Facebook’s lead EU regulator is asking questions about its latest security fail – gpgmail


Facebook’s lead data protection regulator in Europe has confirmed it’s put questions to the company about a major security breach that we reported on yesterday.

“The DPC became aware of this issue through the recent media coverage and we immediately made contact with Facebook and we have asked them a series of questions. We are awaiting Facebook’s responses to those questions,” a spokeswoman for the Irish Data Protection Commission told us.

We’ve reached out to Facebook for a response.

As we reported earlier, a security research discovered an unsecured database of hundreds of millions of phone numbers linked to Facebook accounts.

The exposed server contained more than 419 million records over several databases on Facebook users from multiple countries, including 18 million records of users in the U.K.

We were able to verify a number of records in the database — including UK Facebook users’ data.

The presence of Europeans’ data in the scraped stash makes he breach a clear matter of interest to the region’s data watchdogs.

Europe’s General Data Protection Regulation (GDPR) imposes stiff penalties for compliance failures such as security breaches — with fines that can scale as high as 4% of a company’s annual turnover.

Ireland’s DPC is Facebook’s lead data protection regulator in Europe under GDPR’s one-stop shop mechanism — meaning it leads on cross-border actions, though other concerned DPAs can contribute to cases and may also chip in views on any formal outcomes that result.

The UK’s data protection watchdog, the ICO, told us it is aware of the Facebook security incident.

“We are in contact with the Irish Data Protection Commission (DPC), as they are the lead supervisory authority for Facebook Ireland Limited. The ICO will continue to liaise with the IDPC to establish the details of the incident and to determine if UK residents have been affected,” an ICO spokeswoman also told us.

It’s not yet clear whether the Irish DPC will open a formal investigation of the incident.

It does already have a large number of open investigations on its desk into Facebook and Facebook-owned businesses since GDPR’s one-stop mechanism came into force — including one into a major token security breach last year, and many, many more.

In the latest breach instance, it’s not clear exactly when Facebook users phone numbers were scraped from the platform.

In a response yesterday Facebook said the data-set is “old”, adding that it “appears to have information obtained before we made changes last year to remove people’s ability to find others using their phone numbers”.

If that’s correct, the data breach is likely to pre-date April 2018 — which was when Facebook announced it was making changes to its account search and recovery feature, after finding it had been abused by what it dubbed “malicious actors”.

“Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way,” Facebook said at the time.

It would also therefore pre-date GDPR coming into force, in May 2018, so would likely fall under earlier EU data protection laws — which carry less stringent penalties.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Federal grand jury indicts Paige Thompson on two counts related to the Capital One data breach – gpgmail


The Department of Justice said today that a federal grand jury has indicted software engineer Paige Thompson on two counts related to the Capital One data breach that affected over 100 million customers. The charges in the indictment carry penalties of up to 25 years in prison. Thompson will be arraigned in U.S. District Court in Seattle on Sept. 5.

Thompson allegedly created created software that allowed her to see which customers of a cloud computing company (the indictment does not name the company, but it has been identified as Amazon Web Services) had misconfigured their firewalls and accessed data from Capital One and more than other 30 companies.

Much of the information in today’s indictment was already included in the FBI’s criminal complaint filed in July. In the indictment, however, the Department of Justice includes the new allegation that Thompson used the cloud servers she allegedly breached for cryptojacking. Though Thompson had previously made references to cryptojacking, or stealing someone else’s processing power to mine cryptocurrencies, in Slack messages reported by Forbes, today’s indictment does not contain new evidence about why the Department of Justice is making those claims.

Research has found that cryptojacking may be on the rise, in part because many organizations do not have adequate security measures in place.

In its statement, the Department of Justice said it has identified some of the victims of the data breach, including a state agency and a public research university located outside Washington state and a telecommunications conglomerate outside of the U.S. The indictment did not name the victims, but security firm CyberInt has said that Vodafone, Ford, Michigan State University and the Ohio Department of Transportation may all be victims of the data breach, which also included 106 credit card applications and files copied from a cloud server by Thompson.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Web host Hostinger says data breach may affect 14 million customers – gpgmail


Hostinger said it has reset user passwords as a “precautionary measure” after it detected unauthorized access to a database containing information on millions of its customers.

The breach is said to have happened on Thursday. The company said in a blog post it received an alert that one of its servers was improperly accessed. Using an access token found on the server, which can give access to systems without needing a username or a password, the hacker gained further access to the company’s systems, including an API database containing customer usernames, email addresses, and scrambled passwords.

Hostinger said the API database stored about 14 million customers records. The company has more than 29 million customers on its books.

