equifax

Donotpay's endgame: a trade union for consumers to push back against abusive corporations

Joshua Browder created Donotpay as a teenager at Stanford: originally it was a chatbot that helped you beat traffic tickets, but it has since expanded (thanks to an infusion of venture capital) into a Swiss Army Knife of automated consumer advocacy that can do everything from sue Equifax on your behalf to help you access homeless services to getting you a rebate when your plane ticket's price goes down after you've purchased it. Read the rest

Zappos Data Breach consolation might be the most egregious one yet

Back in 2011, I signed up for a Zappos account so I could buy pants for a wedding I was in. Then I returned them because they didn't fit. I ended up buying them at the local Macy's instead (although I bought the wrong shade of grey, oops).

That should have been the end of my relationship with Zappos. Until I received this email the other day:

Zappos put me at risk by exposing my data. And the best mea culpa they can offer is "Here's a discount so you can help us to increase our Q4 revenue!" That might be even pathetic than the $125 offering from Equifax. Equifax may have exposed more personal information, but unless I plan on buying a $2,000 pair of John Lobb boots from Zappos—thus giving $1800 back to the company that just screwed over my data—then I'm basically getting nothing.

To be clear, Zappos offer here has only been preliminarily approved by the court in charge of the settlement. If enough people say, "I'm not paying you to pay me financial damages," the judge may change their mind. But I wouldn't hold my breath. If the only consequence to expose customer data is increasing Q4 revenue, then there's never going to be any incentive for any company to give a shit about the personal information of the people who keep them in business. And that's not a healthy economy.

Image: Patrick Kitely/Flickr Read the rest

Equifax used "admin/admin" as login and pass for an unencrypted server full of your personal data

In 2017, Equifax admitted that it had doxed America by leaking the nonconsensual dossiers it builds on the nation, covering up the info while its key employees sold off their stock, and then repeatedly lying about the scope of the breach. Read the rest

Donotpay adds a feature that waits on hold for you, and now I'm ready to subscribe

Donotpay started as a project to help people automatically fight parking tickets, before its then-teenaged creator, the UK-born Stanford computer science undergrad Joshua Browder expanded it to help homeless people apply for benefits, then to help you sue Equifax for doxing you, then to apply for rebates if your plane tickets' prices went down after you applied for them, then to easily file small claims suits against companies that ripped you off, then to apply for airline compensation for late flights, lost bags, overbookings and cancellations, then to auto-cancel your "free trial offers" by letting you create burner credit-card numbers that would simply not accept future bills when they arrived. Read the rest

Doordash's breach is different

One important detail from this week's admission from Doordash that they'd suffered (and remained silent about) a breach of 4.9 million records: Doordash, by its nature, includes the home addresses of people who otherwise avoid disclosing where they live. Read the rest

Bernie Sanders promises to zero out all US medical debt and end medical bankruptcies

Bernie Sanders has pledged to eliminate the $81b in outstanding US medical debt if he is elected president in 2020. Read the rest

How facial recognition has turned summer camp into a dystopia for campers, parents, counsellors and photographers (but not facial recognition vendors)

The Washington Post's Drew Harwell takes a deep look at the the use of facial recognition products like Bunk1 at summer camps, in a deliciously terrible piece that alternates between Bunk1's president Rob Burns and Waldo Photos's founder Rodney Rice explaining that everyone loves this and it makes everyone happy, and counsellors, parents, campers and photographers (as well as child development experts and civil libertarians) explaining how it is just fucking terrible, which Rice dismisses as "privacy hysteria." Read the rest

Equifax is going to rip you off again

If you are an adult human being living in the United States, Equifax is making a lot of money from your personal data (Equifax's annual revenue is $3.1 billion. Its CEO Mark Begor gets over $20 million a year in compensation). As you know, Equifax violated the trust of 147 million people in a massive data breach in 2017, opening them up to identity theft and other abuses. You've also heard that Equifax has agreed to pay everyone affected by the breach $125. That is not close to sufficient, but it's something. However, if you filed a claim for your $125, you will might be surprised that your actual check will be a fraction of that.

From Equifax's FAQ:

If there are more than $31 million claims for Alternative Reimbursement Compensation, all payments for Alternative Reimbursement Compensation will be lowered and distributed on a proportional basis.

That means you will get $125 only if fewer than 250,000 people file a claim. It's likely many more people will file a claim. Suppose 10% of those affected (14.7 million) file a claim. They'd each get a check for $2.11.

