After the ATT one it doesn't matter, my full SS is out there, along with phone number past emails, so what else is there. That one really burned me because if you know my password to some grocery store website, I don't care but that one is just give them all my info which I'm still not sure why they needed my full social security # in the first place.
Another day, another notice of data breach
- Thread starter JoeWras
- Start date
retiredunder50
Recycles dryer sheets
"...what else is there."
Sadly, there is much worse. Millions of us have suffered arguably the worst data breach (see the 136 page security clearance application at https://www.opm.gov/forms/pdf_fill/sf86.pdf). Poorly protected by an employer that should have known better 22 million: OPM releases its new data breach tally but at least like every other entity that gets hacked, we were told they take protecting this info "seriously".
AudiDudi
Recycles dryer sheets
- Joined
- Jun 10, 2018
- Messages
- 461
Glad I haven't applied for a security clearance since about 1985. The form was *much* shorter back then.
That depends. Set your e-mail client not to download images or attachments when opening a message. Also turn off any "preview pane" (usually found on computer displays, not usually on mobile devices) which open the email in one pane when you click it on the list of e-mails on the.
The goal is you want to be able to delete a message after just seeing the subject and sender, without opening it.
Not much harm from a plain text. Of course the sender already has your phone number. Answering it could be confirming that yours is a "live" number, and bring more spam.
In either case, don't reply, even if it's to "unsubscribe." No reason to inform the scammers that you're reading their crap.
Of course the internet is world-wide. Many of the hackers and scammers aren't in the US, or any Western country.
On the other hand, thieves, scammers and con men have been with us forever. This isn't really new.
I agree with both points. What irks me the most is, knowing this, we don’t have easy and reasonable access to our credit reporting accounts unless we pay.
Koolau
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Heh, heh, and folks wonder why I don't want to buy a Big Mac with my phone.
- Joined
- Oct 13, 2010
- Messages
- 11,650
Never is a long time. If it gets bad enough, things will probably have to change. The wallet in the drink is a problem, so if you are traveling, you might have a copy of the QR code with your travel documents.
We know that the email loop and/or SMS loop has problems. It's the best we have, but I'd rather be in complete control. The email loop works fine when I don't need it, but I was traveling, and when I tried to log into my email, Google noticed I was on a different IP address and put into a dead-end process that only would call my home phone with a code. So there I was, locked out, thousands of miles from home.
I think the beginning of the solution is for people to kick companies to the curb if they screw up. But people don't seem to care that much. And any additional costs, like fines, just get passed on to the consumers.
Car-Guy
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Maybe it's all "another" coordinated scam?
Closet_Gamer
Thinks s/he gets paid by the post
This. These systemic breaches keep happening largely because we continue to tolerate them and there is negligible accountability or for the government to enforce strict systems housekeeping on companies.
Make CISOs take on personal liability the same way that CFOs, etc have to personally certify financial results.
Also, go after hacker rings with the full force of the law.
Tadpole
Thinks s/he gets paid by the post
- Joined
- Jul 9, 2004
- Messages
- 1,491
I admit to getting a bit suspicious of everyone who thinks they need access to my personal information. The bullying for signup at cloud storage businesses take my breath away. Why aggress about storing my entire personal and internet life, including private sensitive documents, on the most attractive to thieves platform ever devised? Imagine waking up to news that Microsoft has been hacked for all accounts along with successful decryption keys or software. I'm not saying that this is possible but, why would I chance anything outside my expertise to know?
OP
OP
JoeWras
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
- Joined
- Sep 18, 2012
- Messages
- 12,501
I recently leased some scaffolding for a non-profit, using my name and credit card. They wanted my life story (SSN, credit history, etc). Instead, I gave them the non-profit's EIN. There was a place for the EIN, but I left the rest of the info about the company empty after I discussed this with the sales rep.
They still rented the stuff to me with no problem.
I think it is worth pushing back on these requests. In my case, it was a human and an emailed paper form. The problem comes about with the on-line stuff that won't let you proceed unless you put all the info in.
(Since the rental was small, I think she was just happy to have my credit card which they could charge if we ran off with the equipment.)
You should be of course. Years ago an optical shop wanted my DOB in the course of buying eyeglasses. I refused to supply it, saying "You don't need my DOB to sell me glasses". The guy looked so unhappy about it that I immediately suspected that he was now out of some sort of bonus. TDB. I was still working as a fraud investigator and it simply was not going to happen.