“We have restricted the vulnerable system, and such access is no longer available,” said Daugirdas Jankus, Hostinger’s chief marketing officer.

“We are in contact with the respective authorities,” said Jankus.

An email from Hostinger explaining the data breach. (Image: supplied)

News of the breach broke overnight. According to the company’s status page, affected customers have already received an email to reset their passwords.

The company said that financial data wasn’t taken in the breach, nor was customer website files or data affected.

But one customer who was affected by the breach accused the company of being potentially “misleading” about the scope of the breach.

A chat log seen by gpgmail shows a customer support representative telling the customer it was “correct” that customers’ financial data can be retrieved by the API but that the company does “not store any payment data.” Hostinger uses multiple payment processors, the representative told the customer, but did not name them.

“They say they do not store payment details locally, but they have an API that can pull this information from the payment processor and the attacker had access to it,” the customer told gpgmail.

We’ve reached out to Hostinger for more, but a spokesperson didn’t immediately comment when reached by gpgmail.

Related stories:


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

MoviePass exposed thousands of unencrypted customer card numbers – gpgmail


Movie ticket subscription service MoviePass has exposed tens of thousands of customer card numbers and personal credit cards because a critical server was not protected with a password.

Mossab Hussein, a security researcher at Dubai-based cybersecurity firm SpiderSilk, found an exposed database on one of the company’s many subdomains. The database was massive, containing 161 million records at the time of writing and growing in real-time. Many of the records were normal computer-generated logging messages used to ensure the running of the service — but many also included sensitive user information, such as MoviePass customer card numbers.

These MoviePass customer cards are like normal debit cards: they’re issued by Mastercard and store a cash balance, which users who sign up to the subscription service can use to pay to watch a catalog of movies. For a monthly subscription fee, MoviePass uses the debit card to load the full cost of the movie, which the customer then uses to pay for the movie at the cinema.

We reviewed a sample of 1,000 records and removed the duplicates. A little over half contained unique MoviePass debit card numbers. Each customer card record had the MoviePass debit card number and its expiry date, the card’s balance, when it was activated.

The database had more than 58,000 records containing card data — and was growing by the minute.

We also found records containing customers’ personal credit card numbers and their expiry date — which included billing information, including names, and postal addresses. Among the records we reviewed, we found records with enough information to make fraudulent card purchases.

Some records, however, contained card numbers that had been masked except for the last four digits.

The database also contained email address and some password data related to failed login attempts. We found hundreds of records containing the user’s email address and presumably incorrectly typed password — which was logged — in the database. We verified this by attempting log into the app with an email address and password that didn’t exist but only we knew. Our dummy email address and password appeared in the database almost immediately.

None of the records in the database were encrypted.

Hussain contacted MoviePass chief executive Mitch Lowe by email — which gpgmail has seen — over the weekend but did not hear back. It was only after gpgmail reached out Tuesday when MoviePass took the database offline.

It’s understood that the database may have been exposed for months, according to data collected by cyberthreat intelligence firm RiskIQ, which first detected the system in late June.

We asked MoviePass several questions — including why the initial email disclosing the security lapse was ignored, for how long the server was exposed, and its plans to disclose the incident to customers and state regulators. When reached, a spokesperson did not comment by our deadline.

MoviePass has been on a rollercoaster since it hit mainstream audiences last year. The company quickly grew its customer base from 1.5 million to 2 million customers in less than a month. But MoviePass took a tumble after critics said it grew too fast, forcing the company to cease operating briefly after the company briefly ran out of money. The company later said it was profitable, but then suspended service, supposedly to work on its mobile app. It now says it has “restored [service] to a substantial number of our current subscribers.”

Leaked internal data from April said its customer numbers went from three million subscribers to about 225,000. And just this month MoviePass reportedly changed user passwords to hobble access for customers who use the service extensively.

Hussain said the company was negligent in leaving data unencrypted in an exposed, accessible database.

“We keep on seeing companies of all sizes using dangerous methods to maintain and process private user data,” Hussain told gpgmail. “In the case of MoviePass, we are questioning the reason why would internal technical teams ever be allowed to see such critical data in plaintext — let alone the fact that the dataset was exposed for public access by anyone,” he said.

The security researcher said he found the exposed database using his company-built web mapping tools, which peeks into non-password protected databases that are connected to the internet, and identifies the owner. The information is privately disclosed to companies, often in exchange for a bug bounty.

Hussain has a history of finding exposed databases. In recent months he found one of Samsung’s development labs exposed on the internet. He also found an exposed backend database belonging to Blind, an anonymity-driven workplace social network, exposing private user data.

