Data Breach Omnibus Thread
Moderator: Global Moderator
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Data Breach Omnibus Thread
‘Cos every forum needs one.
We have four Capital One cards in our household, used daily.
Darn.
We have four Capital One cards in our household, used daily.
Darn.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
Re: Data Breach Omnibus Thread
If it's any comfort, they caught the guy who did it.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
It’s a she, right? Paige Adele Thompson. (looks male, though)
Not much consolation if people apply for credit in my name, but yeah, I’m glad she’s been caught.
Not much consolation if people apply for credit in my name, but yeah, I’m glad she’s been caught.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
Re: Data Breach Omnibus Thread
Just plain ugly
Re: Data Breach Omnibus Thread
Who cares what she looks like???? Awesome that the power of social media enabled her to get caught quickly.
Freeze your credit, find a way to monitor your credit report & various account transactions, and move on. All of our Social Security numbers and various other bits of personal information might as well be published in the New York Times. You can be sure that for every leak you've heard about, there are a few dozen you didn't hear about.
I'm also fairly impressed with Capital One's handling of the situation. They put Equifax to shame.
Freeze your credit, find a way to monitor your credit report & various account transactions, and move on. All of our Social Security numbers and various other bits of personal information might as well be published in the New York Times. You can be sure that for every leak you've heard about, there are a few dozen you didn't hear about.
I'm also fairly impressed with Capital One's handling of the situation. They put Equifax to shame.
Re: Data Breach Omnibus Thread
According to what I've read the data that was hacked was stored in Amazon's Cloud Storage and the hacker was a former Amazon employee. So it was another inside job which has been the case with every hack I was personally involved with in my IT career. They said it was a "poorly configured firewall". Maybe she was the one who poorly configured it.
We were looking into navigating our data into the "cloud" near the end of my career and I thought it was a very bad idea. It was like punting on data security and letting somebody else do it for you. This is exactly why I thought it was a bad idea.
We were looking into navigating our data into the "cloud" near the end of my career and I thought it was a very bad idea. It was like punting on data security and letting somebody else do it for you. This is exactly why I thought it was a bad idea.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
I love that the chair of Cap One is named Mr Fairbank. He was born for this.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
Re: Data Breach Omnibus Thread
Well, at first I thought it was interesting that it was a woman. First time I've heard of a woman being the perp for a crime of this variety. Then came to discover.. it wasn't.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
You're saying Thompson is transgender, then. That would explain the confusion.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
Re: Data Breach Omnibus Thread
Jackson, wouldn't the same vulnerability exist even if it was an on-prem data center, and the disgruntled employee was an employee of Capital One, or one of its contractors? If you're going to mis-configure the firewall to let bad actors in, does it matter if it's on-prem or cloud? I know a little about AWS, based on what we see in the press, seems the problem was the Identity and Access Management Role this person was given... and per the AWS contract, assigning IAM Roles is 100% a customer responsibility.jacksonM wrote: ↑Wed Jul 31, 2019 7:36 am According to what I've read the data that was hacked was stored in Amazon's Cloud Storage and the hacker was a former Amazon employee. So it was another inside job which has been the case with every hack I was personally involved with in my IT career. They said it was a "poorly configured firewall". Maybe she was the one who poorly configured it.
We were looking into navigating our data into the "cloud" near the end of my career and I thought it was a very bad idea. It was like punting on data security and letting somebody else do it for you. This is exactly why I thought it was a bad idea.
Re: Data Breach Omnibus Thread
Yes, that's a good point. There were several data breaches at the company I worked for and at least two of them were inside jobs. In one case a database administrator simply copied data to a thumb drive and carried it out of the building (that one made the headlines). I think he just got out of jail. In the other case, someone removed all limits on ATM withdrawals resulting in about $20-40 million in losses. Cost a friend of mine who was the CIO his job. Don't know if they ever caught the person responsible.ochotona wrote: ↑Wed Jul 31, 2019 10:14 amJackson, wouldn't the same vulnerability exist even if it was an on-prem data center, and the disgruntled employee was an employee of Capital One, or one of its contractors? If you're going to mis-configure the firewall to let bad actors in, does it matter if it's on-prem or cloud? I know a little about AWS, based on what we see in the press, seems the problem was the Identity and Access Management Role this person was given... and per the AWS contract, assigning IAM Roles is 100% a customer responsibility.jacksonM wrote: ↑Wed Jul 31, 2019 7:36 am According to what I've read the data that was hacked was stored in Amazon's Cloud Storage and the hacker was a former Amazon employee. So it was another inside job which has been the case with every hack I was personally involved with in my IT career. They said it was a "poorly configured firewall". Maybe she was the one who poorly configured it.
