Experian 200 million SSNs data breach

[Moshe123]

http://www.reuters.com/article/2014/04/03/us-experian-databreach-idUSBREA321SL20140403

ETA: Link from yitzf in the comments below:

http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/

[SearchGuy]

WT*!!! They have Dan's Social...

[ShlockDoc]

http://www.reuters.com/article/2014/04/03/us-experian-databreach-idUSBREA321SL20140403

This != Good

[Moshe123]

My head quickly raced to: "what are we going to get out of this"....

[ShlockDoc]

My head quickly raced to: "what are we going to get out of this"....

Free Experian credit monitoring for a year?  Um, no thanks...

[Red]

WT*!!! They have Dan's Social...

Weird first reaction.
Just sayin

[AsherO]

If only this would be a catalyst for reform of the current system, an SSN with a few PINs (one for government authentication, one for financial authentication, one for medical authentication and one basic pin) would be an additional layer of security. If it's illegal to store these pins in a database (after authentication) like the PCI rules are for CVV info, then criminals won't have such an easy time accessing your pin.

[yitzf]

It's not a new story, the news is just that the states AG's are investigating.

See here for a comprehensive overview of the story http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/

It's not like there is someone out there with a hard drive with 200 million SSN's on it. They were able to query a database...

[Moshe123]

It's not a new story, the news is just that the states AG's are investigating.

See here for a comprehensive overview of the story http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/


It's not like there is someone out there with a hard drive with 200 million SSN's on it. They were able to query a database...

Thanks!
I was thinking that it doesn't sound new.

[ShlockDoc]

It's not like there is someone out there with a hard drive with 200 million SSN's on it. They were able to query a database...

If they can query the data, they can (and, I'm sure, did) save the data.

[Moshe123]

If they can query the data, they can (and, I'm sure, did) save the data.

Article says 3.1 million queries.

[SearchGuy]

Weird first reaction.
Just sayin

I think they can change everyone's social if that's the matter...

[Moshe123]

And this:

The point is that each query on Ngo’s service almost always exposed multiple records. That means that if Ngo’s clients conducted 3.1 million individual queries, the sheer number of records exposed by Ngo’s service is likely to have been many times that number — potentially as many as 30 million records.

[AsherO]

See here for a comprehensive overview of the story http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/

Thanks for sharing. These companies make $$$ by selling your information, they make more money the more buyers buy.

[Moshe123]

Thanks for sharing. These companies make $$$ by selling your information, they make more money the more buyers buy.

They are going to pay big time. Question is if high millions or billions.

[lubaby]

After Target got breached, they offered everybody 1 year free Experian monitoring to make sure "your info stays safe"....

Ummm....

[PlatinumGuy]

Eventually governments will insist on absolute biometric identifications and that's no good for us.

[Nitantnel]

Eventually governments will insist on absolute biometric identifications and that's no good for us.

The private sector can always climb over the governments walls