Read more:


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Credit Karma glitch exposed users to other people’s accounts – gpgmail


Users of credit monitoring site Credit Karma have complained that they were served other people’s account information when they logged in.

Many took to a Reddit thread and complained on Twitter about the apparent security lapse.

“First time logging in it gave me my information, but as soon as I refreshed the screen, it gave me someone else’s info,” said one Reddit user. “Refreshed again and bam! someone else’s info — it’s like roulette.” Another user said they logged in and out several times and each time they had “full access to a different random person’s credit file,” they said.

One user told gpgmail that after they were served another person’s full credit report, they messaged the user on LinkedIn “to let him know his data was compromised.”

Another user told us this:

The reports are split into two sections: Credit Factors — things like number of accounts, inquiries, utilization; and Credit Reports — personal information like name, address, etc.. The Credit Reports section was my own information, but the Credit Factors section definitely wasn’t. It listed four credit card accounts (I have more like 20 on my report), a missed payment (I’m 100% on time with payments), a Honda auto loan (never had one with Honda), student loan financing (mine are paid off and too old to appear on my report), and cards with an issuer that I have no relationship with (Discover).

Several screenshots seen by gpgmail show other people’s accounts, including details about their credit card accounts and their current balance.

Another user who was affected said they could read another person’s Credit Factors — including derogatory credit marks — but that the Credit Report tab with that user’s personal information, like names and addresses, was blank.

One user said that the login page was pulled offline for a brief period. “We’ll be right back,” the login page read instead.

Credit Karma spokesperson Emily Donohue denied there was a data breach, but when asked would not say how many customers were affected.

“What our members experienced this morning was a technical malfunction that has now been fixed. There is no evidence of a data breach,” the statement said.

The company didn’t say for how long customers were experiencing issues.

Credit Karma offers customers free credit score monitoring and reports. The company allows users to check their scores against several major credit agencies, including Equifax, which last month was fined at least $575 million for a 2017 data breach.




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

StockX was hacked, exposing millions of customers’ data – gpgmail


It wasn’t “system updates” as it claimed. StockX was mopping up after a data breach, gpgmail can confirm.

The fashion and sneaker trading platform pushed out a password reset email to its users on Thursday citing “system updates,” but left users confused and scrambling for answers. StockX told users that the email was legitimate and not a phishing email as some had suspected, but did not say what caused the alleged system update or why there was no prior warning.

A spokesperson eventually told gpgmail that the company was “alerted to suspicious activity” on its site but declined to comment further.

But that wasn’t the whole truth.

An unnamed data breached seller contacted gpgmail claiming more than 6.8 million records were stolen from the site in May by a hacker. The seller declined to say how they obtained the data.

In a dark web listing, the seller put the data for sale for $300. One person at the time of writing already bought the data.

The seller provided gpgmail a sample of 1,000 records. We contacted customers and provided them information only they would know from their stolen records, such as their real name and username combination and shoe size. Every person who responded confirmed their data as accurate.

The stolen data contained names, email addresses, scrambled password (believed to be hashed with the MD5 algorithm and salted), and other profile information — such as shoe size and trading currency. The data also included the user’s device type, such as Android or iPhone, and the software version. Several other internal flags were found in each record, such as whether or not the user was banned or if European users had accepted the company’s GDPR message.

Under those GDPR rules, a company can be fined up to four percent of its global annual revenue for violations.

When reached prior to publication, neither spokesperson Katy Cockrel nor StockX founder Josh Luber responded to a request for comment. A voicemail left on the spokesperson’s cell was not returned.

Jake Williams, founder of Rendition Infosec, said the company “robbed their users of the chance to evaluate their exposure” by not informing customers of the breach when it happened.

StockX was last month valued at over $1 billion after a $110 million fundraise.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

FTC Toadies for Equifax, Begs Citizens to Register for Largely Worthless Credit Monitoring


This site may earn affiliate commissions from the links on this page. Terms of use.

In theory, organizations like the FTC exist to safeguard United States citizens. In practice, all too often, these organizations are far more beholden to the companies they supposedly regulate than the citizens whose rights they protect. Last week, the FTC announced a settlement with Equifax, in which individuals whose data was stolen — that’s basically everyone in the United States — were eligible for $125 in compensation. Given the breadth and importance of the data Equifax allowed to be stolen, one might think that kind of minimal compensation would be the least the company could offer, given that it leaked social security numbers, addresses, phone numbers, dates of birth, and names.