[via Lifehacker]

Image: Shutterstock/ESB Professional (Modified) Read the rest

Claiming your $125 from Equifax is a "moral duty"

If you fill in this form, Equifax will send you $125 as part of its settlement with the Consumer Finance Protection Bureau, the FTC, and 48 out of 50 states. Read the rest

Equifax settles with FTC, CFPB, states, and consumer class actions for $700m

Equifax doxed virtually every adult in America as well as millions of people in other countries like the UK and Canada. The breach was caused by an acquisition spree in which the company bought smaller competitors faster than it could absorb them, followed by negligence in both monitoring and responses to early warnings. Execs who learned of the breach used it as an opportunity to engage in insider trading, while failing to take action to alert the public. Equifax nonconsensually gathers dossiers on everyone it can, seeking the most sensitive and potentially damaging information to record. The company was founded as part of a corporate spy-ring employed to root out and identify political dissidents and sexual minorities. Read the rest

Vast majority of porn sites use Google Analytics and Facebook embeds that track you, even in incognito mode

If you only look at porn with your browser in incognito mode, your browser will not record your porn-viewing history; but the porn sites themselves overwhelmingly embed tracking scripts from Google and Facebook in every page: 93% of 22,484 porn sites analyzed in a New Media & Society paper had some kind of third-party tracker, with Google in the lead, but also including trackers from some of the worst privacy offenders in Silicon Valley, like Oracle. Read the rest

DoNotPay's latest service will auto-cancel your free trials before the billing period starts

DoNotPay (previously) is a collection of consumer-advocacy tools automated the process of fighting traffic tickets, help homeless people claim benefits, sue Equifax for leaking all your financial data, navigating the airlines' deliberately confusing process for getting refunds on plane tickets whose prices drop after you buy them, and filing small-claims suits against crooked corporations. Read the rest

FTC asks Congress to create national privacy law to regulate big tech's use of personal data

Members of the United States Federal Trade Commission (FCC) on Wednesday asked Congress to create a national privacy law that would regulate how technology giants like Facebook and Google gather, store, and share the personal data of users. Read the rest

Elizabeth Warren proposes holding execs criminally liable for scams and data breaches

A new bill from Senator Elizabeth Warren proposes personal, criminal liability for top executives of companies turning over more than $1B/year when those companies experience data breaches and scams due to negligence (many of the recent high-profile breaches would qualify, including the Equifax giga-breach, as well as many of Wells Fargo's string of scams and scandals). Read the rest

AOC grills Equifax CEO: the Congressional record now contains the obvious, infuriating truth that everyone else already knew

Virtually everyone who's ever had the credit-rating system explained to them immediately understood that this was a complete scam: these companies that most of us have never heard of nonconsensually ingest gigantic mountains of data about you and your life and produce a numeric score that is nearly impossible to explain and extremely frustrating to alter, and that number is used to determine your access to work, rental accommodations, loans, mortgages and more. Read the rest

Experts think Equifax was hacked by Russia or China to recruit spies

In 2017 the private credit information of 143 millions Americans was stolen from Equifax. But the records have never been offered for sale on the black market, which is highly unusual. (The only person who has so far profited from the breach seems to be Equifax CEO Richard F. Smith, who resigned with an $80 million retirement package.)

So, who stole the records of 1/2 the US population, and why? CNBC interviewed "experts, intelligence officials, dark web data 'hunters' and Equifax" and the consensus seems to be China or Russia did it as a way to recruit spies.

One former senior intelligence official with direct knowledge of the Equifax investigation summarized the prevailing expert opinion on how the foreign intelligence agency is using the data. (This person asked to speak on the condition of anonymity because he isn't authorized in his current role to speak to media.)

First, he said, the foreign government is probably combining this information with other stolen data, then analyzing it using artificial intelligence or machine learning to figure out who's likely to be — or to become — a spy for the U.S. government. He pointed to other data breaches that focused on information that could be useful for identifying spies, such as a 2015 breach of the Office of Personnel Management, which processes the lengthy security clearance applications for U.S. government officials.

Second, credit reporting data provides compromising information that can be used to turn valuable people into agents of a foreign government, influencers or, for lower-level employees, data thieves or informants.

Read the rest

Was that huge 2017 Equifax data breach part of a nation-state spy scheme?

That massive Equifax data breach on September 7, 2017, shocked everyone, but a year and a half later, where the data of all those 143 million Equifax users ended up is still a mystery. Read the rest

Next page

:)