We were looking into navigating our data into the "cloud" near the end of my career and I thought it was a very bad idea. It was like punting on data security and letting somebody else do it for you. This is exactly why I thought it was a bad idea.
This was one of the reasons they were considering moving to the cloud - the other being cost of hardware and all the upgrades that would have to be made to tighten security.
I guess I'm just a control freak because if it was my decision I'd rather not turn things over to a company I have no control over.
I believe I read the government is going to use Amazon cloud storage (I think it was even the Pentagon). In that case, Amazon may very well do a better job of it.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
My parents got hit with identity theft over a year ago and they're still finding it difficult to move on.WiseOne wrote: ↑Wed Jul 31, 2019 6:48 am ...
Freeze your credit, find a way to monitor your credit report & various account transactions, and move on. All of our Social Security numbers and various other bits of personal information might as well be published in the New York Times. You can be sure that for every leak you've heard about, there are a few dozen you didn't hear about....
I mean, they're mostly taking all the right measures. I helped them with passwords. They've filed reports with the authorities (who didn't care). I think they got their money back in every instance except for some Amazon purchases. Amazon originally said they would refund the amount and then, inexplicably, changed their mind.
Every morning, seven days a week, my Dad checks to see if any new lines of credit have been opened in his name, and things like that. Because 20 different things like that have happened so far. His address was changed at the post office for mail forwarding (no password required!). New credit cards were opened at places that my father called and warned them about: I'm looking at you, USAA. Loans were begun...
We even know the address where the crook was receiving his goods from Amazon and have informed the FBI. No joy.
We think it was Equifax and not an error on my dad's part, but they're doing everything they can to not make this worse. Will probably never move on.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
...and one of my cards was hacked. That was fast. Could just be plain vanilla fraud and not part of the breach, but...I tend to think it's part of it.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
Re: Data Breach Omnibus Thread
Dualstow, so sorry to hear about your dad's travails. I would never have thought of the post office mail forwarding issue!!!
Instead of checking credit daily and fighting new loans as they pop up, why not have your dad freeze his credit? All those credit cards and loans must be a nightmare, but the freeze should prevent any new ones from happening.
And how exactly did the identity info allow the perpetrators to buy on Amazon under your dad's account? Did they get his password, or did they set up an account linked to one of his credit cards? Password is an easy fix. For the credit card, contact the credit card company, dispute the charges/report the fraudulent use, and change the card # or close the account. And contact Amazon to have them close the fraudulent account - you did that already, I expect.
Instead of checking credit daily and fighting new loans as they pop up, why not have your dad freeze his credit? All those credit cards and loans must be a nightmare, but the freeze should prevent any new ones from happening.
And how exactly did the identity info allow the perpetrators to buy on Amazon under your dad's account? Did they get his password, or did they set up an account linked to one of his credit cards? Password is an easy fix. For the credit card, contact the credit card company, dispute the charges/report the fraudulent use, and change the card # or close the account. And contact Amazon to have them close the fraudulent account - you did that already, I expect.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
I think on cnbc they said something to the effect of, they won’t be rerunning that ad anytime soon.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
WiseOne, the mail thing was the craziest, but believe me there was fierce competition.WiseOne wrote: ↑Thu Aug 01, 2019 6:56 am Dualstow, so sorry to hear about your dad's travails. I would never have thought of the post office mail forwarding issue!!!
Instead of checking credit daily and fighting new loans as they pop up, why not have your dad freeze his credit? All those credit cards and loans must be a nightmare, but the freeze should prevent any new ones from happening.
And how exactly did the identity info allow the perpetrators to buy on Amazon under your dad's account? Did they get his password, or did they set up an account linked to one of his credit cards? Password is an easy fix. For the credit card, contact the credit card company, dispute the charges/report the fraudulent use, and change the card # or close the account. And contact Amazon to have them close the fraudulent account - you did that already, I expect.
How: it started with a little social engineering. Getting the cell number transferred to another carrier without ever touching the physical phones. I have read both on forums and elsewhere that it’s fairly common to have a complicit employee at a cell company.
From there, accepting one-time PINs from all kinds of sites, including gmail. One year later, after just a few minutes or hours trying to wrest control of gmail from the thief and seeing it taken back, everyone is frozen out of the account. 100 documents lost, except those that were downloaded for offline preservation.
