Ask HN: So what if my personal information gets stolen? Are there any real consequences to having your data leaked in a breach? If yes, what? Assuming not passwords. Things like name, address, passport number, etc. |
Ask HN: So what if my personal information gets stolen? Are there any real consequences to having your data leaked in a breach? If yes, what? Assuming not passwords. Things like name, address, passport number, etc. |
If your important numbers (in the US that's passport, social security, and driver license) get leaked, it becomes easier and easier for someone to commit identity theft and open credit cards in your name which you will have will have to pay with either money or a lot of time proving it wasn't really you. Or they can get traffic tickets in your name which will become a warrant for you.
And if they know enough about you (address, likes and dislikes, etc), it becomes much easier to socially hack (https://en.wikipedia.org/wiki/Social_hacking) you. Any security is only as strong as its weakest link, and social hacking has been used to get access to people's bank account, email address (doesn't sound scary but if someone has access to your email, they likely have access to all of your accounts because they can trigger a password reset, intercept it, set a new password, then lock you out), and a lot of other things.
The financial sector abuses some of the more obscure facts about people (SSN, DL/passport number, bank account number, address history, mother's maiden name) as authenticators. They aren't. In the short term, someone can create a lot of bureaucratic hassle for you by knowing these facts. In the long term, institutions will adapt to the reality that knowing them no longer proves anything.
The stuff you should really care about, IMO: Contents of private conversations. Interests and opinions expressed online that could harm real-world relationships. Habits and characteristics that could signal insurance, credit, or crime risk. Political activity far from mainstream. Relationships with controversial or high-risk people. Evidence of excessive wealth for your context.
The fact that person with your metadata exists and does normal life things like having a home, a job, a cell phone, and a bank account is always going to be well-known. This information is more or less neutral. The real secrets are those which might prompt some actor (friend, lover, ex-spouse, family member, boss, insurance underwriter, lender, police, secret police, conman, vigilante, person who is wrong on the internet, etc) to turn against you, or to do worse damage than they would otherwise.
It's inexcusable that someone can pretend to be you, sign up for stuff at various services, and some how that ends up being your responsibility to fix. It should be the various businesses who failed to correctly identify you and they should be financially liable, not you who had ZERO to do with it.
How do you avoid the people-search sites coming up in Google? When I search my name, Google instantly provides several Whitepages-like sites with my full name and address. Some of them (actual Whitepages included) provide options for removal, but there are so many and they all pull from the same source that it's a losing battle.
I'd also like to see executives be personally liable for the fines too.
What is the likelihood of being a target of this? Are there people out there that you expect might want to mail you an unexpected package or stalk you at your home?
I get that there are people who have stalkers and such, but for the average, random person, what is the likelihood a criminal is going to pick their name and address out of some leaked information and...what? Mail them a bomb? Travel from Estonia or wherever the hacker lives to burgle a house in the US? Why? There's no point to doing that.
As we see in the instances of so-called "revenge porn", you don't have to be famous to be the victim of these tactics. It just takes one person who becomes annoyed enough to use some of these tools and then you're left with an expensive and time consuming mess.
Did you have a nasty break-up? Fire someone? Do you have a business rival who would like to see your reputation ruined? Did you leave a comment on a website that just happened to offend the wrong person [1]? The tools to completely ruin your life are becoming easier and cheaper to wield, and the costs of defending against them are only increasing.
Even if the likelihood isn't high, the consequences are severe enough that you should take the risk seriously. Objectively, the likelihood of you getting robbed isn't that high either, but you lock your doors and don't leave valuables sitting out in your car either.
[1]: https://gizmodo.com/when-a-stranger-decides-to-destroy-your-...
EDIT: note that in the link above, the attacker wasn't even using non-public data. Imagine how much more damage someone with the ability to gain access to bank accounts, etc. could have done.
I am not a unique/unusual/margin case.
Saying "there are some people who have stalkers and such" discounts large swaths of (mostly) women who have been victimized, far more than a non-victim would ever realize.
This is a very real concern for more than an insignificant number of people. We are just people who you would not necessarily realize exist.
