid causing a noticeable slowdown.
It won't stop wholesale data theft but it will reduce the amount of information they can steal in any given period of time.
It also won't stop "selective" data theft..
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
At this point wouldn't it be quicker to list things that were not compromised by Equifax?
There is none. The data from those fuckers is fed into a ton of other shit. It used in background checks.
I have a background check coming up and if it comes back negative, I'm gonna lawyer up. And after any lawsuit (*assuming I can get a lawyer to take the case), I will make it my life's mission to fuck up Equifax' business any and every way I can - actually, I'm going to anyway.
*The ignorant public seems to think one can walk into a lawyer's office and say "I feel like suing Deep Pockets, Inc because I feel like it." and the lawyer says, "Sure! I could use the billable hours! Let's get a suing! Yee-Haw!"
I have seen folks that were harmed and had cause unable to get representation. Our system is rigged against the little guy and it's getting worse. Wee are nothing but marketing cannon fodder for corporate America.
Why are they not subjected to civil seizure? I think we all know.
Drawing and quartering for the little tech fucks who whine about management but fuck about on Slashdot instead of applying patches.
That is what they do. For a fee. So their customers (Banks etc.) will be really pissed that they are giving out this information to others for free.
It amazes me that the USA allows these companies to exist.
that this information was stolen by people who may use it against me.
But I can't reconcile that with how I'm supposed to be completely okay with giving it over to people who I *know* will put it to use against my best interests.
I'm much more okay with the criminals having it (or it even showing up on torrent sites for all to get at) than ad agencies-cum-info brokers. At least the playing field is level in the former case. My bank, credit card agency and various arms of law enforcement will protect me from the criminals, but few can protect me from the Googles, Facebooks and so on.
I just checked my wallet and my drivers license is still there. My wife couldn't find hers but not sure if that has anything to do with Equifax.
End Equifax now. Company out of business. Assets seized by the State. Managers fined. Executives in the gulag. End Equifax now.
I figured if we are going to act crazy and talk about getting rid of social security as ID because of THEIR Apache server fuck-up, why also get rid of driver's licenses as ID while we are at it? I'm now convinced Equifax is the Antichrist sucking off the IRS because those things can't be replaced with anything that isn't digital and more detrimental if compromised, which means it'll already have a target on its back and backdoors for intelligence agencies. They're crossing their fingers for facial recognition and iris scans, even though the iPhone X will do that job for them.
10.9 million US driver's licenses were stolen
Except that they were not stolen.
If I steal something from you, I deprive you of that thing. You no longer have it.
Here, the holders of driving licences were not deprived of their licences, nor of the lawful ability to drive.
The information present on the licences was copied to Equifax's databases, and then Equifax negligently allowed an as-yet unidentified party to make a copy of that information.
In 2014 expedia servers were hacked and an unauthorized 3rd party downloaded tmobile customer information and it has not been mentioned on any article that is abundantly out there so what does that say 2 out 3 credit reporting agencies have been breached wow it's not only Equifax breach before everyone writes just about what is the only topic do some research into breaches of the similar one to be more informative and not just repeat the same thing. Make it about more than just reading the daily news. Read the whitepapers on security and fbi or nisa sites to get more facts than I've read. And when it comes to the national security of the United States and what is the policy and how it works out to protect take a few days and read the patriot act.
It's a neat idea. Hackers breach Equifax and find wormholes to everyone's residences and steal all drivers licenses and pile them up in a warehouse on a deserted tropical island.
However, they may have stolen the Drivers License numbers.
We'll make great pets
How exactly does one electronically steal a drivers license? The info on one is essentially public information already. They stopped putting ssn on dl over a decade ago.
I don't understand how a hack can lead to someone's license being stolen, but I'm sure it will improve the air quality of US cities. Unless, of course, these 10M people are unaware that they are now driving without a license?
Captcha: joyride