funsec mailing list archives
Re: [privacy] 93,754,333 Examples of Data Nonchalance
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Mon, 25 Sep 2006 15:38:43 -0400
On 9/25/06, security curmudgeon <jericho () attrition org> wrote:
: > > vulnerability of personal data, companies and institutions of every : > > shape and size - like the data broker ChoicePoint, the credit card : > > processor CardSystems Solutions, media companies like Time Warner and : > > dozens of colleges and universities across the land - have collectively : > > fumbled 93,754,333 private records. : > : > And given that most of the breaches have been in the US, it's safe to guess : > that most of the 93M have been US resident's records. With the population : > sitting at just under 300M, that means a 1 in 3 chance your stuff has : > been swiped. : : err not really. Their math is FUD tainted. You have to at least subtract : the 26 million they included with the VA laptop that was recovered. So because the data was out of their control for over a month, but they happened to get the laptop back.. the data is just magically 'safe' and wasn't compromised? How do they know?
Forensics. They released a statement saying that the data had not been accessed. of course whether or not They were telling the truth is another matter..
: I am not saying that people dont mishandle data, or that the entire : system isnt flawed to begin with (I doubt very much that FDR was : concerned about Information Security), just that they drummed up the : numbers a little. Also remember that PRC does not track non US dataloss incidents.
do non-us residents have ssn's ;-) Seriously though, I dont consider the loss of CC#'s to be that big a deal for the consumer. You can always change your CC# and the credit card companies will not hold you liable for the fraud. You can not always change your SSN however, and even when you can, it is not an easy or expedient process. I guess Identity Theft is not just an american issue though; every government is implementing identity management, and the businesses will go ahead and use that system for tracking individuals, and some of those individuals will find a way to subvert that system. On the one hand, I wish that the "system" was more than a number printed on a card or broadcast via RFID, and on the other I dont trust my government enough to give them my DNA. oh well, -JP _______________________________________________ privacy mailing list privacy () whitestar linuxbox org http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
Current thread:
- [privacy] 93,754,333 Examples of Data Nonchalance Fergie (Sep 24)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Valdis . Kletnieks (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Dude VanWinkle (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance security curmudgeon (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Blanchard_Michael (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Dude VanWinkle (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Valdis . Kletnieks (Sep 25)
- Message not available
- [privacy] 93,754,333 Examples of Data Nonchalance Dude VanWinkle (Sep 26)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Andrew (Sep 26)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Valdis . Kletnieks (Sep 26)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Dude VanWinkle (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Valdis . Kletnieks (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Dude VanWinkle (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance security curmudgeon (Sep 25)
- Re: [privacy] 93,754,333 Examples of Data Nonchalance Dude VanWinkle (Sep 25)