There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

pineapplelover ,

I tried freezing my credit but I think transunion and equifax wouldn’t let me create an account for some reason. Asking me to call them. Anybody else running into the same issue?

ohlaph ,

I did previously and had to wait until a weekday to talk to someone. It was a huge pain. Fuck those agencies.

cm0002 ,

Fuck those companies, they’d prefer that you thought of them as agencies because it makes them appear to be at least affiliated with the government.

They’re not, they are private companies through and through

RememberTheApollo_ ,

Happened to me, too. Just tried again a couple days later and it worked. Dunno why.

pineapplelover ,

Were you on vpn by any chance?

RememberTheApollo_ ,

Nope.

UselesslyBrisk ,

Are you proxying or using a VPN to access their site. I often see IP blocks, even if that proxy is a simple socks proxy to a VPS i own. Many VPS subnets are blocked/restricted wholesale, as are many of the big VPN endpoint ips.

pineapplelover ,

Yeah I use VPN. Maybe I should jump to random countries or maybe turn it off.

UselesslyBrisk ,

That will 100% cause it with the 3 larger creditors (where fraud targeting is likely one of the highest…)

return2ozma ,
@return2ozma@lemmy.world avatar

I know Ticketmaster just sent out millions of “sorry we got hacked, freeze your credit for free with this code” letters. Maybe they’re struggling to keep up with demand.

pineapple_pizza ,

Mine was for credit monitoring. You should be able to freeze your credit for free at any time

atrielienz ,

Yes. They’ll want to send you a letter with a passcode via the post office because of the breaches.

grte ,

The personal data of 2.9 billion people, which includes full names, former and complete addresses going back 30 years, Social Security Numbers, and more, was stolen from National Public Data by a cybercriminal group that goes by the name USDoD. The complaint goes on to explain that the hackers then tried to sell this huge collection of personal data on the dark web to the tune of $3.5 million. It’s worth noting that due to the sheer number of people affected, this data likely comes from both the U.S. and other countries around the world.

What makes the way National Public Data did this more concerning is that the firm scraped personally identifiable information (PII) of billions of people from non-public sources. As a result, many of the people who are now involved in the class action lawsuit did not provide their data to the company willingly.

What exactly makes this company so different from the hacking group that breached them? Why should they be treated differently?

ricecake ,

I feel like that might be bad phrasing on the part of the article. They mainly aggregate public records, like legal document style public records, and they also scrapped data from not-(public record) data, which isn’t the same as (not-public) record data.

I feel like I would want more details to be sure though, but scrapping usually refers to “generally available” data.

fmstrat OP ,

That all depends. If they’re pulling that private data for use in questionnaires, the terms may not allow them to save it, but they scrape it from the form.

ricecake ,

Yeah, it definitely might still be a bad data source,and it’s shady either way, just pointing out that “not public data” has a few meanings, and not all of them are synonymous with “private data”.

fmstrat OP ,

All depends on the terms of use from those that provide the data to them that they scraped from. I bet they never expected a customer to do it.

jaybone ,

Same with the big three credit reporting bureaus Equifax and whoever the fuck. Did anyone ever give them permission to horde all of their personal info? I don’t think so.

ClanOfTheOcho ,

It sounds like a bad breach, and I’m not arguing against that. I just want to point out my doubts that there were ever 2.9 billion Americans since the founding of the nation, let alone since social security numbers became a thing. Maybe if I bothered to read the article, it would make more sense.

jabathekek ,
@jabathekek@sopuli.xyz avatar

Lol, yeah “National Public Data” has records of over 3 billion people going back 30 years and these people live all over the world, so it seems.

captain_aggravated ,
@captain_aggravated@sh.itjust.works avatar

There’s something like 330 million Americans currently alive, give or take. Social Security began in 1935, so that’s 89 years ago. For the sake of making the math easy for a dumb Lemmy comment, let’s figure the population at the time was two thirds of what it is today at 220 million, and we can figure that within the margin of error virtually all of them are dead. Yes there are some Americans between the ages of 90 and 111 but they likely didn’t have social security numbers as children; the practice of assigning a SSN at birth happened later when they tied it to a tax credit for having kids; at first you got a SSN when you got your first job so anyone who was under the age of 15 or so in 1935 wouldn’t have been given one.

So let’s figure 220 million Americans who have since died, and 330 Americans who are still alive, have held social security numbers. That’s 550 million SSNs total. Rough back of the napkin math.

Alexstarfire ,

Why guess at the 1935 pop instead of just looking it up?

It was about 127 million.

captain_aggravated ,
@captain_aggravated@sh.itjust.works avatar

Because it’s a dumb Lemmy comment.

mctoasterson ,

The SSN itself is limited to under 1 billion possible permutations anyway because the format is 9 total digits. (3 digits hyphen 2 digits hyphen 4 digits.)

And if I recall they also have something weird with the state you were born roughly corresponding to which 3 digit prefix you’re issued. Obviously that isn’t purely true either because that would only give you about 1 million unique numbers per prefix.

