Given the recent breach of a data broker, the credit bureaus, and the Dark Web, everyone's personal data is available for a rapidly declining price. We are all vulnerable but they cannot get to us all. That said, the prudent will freeze their credit reports, use strong authentication, and maintain a vigilant posture.
I am not a big fan of data monitoring services; they are targets and increase one's personal attack surface. However, we really need to monitor the social security numbers of children. They are often used in synthetic identity applications.
Business should rely on full name and address or name and place and date of birth, not SSNs, as identifiers; no one else with my name lives where I live or was born at the same place and time. SSNs were necessary when storage (in 80 column cards) was dear. They are not even necessary in modern databases and cheap storage. The last four digits of the SSN may be used for verification and as tie breakers in some applications.
Posts
No comments:
Post a Comment