Tag Archives: data collection

Latest Data Breach Exposes 2.7 Billion Records.  Your Social Security Number Could Be Included.

Posted on by

The number of massive data breaches is accelerating, and your personal information is increasingly at risk of being exposed.  In June it was reported that identity verification company AU10TIX had exposed login credentials online, allowing access to sensitive user data including names, birth dates and drivers licenses.  In July the news broke that hackers had stolen phone numbers, call records and text records of up to 109 million AT&T customers.

But the latest exposure of personal information is one of the largest ever, and one of the most serious.  Back in April hackers claimed that they’d accessed the records of 2.7 billion people kept by a company called National Public Data that serves businesses doing background checks.  This month the hackers offered the complete database on-line, which apparently includes names, dates of birth, Social Security numbers and e-mail addresses.  Having access to this kind of personal information would make it much easier for hackers to access your accounts, steal money from you or assume your identity.

Massive Data Breach that Includes Social Security Numbers May Be Even Worse than Suspected

This is a huge problem, and it’s only going to get worse.  There are some things you can do to protect yourself.  At the end of the LA Times article above, they offer some good suggestions, to which I would add: Don’t give away any of your personal info unless you really need to.  Retailers and on-line services have become more and more aggressive about asking for your info, and most of they time it’s because they plan to share it with someone else.  Don’t give them your data unless you really need to.  Don’t sign up for services you don’t really need. 

Unfortunately, in our surveillance society, there are also companies collecting your data without your knowledge.  Google, Facebook and others have already been busted for this.  Digital outdoor advertising, including billboards and bus stop displays, is also collecting your device data using wireless technology. 

How much money is being lost due to cybercrime?  According to the FBI, in 2023 over $12 billion was taken.  That number is up $2 billion over 2022 and more than triple the amount reported in 2019.  These numbers are expected to grow.  And as data breaches become more frequent and more significant, hackers will have increasing access to personal info, making their job easier than ever.   

This is why we need to start contacting our elected representatives to ask what they’re going to do to protect us.  What’s really needed is legislation at the national level to set standards for companies that handle personal data, followed up with meaningful enforcement when those companies fail to comply.  Many states are passing laws to address this problem, but in most cases the laws are too limited to offer the kind of protection we need. 

We have to start taking this seriously.  If you think you won’t be a victim, think again.  Millions of people have already been hit by hackers.  Real money is being stolen.  Data brokers are collecting your info every day, and many of them don’t do nearly enough to secure the data.  We have to take action.  This has already gotten way out of hand.

Apps Are Collecting Your Data. That Could Cost You Money.

Posted on by
Still from The Great Hack, 2019

In 2021, some customers at the Hollywood Trader Joe’s were surprised when they were told that they now had to download an app in order to park in the underground garage.  Those who took the time to read the privacy policy were even more surprised to learn that by downloading the app they were agreeing to let the company behind the app, Metropolis, track their browsing activity, collect information about services they used, and follow their activities across different devices.

Many landlords are now pushing their tenants to use apps for paying rent, handling complaints, etc., but renters should look at the privacy policy before getting on board.  One such app, Door Loop, collects a lot of sensitive info from its users, including date of birth, job title, e-mail provider with (login info), social media you use (with login info), race, and social security number.  Their privacy policy says they may share that data, along with any other data you provide, with vendors, consultants and third-party service providers.  In other words, their privacy policy seems to describe how they can invade your privacy.

Now, when I talk to people about how their data is being collected by apps and services, their response is usually something like, “Oh, well, they already have all my data anyway.”  Another common response is, “I haven’t done anything wrong, so I don’t care if they’re tracking me.” 

If you don’t think giving up your data can create any problems for you, you need to think again.  For instance….

Consumers who’ve bought cars from GM in recent years have been able to sign up for a service called Smart Driver, which collects data about your driving habits, like how often you brake quickly or whether you go over the speed limit.  Supposedly it was up to customers to choose whether or not they wanted to participate.  But it was recently revealed that GM had been collecting data from people who had never signed up for Smart Driver.  Not only that, the company shared the data with a leading data broker.  Why should this worry you?  A number of GM owners have filed lawsuits alleging, among other things, that their insurance rates went up substantially because insurers had access to the data.

Let’s talk about mental health apps.  There are a number of them out there, and lots of people are relying on them to deal with mental health issues.  But unless the app you’re using is connected to your health care provider, there’s probably nothing to prohibit the company from sharing the data they collect with anyone they like.  A recent report from Duke University found that data brokers advertise their holdings of sensitive mental health data, which includes information on people suffering from depression, ADHD, anxiety and bipolar disorder.  This information is for sale, and there are few meaningful controls on who can access it or how they use it.  Do you think insurance companies might want to know if you’ve been struggling with substance abuse?  Do you think a prospective employer might be interested in knowing whether you’ve been diagnosed with ADHD?  Could there be other folks out there who want to exploit this information for their own ends?

People download apps all the time for all sorts of reasons.  Some apps may be useful, some of them may be fun, but it’s important to remember that many of them are designed and marketed with the sole purpose of collecting data from you.  Collecting and sharing/selling your data is big business. In 2022 data brokers made more than $250 billion by selling consumer data.  That number is only going to grow. 

Apps are a crucial part of this ecosystem.  When you use a browser to surf the net, there are some protections in place to inform you about what information is being collected and you can often choose to opt out of sharing your data.  But with apps, they’re not only collecting your data, they’re sharing it as well, and there are no meaningful protections in place.  When you download the app, you often get a small pop-up that asks you to agree to the company’s terms and conditions.  That’s it.  They generally don’t make any further effort to disclose that they’re going to collect your data.  To learn about what you’re getting into, you’d have to read their terms and conditions, which contains their privacy policy, which usually starts with something like, “We take your privacy seriously.”  The extent of the data they collect and their intent to share it with others is usually buried deep in these documents.  And how many people actually take the time to read these things?  Most people just click “Accept” and move on. 

The best protection is to think carefully about which apps you use, and avoid downloading those that you don’t need.  If in doubt, take the time to read the privacy policy so you at least know what you’re getting into.  If you don’t, you’re taking the chance that the app will collect and share personal info that could have an impact on your life. 

If you have kids, you should also be thinking about the apps they’ve got on their phone.  What data are they sharing?  If the apps are connected to social media, are they collecting info on family and friends?  Are they collecting location data?  Places your kids hang out? 

Data brokers are making big money on this stuff because there are lots of folks out there that want to have access to your personal info, and they’re willing to pay good money for it.  These include insurance companies, employers, government agencies and a host of others.  Don’t assume that any of these people have any interest in protecting your privacy.  In most cases, the only interests they’re protecting are their own.