Hackers may have stolen the Social Security numbers of every American

By mudslag
in Real World News

 Share

Recommended Posts

Grand Master

mudslag

Posted
Posted

https://www.latimes.com/business/story/2024-08-13/hacker-claims-theft-of-every-american-social-security-number

 

 

About four months after a notorious hacking group claimed to have stolen an extraordinary amount of sensitive personal information from a major data broker, a member of the group has reportedly released most of it for free on an online marketplace for stolen personal data.

The breach, which includes Social Security numbers and other sensitive data, could power a raft of identity theft, fraud and other crimes, said Teresa Murray, consumer watchdog director for the U.S. Public Information Research Group.

“If this in fact is pretty much the whole dossier on all of us, it certainly is much more concerning” than prior breaches, Murray said in an interview. “And if people weren’t taking precautions in the past, which they should have been doing, this should be a five-alarm wake-up call for them.”

According to a class-action lawsuit filed in U.S. District Court in Fort Lauderdale, Fla., the hacking group USDoD claimed in April to have stolen personal records of 2.9 billion people from National Public Data, which offers personal information to employers, private investigators, staffing agencies and others doing background checks. The group offered in a forum for hackers to sell the data, which included records from the United States, Canada and the United Kingdom, for $3.5 million, a cybersecurity expert said in a post on X.

Grand Master

+primortal Subscriber²

Posted
  • Subscriber²
Posted

This country needs massive and I mean massive fines when data breaches like this happen, to the point it would put the company out of business.

  • BimBamSmash, +hedleigh and Dick Montage
  • Like 3
Grand Master

neufuse Veteran

Posted
  • Veteran
Posted (edited)
On 14/08/2024 at 22:05, primortal said:

This country needs massive and I mean massive fines when data breaches like this happen, to the point it would put the company out of business.

and when it's really nothing you could do to stop it? I mean there is only so much you can do, that's why we have safe harbor laws and clauses. Even fully encrypted is still crackable in the right circumstances.. the company I work for we are extremely paranoid about some of the data we have, and even with many and i mean many 3rd party SecOp vendors testing us we still find flaws even after spending tons of time fixing stuff... we run continuous pen tests and vuln scans on the inside and outside, we're only as good as our tests, what we know about flaws and our practices which are reviewed by multiple outside agencies

Grand Master

+primortal Subscriber²

Posted
  • Subscriber²
Posted
On 14/08/2024 at 23:20, neufuse said:

and when it's really nothing you could do to stop it? I mean there is only so much you can do, that's why we have safe harbor laws and clauses. Even fully encrypted is still crackable in the right circumstances.. the company I work for we are extremely paranoid about some of the data we have, and even with many and i mean many 3rd party SecOp vendors testing us we still find flaws even after spending tons of time fixing stuff... we run continuous pen tests and vuln scans on the inside and outside, we're only as good as our tests, what we know about flaws and our practices which are reviewed by multiple outside agencies

I should have clarified those that show no due diligence in protecting the data and no proper controls in place.

It’s been decades since I’ve dabbled in encryption, but a company I once worked for had hardware encryption so even if someone walked away with the database they still needed the hardware to decrypt it.

Today with very powerful video cards I don’t know if that’s still true.

  • +hedleigh and Dick Montage
  • Like 2
  • 4 weeks later...
Neowinian

Tech Intellect

Posted
Posted
On 15/08/2024 at 06:08, primortal said:

I should have clarified those that show no due diligence in protecting the data and no proper controls in place.

It’s been decades since I’ve dabbled in encryption, but a company I once worked for had hardware encryption so even if someone walked away with the database they still needed the hardware to decrypt it.

Today with very powerful video cards I don’t know if that’s still true.

And, not least, with all the CPUs specifically designed for AI, the problem will likely only get worse.

 

Given that data used by a background check company has been breached, it’s scary to think that essentially all the data the government holds on you could potentially be leaked… 

  • 2 months later...
Mentor

+Kyle Subscriber¹

Posted
  • Subscriber¹
Posted

They'll have to wait in line behind the other 30 breaches that my social security number was included in. 

FICO just needs to admit the FICO Score didn't work. 35 years is a good run - but we can do better in 2024. 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.