1. Attachments are working again! Check out this thread for more details and to report any other bugs.

About data security

Discussion in 'Fred's House of Pancakes' started by bwilson4web, Apr 1, 2024.

  1. bwilson4web

    bwilson4web BMW i3 and Model 3

    Joined:
    Nov 25, 2005
    27,112
    15,385
    0
    Location:
    Huntsville AL
    Vehicle:
    2018 Tesla Model 3
    Model:
    Prime Plus
    Every other year or so, the news programs hyperventilate about some "data breach." The common thread being "release of social security numbers." There are real threats and I've been touched by them.

    BACKGROUND

    The first data breach was release of my employer's personnel data, SAIC. A lot of meetings about internet security and a free Experian monitoring of my credit status. A year, I was offered the privilege of paying to extend it. (Hummmm, did Experian do the data breach?)

    I've only seen Experian alerts when I've applied for a loan ... my loans or credit cards. But I've gotten suckered by 'ransom ware' and 'bogus email links.'
    • Windows V3.x running in a 'virtual PC' - I had ordered an early OBD software that only ran on Windows. So I installed Virtual PC to run the code and it worked. I also used it for Internet Explorer when a web site was PC exclusive which probably led to the successful ransomware attack. Then one day, the virtual PC wouldn't run, that is curious. About a week or so later, I got a phone call with an Indian accent offering to "unlock your PC for a fee." Smiling, I declined and erased the Virtual PC and windows.
    • Hot mail contacts list - looking at buying some stuff from a Chinese vendor, suddenly all of the friends and family members got a bogus e-mail "from me." It was a combination of Microsoft "hotmail" services and I let everyone know, it wasn't me. I subsequently migrated to Gmail after "hotmail" forced a password change and I forgot what it was. Thanks to Marine bootcamp, my forced passwords are harder. I also used a password keeper after employer forced password changes.
    • "Trojan email" - the real risk is clicking a link in what casually appears to be a legitimate link. Usually trolling for credit card payment, some also insist on "mandatory password change required." It caught Hillary Clinton's campaign. It remains a latent risk because some email has a legitimate 'transaction' link. My cases were revealed when my credit card companies identified alerted me about suspicious payments: deny the payments; kill the card, and; get a replacement.
    LEXUS/NEXUS vs "Dark Net"

    There are sites that claim to give you a report of your "dark net" data. Just give them your credit card payment and . . . you've just confirmed to a "dark net" vendor who you are and possibly stolen your credit card info. But LEXUS/NEXUS is a well establish, data vendor.

    For $75, I paid for my data and after a week or so, got a postal letter with the link and password. I wasn't anxious to read my report but eventually, curiosity got the best of me:
    • Accurate home address, phone number, social security number, marital status, birthdate, and location.
    • History of residence going back to the 1970s.
    • History of all loans and credit cards with repayment status going back to the 1980s.
    • History of accident claims going back but not extending to 2005 when I lost my 1991 Camry.
    • Did not see traffic infraction history.
    • Their data sources.
    I did see some inconsistent data which I will follow up with them. But other than an accurate history useful for a resume, pretty reasonable summary of the past 2-3 decades of my 'commercial' life.

    Bob Wilson
     
  2. hill

    hill High Fiber Member

    Joined:
    Jun 23, 2005
    19,650
    8,056
    54
    Location:
    Montana & Nashville, TN
    Vehicle:
    2004 Prius
    Model:
    IV
    Data breach; just a couple years ago Lowes offered huge cash up front deal for taking out a Lowe's credit card. Seemed like a good idea as there was a big ticket item we needed. upon applying for the card (800+ credit score) oddly it was denied. Apparently Experian, one of the score keepers informed us that I'm dead. Fortunately some attorneys work the system & make credit bureaus pay for their mistakes. It cost Experian 4 figures for there goof.
     
    bwilson4web likes this.
  3. bwilson4web

    bwilson4web BMW i3 and Model 3

    Joined:
    Nov 25, 2005
    27,112
    15,385
    0
    Location:
    Huntsville AL
    Vehicle:
    2018 Tesla Model 3
    Model:
    Prime Plus
    Good point!

    You can get annually, a free credit report from (the traditional big 3 are bold) :
    • Experian
    • CSC Credit Services.
    • Credit Technologies.
    • Equifax.
    • Global Payments.
    • Trans Union.
    If making a large, credit purchase, always a good idea to check your credit report first. Time may not be on your side but it will make resolution a lot easier.

