this post was submitted on 15 Aug 2024
404 points (98.6% liked)

News

36160 readers
3306 users here now

Welcome to the News community!

Rules:

1. Be civil


Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban. Do not respond to rule-breaking content; report it and move on.


2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.


Obvious biased sources will be removed at the mods’ discretion. Supporting links can be added in comments or posted separately but not to the post body. Sources may be checked for reliability using Wikipedia, MBFC, AdFontes, GroundNews, etc.


3. No bots, spam or self-promotion.


Only approved bots, which follow the guidelines for bots set by the instance, are allowed.


4. Post titles should be the same as the article used as source. Clickbait titles may be removed.


Posts which titles don’t match the source may be removed. If the site changed their headline, we may ask you to update the post title. Clickbait titles use hyperbolic language and do not accurately describe the article content. When necessary, post titles may be edited, clearly marked with [brackets], but may never be used to editorialize or comment on the content.


5. Only recent news is allowed.


Posts must be news from the most recent 30 days.


6. All posts must be news articles.


No opinion pieces, Listicles, editorials, videos, blogs, press releases, or celebrity gossip will be allowed. All posts will be judged on a case-by-case basis. Mods may use discretion to pre-approve videos or press releases from highly credible sources that provide unique, newsworthy content not available or possible in another format.


7. No duplicate posts.


If an article has already been posted, it will be removed. Different articles reporting on the same subject are permitted. If the post that matches your post is very old, we refer you to rule 5.


8. Misinformation is prohibited.


Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.


9. No link shorteners or news aggregators.


All posts must link to original article sources. You may include archival links in the post description. News aggregators such as Yahoo, Google, Hacker News, etc. should be avoided in favor of the original source link. Newswire services such as AP, Reuters, or AFP, are frequently republished and may be shared from other credible sources.


10. Don't copy entire article in your post body


For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.

founded 2 years ago
MODERATORS
 

A new lawsuit is claiming hackers have gained access to the personal information of "billions of individuals," including their Social Security numbers, current and past addresses and the names of siblings and parents — personal data that could allow fraudsters to infiltrate financial accounts or take out loans in their names

The allegation arose in a lawsuit filed earlier this month by Christopher Hofmann, a California resident who claims his identity theft protection service alerted him that his personal information had been leaked to the dark web by the "nationalpublicdata.com" breach. The lawsuit was earlier reported by Bloomberg Law.

The breach allegedly occurred around April 2024, with a hacker group called USDoD exfiltrating the unencrypted personal information of billions of individuals from a company called National Public Data (NPD), a background check company, according to the lawsuit. Earlier this month, a hacker leaked a version of the stolen NPD data for free on a hacking forum, tech site Bleeping Computer reported

you are viewing a single comment's thread
view the rest of the comments
[–] chrischryse@lemmy.world 7 points 2 years ago (4 children)

But how exactly does it work when applying for something like a credit card or going to a doctors office and filling out a form? Because here in the US those ask for SSN

[–] Marafon@sh.itjust.works 44 points 2 years ago (1 children)

They ask for SSN because there is no other form of national ID in the US (by design). SSNs were not introduced with this use in mind in fact they were explicitly meant to not be used this way, but society has slowly twisted it into a de facto national ID.

[–] chrischryse@lemmy.world 9 points 2 years ago (3 children)

what was meant to be used then?

[–] srasmus@lemmy.world 25 points 2 years ago

To track contributions and withdrawals to the social security system. Pretty much everyone in enrolled, so pretty much everyone has an SSN.

[–] brianary@startrek.website 12 points 2 years ago (3 children)

Americans explicitly didn't want a national ID.

[–] Psychodelic@lemmy.world 22 points 2 years ago

We really are kinda fuckin dumb in the US. It's like we're equally deeply suspicious of our government but too dumb to understand how it works so we ends up with blind, ignorant cynicism

[–] Zorsith@lemmy.blahaj.zone 11 points 2 years ago (1 children)

And yet we have multiple of them now. Drivers license, SSN, and if you/your parent are/were military, EDIPI/DoDID.

[–] brianary@startrek.website 9 points 2 years ago (1 children)

Military, sure, but driver's licenses are state-level, not federal. Health care has been using birthdate like a password (one that is largely publicly available) for way too long now. At least financial institutions can use account numbers and financial history and code words, but even all that isn't great.

It's a messy patchwork, but I think at the time of the creation of the SSA, the US may have still thought of itself as a land of second chances. IBM numbering Holocaust victims probably didn't help the idea of a national ID, nor did the victim narrative of groups like the NRA.

I'm not sure if it's possible not to have a national ID anymore, so denial of it just forces a terribly kludgy implementation from whatever is around.

[–] Zorsith@lemmy.blahaj.zone 8 points 2 years ago (4 children)

drivers licenses are state-level

Are they though, with RealID requirements for new licenses now?

[–] FireTower@lemmy.world 3 points 2 years ago (1 children)

RealID is option there's no Federal mandate for it.

[–] Zorsith@lemmy.blahaj.zone 1 points 2 years ago (1 children)

Sure. As long as you don't need to

  • access any federal buildings
  • fly domestically
  • exist after May 7 2025
  • have a non-expired drivers license

Then it's optional. Non-RealID isn't offered anymore in Ohio as far as I'm aware, I'd imagine other states are the same.

[–] FireTower@lemmy.world 3 points 2 years ago

My state still offers non-RealID compliant licenses. And the down side isn't all federal buildings only certain ones plus domestic flights. But a passport will also work for those if you don't have one.

https://www.dhs.gov/real-id/real-id-faqs

[–] brianary@startrek.website 2 points 2 years ago

Hmm, that's a good point. Washington finally relented, they were a hold-out for a long time.

[–] RestrictedAccount@lemmy.world 1 points 2 years ago

My number did not change after Real ID. I guess it could work if you added the state postal code to it.

[–] MCasq_qsaCJ_234@lemmy.zip 2 points 2 years ago (1 children)

I think there should be an amendment allowing the creation of a Unique Population Registry Key that uses numeric and alphabetic characters.

[–] brianary@startrek.website 3 points 2 years ago (1 children)

Everyone should also get a procedurally-generated theme song.

[–] littlewonder@lemmy.world 1 points 2 years ago

I'm cool with this as long as I can reserve Thunderstruck by AC/DC.

[–] Hotzilla@sopuli.xyz 7 points 2 years ago* (last edited 2 years ago) (1 children)

Nordics have resolved this by having the strong digital authentication. Services like banks and tele operators work as identity providers for individuals/companies.either through mobile network or app on your phone, and these is a central service that links these together.

This way third parties can safely identify you, and also it follows same OpenID/OAuth2.0/MFA principles, which are industry standards.

[–] untorquer@lemmy.world 4 points 2 years ago

Having experienced both systems the Nordic ones are well thought out, streamlined and feel extremely secure.

The US system feels so absurdly predatory and intentionally insecure. It's often slower, non-standardized, and glitchy(e.g. student loan stuff).

In general, fraud is much easier in the US which is is by design as stated elsewhere in the thread.

[–] Bluefalcon@discuss.tchncs.de 5 points 2 years ago

Doctor's office and credit card companies don't need your ssn. It is one of the easiest places to steal them from.

https://clark.com/show-notes/10-worst-places-give-your-social-security-number/

[–] ThePantser@lemmy.world 3 points 2 years ago

You don't have to give anyone your SSN, especially for medical. There are ways to bill without SSN.