Chuckanut
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
There is no legal consequence or recourse if a company practices slipshod security with our data and thus makes our lives harder. They have good lobbyists.
retire to nature
Recycles dryer sheets
- Joined
- Aug 10, 2018
- Messages
- 391
Most of repliers here seem to become insensitive about the data breach. I hardly got any data breach for last years. But I got some CC transaction so I had to dispute. Finally, I cancelled all BOA account. And more than 10 years ago, I was offerred AAA credit check service for one year, but it still gives me monthly report, so it helps to monitor. Changing phone number, email, and password were making feel a bit more comfortable even though it gives some hassle.
I am wondering if complicated auto generated password would be helpful because if my google account is hacked it will be all hacked too. Since can't remember all the complicated password, i usually save it to device, so if lose computer or phone, it would be more danger. I had to hack my deceased sister phone, not much problem at all. I am really not sure which would be better.
[mod edit]
I am wondering if complicated auto generated password would be helpful because if my google account is hacked it will be all hacked too. Since can't remember all the complicated password, i usually save it to device, so if lose computer or phone, it would be more danger. I had to hack my deceased sister phone, not much problem at all. I am really not sure which would be better.
[mod edit]
Last edited by a moderator:
This one boggles my mind. Could it be that Google, of all companies, thinks that we're always going to be sitting at home, on a desktop PC, with a static internet address?
Everyone uses mobile devices. Even at home, more and more ISPs are going to dynamic IP addresses.
Yet somehow Google fails open every time I try to check my mail from a different address.
OP
OP
JoeWras
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
- Joined
- Sep 18, 2012
- Messages
- 12,501
I don't know my gmail password. It is complicated. All my other addresses are a complicated mess of garbage, each one different.
I do know my password manager password. If someone gets that, it is bad. But having random passwords for everything else so far has served me well.
DW got a hack (facebook) because she shared passwords and one of those breaches advertised a password. The hackers "war dial" that password through all kinds of sites. Never have a duplicate password. Ever.
OP
OP
JoeWras
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
- Joined
- Sep 18, 2012
- Messages
- 12,501
I saw on the 77k Fidelity hack thread that they'll offer "Credit Monitoring". Whoop-de-doo!
Earlier up thread, I mentioned that I was offered Kroll monitoring and took it.
Here's how that worked out:
- August 1, opened a new credit card with Fidelity, first in decades
- August 25, "CreditWise" pings me about the new card, and in subsequent weeks, pings me multiple times about the different agencies seeing the card
- September 19, Kroll wakes up and lets me know with an obtuse message: "Credit Monitoring Notification - New Trade"
What's a "New Trade"? In their lingo, it is a new card. This dropped while I was overseas on vacation, and of course, I couldn't log in to Kroll because they don't allow overseas log ins. I stayed cool, figuring it was a new card and verified it when back home.
As for CreditWise, it is mysterious. I had a GM Card that was serviced through Capital One for years, then a few years ago switched to Marcus. Mysteriously, despite having no connection to Capital One for years now, I still get the free CreditWise pings.
It turns out something I didn't sign up for and is 100% free is the best credit monitoring I have. Kroll was 3 weeks behind, 7 weeks after opening the card. USELESS.
Earlier up thread, I mentioned that I was offered Kroll monitoring and took it.
Here's how that worked out:
- August 1, opened a new credit card with Fidelity, first in decades
- August 25, "CreditWise" pings me about the new card, and in subsequent weeks, pings me multiple times about the different agencies seeing the card
- September 19, Kroll wakes up and lets me know with an obtuse message: "Credit Monitoring Notification - New Trade"
What's a "New Trade"? In their lingo, it is a new card. This dropped while I was overseas on vacation, and of course, I couldn't log in to Kroll because they don't allow overseas log ins. I stayed cool, figuring it was a new card and verified it when back home.
As for CreditWise, it is mysterious. I had a GM Card that was serviced through Capital One for years, then a few years ago switched to Marcus. Mysteriously, despite having no connection to Capital One for years now, I still get the free CreditWise pings.
It turns out something I didn't sign up for and is 100% free is the best credit monitoring I have. Kroll was 3 weeks behind, 7 weeks after opening the card. USELESS.
It is not the IP address or Ethernet id they look at, it is usually the computer they fingerprint. If you run your browser in private mode or always delete your cookies, they have a much tougher time trusting your device between sessions. In my travels, I almost never have these issues except the one time I allowed Apple to do an update. Now I don’t do OS updates until I get home.
If you login from a public computer, you are just asking for future problems.
Similar threads
- aja8888
- Other topics
- Replies: 42
- Views: 2K
- Chuckanut
- Other topics
- Replies: 25
- Views: 1K
