How can 1 Company (Equifax) hold the personal details of 44 Million People - & get hacked????

Catalpast

Well-known member
Joined
Nov 17, 2012
Messages
25,560
Truly amazing story breaking across the water about how the personal details of 44 Million people have been compromised in a security breach!

Seems to have originated State side but has jumped the pond to Landing Strip 1

Given our symbiotic relationship with UK Finance companies and Banks (eg Ulster Bank-RBS) I think its almost certain that Irish citizens and residents will have something to worry about here.

Surely that amount of personal data should not be stored on any one server or computer?

Staggeringly incompetent IMO by the holders of the information IMO

- but maybe it was an inside job?

An investigation was underway on Friday night after the personal data of up to 44 million British consumers was feared stolen by hackers in a massive cyber attack.

The information commissioner said it was investigating how the hack on Equifax, a US credit rating firm, affected UK customers, many of whom will be unaware their data is held by the company.

Equifax and its UK subsidiary companies state on their websites that they represent British clients including BT, Capital One and British Gas.

Equifax hack: 44 million Britons' personal details feared stolen in major US data breach

I think a Statement from the Dept of Finance on this would be the least we should expect!
 


NYCKY

Moderator
Joined
Apr 17, 2010
Messages
13,436
It was 143 million people that had the personal information exposed.
 

NYCKY

Moderator
Joined
Apr 17, 2010
Messages
13,436
What's more is that company executives sold the stock before the hack was disclosed. :shock::mad::oops:
 

gleeful

Well-known member
Joined
Feb 7, 2016
Messages
7,520
How were they hacked? By all accounts their security was terrible.

How could they hold all that data? Details of 143 million people wouldn't be more than a few hundred GB - it would fit in your pocket.
 
Joined
Oct 8, 2011
Messages
39,552
Truly amazing story breaking across the water about how the personal details of 44 Million people have been compromised in a security breach!

Seems to have originated State side but has jumped the pond to Landing Strip 1

Given our symbiotic relationship with UK Finance companies and Banks (eg Ulster Bank-RBS) I think its almost certain that Irish citizens and residents will have something to worry about here.

Surely that amount of personal data should not be stored on any one server or computer?

Staggeringly incompetent IMO by the holders of the information IMO

- but maybe it was an inside job?

An investigation was underway on Friday night after the personal data of up to 44 million British consumers was feared stolen by hackers in a massive cyber attack.

The information commissioner said it was investigating how the hack on Equifax, a US credit rating firm, affected UK customers, many of whom will be unaware their data is held by the company.

Equifax and its UK subsidiary companies state on their websites that they represent British clients including BT, Capital One and British Gas.

Equifax hack: 44 million Britons' personal details feared stolen in major US data breach

I think a Statement from the Dept of Finance on this would be the least we should expect!
Get used to the cloud.
 

publicrealm

Well-known member
Joined
Aug 11, 2007
Messages
5,900
Truly amazing story breaking across the water about how the personal details of 44 Million people have been compromised in a security breach!

Seems to have originated State side but has jumped the pond to Landing Strip 1

Given our symbiotic relationship with UK Finance companies and Banks (eg Ulster Bank-RBS) I think its almost certain that Irish citizens and residents will have something to worry about here.

Surely that amount of personal data should not be stored on any one server or computer?

Staggeringly incompetent IMO by the holders of the information IMO

- but maybe it was an inside job?

An investigation was underway on Friday night after the personal data of up to 44 million British consumers was feared stolen by hackers in a massive cyber attack.

The information commissioner said it was investigating how the hack on Equifax, a US credit rating firm, affected UK customers, many of whom will be unaware their data is held by the company.

Equifax and its UK subsidiary companies state on their websites that they represent British clients including BT, Capital One and British Gas.

Equifax hack: 44 million Britons' personal details feared stolen in major US data breach

I think a Statement from the Dept of Finance on this would be the least we should expect!
I'm as Republican as the next man - 800 years etc. - but is actually, like, consuming the Brits not a step too far ?
 

popular1

Well-known member
Joined
Feb 4, 2009
Messages
3,130
Truly amazing story breaking across the water about how the personal details of 44 Million people have been compromised in a security breach!

Seems to have originated State side but has jumped the pond to Landing Strip 1

Given our symbiotic relationship with UK Finance companies and Banks (eg Ulster Bank-RBS) I think its almost certain that Irish citizens and residents will have something to worry about here.

Surely that amount of personal data should not be stored on any one server or computer?

Staggeringly incompetent IMO by the holders of the information IMO

- but maybe it was an inside job?

An investigation was underway on Friday night after the personal data of up to 44 million British consumers was feared stolen by hackers in a massive cyber attack.

The information commissioner said it was investigating how the hack on Equifax, a US credit rating firm, affected UK customers, many of whom will be unaware their data is held by the company.

Equifax and its UK subsidiary companies state on their websites that they represent British clients including BT, Capital One and British Gas.

