Author Topic: Off topic but important.  (Read 478 times)

Offline 64Fordman

  • Global Moderator
  • Bondage Master
  • *****
  • Posts: 1327
Off topic but important.
« on: September 08, 2017, 09:07:51 PM »
Some of you may have heard about the hack at the credit reporting company known as Equifax that resulted in the theft of personal information for 143 million people, yes million.

The theft occurred in July but was not made public until yesterday. The delay was to allow executives to dump all their shares of stock before it tanked on the negative news. Don’t worry, I’m sure no one will go to jail, but that’s another story.

The reason for this post is that Equifax, which holds the personal and credit information of every household in the USA, is so concerned for you it is offering the company’s in house credit monitoring service free for one year. Be advised that when you sign up for the free service you are also giving up your right to sue or participate in any class action settlement.

I am not a class action lover but I will be signing up for this one, these boneheads deserve the right to go the way of the dinosaur, or Arthur Anderson.

64Fordman

Offline AmyAmy

  • Loosely Tied
  • **
  • Posts: 91
Re: Off topic but important.
« Reply #1 on: September 09, 2017, 05:34:53 AM »
These big data warehouse businesses are fundamentally unable to protect the information they collect.
The size of their operation, and the financial pressures within the business, essentially guarantee that the focus is on sales and not security. Perhaps, even if the focus was on security, they still wouldn't be able to protect that data. The incentive to steal it is too great, and they need to have too many gateways open to it for their business to function.

The only solution is to end such services, which the financial industry is addicted to. It's banks, credit providers, finance companies and debt collectors who (legitimately) prize this data. The uses they've made of it in the past show that they might as well not bother. If they'd paid attention to their credit reports, the mortgage providers would never have sold millions of 'sub-prime' loans.

Of course, we're told such services are essential to credit liquidity. Without them commerce and funding for industry would grind to a halt. Yet finance was able to function before these services were computerized.

Like any business that makes big money, law and justice bends around around it. Goons in suits get rich at the expense of everybody else. They're just enthusiastic businessmen. They love their job. Why ever would we want to stop them?

I'm sure 64Fordman is right when he says nobody will go to prison, either for leaking the data, or for the insider trading that followed. But the real problem is the lack of regulation of these businesses in the first place. There are guides they have to follow in securing data, but they are all but useless, and there is no country in the world that applies any meaningful penalty if data is lost.

If the law had any teeth, a company that allowed a theft on the scale of millions of consumer's data would be subject to forfeiture of all its assets, including data, and the board-level executives would be held criminally negligent, with no recourse to passing blame down. Do I hear the sound of you belly laughing at such an idea? Are you literally busting a gut at the absurd unlikelihood of such a scenario ever arising? Think about that for a while. Think about what it really means. That you think the idea of law or justice being applied to the really rich is something funny... That's not just "how the world is", it's how we made it.

Offline AmyAmy

  • Loosely Tied
  • **
  • Posts: 91
Re: Off topic but important.
« Reply #2 on: September 10, 2017, 12:18:22 PM »
I believe that in addition to the "scam" of the free credit rating service, that requires you to sign away your class action rights, Equifax have created a "Check if your details were stolen" site, and to get access to the results, again you have to sign away your class action rights. Various other companies pull this trick, and courts have ruled it to be binding in the US.

This is more egregious than the first case, because presumably lots of people will want to check if their details are compromised, in a panic, and blindly click through a massive EULA that conceals, buried within it, an agreement to sign away all class action rights against Equifax.

See here, for a bit more information: CNET article on Equifax hack, and how to check if you were affected.

`But the basic take-away is, do not sign any EULA offered by Equifax.

Offline 64Fordman

  • Global Moderator
  • Bondage Master
  • *****
  • Posts: 1327
Re: Off topic but important.
« Reply #3 on: September 18, 2017, 06:02:28 PM »
Equifax’s Chief Information Security Officer resigned Friday after questions of her educational background surfaced. She holds a Master of Fine Arts degree in music composition.

Meanwhile, the DOJ has awakened.
http://www.businessinsider.com/equifax-hack-justice-department-investigation-of-alleged-insider-trading-2017-9

Offline 64Fordman

  • Global Moderator
  • Bondage Master
  • *****
  • Posts: 1327
Re: Off topic but important.
« Reply #4 on: September 22, 2017, 06:25:34 AM »
Equifax thoughtfully provided a link to concerned customers to check if their information was stolen, but the link sent them to a fake phishing site. Stupid is as stupid does.

http://www.npr.org/sections/thetwo-way/2017/09/21/552681357/after-massive-data-breach-equifax-directed-customers-to-fake-site

If this was a meat packing plant the USDA would shut the place down until a comprehensive investigation and review of food handling procedures was completed. The SEC and FBI should handle these personal data thefts the same way.