Either way they’ve gotta be close to the theoretical maximum of the format without recycling numbers.

my_hat_stinks ,

Okay, but I’m not sure how revelant that is. The article doesn’t say only Americans were affected, it says the exact opposite.

[…] this data likely comes from both the U.S. and other countries around the world.

ClanOfTheOcho ,

Like I said, I didn’t read the article, but only Americans would have social security numbers.

my_hat_stinks ,

Social security numbers being involved in a breach does not mean that the breach only affects Americans. Some records might not have an equivalent ID number associated with them at all, and some records could have similar ID numbers from other countries. They also list current address as part of the data leaked but the fact many people don’t have a current address didn’t seem to cause you any confusion. The original source lists “information about relatives”, if that was in this title would you have assumed only people with living relatives were included?

“I didn’t read the article” is a poor excuse when you’re commenting on the believability of the article. What happened here is you saw an article, immediately assumed it was about the US, realised that doesn’t make any sense, then dismissed the article without even bothering to check because the title doesn’t fit the US exclusively. It’s crazy to me that you wouldn’t even consider the fact it’s not an exclusively US-based leak.

ClanOfTheOcho ,

I mentioned the not reading the article so people would not waste their time citing facts from the article that may explain the headline that suggested billions social security numbers were leaked. I made no assumptions about missing addresses, as the headline didn’t mention anything about missing addresses. I even mentioned that the event the article discussed was probably pretty bad – definitely not a negative against the article’s believability. I’m only guilty of judging a book by its cover, and in an existence of limited time, nobody has time to do any more than that except for limited exceptions. I did not choose to make this article an exception. The headline was mathematically deceptive, and my comment was about that. Nothing more.

If you see an article highlighting a breach of social security numbers and don’t assume it’s about the U.S., that’s crazy to me.

_sideffect ,

“Please enter your full name, address and SSN to check if you were exposed!”

A_A ,
@A_A@lemmy.world avatar

the U.S. and other countries “around the world”

meaning, for those of us living on other planets, we are completely safe … such a relief ! /s

IllNess ,

It’s best to say around the world just so who ever is reading it doesn’t think it region specific.

For example, they could say “the U.S. and other countries in the western hemisphere.”

A_A ,
@A_A@lemmy.world avatar

How do you like : “worldwide (including self centered U.S.A.)” 🤣 ?

IllNess ,

The other way works better since National Public Data is based in Florida and because of the name of the company. If it said “International” instead of “National” the readers would assume it is international data.

Based on the location, name of the company, and the breach mentioning social security numbers, stating the US first is the most logical.

jaybone ,

This is why I don’t go to the National House of Pancakes.

CallateCoyote ,
@CallateCoyote@lemmy.world avatar

Dang, that’s quite a few people. Maybe we can stop linking our identity to a simple number in the US sometime? That would be swell.

Alexstarfire ,

https://qph.cf2.quoracdn.net/main-qimg-d20d508b73f0f30cdab2f3fafecf5f93-pjlq

solrize ,

There are only 1 billion SSNs possible with 9 digits, and at most around 350M living people who have them (the US population). This breach is international but SSN is a US thing.

catloaf ,

Do TINs overlap with SSNs? Because businesses and non-citizen taxpayers have TINs instead of SSNs, but they’re used just the same.

solrize ,

This I don’t know. I remember reading that around 70%(?) of SSNs have been allocated, and there are enough left for a few decades. No idea whether corporation TINs come from that. I believe non-citizen taxpayers get similar SSNs to citizens. IDK if they pay into social security and collect benefits the same way.

floofloof ,

And not all 9-digit numbers are used, so there are fewer than a billion. It sucks when organizations store them because the search space is so small it’s relatively easy to unhash them in a stolen database.

prime_number_314159 ,

A lot of businesses use the last 4 digits separately for some purposes, which means that even if it’s salted, you are only getting 110,000 total options, which is trivial to run through.

JohnEdwa , (edited )

9 digit social security number specifically might be, but a unique number tied to you that is often used as identification when it really shouldn’t isn’t, it’s a shitshow that has been implemented in many countries around the world.
The Finnish version was called an SSN originally for example, though now its a “henkilötunnus”, personal identity code.

en.wikipedia.org/…/National_identification_number

Telorand ,

A complaint submitted to the US District Court for the Southern District of Florida claims the exposed personal data belongs to a public records data provider named National Public Data, which specializes in background checks and fraud prevention.

What’s with these companies nobody has heard of causing massive fuck ups?

db2 ,

It’s capitalism. Do you hate America or something?

Telodzrum ,

Because companies you’ve never heard of are the ones doing the infrastructure and data warehousing for the public-facing companies you have heard of.

Telorand ,

Seems like a good way to have an infosec weak spot…oh…

werefreeatlast ,

Otherwise, how would the republicans get enough votes.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •