It seems that Oregon and Louisiana were using a piece if “industry standard software” to “move large files” (extremely hard facepalm here)
“global hack of the data transfer software MOVEit Transfer”
Social security numbers were included!
Also, how did the data leak if this statement from MOVEit is true: “ MOVEit provides secure collaboration and automated file transfers of sensitive data and advanced workflow automation capabilities without the need for scripting. Encryption and activity tracking enable compliance with regulations such as PCI, HIPAA and GDPR”
> Individuals can freeze and unfreeze their credit for free, which stops others from opening new accounts and borrowing money in your name.
> To prevent someone else from filing returns or receiving your federal tax refund, request an “Identity Protection Pin” from the Internal Revenue Service [...]
This blows my mind. How can these things be allowed without proper authentication?
I assume digital identity à la eIDAS, BankID or Freja is not a thing in the US?
> I assume digital identity à la eIDAS, BankID or Freja is not a thing in the US?
There isn't even standardised non-digital identity on which to build, so no.
It's funny how Americans will loudly proclaim Europe can't innovate and there's so much innovation in the US, yet they're practically in the dark ages in many areas - digital and offline identity, banking, insurance, healthcare, internet costs, tax filing etc. Fingers crossed the free market will come and innovate.
Or the more common sense, cheaper, and easier approach of holding lenders liable for not doing their due diligence.
“Identity theft” does not or should not exist as a thing. It is and always should have been fraud between a lender and the person(s) committing fraud, and prosecuted as such, with the business buying insurance if it wants to protect itself from losses to due to fraud.
“global hack of the data transfer software MOVEit Transfer”
Social security numbers were included!
Also, how did the data leak if this statement from MOVEit is true: “ MOVEit provides secure collaboration and automated file transfers of sensitive data and advanced workflow automation capabilities without the need for scripting. Encryption and activity tracking enable compliance with regulations such as PCI, HIPAA and GDPR”