I hate the tone of that letter, has the typical PR tone all over it.
Basically to sum it up: "Your Social Security Number, Name, Birthdate, Address, and everything else needed to steal your identity is at risk. But don't worry! Your credit card number is safe."
The whois[1] records for http://anthemfacts.com was registered in December. It took them months to create that PR report and prepare for damage control. They should have notified victims much earlier.
To give 'em the benefit of the doubt-- perhaps perhaps perhaps they needed that particular domain in anticipation of some other instance where they dropped the ball but your conclusion is more compelling.
So, today it was announced that they knew something was up as early as 12/10:
"The company also confirmed Friday that it found that unauthorized data queries with similar hallmarks started as early as Dec. 10 and continued sporadically until Jan. 27.
...
The hackers succeeded in penetrating the system and stealing customer data sometime after Dec. 10 and before Jan. 27, Binns said."
Who cares about credit card numbers when you are protected for free and your credit card can be reissued unlike your SSN. I can't believe than in 2015 there's no modern way to verify and protect your identity! There are still so many stupid system relying on your last 4 of your SSN or DoB as authentication!
In Sweden we have a personal number. It's unique to every person but its not secret at all. You use an official identity card or passport or the electronic variant to identify yourself. I'm guessing its some kind of privacy issue behind there not being a similar system in US? Because it works pretty well.
Just rename it Patriot ID and I'm sure people will come around :/
Seriously, if California is giving driver's licenses to whoever wants them (and who's 16 and can learn to drive), I don't see the harm sending out centrally verifiable identity cards. The costs of implementing such a system have gone way down over the years, but to be sure, bid out the job and finance it with surcharges on credit report checks, and any other transaction that involves verifying identity. There are surcharges everywhere else in the transaction. What probably concerns a lot of people is that they don't want the government to know every time they get a credit check. Not sure how you solve that, other than making this a GSE or legal monopoly.
Sweden's entire population is about the size of the Chicagoland area. Now imagine 320+ million people all living in different semi-autonomous states all with their own bureaucracies and hundreds of taxing authorities. Now imagine proposing a national ID card to these people. Yeah, its not that easy. The US isn't centralized like a lot of European nations. Governance of very critical things are done on the state level and that isn't going to change anytime soon.
>I'm guessing its some kind of privacy issue behind there not being a similar system in US?
The social security system, which is a federal program, produced a unique number for all citizens. The states quickly started using this number in their own bureaucracy and everyone else followed (banks, etc). Now its a defacto numeric identifier.
The big problem here is how easy it is to get credit in my name if you have my SSN, like its the root password to my finances. Credit is far too easy to get in the states from a paperwork perspective. I should not fear other people getting my SSN. Banks and other organizations need to realize that if someone presents my SSN, that doesn't mean its me. More numbers or psuedo-SSN's aren't the fix here. The fix is due diligence and better fraud protections.
Not to mention everyone already carries a unique identifier thats easy to verify - your fingerprint. I think SSN + fingerprint plus a letter sent to my home that needs to be signed should be the minimum to open any line of credit. SSN alone should be worthless.
Its also bothersome that PCI-DSS and other regulations treat credit cards like NSA secrets, which is fine as they should be encrypted, but there's no legislation or guidelines to make SSN's encrypted. SSN's sit as plain-text in every database in the US. That's kind of scary and probably invites hacks.
Not to mention everyone already carries a unique identifier thats easy to verify - your fingerprint.
Actually a surprising number of people don't. For either medical (dermatitis), work (manual laborer wearing them out, operation room personnel scrubbing them out...) or age related reasons.
Well, the US has States and that complicates things quite a bit for this type of thing. Most states will give you a driver's license number as an id (with the appropriate "ID Only" mark).
There is also the Real ID Act[1] that trying to establish federal id requirements. This is going to cause some problems and look for it in the news. It is a DHS enforced national ID law.
And yes, some of the folks in the US believe a national ID that is needed to buy, sell, or get a job would be a little too close to the Bible's mark of the beast. That gives quite a lot of friction to any national id.
some of the folks in the US believe a national ID that is needed to buy, sell, or get a job would be a little too close to the Bible's mark of the beast.
You're exaggerating a bit into a strawman.
I strongly oppose REAL ID (which, by the way, was around for a while before the DHS existed). And as a "tooth fairy agnostic" as Dawkins would say, I'm not the least bit concerned about the number of the beast.
What I am concerned about - and this goes the same for anyone else with whom I've discussed the issue - is, why is it the federal government's business at all when and how I "buy, sell, or get a job"? This seems like a tool for the federal government to get its grubby mitts into more stuff that's not within its enumerated powers.
Perhaps I should have separated that from the DHS stuff, but it is a belief of some folks (enough who vote to have made a long difference) and it goes to why we don't currently have a national id. It is part of the history in the US and the original poster is not from the US and wanted some reasons.
DHS is the agency currently charged with Real ID Act oversight. I'm not sure the who is important before the law is implemented.
A social security number (SSN) is the same idea. The difference is that not every citizen has one.
The problem with this number is that, similar to Sweden, it can be used as an identity number and as a password. This is a terrible thing to do. In your small country of homogenous socially protected people, you may not have a widespread problem of theft. In the US, however, there is an entire industry of stealing these numbers in order to take out new lines of credit, buy items at stores, and then not pay them off.
Yes. This just highlights the fact that you NEVER, ever want to buy an iOS device from a carrier's store. Always buy directly from Apple. Not just because of this SIM lock issue, but also because Apple's return policy and the way they handle problems very early in the life of a device is very different if you bought it somewhere else versus having bought it from Apple directly.
> the way they handle problems very early in the life of a device is very different if you bought it somewhere else versus having bought it from Apple directly
My recent experience directly contradicts that. I bought my daughter an iPhone 6 from Verizon (because of the $200 trade in offer). My daughter's screen cracked within a month. The Apple store gave her a new phone, no charge. Couldn't have been easier. The only thing the store needed to do was to remove the SIM from her old phone and pop it into her new one.
But I agree with your general assertion. Absent a strong financial incentive (in this case a much better trade in value) or other extenuating circumstance, I would always buy directly from Apple.
Edit: just wanted to add, I think that Apple is "being good" in this, the very early phase of iPhone 6. My daughter claims she didn't drop her phone (ha ha) and the crack was very similar to pictures I've seen of "bendgate" where the break occured near the weak points of the phone. So Apple doesn't want more negative publicity about this. If it were six months from now, Apple might be much less accommodating.
Wait, so explain it to me. When I bought my last iPad, I could have sworn I had to choose an AT&T model or a Verizon model. Or is this a new feature on the iPad Air 2?
Right. Older cellular iPads supported either GSM or CDMA, so you had to choose at purchase in the US whether it was for AT&T (GSM) or Verizon (CDMA). Newer cellular iPads include both GSM and CDMA.
The best part about this: iPad boxes never said which carrier it was locked to. You had to look it up via serial number. Non-Apple sales people didn't seem to understand this and happily sold me an AT&T iPad when I asked for a Verizon iPad.
Yep, same here. I have a first gen iPad, a first gen retina display iPad, and a couple of iPad Air now and only the first gen didn't have the carrier on the box, but that's because the first gen was ATT only.
Seemed to me like the benefit of these SIM cards was that would could change providers at will without hunting down a new SIM. But it seems like you can only choose once.
“wirelessly transfer a song you want to share to your zune friends, they can play it just a little bit"
Then Steve Jobs said something like:
“if you’re on the subway and want to share a song with someone cool, why fuck around with sending a demo song, just take off 1 earbud and listen to the music together"
Ah I didn't realize Mint wasn't available outside the US. In that case if I were living where Mint wasn't available, I would like to use something like it.
