The private information of 143 million Equifax “clients” is now available for downloading. Have no doubt: This means you is going to be hacked. This means your SIM card can be spoofed. This means someone will attempt to enter accounts that are online and your email. This means someone will attempt to start a credit card in your name. This idle, callow, and crass treatment of our electronic information cannot stand. Equifax — and each business that data like a plane bathroom dumps chunks of frozen urine — should face a reckoning.
First, we cannot permit our most data to be accessible through the four digits of our social security number. Ought to be closed down. After I inform the past four digits of my SSN to a customer support representative — I just did it a moment ago with an insurance carrier and it sprang open my data like a cheap padlock — I’t. My information can be used by that CSR. Someone can overhear my PIN that is feeble. What’s worse, I use that PIN everywhere. Entering my SSN into a form field on some site means rsquo I &;ve composed the password on a busy street overpass to most of my data. These areas are insecure.
We have to look outside the united states for leadership. Estonia, for example, has released a variety of alternatives to this issue including a ID card. This card unlocks our information and connects to our computers. Without it our information can not be accessed by any one. Government-provided ID generator that is 2-factor could be included by an even easier solution. All these are cheap and mobile and rugged and far more secure than any number that is static. Further, we have to also outlaw SMS two-factor authentication. In fact, thanks to this information stolen from Equifax, that process can be readily broken by (you guessed it) telling a CSR the past four digits of our Social Security Number.
We have to hold these companies accountable. Your information is lost by goal? Don’t shop at Target. Trump Hotels dumps your charge cards for the third time in two decades? AirBnB is for you. Equifax dumps your social security number? Don’t rely on their information for your products.
For cryptographically securing our information, we have to make new techniques. We have to make it so that our information can not be dragged by a hacker with a fast connection and understanding of the pitch control .
Equifax, for its part, has all but given up. Their safety site — a site where you form in the past six digits of your SSN and your last name to see if you’ve been hacked — seems to be assaulted or down by phishing scammers. This kind of technical incompetence is not disgusting.
Mistakes occur. Regrettably, they tend to matter more at the very associations where time, ineptitude, and complacence have decreased data security to a tertiary concern, well under “determining what’s for supper” and “increasing shareholder value. ” All these old associations — Equifax was founded in 1899 and hasn’t changed much since beginning — must die, to be replaced by alternatives which (and I shudder to mention this) blockchain-based. Finally, this must be how we proceed but although I shudder because I understand that the risks to our information are far more expansive if we hand them over to this cryptoratii.
There’s precedent for this sort of shift. She’d have laughed you out of their 35, if you told a CTO that she would one day select a homegrown system filled with spaghetti code and bugs over Microsoft. “No one gets fired for buying Microsoft,” has been the saying. You & rsquo ;d be considered a madman over spinning up a Ubuntu cases on Heroku if you advocated a Windows installation.
In short, it’s time for people who are careless data that is large to die. It’s up to you to provide options that are workable and true. There needs to be a better method because losing your data is awful that the first time but when it happens again and again.
“rsquo & There;s an old saying in Tennessee,&rdquo. “Fool me once, shame on you. Fool me [twice] you can&rsquo. ”
I, for one, am done getting fooled.
Read more: https://techcrunch.com