Hackers may have stolen every social security number

[SC Maintenance]

Lots of articles out there - if you don't like this source. https://www.cbsnews.com/news/social-security-number-leak-npd-breach-what-to-know/

I have seen it published as millions to every - so who knows.

That hacker claimed the stolen files include 2.7 billion records, with each listing a person's full name, address, date of birth, Social Security number and phone number, Bleeping Computer said. While it's unclear how many people that includes, it's likely "that everyone with a Social Security number was impacted," said Cliff Steinhauer, director of information security and engagement at The National Cybersecurity Alliance, a nonprofit that promotes online safety.

There are many similar companies that scrape public data to create files on consumers, which they then sell to other businesses, Steinhauer said.

"They are data brokers that collect and sell data about people, sometimes for background check purposes," he said. "It's because there's no national privacy law in the U.S. — there is no law against them collecting this data against our consent."


Here is my question - how is my social security number public data?

 

[BMWTurboDzl]

Here is my question - how is my social security number public data?

I'll take a shot. Technically your number was created by a public institution and is used for a public purpose. I'm sure it's not what you want to hear

 

[Leo99]

The SSN was never supposed to be the ubiquitous government ID number that it's turned into. Now, it's a mess.

 

[JeffKeryk]

Are they gonna send me some money?

 

[Pablo]

Just like the credit check companies...........

You only had one job to do.

sic "Why do you rob banks?"

That's where the data is!

In all the idiocy on the planet, no one can figure what companies will be hacked? Yaaaaaaaaaaaaaaaaaaaah.

 

[dishdude]

Freeze your credit reports if you haven't already.

 

[Pablo]

Oh I forgot, probably why SS changed the login thingie a couple weeks back. Yay!!!

 

[Pew]

Ransomware is becoming the next hottest thing.
The cyber security lawyer firm we work with after we got hit gets 3000-4000 clients every year from ransomware.

 

[JeffKeryk]

I hate computers.

 

[Pablo]

I hate computers.

Gen whatever the latest doesn't give a rat for privacy, seems like

 

[JeffKeryk]

Gen whatever the latest doesn't give a rat for privacy, seems like

Do they have a choice? Or any of us, for that matter?

 

[72C10]

Freeze your credit reports if you haven't already.

I keep mine frozen. The last time I unfroze one of the reports for a week, someone tried to open a store credit card in my name. At this point I figure all my data is readily available due to all of the breaches.

 

[Pew]

Gen whatever the latest doesn't give a rat for privacy, seems like

No generation in particular cares for data privacy or security. The only ones that do usually have been hit before - and then then some of them still don't understand or care about their own data/info. The older gens are ignorant about it. The newer gens are arrogant about it.

Remember, data breaches have been going on forever. It's just more prevalent now because:

1. SaaS. Not that SaaS is a bad thing; it can be a great thing if leveraged properly but as more things go on cloud systems, the more opportunities there are for multiple companies to be affected by a bad event.
   1. As a side note; those that say "the data should be local!" don't understand how licensing software and hardware is and how software companies can use pricing to strongly leverage the decision of on-prem vs cloud.
2. General users are usually the idiots here. Plugging in stuff or clicking on things they shouldn't. Even if a user did not mean any malicious intent, the intentions do not equal the results.
   1. For example, see the thread a bit below where someone asked about setting up their own router in their office after they just got hit with ransomware.
   2. I have lost count how many times self-proclaimed prosumers have tried to bypass the company IT security policy. I sternly let them know I'm always watching and usually it doesn't happen again.
3. The lack of following proper IT policies with security and backups. The 3-2-1 process works. It saved us this past month. The ones that didn't follow proper backup procedures suffer usually an average of 10% of their yearly revenue. My friend's workplace got hit a few weeks ago. They didn't have any cloud backups because something about the IT director and money. They lost everything.
   1. Small companies have problems with this because these are seen usually as a cost with zero profit. So on top of having to pay subscriptions every month, they also have to hope their IT consultants are competent. General IT Consulting by the way is around $210-$240/hour now.

 

[Pablo]

Do they have a choice? Or any of us, for that matter?

You are correct, but there are certain behaviors that are safer than others.

But I can't blame the consumer. These clowns, once again, had a job to do and failed. Anyone putting faith in any reporting/check agency, well good luck with that.

 

[CKN]

There has been numerous hacks prior to this that have exposed all our information. It's been out there already. There has been so many that I think I have 5 credit monitoring services paid for by the companies that were hacked.

 

[Jdeere562]

Years ago, my SS# was printed on every check that I wrote.

If not, they asked for it and hand wrote it on the check, if in a strange area.
MY...how times have changed!

 

[dubber09]

Here will come a push for Digital ID

 

[ripcord]

Hackers should hang. Other folks, too, but especially hackers.

 

[Dave Hess]

Yep, always have your credit frozen.

 

[wpod]

The SSN was never supposed to be the ubiquitous government ID number that it's turned into. Now, it's a mess.

Our politicians are a crime gang.