Skip to content

OPLIN 4cast #568: I am not a number

Posted in 4cast, and Security

With the data breach at Equifax, potentially 145.5 million Social Security Numbers were compromised. This on top of major reported breaches at Anthem, Department for Veterans Affairs, Chase, eBay, etc. It is speculated that there is greater than a 40% chance that your Social Security Number has been compromised. Is there a better way? The current project underway to remove SSNs from Medicare cards suggests that the process is likely to be very slow and very, very expensive.

  • Senators push to ditch Social Security numbers in light of Equifax hack [TechCrunch | Taylor Hatmaker] “Social Security numbers are a privacy nightmare. While a consumer who gets hacked can replace credit card numbers and other account details, a Social Security number is relatively permanent, linked to a real identity throughout a person’s lifespan. In the hearing, Wilkinson and many of the senators present argued that the U.S. needs to move to a dynamic system of personal identity, one designed with digital security in mind — a stark contrast with an inflexible legacy system that dates back to the 1930s.”
  • Following Equifax breach, CEO doesn’t know if data is encrypted TechTarget | Madelyn Baker] “During the hearing, Sen. Cory Gardner (R-Colo.) questioned Smith and Barros about Equifax’s use of — or lack of — encryption for customer data at rest. Smith confirmed that the company was not encrypting data at the time of the Equifax breach, and Gardner questioned whether or not that was intentional. [Smith] confirmed that a decision was made to leave customer data unencrypted at rest.”
  • White House official calls for ending Social Security numbers as means of identification [The Hill | Joe Uchill] “Joyce also said the White House needs more transparency in the Vulnerabilities Equities Process, which the government uses to determine which hacking techniques can be kept secret for espionage purposes. Companies like Microsoft have argued that the government should not hoard any security vulnerabilities it finds in software or hardware, and instead report all vulnerabilities to manufacturers for repairs.
  • Medicare Is Finally Fixing a Major Identity Theft Risk [Money| Elizabeth O’Brien] “The government will begin sending out new cards next April, with all cards replaced by a congressional deadline of April 2019. Why the long lead time? Medicare is a big, complex bureaucracy, and replacing the cards is expensive: Officials estimated in 2011 that replacing the cards would cost between $812 million and $845 million.”

From the Ohio Web Library: