Equifax leaks 143 million social security numbers, and the tech world stands jawdropped, while the mainstream press treats it as a sideline note. This treatment of security on the sidelines is exactly what caused the conditions for the leak in the first place, like last month’s catastrophic leak, and next month’s, and the one after that. It can no longer be okay for the old world to treat the Internet as an intriguing but harmless toy.
As Ars Technica observes, the Equifax leak is probably the worst leak ever in terms of identity theft risk: almost 150 million identity records with the complete dataset of what’s required to apply for credit, such as your social security number, date of birth, and home address. The perfect dataset to capture almost anybody’s identity in bad faith.
But it doesn’t stop there. It’s not just Equifax that has the worst leak ever. For example, the US government leaked some 20 million records from its own top-secret personnel database. It’s not just the US government, either.
Equifax is the worst leak ever, as stated. Maybe. Up until this month. Next month there’s something worse. Again. And again.
It’s catastrophe, on catastrophe, on catastrophe. The words will cease to have meaning if this is going to be the modus operandi. “Catastrophe” is on its way to become a new word for “just another million-record leak, like the one yesterday”.
But the problem is that it is a catastrophe. Every one of these leaks. Every single time. And it’s always based on one of two things: one, sloppy security and outright amateurishness (see MtGox for a terrifying billion-dollar example), or two, old-world thousand-dollar-suited know-betters who don’t consider this internet fad to be worthy of attention, and therefore let less important people without budgets deal with it