    Bob Wilson
     
  4. hill

    hill High Fiber Member

    Joined:
    Jun 23, 2005
    19,650
    8,056
    54
    Location:
    Montana & Nashville, TN
    Vehicle:
    2004 Prius
    Model:
    IV
  5. John321

    John321 Senior Member

    Joined:
    Nov 16, 2018
    1,108
    1,150
    0
    Location:
    Kentucky
    Vehicle:
    2008 Prius
    Model:
    Two
    And some irresponsible companies aid and abet the data thieves as much as they can:

    "AT&T security breach affects millions. Here's what to know | AP News

    "While the data surfaced on a hacking forum nearly two weeks ago, it closely resembles a similar data breach that surfaced in 2021 but which AT&T never acknowledged, said cybersecurity researcher Troy Hunt.

    AT&T said it has begun notifying millions of customers about the theft of personal data recently discovered online.

    The telecommunications giant said Saturday that a dataset found on the “dark web” contains information such as Social Security numbers for about 7.6 million current AT&T account holders and 65.4 million former account holders.

    The company said it has already reset the passcodes of current users and "will be" (implying it is not currently communicating) communicating with account holders whose sensitive personal information was compromised.

    It is not known if the data “originated from AT&T or one of its vendors,” the company said in a statement. The compromised data is from 2019 or earlier and does not appear to include financial information or call history, it said. In addition to passcodes and Social Security numbers, it may include email and mailing addresses, phone numbers and birth dates."

    Once again AT&T got caught - just like during the recently service outage-and had to fess up and finally take action!
     
    #5 John321, Apr 1, 2024
    Last edited: Apr 1, 2024
    bisco likes this.
  6. bwilson4web

    bwilson4web BMW i3 and Model 3

    Joined:
    Nov 25, 2005
    27,112
    15,385
    0
    Location:
    Huntsville AL
    Vehicle:
    2018 Tesla Model 3
    Model:
    Prime Plus
    Is there a URL or phone number where we can find out if we were in the data file?

    Bob Wilson
     
  7. John321

    John321 Senior Member

    Joined:
    Nov 16, 2018
    1,108
    1,150
    0
    Location:
    Kentucky
    Vehicle:
    2008 Prius
    Model:
    Two
    Good luck getting honest forthright information from AT&T- our only chance is for the Feds to get involved again and put AT&T under the bright lights and start turning the screws to them.

    AT&T won’t say how its customers’ data spilled online | TechCrunch

    Data Dump Allegedly Tied to 70 Million AT&T Customers Leaks Online | PCMag

    Criminals claim to leak 70M+ AT&T files online • The Register

    Ever wonder about the constant flood of telemarketer calls about internet or cable providers service- how they got your number and information?
     
    #7 John321, Apr 1, 2024
    Last edited: Apr 1, 2024
    bisco likes this.
  8. bisco

    bisco cookie crumbler

    Joined:
    May 11, 2005
    107,669
    48,920
    0
    Location:
    boston
    Vehicle:
    2012 Prius Plug-in
    Model:
    Plug-in Base
    we're waiting to hear from att, it's a nightmare
     
  9. ETC(SS)

    ETC(SS) The OTHER One Percenter.....

    Joined:
    Oct 28, 2010
    7,673
    6,489
    0
    Location:
    Redneck Riviera (Gulf South)
    Vehicle:
    Other Non-Hybrid
    Model:
    N/A
    Meh.
    Bad news, like leftovers and visiting relatives never gets better over time.
    Big Bell would DO WELL by adopting a "fess up when you mess up" policy, but far be it from me to be in a position of giving them advice.
    We live in a post-divestiture world, so if you don't like one giant monster mega phone company, there are alternatives. ;)
    I stopped flopping and twitching about data breaches after 2015 when it was revealed that all of my(and everyone else's) SF-86 (Security Clearance) data and background investigation info was scraped and airdropped to the ChiComms.
    Such files are a motherload of information going all the way back to kindergarten - but I do not imagine that I am significant enough to warrant the curiosity to read those files.
    Most people give their data away for free.
    My Credit score is well above 800 and I get very little junk mail that isn't addressed to 'Resident.' The current economic shape of our nation means that I'm not going to be shopping for a load anytime soon.
    The only reason I keep tabs on my credit score is that if you live on free soil a good credit score means lower insurance rates, and if I have to look for another job it will also become less trivial a thing.
     
  10. bisco

    bisco cookie crumbler

    Joined:
    May 11, 2005
    107,669
    48,920
    0
    Location:
    boston
    Vehicle:
    2012 Prius Plug-in
    Model:
    Plug-in Base
    we've been looking at alternative cell carriers, but that doesn't help with the current situation.
    i think we need a new way to sign up for things that doesn't include personal and financial info.
     