The only mistake he really made was not to tackle Amazon on time. I specifically told him to check his order history as soon as he told me his phone and email were hacked. He didn’t do it until i showed up in person. Actually, I did it and read it aloud to him. So there’s your answer: his account. But, I get it. He’s an octogenarian and he was shaken. Already had medical stuff going on in the family that was stressing him out, and other things, and then the hacker hit him where it counts.
Yup, he and I did what you said and much, much more. It’s been a journey.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
Re: Data Breach Omnibus Thread
Two-factor using mobile phones is a semi-weak link! Which is why I use the app authenticator for both Fidelity and Schwab. For institutions where I rely on mobile phone for 2FA, I just enable every damn security alert possible by email and text, and plan to jump like OJ Simpson running through the airport for his Avis Car if I ever get one.dualstow wrote: ↑Thu Aug 01, 2019 7:40 am How: it started with a little social engineering. Getting the cell number transferred to another carrier without ever touching the physical phones. I have read both on forums and elsewhere that it’s fairly common to have a complicit employee at a cell company.
My credit reports are frozen...
I have to file my Federal tax returns using an annually-provisioned IRS PIN. Read this. No one can steal my refund.
Re: Data Breach Omnibus Thread
Do you know if anyone using an IRS PIN has still gotten their refund stolen? If not, that sounds promising. There’s probably still a way for a determined thief to “recover a lost IRS PIN”, but I imagine it’s a pain in the butt and is thus an extra deterrent.
- dualstow
- Executive Member
- Posts: 14292
- Joined: Wed Oct 27, 2010 10:18 am
- Location: synagogue of Satan
- Contact:
Re: Data Breach Omnibus Thread
You know what’s funny, though? All the stuff that is a pain in the butt for law-abiding citizens is a walk in the park for slick criminals. My folks were asked to bring in paperwork no fewer than three times to renew their drivers’ licenses, but the crook got a copy of my dad’s just like that. Probably told them he misplaced his. Never mind that he had it sent to a totally different city.Tortoise wrote: ↑Thu Aug 01, 2019 6:19 pmDo you know if anyone using an IRS PIN has still gotten their refund stolen? If not, that sounds promising. There’s probably still a way for a determined thief to “recover a lost IRS PIN”, but I imagine it’s a pain in the butt and is thus an extra deterrent.
9pm EST Explosions in Iran (Isfahan) and Syria and Iraq. Not yet confirmed.
Re: Data Breach Omnibus Thread
They mail the PIN to your home address, so if your physical mail is secure, you're ok.Tortoise wrote: ↑Thu Aug 01, 2019 6:19 pmDo you know if anyone using an IRS PIN has still gotten their refund stolen? If not, that sounds promising. There’s probably still a way for a determined thief to “recover a lost IRS PIN”, but I imagine it’s a pain in the butt and is thus an extra deterrent.
Re: Data Breach Omnibus Thread
Ah yes, the beauty of social engineering. If 99/100 gatekeepers strictly enforce the rules, but 1/100 bends the rules a little if asked the right way, just focus your efforts on finding that one weak gatekeeper and you’re in. The weakest link.dualstow wrote: ↑Thu Aug 01, 2019 7:44 pm You know what’s funny, though? All the stuff that is a pain in the butt for law-abiding citizens is a walk in the park for slick criminals. My folks were asked to bring in paperwork no fewer than three times to renew their drivers’ licenses, but the crook got a copy of my dad’s just like that. Probably told them he misplaced his. Never mind that he had it sent to a totally different city.
Re: Data Breach Omnibus Thread
Yikes dualstow, your poor dad!! So glad you were there to help. That was one thorough thief you were dealing with. email, mail, online accounts all at the same time???
I didn't get the invite for the IRS PIN and I don't live in one of the listed states, so I have to protect my tax return the old fashioned way: File as early as possible. There's a still a window where a thief could get in ahead of me, but at least it reduces the chances. I wish the IRS wouldn't accept returns until after the banks and brokerages cough up their 1099-divs. It's also annoying that Turbotax won't import them for at least a week after the forms are available online, so this past year I manually entered the last one.
I didn't get the invite for the IRS PIN and I don't live in one of the listed states, so I have to protect my tax return the old fashioned way: File as early as possible. There's a still a window where a thief could get in ahead of me, but at least it reduces the chances. I wish the IRS wouldn't accept returns until after the banks and brokerages cough up their 1099-divs. It's also annoying that Turbotax won't import them for at least a week after the forms are available online, so this past year I manually entered the last one.
Re: Data Breach Omnibus Thread
Anyone who has been the victim of a data breach may get an IRS PIN. You don't have to be invited. Just put "Equifax breach" as the reason.