Equifax hack: 44 million Britons' personal details feared stolen in major US data breach

I think a Statement from the Dept of Finance on this would be the least we should expect!
there is no safe space online
 

Ardillaun

Well-known member
Joined
Jun 4, 2010
Messages
12,073
Scale, baby. The robber barons are back. Or maybe ye actual barons of olde. Brace yourselves, peasants.
 

Lumpy Talbot

Well-known member
Joined
Jun 30, 2015
Messages
29,027
Twitter
No
A number of deeply influential people at a global level- with very deep pockets- are talking about a singularity in the area of AI, Big Data and automation.

There is a convergence in these areas and the very wealthy are in a sort of arms race to see who can corner or position themselves at the profitable nexus between the technological edge, the handling of large datasets every where from the finance sector, medical data, retail data, lifestyle data and so on.

The interesting thing is that the technological edge in these areas runs well ahead of any attempt to regulate. Which is what makes it so attractive to the world's billionaires and others who view their self worth in terms of binary code attached to a bank account.

And why people like Stephen Hawking have been warning of the dangers in failing to regulate what could happen if such areas are left solely to the prospectors. He restricts himself to warning about the convergence of such technologiesm primarily because he can't warn publicly of the real dangers in it. Not the technology itself but the possible uses and abuses of it.

Google's Deepmind were able to set up deals with various NHS Trusts in the UK a couple of years back where the NHS allowed them access to health records- it was only when it looked like the Data Protection people were taking an interest that Deepmind backtracked with the Trusts and re-scaled the project to allow for encrypted and anonymised data to be used.

There was no nefarious intent here as far as I can see- in fact there are positive benefits in having algorithms provide insights across vast sets of medical data, for example where MRI scanners are providing huge datapoints in medical research in the effort to find a way to 'switch off' overproducing oestregen cells by giving us a path to open and close receptors at the ceullar level and thereby defeat many of the causes of breast cancers.

The convergence between AI and Big Data can be very beneficial- DeepMind's algorithms can and have defeated human AlphaGo champions in recent years although we are a long way off yet from true AI and the research here can be used to refine projects such as the medical one I mention.

But those tools can be used for repression on a vast scale very quickly in the wrong hands.

And as long as there are databases which need human staff to access the data those databases will remain vulnerable to exposure and malfeasance.

'I am putting myself to the fullest possible use, which is all I think that any conscious entity can ever hope to do.' (HAL, the AI from 2001 A Space Odyssey.
 
Last edited:

Lumpy Talbot

Well-known member
Joined
Jun 30, 2015
Messages
29,027
Twitter
No
I've been making a decent living for years off information provided voluntarily by people about themselves, by information provided by the media and various databases and by information people may not realise is even out there about them.

Luckily my purpose is not nefarious or with any evil intent but it is staggering how much info is available in many ways.

It freaks out colleagues who are less acquainted with loose-lipped humanity sometimes how quickly my colleagues and I who are fairly decent at compiling such information in order to provide insights can pull something together- all legally I should add.

Essentially I have been making a living off the loose-lips of humanity for a couple of decades now.

But it is alright as my purpose is above-board ethically and I refuse to even go near researching a colleague or anything of that nature.
 

dizillusioned

Well-known member
Joined
Jan 19, 2011
Messages
14,524
I've been making a decent living for years off information provided voluntarily by people about themselves, by information provided by the media and various databases and by information people may not realise is even out there about them.

Luckily my purpose is not nefarious or with any evil intent but it is staggering how much info is available in many ways.

It freaks out colleagues who are less acquainted with loose-lipped humanity sometimes how quickly my colleagues and I who are fairly decent at compiling such information in order to provide insights can pull something together- all legally I should add.

Essentially I have been making a living off the loose-lips of humanity for a couple of decades now.

But it is alright as my purpose is above-board ethically and I refuse to even go near researching a colleague or anything of that nature.
Hairdressers gossip alright
 
Joined
Oct 8, 2011
Messages
39,552
I've been making a decent living for years off information provided voluntarily by people about themselves, by information provided by the media and various databases and by information people may not realise is even out there about them.

Luckily my purpose is not nefarious or with any evil intent but it is staggering how much info is available in many ways.

It freaks out colleagues who are less acquainted with loose-lipped humanity sometimes how quickly my colleagues and I who are fairly decent at compiling such information in order to provide insights can pull something together- all legally I should add.

Essentially I have been making a living off the loose-lips of humanity for a couple of decades now.

But it is alright as my purpose is above-board ethically and I refuse to even go near researching a colleague or anything of that nature.
It's very much my area of concenr, and in any company there needs to very tight controls of data on a strict need to know basis. There is no need for Irene in HR to see customer data, and no need for Jack in Customer Accounts to see details of how his colleagues are paid. In my years of working in security in banks I have never seen a single byte of customer data, despite having the "God Key" to their systems. In short, in a properly segregated enterprise nobody should have access to the entirety of their data. Typically, those with access to customer data have that via a user interface which allows access to individual records, while access to the entirety of the data is via non-human functional IDs.

Take the security database in my current client site. Notionally, with a copy of that a hacker could grant themselves Special or Operations status, giving them access to the entire system. Additionally, because every user's privileges need to be verified, the database needs to be available in READ mode to every single user (including unidentified users). In theory, therefore, any user could take a copy, bring it home and try to brute force the key accounts.

Not so. There is not only user level security, but also programme control; the security databse can be read according to its functions, but if I try to use any of the copying utilities to grab my own personal copy of it, the attempt will fail on security because these utilities are frozen out. Customer data is similarly protected. This is old stuff; the security package I work with dates to 1976.

The only confirmed mainframe hack of which I am aware relied on a person in the company. Theft rather than a hack in reality.

I see stuff happening with distributed systems which horrifies me.
 

Catalpast

Well-known member
Joined
Nov 17, 2012
Messages
25,560
How were they hacked? By all accounts their security was terrible.

How could they hold all that data? Details of 143 million people wouldn't be more than a few hundred GB - it would fit in your pocket.
I mean the most basic security would have put this info into different and completely separate data bases (acc to some criteria or other)

- that were in no way interconnected.

Has to be an inside job surely?
 

Mad as Fish

Well-known member
Joined
Dec 6, 2012
Messages
24,185
A number of deeply influential people at a global level- with very deep pockets- are talking about a singularity in the area of AI, Big Data and automation.

There is a convergence in these areas and the very wealthy are in a sort of arms race to see who can corner or position themselves at the profitable nexus between the technological edge, the handling of large datasets every where from the finance sector, medical data, retail data, lifestyle data and so on.

The interesting thing is that the technological edge in these areas runs well ahead of any attempt to regulate. Which is what makes it so attractive to the world's billionaires and others who view their self worth in terms of binary code attached to a bank account.

And why people like Stephen Hawking have been warning of the dangers in failing to regulate what could happen if such areas are left solely to the prospectors. He restricts himself to warning about the convergence of such technologiesm primarily because he can't warn publicly of the real dangers in it. Not the technology itself but the possible uses and abuses of it.

Google's Deepmind were able to set up deals with various NHS Trusts in the UK a couple of years back where the NHS allowed them access to health records- it was only when it looked like the Data Protection people were taking an interest that Deepmind backtracked with the Trusts and re-scaled the project to allow for encrypted and anonymised data to be used.

There was no nefarious intent here as far as I can see- in fact there are positive benefits in having algorithms provide insights across vast sets of medical data, for example where MRI scanners are providing huge datapoints in medical research in the effort to find a way to 'switch off' overproducing oestregen cells by giving us a path to open and close receptors at the ceullar level and thereby defeat many of the causes of breast cancers.

The convergence between AI and Big Data can be very beneficial- DeepMind's algorithms can and have defeated human AlphaGo champions in recent years although we are a long way off yet from true AI and the research here can be used to refine projects such as the medical one I mention.

But those tools can be used for repression on a vast scale very quickly in the wrong hands.

And as long as there are databases which need human staff to access the data those databases will remain vulnerable to exposure and malfeasance.

'I am putting myself to the fullest possible use, which is all I think that any conscious entity can ever hope to do.' (HAL, the AI from 2001 A Space Odyssey.
You'll have the technoheads on here accusing you of tin foil hattery y'know. I certainly get it when I point out, in far less eloquent terms, the exact same thing. But no, ID cards and autonomous vehicles are technology, which is good, innit, and no further thought is required.

Both those developments, it may be noted, fall straight into the category of vast unregulated and uncontrolled databases, and I too have pointed out that there is no evil mastermind, just a bunch of stupid egos wanting to be bigger, better or first and feck society because they have their own private island to retreat to.

Should anyone doubt this then why was it that Google, who's whole business model is collecting personal information and monetizing it, was one of the first out of the traps with a supposedly autonomous car bedecked with cameras? A system of 'sensors' that have no use at night.
 
Last edited:

Mad as Fish

Well-known member
Joined
Dec 6, 2012
Messages
24,185
I mean the most basic security would have put this info into different and completely separate data bases (acc to some criteria or other)

- that were in no way interconnected.

Has to be an inside job surely?
And that is preciously the problem with any system. You can make it as technically secure as you like but the whole job falls down when someone on the inside gets bribed or blackmailed to spill the beans.
 
Joined
Oct 8, 2011
Messages
39,552
You'll have the technoheads on here accusing you of tin foil hattery y'know. I certainly get it when I point out, in far less eloquent terms, the exact same thing. But no, ID cards and autonomous vehicles are technology, which is good, innit, and no further thought is required. Both those developments, it may be noted, fall straight into the category of vast unregulated and uncontrolled databases, and I too have pointed out that there is no evil mastermind, just a bunch of stupid egos wanting to be bigger, better or first and feck society because they have their own private island to retreat to.

Should anyone doubt this then why was it that Google, who's whole business model is collecting personal information and monetizing it, was one of the first out of the traps with a car bedecked with cameras? A system of 'sensors' that have no use at night.
There is nothing tin-foil whatever about your concern for your privacy. Personally I am horrified at the attitude taken to privacy and the amount of data people passively yield up.
 


New Threads

Popular Threads

Most Replies

Top