Because you think your physical address doesn't otherwise exist? Or are you talking about packages personally addressed to you?
Thrown in jail: https://www.marketwatch.com/story/how-being-an-id-theft-vict...
"Hi, <insert name here>. I know all about you. For instance, <insert the piece of personal information you have>. Wire me <insert large sum here> or I'll publish your browser history (or credit card statements, or anything else that sounds sufficiently compromising among some segment of the population)."
Against any particular target, this may not be effective if they don't care about the leverage you claim to have or call your bluff. However, since you have a data dump you can send this to every single affected individual and you'll get at least some bites.
Did you receive that in an email recently? I've already deleted it, but I got almost that exact email in my spam on my junk mail account the other day. They were clearly working off of the Adobe password leak.
They quoted my old password in the email and gave the same ol', 'I will email a list of your perverted pornographic interests to your family and employer'
Like you said, they cast a wide net in hopes of catching a few fish. That being said, asking for BTC seems to really narrow the pool to folks who, I assume, would be less likely to fall for this scam.
If said stupid mark is lawered up enough, they will try to fob their failure to do their due diligence off on anyone they can including you with the imaginary crime of "having your identity stolen" as if such a thing was even possible.
Which is more plausible?
a) I am not me anymore because my identity is stolen. b) Criminals stole from someone else. (likely leveraging their expectation of profit using the information available on absolutely everyone either from 'legitimate' brokers or shady darkweb stuff; not that I can't tell the difference)
Account take-over if the password was used elsewhere (credential stuffing).
Become a target for Extortion or Blackmail: https://www.troyhunt.com/the-opportunistic-and-empty-threat-...
Edit: Some companies still use birth dates, security questions or social security numbers for identification. If the information is public, any one can identify as that person via a phone call. https://krebsonsecurity.com/?s=SMS&x=10&y=14 https://krebsonsecurity.com/2018/10/voice-phishing-scams-are... https://krebsonsecurity.com/2018/08/hanging-up-on-mobile-in-...
https://www.abc.net.au/radionational/programs/rearvision/the...
My parents had a criminal gang compromise their information and open up a savings account in their name. They then initiated ACH transfers from their legit accounts and filed a fraudulent income tax return in their name, to the tune of $50k refund.
The only reason they did not get away with it is that the online bank sent a gift to the house and my parents knew people from their careers that could get the attention of law enforcement quickly.
Their bank suggested that a relative probably stole their bank credentials and that it was “nothing to worry about”.
Your browser history?
Mails to your boyfriend/girlfriend?
Those agree comments in about your brother or boss sent to someone else?
The source code to your side project?
Your half-finished novel?
Work-related files?
Your IM chats?
Your full contact list and their numbers?
Your purchase history?
Photos?
You probably don't need to worry about the hack affecting you directly, but it is affecting you in ways you probably can't imagine.
What we should do is think about the post-privacy world, where all data is available to everyone. We won't be able to keep secrets and passwords anymore, but we won't have to secure them either, as we will have better authentication methods. No more paranoia, encryption, or fear of data leaks.
It blows my mind how few people are willing to concede the benefits of transparency, even if they're not willing to fully endorse it.
On a date every year in October, just after midnight, Norwegian citizens' annual tax returns are posted online — and the country's Norwegian newspapers leap to produce top ten lists of the country's highest earners, the incomes and taxes paid by the political and cultural elites, celebrities and sportspeople. https://www.theguardian.com/money/blog/2016/apr/11/when-it-c...
Now she doesn’t leave home without police reports and documentation that she has been the victim of identity theft.
https://www.javelinstrategy.com/press-release/identity-fraud...
Surely, somewhere some victim of identity theft has suffered vast financial losses without recoup.
Surely, many victims of identity theft have a harder time getting approved for loans, leases, or even government clearances and background checks. These things are explainable, but isn't the fact that a person has to deal with this for the rest of their life (or at least 10-15 years following an identity theft event) enough of a problem that you would say it has caused a person "significant, damaging impact"?
