Why didn’t Equifax protect your data? Because corporations have all the power. – The Washington Post

My coworker and I were musing about the huge Equifax breach, where 143 million Americans had their personal data exposed to hackers. We wondered if Equifax would pay a price for this loss. Then we wondered who could punish Equifax.

It’s not us, we concluded. We’re not Equifax’s customers, we’re their product!

Here’s a great perspective piece in the Washington Post which discusses how lopsided the tables are towards large corporations and against the little guys like you and me.

No wonder. To be an American consumer these days is to have become numb to signing away your rights so you can buy products and services. If you want to use a smartphone, you have to agree to give your privacy to the company that makes it, and to your Internet provider, which can see every website you visit. If you want to use email, you agree that the provider can scan your messages for certain words to sell ads. And when you sign up for financial services, you give away your rights to negotiate how your money is used or how your information is protected. The people whose Social Security numbers Equifax lost had no say in how the company acquired, uses or guards their financial information.

Source: Why didn’t Equifax protect your data? Because corporations have all the power. – The Washington Post

Experian Site Can Give Anyone Your Credit Freeze PIN — Krebs on Security

What good does it do to lock down your credit with a credit freeze if Experian will hand over your PIN to anyone who asks?

An alert reader recently pointed my attention to a free online service offered by big-three credit bureau Experian that allows anyone to request the personal identification number (PIN) needed to unlock a consumer credit file that was previously frozen at Experian.

The first hurdle for instantly revealing anyone’s freeze PIN is to provide the person’s name, address, date of birth and Social Security number (all data that has been jeopardized in breaches 100 times over — including in the recent Equifax breach — and that is broadly for sale in the cybercrime underground).

After that, one just needs to input an email address to receive the PIN and swear that the information is true and belongs to the submitter. I’m certain this warning would deter all but the bravest of identity thieves!

Source: Experian Site Can Give Anyone Your Credit Freeze PIN — Krebs on Security

Dubai: The Vegas of the Middle East, with a catch

Johnny Walker Red

A recent story about a Brit who inadvertently ran afoul of the law in Dubai reminded me of the first (and last) time I visited Dubai.

When I was in the US Navy in the early 1990s my ship made a stop in Dubai. A group of my fellow sailors and I booked rooms at (what was at the time) a fairly high-end hotel to relax. I was astonished when entering my room to find a thank you card and a bottle of Johnny Walker Red, a gift for our protecting the Gulf. Being gifted a bottle of fine scotch in a Muslim country was a taste of the odd juxtaposition and tension in Dubai, where east meets west and tries to offer something for everyone.

In the days I wandered around Dubai seemed clear to me what the cultural expectations were. Back then it was a few hotels and mostly sand but now Dubai advertises itself as an exotic playground, the Las Vegas of the Middle East. It seems to me it’s easier now to cross a line one didn’t mean to cross, though I have not been back since. I was planning a trip to Dubai with my wife around Sept 11, 2001 but .. .uh, soon scuttled it :-(.

(Wikimedia Commons photo by Mohylek)