Now, however, the FTC has changed its tune. Far too many people have registered for the $125 settlement. Under the proposed settlement structure, only $31M has been set aside to provide these refunds. That translates to $125 for 248,000 people. The Equifax hack affected 147 million people. In other words, according to the FTC, only 0.16 percent of Americans were estimated to request $125. Now our government is begging its own citizens to accept near-worthless free credit monitoring (which costs Equifax literally nothing to provide) rather than asking for a tiny cash settlement in exchange for one of the most egregious database thefts of all time.

Just Buy It Pick Free Credit Report Monitoring

The FTC’s new blog post is headlined “Equifax data breach: Pick free credit report monitoring.” Robert Schoshinski, the Assistant Director, Division of Privacy and Identity Protection, writes:

The free credit monitoring is worth a lot more – the market value would be hundreds of dollars a year. And this monitoring service is probably stronger and more helpful than any you may have already, because it monitors your credit report at all three nationwide credit reporting agencies, and it comes with up to $1 million in identity theft insurance and individualized identity restoration services.

The FTC blog post does not note that the only reason the pool of cash for refunds is so small is the FTC deal with Equifax only allocates $31M to the relevant fund. While the agreement with Equifax included up to $425M to help victims of the breach, the overwhelming majority of the money is earmarked for other purposes. That’s dealt with in a separate press release. The government also doesn’t note that under the terms of the deal, it will be extremely difficult for anyone to prove an incidence of identity theft was tied to the Equifax database theft because that database has never been detected for sale on any hacking website. This implies it was stolen by a state actor rather than a conventional hacker.

Hurrah. R0ckH4rd69Lvr doesn’t have your data; Russia or China probably does. That’s vastly better.

Most financial websites do not agree with the FTC’s claim that free credit monitoring is worth “a lot more.” To quote Levar Burton, “You don’t have to take my word for it.” Here’s a sampling of quotes and links on the topic:

NerdWallet: “NerdWallet recommends avoiding such offerings from credit bureaus.”
US News & World Report: “It’s of some value if you are a victim of identity theft, but its value is rather narrow.”
CNBC: “Credit monitoring services may not be worth the cost”
CNN Money: “Most of what these products provide you can easily do yourself, and for free.”
LendingTree: “The paid credit monitoring services won’t necessarily monitor your reports any better than a free service.”

Maryland Attorney General Brian Frosh captured the spirit of the issue far better in his comments about the settlement last week. Speaking about the ~147M victims of the Equifax hack, he noted: “Most of them—most of us—did not sign up… We did not choose Equifax,” Frosh said. “It chose us. It collected our personal information, it compiled it, analyzed that information, and sold the product and some of the raw data to other people. Their carelessness with our personal data will cause harm perhaps for millions of Americans.”

Slate’s argument, made last week, was that customers had a moral obligation to claim this funding, to send a message to Equifax and other companies about the critical importance of data security and to hold them accountable for failing to do so. Nobody chooses to do business with Equifax, TransUnion, or Experian. These institutions compile financial records and credit reports on Americans without consent, to provide global information about one’s credit history. There is no way to voluntarily withdraw from the system and credit checks are so important for so many life events, there would be little practical way for any but the richest Americans to do so.

Facebook got hit with a $5B fine for Cambridge Analytica, but Equifax is skating by with a $671M fine. According to the FTC, this was a deliberate decision to protect Equifax. “We want to make sure we don’t bankrupt the company or have them go out of business,” Maneesha Mithal, a data and privacy subject matter expert with the FTC, told Ars Technica. “We want to make sure they have the funds and resources to protect consumers going forward.”

Yes. Because nothing speaks to the importance of protecting consumers like a slap on the wrist when a company loses the data of 147 million Americans. Nothing promotes trust like the FTC publishing a shameful, toadying blog post declaring the value of worthless monitoring services that the company being fined can provide at no cost to itself.

Details on how to object to the settlement, should you wish to do so, are on the FAQ linked at the EquifaxBreachSettlement page. You cannot ask the Court to change the settlement, but you can advocate for it to be approved or denied. A $125 payment for a few million Americans was bad enough, but the government’s behavior in this case, not to mention the terms of the settlement itself, are both insulting.

Now Read:




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Clothing marketplace Poshmark confirms data breach – gpgmail


Poshmark, an online marketplace for buying and selling clothes, has reported a data breach.

The company said in a brief blog post that user profile information, including names and usernames, gender and city data was taken by an “unauthorized third party.” Email addresses, size preferences, and scrambled passwords were also taken.

Poshmark did not say which hashing algorithm, used to scramble the passwords, was used. Some algorithms are stronger than others.

The company also said “internal” preferences, such as email and push notifications, were taken.

