this post was submitted on 02 Apr 2024
363 points (99.5% liked)

Privacy

32471 readers
258 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 5 points 8 months ago* (last edited 8 months ago)

whoopsie doopsie!

ssns are probably useless by this point. cant wait for these people to leak our biometric data next, so we cant even change our 'passwords' anymore.

[–] [email protected] -5 points 8 months ago (1 children)

This was probably orchestrated on purpose as part of a long term operation

The goal would be to make things like this happen over and over and over again so as to eventually get people outraged enough so that they can push for everyone to get on board with CBDCs, forced nerulink implants, digital identity like the EU, and basically anything that helps the government make you a total slave to surveillance and tracking

It's another one of those, "it's for your safety!!!!!!" deals

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago) (1 children)

Or maybe they just need to practice better security. Never assume malice when something can be explained with inconfidence.

To be fair the threat actors are getting much harder to defend against

[–] [email protected] 2 points 8 months ago (1 children)

People must learn to open their eyes. We already know that the government, big tech, and corporations lie all the time. Yet somehow, when I suggest that they are lying, I get told off?? Give me a break.

I am not assuming, more or less just strongly suggesting. There is a major benefit to the larger agenda here.

Anyway I'm not frustrated at you, just majority of so-called privacy people who can't see a bigger picture. Same kind of people that would have torn you to shreds for suggesting some things pre-2014 that Snowden later revealed to be true. Somehow we forgotten about him.

[–] [email protected] 1 points 8 months ago

You also sound like you have never worked in cyber. As it turns out we are in the middle of a massive cyberwar

[–] [email protected] 26 points 8 months ago (3 children)

The SSA should just set a time limit, (let’s say 3 years,) and then publish a database of every single name, DOB, and SSN. Force the banks to figure out a new system of identification, by making the current system useless.

The current system is already insecure; SSNs were never intended to be secure. So why has the SSA tolerated this for so long? Just make the “in three years we’ll publish this live database for anyone to search” announcement, so banks are forced to develop a better system. It gives them the time to work on a new system, eliminates the need to keep SSNs secret, and the SSA can keep operating as normal.

[–] [email protected] 2 points 8 months ago

This is one of those ideas I'd love to agree with, but I know the reality of the situation would mean negative consequences for the most vulnerable and disadvantaged, just like how current ID systems are now.

[–] [email protected] 4 points 8 months ago

Really the US needs federal ID that are free and accessible through all post offices. The use of birth certificates and SSNs for the private sector is a failure of the federal government.

Identification for some reason is a cobbled-together mess of systems never designed for identification.

[–] [email protected] -2 points 8 months ago* (last edited 8 months ago)

Granted: needs an implanted microchip connected via Bluetooth to a phone app to work properly.

[–] [email protected] 11 points 8 months ago (3 children)

I keep reading "social security number", but still don't understand why it's possible to steal a person's identity with their SSN. Is that all that's required for identification? Some number?

[–] [email protected] 7 points 8 months ago

Basically. It wasn't meant to act as an identification, but people kept using it that way (probably because every citizen gets one at birth, so it's the easiest proof of citizenship).

[–] [email protected] 4 points 8 months ago (1 children)

Getting names, emails, addresses, etc is pretty available. If you can link those up + an SSN you can open accounts pretty easily

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago)

Damn... that seems like a pretty bad system. Have there not been attempts to remedy that?

CC BY-NC-SA 4.0

[–] [email protected] 6 points 8 months ago (1 children)

It's a key component. You need other information, but the SSN is supposed to be secret.

[–] [email protected] 14 points 8 months ago (1 children)

State-assigned unchangeable passwords that you hand out to 20-100 companies throughout your life (every job, every loan, every credit card, every financial account, every background check, every...)

This was 70 million people in 1 breach.

Keep in mind there are only 340 million people in the US, many of which are under 18.

We need a better system.

https://en.m.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach

The Office of Personnel Management data breach was a 2015 data breach targeting Standard Form 86 (SF-86) U.S. government security clearance records retained by the United States Office of Personnel Management (OPM). One of the largest breaches of government data in U.S. history, the attack was carried out by an advanced persistent threat based in China, widely believed to be the Jiangsu State Security Department, a subsidiary of the Government of China's Ministry of State Security spy agency.

In June 2015, OPM announced that it had been the target of a data breach targeting personnel records.[1] Approximately 22.1 million records were affected, including records related to government employees, other people who had undergone background checks, and their friends and family.[2][3] One of the largest breaches of government data in U.S. history,[1] information that was obtained and exfiltrated in the breach[4] included personally identifiable information such as Social Security numbers,[5] as well as names, dates and places of birth, and addresses.[6] State-sponsored hackers working on behalf of the Chinese government carried out the attack.[4][7]

The data breach consisted of two separate, but linked, attacks.[8] It is unclear when the first attack occurred but the second attack happened on May 7, 2014, when attackers posed as an employee of KeyPoint Government Solutions, a subcontracting company. The first attack was discovered March 20, 2014, but the second attack was not discovered until April 15, 2015.[8] In the aftermath of the event, Katherine Archuleta, the director of OPM, and the CIO, Donna Seymour, resigned.[9]

[–] [email protected] 1 points 8 months ago

Wasn't it India that leaked all of its citizens data?

[–] [email protected] 10 points 8 months ago

Compensations should be paid out, watch how security grows

load more comments
view more: next ›