But -
Like Ashley Madison? Medical records? Tax records. These have all had real life consequences for people. North Korean defectors had their details stolen the other day.
Like a email address to a site you comment on, so now it publically ties your comments to the real you?
Go on?
If your question is around identity theft which I think it really is, then I'd need to see proof, else the fear the NPCs have is actually what does the damage. (Also never heard of a domestic incident from a mass breach of addresses, I'd need proof to believe it, but it is enough to legitimately have to move house, so consequences)
(Passwords / unsalted/salted password hashes is of course the real killer, this has screwed a lot of people, but you've excluded this.)
Something tells me you won't. The reason you won't, is the answer to your question.
Either I don't fully understand what you're suggesting, or you don't fully understand what you're suggesting. ;)
Right to privacy is part of the Universal Declaration of Human Rights for good reasons. Violations and abuses of privacy have done a lot of damage to a lot of people throughout history.
So what does authentication even mean to you if all data is available to everyone? Why would you still need to authenticate?
Do you think it's a good idea for me & everyone else to see your bank balance? Personal emails? Personnel reviews at work? Letters to your girlfriend? Late night browsing habits? Purchase history? All your photos along with the video feed from your phone?
I don't see privacy ever not being a normal and reasonable thing to seek, not to mention rather important for developing democracies and as some protection against government abuses.
Unsustainability: It will only become more difficult to keep secrets as technology improves. Imagine cameras that can see through walls and drones the size of a fly.
Unenforceability: How do you make people forget information on demand? How do you delete data from the internet?
Inefficiency: We waste a lot of resources securing data. We waste a lot of resources requesting data. Allowing data to flow naturally would be more efficient.
I think it's a good idea to let "everyone else see [my] bank balance[.] Personal emails[.] Personnel reviews at work[.] Letters to [my] girlfriend[.] Late night browsing habits[.] Purchase history[.] All [my] photos along with the video feed from [my] phone[.]" However, I think it would be unfair to make the life of one person transparent in a society where the social and technical expectation is to keep secrets, although I think it would be better to make everyone's lives transparent in a society where transparency is supported.
I think the transition to a transparent society is inevitable. I also think that the later we prepare for the transition the more people will suffer. This is why I bring up the subject and encourage people to think about it.
David Brin explains it much better in his book:
There's a lot of qualification to hide behind in the clause "as we understand it". This is a blog post about Silicon Valley, by someone making some pretty loose inferences, using specious logic to construct an argument. Many people pointed out glaring, major flaws in that blog post in the comments.
But sure, privacy wasn't exactly the same 300 years ago as it is now in Silicon Valley with the internet. But ironically that post contains a lot of evidence of the idea that the idea of privacy has been around for a long time. John Adams wrote about not publishing his bank balance 300 years ago.
This blog post does not amount to rigorous historical research or evidence of a lack of privacy before modern times. Right off the top, I don't really buy that houses without walls somehow demonstrates that privacy didn't exist. For one, only poor people lacked walls. Rich people have had them for a long time. Walls also didn't matter as much because people didn't poop in their houses as often as we do now, so lack of walls doesn't prove a lot.
Literally everything you do carries a non-zero risk of death, being 100% safe is impossible. Given that every day is a gamble, knowing your risk and reward ratios is important for deciding which activities to do and which to stay away from.
In this specific case, if dedicating your whole life to privacy reduces your odds of identity theft from 2% to 1%, I think a lot of people would say "I'll spend my life having fun and accept the higher risk"; if a tiny lifestyle change could reduce the odds from 20% to 1%, the outcome would probably be different.
If everyone shits in the streets, the question isn't whether you should dedicate your life to avoiding all the shit to reduce your risk of infection, the question is whether society should stop shitting in the streets, because that's actually not much effort, while massively improving the health of everyone.
"In this specific case, if society making privacy a top priority at the expense of everything else reduces everybody's odds of identity theft from 2% to 1%, I think a lot of people would say "I'd rather society priorotised having fun and accept the higher risk to society"; if a tiny lifestyle change across society could reduce the odds from 20% to 1%, the outcome would probably be different."