Poshmark said it retained an outside security firm but did not say which company. It also said it has rolled out “enhanced security measures” without elaborating. We’ve contacted Poshmark for answers, but did not immediately hear back.

Financial data and physical address information was not compromise, the company said

Poshmark has upwards of 50 million users.

Read more:


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Education software maker Pearson says data breach affected thousands of accounts in the U.S. – gpgmail


Pearson, the London-based educational software maker, said today that thousands of school and university accounts, mostly in the United States, were affected by a data breach. The company added that it has notified affected users already and that the vulnerability has been fixed.

The Wall Street Journal reports that the data breach happened in November 2018 and Pearson was notified by the Federal Bureau of Investigation in March. The perpetrator is still unknown.

According to Pearson, unauthorized access was gained to 13,000 school and university accounts on AIMSweb, the company’s student monitoring and assessment platform. The data exposed included first and last names and, in some cases, date of birth and email addresses. Each account could potentially include information about thousands of students.

Pearson added that it has no evidence that any of the exposed information was misused. It will offer free credit monitoring services to affected users as a “precautionary measure.”

News of Pearson’s data breach comes the same week that Capital One disclosed a massive cyber attack that exposed sensitive information for about 100 million people in the U.S. and 6 million in Canada.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Capital One’s breach was inevitable, because we did nothing after Equifax – gpgmail


Another day, another massive data breach.

This time it’s the financial giant and credit card issuer Capital One, which revealed on Monday a credit file breach affecting 100 million Americans and 6 million Canadians. Consumers and small businesses affected are those who obtained one of the company’s credit cards dating back to 2005.

That includes names, addresses, phone numbers, dates of birth, self-reported income and more credit card application data — including over 140,000 Social Security numbers in the U.S., and more than a million in Canada.

The FBI already has a suspect in custody. Seattle resident and software developer Paige A. Thompson, 33, was arrested and detained pending trial. She’s been accused of stealing data by breaching a web application firewall, which was supposed to protect it.

Sound familiar? It should. Just last week, credit rating giant Equifax settled for more than $575 million over a date breach it had — and hid from the public for several months — two years prior.

Why should we be surprised? Equifax faced zero fallout until its eventual fine. All talk, much bluster, but otherwise little action.

Equifax’s chief executive Richard Smith “retired” before he was fired, allowing him to keep his substantial pension packet. Lawmakers grilled the company but nothing happened. An investigation launched by the former head of the Consumer Financial Protection Bureau, the governmental body responsible for protecting consumers from fraud, declined to pursue the company. The FTC took its sweet time to issue its fine — which amounted to about 20% of the company’s annual revenue for 2018. For one of the most damaging breaches to the U.S. population since the breach of classified vetting files at the Office of Personnel Management in 2015, Equifax got off lightly.

Legislatively, nothing has changed. Equifax remains as much of a “victim” in the eyes of the law as it was before — technically, but much to the ire of the millions affected who were forced to freeze their credit as a result.

Mark Warner, a Democratic senator serving Virginia, along with his colleague since turned presidential candidate Elizabeth Warren, was tough on the company, calling for it to do more to protect consumer data. With his colleagues, he called on the credit agencies to face penalties to the top brass and extortionate fines to hold the companies accountable — and to send a message to others that they can’t play fast and loose with our data again.

But Congress didn’t bite. Warner told gpgmail at the time that there was “a failure of the company, but also of lawmakers” for not taking action.

Lo and behold, it happened again. Without a congressional intervention, Capital One is likely to face largely the same rigmarole as Equifax did.

Blame the lawmakers all you want. They had their part to play in this. But fool us twice, shame on the credit companies for not properly taking action in the first place.

The Equifax incident should have sparked a fire under the credit giants. The breach was the canary in the coal mine. We watched and waited to see what would happen as the canary’s lifeless body emerged — but, much to the American public’s chagrin, no action came of it. The companies continued on with the mentality that “it could happen to us, but probably won’t.” It was always going to happen again unless there was something to force the companies to act.

Companies continue to vacuum up our data — knowingly and otherwise — and don’t do enough to protect it. As much as we can have laws to protect consumers from this happening again, these breaches will continue so long as the companies continue to collect our data and not take their data security responsibilities seriously.

We had an opportunity to stop these kinds of breaches from happening again, yet in the two years passed we’ve barely grappled with the basic concepts of internet security. All we have to show for it is a meager fine.

Thompson faces five years in prison and a fine of up to $250,000.

Everyone else faces just another major intrusion into their personal lives. Not at the hands of the hacker per se, but the companies that collect our data — with our consent and often without — and take far too many liberties with it.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something