Slashdot Mirror
The Stolen Equifax Data Has Never Been Found, Experts Suspect a Spy Scheme (cnbc.com)
An anonymous reader quotes a report from CNBC: On September 7, 2017, the world heard an alarming announcement from credit ratings giant Equifax: In a brazen cyber-attack, somebody had stolen sensitive personal information from more than 140 million people, nearly half the population of the U.S. It was the consumer data security scandal of the decade. The information included social security numbers, driver's license numbers, information from credit disputes and other personal details. CEO Richard Smith stepped down under fire. Lawmakers changed credit freeze laws and instilled new regulatory oversight of credit ratings agencies. Then, something unusual happened. The data disappeared. Completely.
CNBC talked to eight experts, including data "hunters" who scour the dark web for stolen information, senior cybersecurity managers, top executives at financial institutions, senior intelligence officials who played a part in the investigation and consultants who helped support it. All of them agreed that a breach happened, and personal information from 143 million people was stolen. But none of them knows where the data is now. It's never appeared on any hundreds of underground websites selling stolen information. Security experts haven't seen the data used for in any of the ways they'd expect in a theft like this -- not for impersonating victims, not for accessing other websites, nothing. Most experts familiar with the case now believe that the thieves were working for a foreign government, and are using the information not for financial gain, but to try and identify and recruit spies.
CNBC talked to eight experts, including data "hunters" who scour the dark web for stolen information, senior cybersecurity managers, top executives at financial institutions, senior intelligence officials who played a part in the investigation and consultants who helped support it. All of them agreed that a breach happened, and personal information from 143 million people was stolen. But none of them knows where the data is now. It's never appeared on any hundreds of underground websites selling stolen information. Security experts haven't seen the data used for in any of the ways they'd expect in a theft like this -- not for impersonating victims, not for accessing other websites, nothing. Most experts familiar with the case now believe that the thieves were working for a foreign government, and are using the information not for financial gain, but to try and identify and recruit spies.
Perhaps they're just waiting for the heat to die down and those free credit-monitoring programs to expire before using the data....
Show me on the 1st Amendment bobblehead where the moderator touched you...
Just a point, Social Security numbers and birthdates are not things you can easily change.
It's time to realize the entire concept of credit ratings is deeply flawed and inherently insecure.
-- Tigger warning: This post may contain tiggers! --
to go with that, so they'd know where, based on financial data, people were in bad or good financial shape and therefore where they could foment anger, frustration and discontent leading to poor decision making.
People in bad shape do not make good choices. Pressure does not make diamonds, it makes garbage more compact. Take somebody who's financially desperate and push the right buttons and they'll do stupid things. Do it to a large number of people in a country where political decisions are made by margins of less than half a percent and you can wreck shit.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/