The point remains the same: you can't make sensible decisions without knowing the odds; avoiding all activities with non-zero risk means avoiding all activities, and that's why it matters how much.
I'd also say that the risk doesn't begin at zero. E.g., businesses, employers, schools, other orgs, family, partners, friends, colleagues, etc already have a lot of our personal data, and however small the risk is, it's real and worth consideration.
We actually consider these risk/benefit scenarios all the time in everyday life. E.g.,
- We might surrender too much information when presented with the chance to win something in a draw; or give up some non-relevant personal information in a signup form just because the field is mandatory
- Amazon, Apple, etc keep our credit card numbers; Monzo, TransferWise, etc our bank account numbers—but we're happy with that because of the convenience (or because there's no other way to do business with them)
- You might have personal documentation saved on iCloud, Google Drive, Dropbox, etc because you want easy access to it; similarly with passwords and services like 1Password
That's the only thing that matters.
For a second, pretend you're one of these "pervs" you're worried about. Are you going to randomly pick a name out of a data dump from Marriott's database, and try to correlate that with other leaked data to figure out the likelihood of this person you've never seen standing on a particular corner at 5:37pm on November 3rd?
Or are you going to say "Sharon from accounting smells nice, I'm going to follow her home after work"?
I think the latter is something more reasonable to worry about.
If you were dating someone, worked at the same company, or even in the same industry and know the same people, they do not need a data leak from Marriott to get your address. That has nothing to do with data leaks.
Maybe, maybe, you could conceivably piss off some Mr. Robot Darknet-wizard on a forum who would then spend hours combing through leaked data to try to figure out who you are so they could mail you some anthrax, but I'm going to put that at "get hit by an asteroid" level of things to worry about.
As far as "take the risk seriously", what is there for an individual to do? I have zero control over the data security practices of Equifax, Marriott, or any other major corporation. I can just avoid their services, but that would basically entail living completely off the grid and being a hermit. If it were something as simple as locking a door, or putting your backpack in the trunk, yeah, people would do it. But all of this "the sky is falling, freak out now!" propaganda, comes with absolutely zero actionable items that the average person can do. I'm not going to waste my life being worried about things I have no control over.
The entire point of that article I linked was that the person doesn't have to be anywhere near you to cause you real damage. The woman who posted the false allegations to the homebreaker site was thousands of miles away. Heck, if you look at instances of "swatting" [1], it's entirely possible to people in mortal danger from thousands of miles away with little more than a phone. Are the people who are doing the swatting "Mr. Robot darknet wizards"? No, they're bored viewers of Twitch streams who think getting someone potentially shot is a barrel of laughs.
I'm not going to waste my life being worried about things I have no control over.
And this is why data-breaches will remain depressingly normal for the foreseeable future. Companies know that there are zero consequences, specifically because of this attitude. If data breaches were treated like chemical spills, companies would be much more proactive and careful about what data they collected, who they shared that data with, and how they secured that data. But companies know that consumers don't care, because "It's only data," and as a result they will continue to underfund data security and make us eat the externalities in the form of having to spend time and money getting transactions reversed.
[1]: https://mashable.com/2017/12/29/swatting-death-andrew-finch/...
> If data breaches were treated like chemical spills, companies would be much more proactive and careful about what data they collected, who they shared that data with, and how they secured that data.
Actually, on a personal level, I am treating data breaches exactly the same as chemical spills. I personally have about as much influence on one as the other, which is to say, none. If a law comes along, I'll support politicians who vote for it, but that's about it. Again, what precise, actionable steps are you proposing for the average person to do? I'm looking for something besides "be scared and angry all the time" because that is as unpleasant as it is ineffective.
"If there is no privacy, there will be pressure to change. Some people will recognize that their morality isn't necessarily the morality of everyone -- and that that's okay. But others will start demanding legislative change, or using less legal and more violent means, to force others to match their idea of morality.
It's easy to imagine the more conservative (in the small-c sense, not in the sense of the named political party) among us getting enough power to make illegal what they would otherwise be forced to witness. In this way, privacy helps protect the rights of the minority from the tyranny of the majority."