  11. hill

    hill High Fiber Member

    Joined:
    Jun 23, 2005
    19,650
    8,056
    54
    Location:
    Montana & Nashville, TN
    Vehicle:
    2004 Prius
    Model:
    IV
    Hopefully starlink will someday undercut all their pricing & the greedy other guy networks will get financially buried.
     
  12. bwilson4web

    bwilson4web BMW i3 and Model 3

    Joined:
    Nov 25, 2005
    27,112
    15,385
    0
    Location:
    Huntsville AL
    Vehicle:
    2018 Tesla Model 3
    Model:
    Prime Plus
    I hadn't heard about this. My last clearance, an extended background check, was in 1978 when I left the "black world."

    I liked the work but my new wife did not understand why I never talked about it. Choosing between my woman and my work, she passed in our home after 43 years. My biggest risk was running to "black world" coworkers in public and the joy at seeing them muted by not being able to say anything else.

    Bob Wilson
     
  13. ETC(SS)

    ETC(SS) The OTHER One Percenter.....

    Joined:
    Oct 28, 2010
    7,673
    6,489
    0
    Location:
    Redneck Riviera (Gulf South)
    Vehicle:
    Other Non-Hybrid
    Model:
    N/A
    That means that, like me, your data was in the scrape.
    Also like me, you don't give a rats because there are probably about a million pieces of paper out there with your SSN and DOB on them.
    The headlines were somewhat muted, but the story did break.
    Had it happened two years later it would have been above the fold in 6-inch headlines, but that's the nature of politics these days.

    I liked the government side better than the civilian side.
    I wasn't very popular with the union hacks when I left Uncle and started working for Ma Bell - since I know what labour looks like in the military, as a private contractor, and now as the victim of a union contract - but there are two genuine advantages of the latter.
    There is a lot less neck-biting and backstabbing in a union shop because I get paid the same whether I'm a high performer or I just barely meet the absolute minimum standard.
    The other advantage is that I made enough money to offer my sweet spouse a promotion to full-time CFO.

    My own sweet bride had an SF-86 too and she was a military spouse so she understood about compartments.
    She never asked where I was calling from and remained deliberately incurious about what, when, where, why, and with whom until I finally retired from the reserves in 2012 - as these things go it was also the year my final security reinvestigation was adjudicated. :ROFLMAO:
     
  14. Mr.Vanvandenburg

    Mr.Vanvandenburg Active Member

    Joined:
    Mar 15, 2007
    948
    310
    0
    Im glad you think non union owners become kind and thoughtful and give raises based on performance. In the real world my association with being “exempt” meant when the union folks got a raise, then I got one because that wouldn’t look good for non union promoters. Actually it was the exempt staff who were the laziest. I don’t think people realize unions don’t prevent firing for under performing. I had to fire a man who was union and it was more difficult, but he got fired in the end. The difference is it was fair firing based on facts. Non union if the owner doesn’t like what you said at a party, out you go, two week notice.
     
  15. ETC(SS)

    ETC(SS) The OTHER One Percenter.....

    Joined:
    Oct 28, 2010
    7,673
    6,489
    0
    Location:
    Redneck Riviera (Gulf South)
    Vehicle:
    Other Non-Hybrid
    Model:
    N/A
    When I was an exempt employee ALL of my raises were based on performance.
    Why else would you give somebody more money to do the same job?
    Um..... OK.
    You and I differ on this point. I'm a non-exempt person in a union shop at present, and while I could cite NUMEROUS examples to the contrary they would be a sample set of one person's experiences.
    Another difference in our opinions.
    I do not believe that people are fungible.
    I believe that you can make yourself more 'fireproof' by being valuable enough NOT to be fired because "of something you said at a party." I also would not happily work for a company that would fire a person over a personal disagreement 'at a party' but then again I'm very picky about where I work.
    When I chose to work at my present job it was after a two-part interview process.
    THEY had to be an acceptable company to work for.

    Granted.....I absolutely LOVE working in a union shop!
    I COULD lope along at about 30% throttle and STILL be asbestos coated....AND get paid the same amount of money as the person who offers their best performance for the same coin.
    Many do, and I'm continuously amazed by the dedication of my co-workers and proud to work for my team.
    This is because of something that I'm not going to try to explain herein......especially to somebody who thinks that people are just interchangeable pieces parts that should all be paid 'equally.'
    I actually paid union dues for over 20 years - at the non-Beck rate because I live on free soil and because I thought it was the right thing to do.
    I've since been disabused of that naive notion.

