Data breach exposes info for 80% of El Salvador's population

yieldcrv · 2024-05-08T18:40:51.000000Z

> have been made available for free on the dark web

where on the dark web? that's the same as saying "on the internet" or "on social media"

edit: source article states Breach Forum

https://www.resecurity.com/blog/article/massive-dump-of-hack...

rolph · 2024-05-08T20:29:29.000000Z

apparently the term originates from onion routing, but i see darkweb as beyond that, to include all nonindexed resources, of all protocols.

everything you can reach but cant engine-search [google] for.

yieldcrv · 2024-05-08T20:52:36.000000Z

the term for that has been deep web

WhereIsTheTruth · 2024-05-08T20:11:21.000000Z

El Salvador is training ground for the digital id/$/€; i wouldn't be surprised if it was done for that specific reason, to test infrastructure/prove a point

SahAssar · 2024-05-08T21:30:42.000000Z

Digital ID has been used for a long time in many countries (see things like estonias ids or swedens bankid/freja or any of the similar things in other EU countries and the rest of the world). Digital currency has also been around forever.

What El Salvador is trying to try is making decentralized currency part of an inherently centralized system (government identity and banking).

I don't think it'll work but don't confuse their thing with the generally accepted good thing of digital id's (being able to prove your identity to sensitive services like tax authorities, banks, etc.) or digital money (which is what we all have except when using actual cash and coins).

yieldcrv · 2024-05-08T18:36:45.000000Z

> but the breach appears to make Salvadorans relatively easy targets for cybercriminals looking to open accounts under assumed names, which would normally require them to gather other information contained in the leaked database

daily reminder that AML/KYC is a joke when you can just get a legitimate account with anybody else's info and access the international banking system

you would never be notified if someone simply made a bank account in your name, and never overdrafted it.

dotcoma · 2024-05-08T17:58:57.000000Z

But they can pay with Bitcoin at the beach...

JumpCrisscross · 2024-05-08T18:37:58.000000Z

> data seems unlikely to help any hacker attempting to defeat an onboarding or access control system protected with presentation attack detection

No. But these people have been forever de-anonymised in photos and videos online, as well as in potentially every place on the planet with an integrated security-camera system.

kragen · 2024-05-08T21:20:18.000000Z

right, it's going to be a godsend for honduras when they invade and conquer el salvador eight years from now; they'll be able to reliably target their slaughterbots to the family members of the particular government officials they need to surrender, leave doors unlocked, security cameras turned off, etc.

privacy is civil defense