You need to think more carefully about your position. Your statement makes it seem like you are ignorant of history. People have been imprisoned and killed for their correspondence. It is still happening in the world today.
> David Brin explains it
"Brin spends an entire chapter exploring how important some degree of privacy is for most human beings, allowing them moments of intimacy, to exchange confidences, and to prepare - in some security - for the competitive world."
Brin doesn't agree that it's a good idea for everyone to see your letters, bank balance, and other personal secrets. It seems like you got the wrong idea about his book.
> I think the transition to a transparent society is inevitable.
You haven't explained or justified this idea at all.
The problem with your concept of absolute zero privacy is competition. As long as privacy can be exploited, as long as a lack of privacy can be used against you in any way, the need for privacy will exist.
The idea you have that privacy could go away can only happen if all humans are cooperative, and economic systems based on competition are eliminated. We can't have absolute transparency and Capitalism at the same time. We can't have politics or business either. Absolute transparency works for fictional races like the Borg on Star Trek. What you're talking about seems like a theoretical concept that is divorced from reality.
Current trends are in the opposite direction, so what makes you think we're on the way? Business is getting more competetive, not less. Societies are getting more political, not less. In some countries, government and human rights abuses have been regressing. The need for privacy is going up, not down.
> I think it's a good idea to let everyone else see my bank balance ...
You didn't explain why. Why is it a good idea? Do you want to post all that information here and now? Why aren't you publishing it already if it's a good idea?
Your purchase history is just one of many examples of something that is being used against you. There are insurance companies buying personal data like purchase history in order to gather evidence for denials on claims.
Do these people deserve to be the focus of all discrimination? It seems to me that privacy is necessarily misleading and unfair.
How do you suggest we fix that?
The fact that there are problems with privacy doesn’t mean it makes any sense whatsoever to just get rid of privacy. Should we get rid of water because some people have drowned? Should we eliminate math because it’s hard and people sometimes make mistakes?
When privacy leaks and abuses cause people suffering or damage, the answer isn’t less privacy, it’s more. Plug the leak, don’t open the floodgate.
I am aware that people have been imprisoned and killed for their correspondence. I think we should blame the perpetrators, not the free flow of information.
> Brin doesn't agree that it's a good idea for everyone to see your letters, bank balance, and other personal secrets. It seems like you got the wrong idea about his book.
That's possible. I didn't read the book.
> The problem with your concept of absolute zero privacy is competition. As long as privacy can be exploited, as long as a lack of privacy can be used against you in any way, the need for privacy will exist.
All knowledge can be exploited. All knowledge can be used against people. I don't think that's a problem, and I don't think that can be changed.
> The idea you have that privacy could go away can only happen if all humans are cooperative, and economic systems based on competition are eliminated. We can't have absolute transparency and Capitalism at the same time. We can't have politics or business either. Absolute transparency works for fictional races like the Borg on Star Trek. What you're talking about seems like a theoretical concept that is divorced from reality.
I don't claim that we could switch to full transparency tomorrow. I suggest that we accept the limitations of privacy, and work toward a society that's compatible with more transparency. I think less competition and politics would be welcome.
> Current trends are in the opposite direction, so what makes you think we're on the way? Business is getting more competetive, not less. Societies are getting more political, not less. In some countries, government and human rights abuses have been regressing. The need for privacy is going up, not down.
The world is getting worse in some ways, and I think that privacy enables that. Privacy is a self fulfilling need. The more we expect and rely on it, the more dangerous it becomes, the more we need. That's not good.
> You didn't explain why. Why is it a good idea? Do you want to post all that information here and now? Why aren't you publishing it already if it's a good idea?
Again, society is not ready yet. It won't be ready until we all put a lot of work into changing things. The first step is to convince idealists that total transparency is more desirable than total privacy.
> Your purchase history is just one of many examples of something that is being used against you. There are insurance companies buying personal data like purchase history in order to gather evidence for denials on claims.
If your purchase history is evidence that you violated the terms of the contract, I think it's fair. Likewise, if it makes it possible to give discounts to people who take care of whatever is insured, that's great.
