Equifax and Transunion say hackers stole celebrity credit reports

Equifax and Transunion say hackers stole celebrity credit reports:

http://nakedsecurity.sophos.com/201...n-say-hackers-stole-celebrity-credit-reports/

 

Mega-hack of celebrities exposes social security numbers, credit reports, and more...........

http://nakedsecurity.sophos.com/2013/03/12/celebrity-hack-social-security/

 

I'm hoping this will convince at least some of these people to dial back on their sharing their lives with fans they've never met and likely never will, dial back on Twitter and other social media, lock their phones for once in their lives and just use some common sense. They're going to have to understand that they can't act like they could back in the 90s, 80s and earlier. Publicity is their means of survival, there's no question of that. But we live in very different times, and they need to adapt to that. With social media, the cameras in effect never go dark. Bodyguards can't protect them from some nutcase 2000 miles or more away making threats on Twitter, hacking their social media accounts and gaining a treasure trove of information. The same vehicles that can keep them in the spotlight can destroy them.

They've got to stop posting photos inside their homes, they've got to stop or at least think before they take "selfies" meant for their significant others/boyfriends/girlfriends and leaving them on their phones and mobile devices. They live in fantasy worlds, but it's situations like what just occurred that can easily turn that fantasy into a nightmare. Celebs are notorious enough with bad financial handling, they don't need this kind of thing added to it.

 

This wouldn't have stopped the breach however as it appears no real hacking occurred. All information obtained to get to the PII was OSINT and used to determine the answers to the account security/verification questions (unless more information has come out since yesterday). If anything the advice would be to not use easy to guess questions/answers for system verification. Especially for high profile characters.

 

No, it wouldn't have stopped this particular breach, that's true. But their lack of basic knowledge of security practices (and just as much lack of care) would prevent the nude photo scandals, Twitter hacks and more. You're right though, bad passwords and generic answers to "secret questions" is a huge problem.

Storytime: Last year I was out in L.A working with a high profile client in the film industry. She had a meeting with a well known actress on the same day, and as luck would have it I managed to be in the right place at the right time and met her and her agent. She had her little dog under her arm and was messing about with her phone. I kid you not, she asked her dog if it would like to be her password....I wish I were making it up considering who she is, alas I am not. Fun times were had by all, especially her agent whom it was painfully obvious was a "Yes" person and was giddy as a schoolgirl just so he could keep his job being the go-for for someone that mattered. Meanwhile, I'm standing there, mentally possessing the key to God only knows what information.

Back to the topic, I personally think "security questions" are a plague upon the Earth and should be thrown out along with Captcha and the rest of these outdated and crap methods of security.