    Anyway - back to our regularly scheduled thread, data breaches(*) already in progress...... ;)

    BOTH mentioned above having been caused by 'exempt' employees in a union shop......
     
    #15 ETC(SS), Apr 2, 2024
    Last edited: Apr 2, 2024
  16. vvillovv

    vvillovv Senior Member

    Joined:
    Mar 19, 2013
    3,521
    1,240
    1
    Location:
    NY
    Vehicle:
    2017 Prius Prime
    Model:
    Prime Plus
    If any of you reading are not a computer person ot knows much of computer and UNIX history, this will surely be a super boring post, so I'll keep it short.
    Anyone want to talk about indemnification related to data breach, or has ever wondered what it is or what it's used for, or how it's worded in most terms of service agreements that most of us never read?
    (I wouldn't make any further assumptions about other peoples behavior in regards to an indemnification clause)
    It plays a part in every data breach I've ever heard of. and probably some I'll never know about. even possibly ones that may include my name near the top of the list.

    I got my first exposure to indemnification around the turn of the century during the SCO vs IBM case about ownership rights of specific UNIX source code, so the story goes.
    I was running Windows 2000, Solaris x86 ver. 8, and turbo linux cli on computers I built from parts at that time.

    I can't find a simple explanation for it so I wouldn't include a link, but anyone that wants more info can find tons of legal stuff about it by searching indemnification clause.

    It also may encompass Anti Trust and Defense if one remembers A&T 1982, depending on how far down the rabbit hole the rabbit tracks lead.
     
    #16 vvillovv, Apr 2, 2024
    Last edited: Apr 2, 2024
  17. Mr.Vanvandenburg

    Mr.Vanvandenburg Active Member

    Joined:
    Mar 15, 2007
    948
    310
    0
    Study up on history of unions in America and what they were for, and what it was like before unions. Look at it fairly. It is not true a loafer can’t be fired. But it is still true in many non union jobs the owner can fire for no reason other than their say so. Too old now, too sick, don’t like what you said, bye bye. My son needs your job and you are too old. Two week notice. Might as well be China.
     
  18. hill

    hill High Fiber Member

    Joined:
    Jun 23, 2005
    19,650
    8,056
    54
    Location:
    Montana & Nashville, TN
    Vehicle:
    2004 Prius
    Model:
    IV
    Couple decades ago at Disney there's this one VERY slothful welder who couldn't be fired because of Union rules. Quite crafty how they got rid of 'im eventually. They had to lay off 3 other welders so that by seniority they could then lay off the slothful one. They dared not fire him because he fell into a protected class. Once he had been laid off for a full year they could then rehire anyone they wanted to. Lots of overtime in the meantime.
    .
     
    #18 hill, Apr 2, 2024
    Last edited: Apr 2, 2024
  19. ETC(SS)

    ETC(SS) The OTHER One Percenter.....

    Joined:
    Oct 28, 2010
    7,673
    6,489
    0
    Location:
    Redneck Riviera (Gulf South)
    Vehicle:
    Other Non-Hybrid
    Model:
    N/A
    You mean pre-OSHA, pre-FLSA, pre-NLRB, and pre-FMLA?
    I don't have to 'study' because I have a pre-1980's high-school knowledge of US history.
    That's a false binary laced with straw-man arguments that SHOULD be beneath you.
    My supervisor has nine pelts on his office wall.
    He's not proud of this but I'm VERY WELL acquainted with the fact that you CAN still fire somebody in a union shop in the US if they get drunk on the job, steal from a customer, carry a firearm on the job and show it off to a customer, view porn on a company computer, and buy lap dances with your company credit card - or just plain suck at your job - all actual instances of unions defending actual employees that were actually if eventually fired.
    Working in a union shop means it's just a lot harder to do.
    Actually more than one of these actual examples above cited were offered a chance to resign in lieu of being terminated for cause.
    IYKWYKW.

    I actually believe that unions ARE useful for utilities in that they provide for workforce stability but the cost is a marked reduction in innovation and flexibility. I also believe that utilities (and co-ops) have no business being LLCs or publicly traded corporations - but that's me being me again. I know all of this because I HAVE been an exempt person in a free shop and I'm currently a non-exempt employee in a union shop - albeit on free soil.
     
  20. bwilson4web

    bwilson4web BMW i3 and Model 3

    Joined:
    Nov 25, 2005
    27,112
    15,385
    0
    Location:
    Huntsville AL
    Vehicle:
    2018 Tesla Model 3
    Model:
    Prime Plus
    If you need to fire someone, first visit the personnel office and ask how it is done. Discuss it with your supervisor, Then follow their guidance.

    Bob Wilson