> Do you understand why the right to privacy currently exists?
Yes, I understand why it exists.
> The fact that there are problems with privacy doesn’t mean it makes any sense whatsoever to just get rid of privacy. Should we get rid of water because some people have drowned? Should we eliminate math because it’s hard and people sometimes make mistakes?
"The fact that there are problems with [transparency] doesn’t mean it makes any sense whatsoever to just get rid of [transparency]."
> When privacy leaks and abuses cause people suffering or damage, the answer isn’t less privacy, it’s more. Plug the leak, don’t open the floodgate.
It's like increasing the dosage of medication as your body gets used to it. I'd rather not have to take medication if possible.
I want people to change their diet to prevent or reverse diabetes. You want to create more artificial insulin. I don't think artificial insulin is bad, as it clearly helps a lot of people today (and more people every year), but I don't think the discussion should only be about creating more artificial insulin and making sure everyone can have some. We should think about fixing the root cause, and lessen our reliance on artificial insulin.
I totally get your point. Do you get mine?
I think I do, yes. I think it’s a lovely theoretical idea that simply isn’t realistic or possible or ever will be.
We can lose privacy the day there’s no exploitation, no profit motive, and no war.
FWIW, I’m not hearing any evidence that it’s a good idea, just statements of opinion.
I believe I provided 3 compelling arguments against our reliance on privacy in my first post.
It's also possible that we use different moral frameworks. I'm not a consequentialist, and I oppose to most restrictions on freedom (drug control, gun control, copyrights, patents, privacy, GDPR, net neutrality).
I see your 3 keywords argument above. Is that what you're referring to? ("Unsustainability", "Unenforceability", and "Inefficiency".)
I didn't see any evidence, these appear to be claims predicting the future with no support to back them up, in other words, pure opinion. In my opinion they are not compelling.
Unsustainability: Yes you can imagine small drones with cameras, but where's the actual evidence that secrets are becoming unsustainable? You can imagine all kinds of things that may or may not happen. I disagree with you. I claim that our ability to keep secrets is getting more sustainable over time, not less. Encryption and security are getting better, not worse.
Unenforceability: This is irrelevant. Yes, you can't take back secrets once leaked. That has always been true, and has nothing to do with technology or the internet. This does not amount to a reason to never try. What percent of all secrets have ever leaked? Unenforceability is only a reason to not try if all secrets inevitably leak, and only if they all leak immediately, otherwise this is a reason to try harder to keep secrets. I know for a fact that many secrets are never leaked, and many secrets that are leaked are only leaked after it no longer matters, many secrets only need to be secret temporarily, so this unenforceability point tends to undermine your argument.
Inefficiency: This argument doesn't make any sense to me. Every single thing we do would be "more efficient" if we didn't do it. It would be more efficient to not travel. It would be more efficient to not work. It would be more efficient to not eat. Efficiency is a metric that you use to measure two ways to achieve the same outcome, not something you can compare to nothing. You're completely ignoring the costs of compromised secrets in your "efficiency" calculation. When people's compromised secrets cause them to lose money or possessions or their lives, that cost is many orders of magnitude higher than the cost of keeping a secret. You're also not accounting for the efficiency of passing around public information compared to keeping information private. It's entirely possible that not keeping secrets - the costs of hosting & publishing all the previously secret information - would waste a lot more resources than the world with privacy, so it seems to me like you're just making stuff up.
So to answer your earlier question about discrimination:
1- Many people do try to keep their gender / race / religious preferences secret when online in public forums, and initially when applying to jobs.
2- Discrimination is largely a separate topic. It's a cultural problem, not a privacy issue, that people are trying to fix in various ways including affirmative action and education. Nobody is suggesting that eliminating privacy will help with discrimination, because it won't.
The existence of social prejudices does not in any way imply that my private financial situation or private correspondence or private photos should all be publicly available.
How can humanity plausibly, realistically reach a place where it's not possible to exploit any information for private gain? Because we are individuals and not a collective consciousness, I don't see how that is possible.