US government agencies can't just make up rules: they're require to show that the rules they make reflect the best evidence, and part of that is a "notice and comment" period for major policy shifts where the public gets to weigh in on proposals.
Read the rest “Blockbuster Gizmodo investigation reveals probable masterminds of the massive anti-Net Neutrality identity theft/astroturf campaign”
There are dozens of free "peoplefinder" sites that buy up commercial databases and combine them with other sources to make your home address searchable. You can find instances where this has happened to you by googling your name and home address, and then you can google the removal forms for each of the services and get yourself delisted. But your name will keep getting re-added: if you set a Google Alert for a search on your name and address, you'll get a message every time you get caught in these databases and you can remove your name again. This won't work on the for-pay background check sites that Google doesn't index, but it will keep your name and address clear of low-level scumbags who stick with free sites for their doxing activities. Read the rest “A tip to keep your home address off the internet”
Last year, the FCC was only able to ram through a repeal of Net Neutrality by refusing to reject the millions of comments sent by bots that used the stolen identities of regular internet users, dead people, and even sitting US Members of Congress.
Read the rest “US governmental requests for comment are routinely flooded by pro-corporate bots”
When Vancouver tech retailer NCIX went bankrupt, it stopped paying its bills, including the bills for the storage where its servers were being kept; that led to the servers being auctioned off without being wiped first, containing sensitive data -- addresses, phone numbers, credit card numbers, passwords, etc -- for thousands of customers. Also on the servers: tax and payroll information for the company's employees.
Read the rest “Report: someone is already selling user data from defunct Canadian retailer's auctioned-off servers”
When you die, your relatives will be sad and (depending on the circumstances of your death) possibly left scrambling to make arrangements for your remains, effects, and estate.
Read the rest “Criminals have perfected the art of taking over dead peoples' online accounts”
Comcast Xfininty's login page had an easily found bug that allowed anyone to gain access to the partial Social Security Numbers and partial home addresses of over 26.5 million customers.
Read the rest “Defective Comcast security exposes 26.5m customers' partial Social Security Numbers and addresses”
If you've had your identity stolen or if you're worried about having been doxxed by Equifax, you can freeze your credit record, and then Equifax, Experian, Trans Union and Innovis will block any requests to access your credit report.
Read the rest “Equifax lets identity thieves raid "frozen" credit reports through its shady, obscure secondary credit bureau”
Ever since the news of the Equifax breach broke last September, we've been waiting for the company to publish an authoritative tally of what, exactly, got breached.
Read the rest “Equifax finally publishes a tally of what got breached when it left 146.6 million credit files unsecured”
A Brooklyn resident is lucky to be alive. After allegedly accepting a gift of poisoned cheesecake from Viktoria Nasyrova, she began to feel ill. A friend later found the Brooklyn-ite unconscious and surrounded by scattered pills, as if she had apparently attempted suicide. Rushed to a hospital and survived, remembering only a hovering Nasyrova nearby as she passed out.
Apparently the victim's passport and other critical identification/work enabling paperwork had been stolen from her apartment, and Nasyrova looks an awful lot like the victim. Someone is in custody. Hope it is the right one. Read the rest “Attempted murder by cheesecake for the purpose of identity theft”
Amazon reported to the IRS that Patrick Reames had made $24,000 selling books on its Createspace self-publishing platform, but Patrick Reames never got a dime of that money; it appears that a money-launderer who had Reames's Social Security Number used a fake book to cash out money from stolen credit cards by buying the garbage book repeatedly and pocketing the 70% from each sale.
Read the rest “Man discovers he has been impersonated on Amazon by a money-launderer selling $555 "books" full of computer-generated word salad”
Fedex acquired a company called Bongo International in 2014; Bongo specialized in helping North American companies sell overseas and after the acquisition, Fedex renamed the company FedEx Cross-Border International.
Read the rest “Fedex bought a company that stored 119,000 pieces of scanned customer IDs in a public Amazon cloud server, shut the company down, left the scans online for anyone to download”
Devumi is a sleazy Twitter-bot farm founded by German Calas, a serial liar who buys wholesale Twitter bots from even scummier bottom-feeders than him, and pays a series of low-waged patsies to direct them to follow people who want to seem more popular and influential than their actual Twitter follower-count suggests.
Read the rest “New York Times profiles a sleazy Twitter follower-farm, the sleazy serial liar who made millions on it, and the celebs, politicians, sports figures and "influencers" who paid him”
Wired's new Guide to Digital Security is an excellent addition to the genre of simple-to-follow how-tos for reducing the likelihood that you'll be victimized by computer-assisted crime and harassment, and that if you are, the harms will be mitigated.
Read the rest “Wired releases a surveillance self-defense guide”
The Data Security and Breach Notification Act (S2179) was introduced by three Senate Commerce Committee Democrats, Bill Nelson [D-FL], Richard Blumenthal [D-CT] and Tammy Baldwin [D-WI] in the wake of the revelation that Uber hid a breach involving 50,000,000 riders and 7,000,000 drivers for over a year after paying hush-money to the criminals who stole the data.
Read the rest “Democratic Senators propose federal breach disclosure law with 5-year prison sentences for covering up data-loss”
The US Department of Education's Free Application for Federal Student Aid program requires any student applying for federal aid for college or university to turn over an enormous amount of compromising personal information, including current and previous addresses, driver's license numbers, Green Card numbers, marital details, drug convictions, educational history, tax return details, total cash/savings/checking balances, net worth of all investments, child support received, veterans' benefits, children's details, homelessness status, parents details including SSNs, and much, much more.
Read the rest “Once you have a student's name, birthday and SSN, the US Department of Education will give you EVERYTHING else”
The Motherboard Guide To Not Getting Hacked is an excellent adjunct to existing guides (I like EFF's Surveillance Self-Defense and The Cryptoparty Handbook) to defending yourself against criminals, stalkers, cops, and other potential intruders into your digital life.
Read the rest “Motherboard's excellent, accessible guide to internet security”