It's an aggregation of previous leaks. Malicious actors having all that information together is a big deal in and of itself, but it's not the"mother of all breaches" some publications are trying to make it be.
this post was submitted on 24 Jan 2024
230 points (96.0% liked)
Technology
58011 readers
3340 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
This, i keep telling people this is just a very sensationalized headline. Some of the companies listed here are definitely from breaches that happened over 5 years ago (ex: myfitnesspal)
@[email protected] I read that 60% of the entries have never been seen before. I think the source was HaveIBeenPwned. Am I wrong about that?
Edit: 35% of the email addresses have never been in a known breach
The Naz.API leak that was given to Troy Hunt is different from this leak. That's also an aggregation, but smaller in size. What Troy has is probably more significant since about 1/3 of that is newly discovered. Right now, no one has published an analysis of the unique accounts in this larger aggregation.
divorce attorneys are going to have a field day
Using this dataset in court seems dubious. I think it falls under fruit of the poison tree doctrine but I'm a lawn chair lawyer (ie not a lawyer) at best.
Good. Unfortunately this is the only way we'll learn to stop giving vital information, or even truthful information, to any and every site that asks for it.
I sympathize with those whose data was leaked but I don't agree that there will ever be sufficient security or protections of privacy.
There's a company which will give you a >40in LCD smart TV to keep, for as long as you want it, with the catch that the second screen that comes with the TV (it's a screen that is a couple of inches tall and spans the width of the device) is on at all times and only plays ads.
There's also a camera that actively films you and records your audio, video. It's also on all the time.
The company makes it clear that they're giving you a free, very well specced TV with all the amenities, and in return they'll collect your data. It's surprising how many people (who otherwise can't afford a TV) said yes.
That's wild to me. I'd rather eat my own flesh than be subjected to forced ad viewing.
TVs are historically cheap. I'm not trying to dunk on the poor but I just can't see how that invasion of privacy is worth $300.
We have the privilege of being able to make those sorts of calls.
If I couldn't afford to provide my kids with any luxuries I can imagine jumping at this.
You can get a TV for as low as 79 from bestbuy
What would stop someone from putting a piece of cloth over the lower screen? And GAH! Never, no, get me outa here!!
Apparently they review the second screen via the camera. Any attempts to hide/block/hack/break the second screen would result in a breach of contract, which results in a charge for the full price of the TV and extra on top for damages/breach of terms etc.
You're made to sign a few documents before you receive your TV. I suspect they've covered all angles
So one way you can think about it is this. The people who traded thier info for the tv can't sell thier info for anywhere near that value. So they got a good deal. The reality is that all our info is already out there some where anyway. So these breaches mean very little anymore. It's getting to the point that an contract agreed to where identity is verified by personal info will be easy to challenge in court.
Good, enjoy em, all old passwords I havent used in 10 years
I just assume most people who have a normal online presence have had some form of identity leaked, as well as plenty of people that don’t. Like maybe elderly have credit records breached when Experian got hacked.
Gotta have 2FA, and make sure critical accounts have solid passwords. About all you can do, and no guarantee some shoddy IT in the business holding the account didn’t store all your info unhashed or something.
So, I loose nothing. Cool :thumbs_up: