People who are registered to vote in Georgia- bad news
13Looks like the State of Georgia sent out CDs (and pushed it to external databases) with 6.1 million voter's complete details (SSN, DOB, address, driver's license, etc).
Normally, the CDs just contain voter registration info, but this time they didn't.
The state's trying to collect all of the errant CDs back and then presumably destroy them, but as you all well know this is a fool's errand.
(Of course, there are no passwords, or encryption on this data).
My deepest sympathies to anyone affected by this.
- 11 comments, 15 replies
- Comment
At this point, it's safe to assume that your information is out there already. Safeguard what you can, monitor your credit regularly and hope for the best.
@Thumperchick Yup. I no longer feel any emotion when someone tells me they've lost my data. Well, beyond very minor excitement at getting another free year of identity monitoring. And frustration when the monitoring is for an overlapping period.
@Thumperchick I suggest requesting a credit freeze. Find more information here.
@Quadrashocker I like how they charge you a fee for requesting a freeze... The credit business makes me soooo angry.
Wow. It's no consolation to say 'Hey, it's not Florida', I promise. My GA friends are worried.
Damn. That's where a lot of my in-laws live. I'll have to see if they've heard about it.
I just want to point out that most election boards sell your name, address, sex and race to any who pay... so the breech here are the dates of birth and dmv ID numbers.
@thismyusername As does the USPS. That's how all the local hardware stores and pizza joints get your name and address - right off of your change of address form. The credit offers? That's your mortgage company. The DMV sells this information as well.
@Thumperchick Also, the police usually buy/get customer lists from pizza places- great way to find people who don't seem to have a permanent/real address.
@Thumperchick don't forget the data mother lode, the credit card companies. :)
@Thumperchick Those change of address forms can be a blessing or a curse. However to make them into a blessing takes a major move and a bit of planning.
In my case it helped that I honestly didn't know exactly where I was moving to. Living in hotels during and following our migration from the south to the Pacific Northwest. But if you do have a new permanent address, pretend you don't.
Find a company online that will receive and forward mail for you. Forward your mail there via the change of address form. When you get to your new home town, get a local private mailbox before you get a new driver license/state id. The USPS won't accept change of address forms to forward mail from private mailboxes anyway, so don't use them anymore!
Keep the private mail forwarding service for 2-3 more months making sure anything important gets directly updated to your local mailbox. NEVER give out your real residential address if you can help it. Obviously driver license, and utilities will need it.
Every couple of weeks or so, I check the mailbox at my apartment, and toss the stuff addressed to 'Resident' and the junk mail addressed to prior tenants. After over two years, I think I only received two pieces of mail in my name at my apartment, When I apply for credit and it wants to verify my identity, I have to remember I had that phantom address in Vegas even though I've never lived there.
Well, sucks for them. Your info is out there on all sorts of things. The credit offers you get in mail is from information farmed and then sold to anyone willing to pay for it. The junk mail that you get in your mailbox every day is the same sort of thing.
Credit Card companies use an information database of all sorts of crazy information that's managed by Uncle Sam. Basically, it's a huge stockpile of every identifying piece of information about you, including last known addresses, bank info, tax filings and known associates. All you need is a little bit of information and you can basically see into someones entire life.
As for the credit card offers, you can actually opt out of those. My wife and I did because it got crazy. We were getting 3-4 offers every day. It took a few minutes and we were set. I think it resets every few years, and then you have to opt out again. Kinda' annoying but it's an easy process.
https://www.optoutprescreen.com/?rf=t
@capguncowboy and if you do open a new card/account/mortgage/car loan anywhere, you're put right back on the list and have to opt out again.
@capguncowboy
Go to Target or Walmart and buy a box of Pampers, pay with a credit card. Within ten days, you'll get life insurance quotes from Gerber and Similac coupons in the mail
It looks like it was only a dozen disks distributed, it's also not clear that the same information was actually replicated in the database. (Depending on the source data and how they make the disks) The lawsuit only speaks to the disks being released. Since there is so much focus on this story, it's possible the dozen will just return the data and no info will be released. (It's also possible that they keep a copy, since it's not encrypted, to sell off)
99% of that data is out there already, the most damaging is the SSN. The rest is easily obtained from various sources.
Does anybody else think we should be, like, past the concept of an SSN by now? Think about it: every US citizen has a simple 9-digit number sitting in a whole bunch of databases, and if it gets out it would pretty much fuck up that person forever. It seems like a relic of the filing-cabinets-and-typewriters era of the 30s that should have been left in the dust by something better ages ago. It's 2015, we should have something less shitty by this point.
@Starblind Did you know that the last 4 digits of your SSN (the ones that you give out everywhere) are the only digits that are even close to random? https://en.wikipedia.org/wiki/Social_Security_number#Structure
Much like credit cards, SSNs are a relic with virtually no security attached.
@Starblind This is exactly my feeling. I almost wish the SSA (or whatever they are called) had been hacked and ALL of our SSNs were in the public domain to force things to change.
The fact that having this number, plus a few other tidbits of information that can be garnered for most people from any of dozens of sources, is all that is needed to steal an identity is proof that the world needs a better way, or at least the 1st World does.
@Starblind
For years, the military required your SSN on just about everything. Every time you wrote a check at the PX, you wrote your SSN above your name. Most folks just had it printed there, next to your name, address, phone number.
Before ATMs, troops paid for everything by check. And guess who cashed checks for them: pawn shops, strip clubs, tattoo joints.
This was the norm for about 30 years. Maybe 20 million troops. Writing 10-15 checks per month. Handing them right over to a rather unsavory segment of society. That's a lot of damn numbers out there.
@MehnofLaMehncha Wait until you get your Medicare card. Your Medicare number is your SSN plus a couple of letters. You give it to every medical and dental office.
This seems like a good place to mention the great stupidity that was the Excellus BlueCross BlueShield hack of 2015. (Anthem was hit by this as well.)
They got everything - Name, Address, SS#, DOB, ID#'s, Payment Account Info, Medical Claims Records. You name it, it's out there now. Pfft, what's a little salt and hash when it comes to your most personal data?
If you have a medical insurance policy that worked with Excellus - you were hit and hit hard. If you haven't gotten a letter about it - you may want to call and see if you were compromised and what monitoring they're offering.
Between this and the Anthem hack this year - we got hit twice, by our damned insurance company. How the hell can you prevent that information leak?
@Thumperchick
Thing is, they didn't need a high tech hack to get personal info from the medical community. Too much hard copy info out there sitting in the unlocked desk drawer of the front desk person, who got no training and will leave for a job in a couple of weeks anyway.
@MehnofLaMehncha Yes, however, the high tech version netted them millions of people's info, at once.
Holy fuck, I can't wait to read about the fall out over this.
I feel bad for these folks:
https://www.washingtonpost.com/news/federal-eye/wp/2015/07/09/hack-of-security-clearance-system-affected-21-5-million-people-federal-authorities-say/
Anyone in that community realizes the amount of information on those forms and its not just the person that applied. Its all the folks around them.
Wow, that's the single most fucked up thing I've heard all week. And I heard Donald Trump's trumped up medical exam press release.