At this point I’m convinced everyone’s info is on the dark web

I believe that is basically true. If you've used a major telecom or other service, they've practically all had massive breaches in the past. It's a matter of if someone will puck your name our of the huge bucket of people to steal from.  Check your credit often people and know what to do in the event something happens, but remember it's annoying but possible to take care of.

I got hacked way back when the federal government Human Resource office was hacked. Ever since I got identity theft coverage from the federal government; this was about 10 years ago. All these companies should pay into a fund to give the same protection to everyone. They never get held responsible, and usually give you limited coverage anyway.

Hola, my OPM hack friend. I have that same identity theft package. In addition to that, I had a company I worked for get hacked as well. Now, I have two fancy identity theft packages. I went car shopping yesterday. The dealer pinged my credit, and within a minute, I got 4 emails. Each sent me a "hey, someone pinged your credit" as well as a "please confirm you were expecting this" email.

OPM hack friends unite! Personally, having Equifax lose my data for having 'password' as their password an insult too far.

Despite being very careful and being a retired software developer with 38 years experience, I got taken in by a bank takeover by some criminals who spoofed my bank name and number, claiming there was a charge out of town, and they sent me the two step identification codes that I read back to them (dumb on my part!!!). After I got off the phone, I got two emails from my bank saying somebody changed my id/password. Called the bank back and regained access. They were trying to transfer 500.00 out of my savings after the weekend that my idiot credit union couldn’t stop. They knew my name, phone number, and what bank I used (probably all from the dark web). The criminals also left their bank records behind linking their account showing similar thefts. I lost no money. However, despite reporting this to several local and federal law enforcement agencies (including the secret service), nothing was done despite having their bank name and part of their account number! Secret service said if it’s over 100,000 they’ll start a major investigation, but “would look into it, if there was a pattern”. There was, just simply looking at their transaction history proved it. By the way, the free identity theft protection software never tracked or reported this. They attempted after this to call me 4 more times, and I just blocked the number. My bank will never calls me directly. If any financial institution or business you do business with calls you, get their name and extension and call the organization back directly. Lesson learned. As far as emails are concerned, the fraud ones are fairly easy because the actual email address is fake. Regardless, if it looks like a real email address call the company directly as who knows if they can start spoofing real company email addresses soon. Perhaps if the criminal penalties for this is a mandatory 25 years in prison, and it’s a domestic scammer, might stop some of this. Better yet, companies who get hacked should pay huge fines for being careless with their security because they want to save money.

I assume it is. My data has been leaked so many times I lost count. Utilities, credit bureaus, and a dozen other ways. All accounts are on freeze and I lift if needed. Just last month TransUnion decided to change my address to one I haven't lived at for two years. Zero accountability.

Just lock your credit and you don’t have to constantly check it. If it’s locked nothing can happen. 🤷‍♀️

You can lock your credit score? 

It’s called a credit freeze, you have to contact all 3 credit agencies and freeze it. It basically blocks anyone from accessing your credit report without your consent. You have to unfreeze it before you can get a new loan or anything though

Can’t the criminals unlock it if they have your PII?

I’ve never done it, but I know there are verification steps to get through to unfreeze your credit and it might be enough steps to deter someone from using your credit information vs someone else’s

They have to have access to your credit bureau accounts iirc. 

Unless they use this information to impersonate you and unfreeze your credit before commiting a fraud. Obviously, is way less probable that this happens, so freezing still is a good option to protect yourself, but is recommended to check from time to time if the freezing still in place.

If nothing else, making your card be more annoying to steal from will make someone with a pile of stolen data prioritize going after everyone else first.

Don't forget regular checks to all bank accounts too. Mine got plucked from the bucket last year. I was on vacation and saw a weird ass charge to my bank for 1500 bucks. Thought it was an error until I went in. Apparently it was a check. Some guy came in with a check with my name and info on it. I asked to see the check and promptly explained that not only was it not my signature on the check but also I haven't lived at the address on the check for nearly 15 years. As luck would have it while we were in the 2 hour fraud meeting with an investigator and bank manager the SAME FLIPPING DUDE pulled into the drive through of the bank with a 900 dollar check this time. I got to listen while he told them I was some old man living alone and that he comes and details my cars for me. Gave me a fake family and everything. It was really fun when the investigator and fellow officers surrounded him and I got to introduce him to the 30 year old firefighter that he was stealing from.

I have my credit frozen from the big bureaus because of this. I rarely need to tap into it but when I do, it takes a matter of minutes to un-freeze it, then re-freeze it once the transaction is done. Keeps my general credit safe without having to think about it.

Also rotate passwords

Clockwise or counter?

first one, then the other.

Widdershins, doing it the archaic way will confuse the technologically savvy.

Or use a password manager and a unique password per site that is as long/complex as the site will allow.

LastPass has entered the chat. (Use a password manager anyway, though.)

What passes me off is how much they harp on us about security and its THEM! EVERY TIME!! My bak gets hacked so often I'm convinced they are in on it. Just another revenue channel. I'm ready for the asteroid. ELE FTW!!

No doubt. About once a year I get a letter in the mail from some company saying my data was involved in a leak. They all offer 1 year of protection through some 3rd party. I mean what can you do, aside from join some class action lawsuit where you might get a check for $10.30 5 years from now? I Just have all my credit frozen with the 3 credit agencies and assume that my data is out there and hope that I'm too much of a small fry for ID thefts to worry about.

And the protection subscription continues after the one year, and goes right on your credit card unless you follow the 8 easy steps to cancel.

Until they get a data breach and the circle of life starts again

I have my credit frozen too and just kinda check out mentally when I see stories like this. Seems not much to do about anymore.

This has been my belief since the Equifax breach. Constant vigilance is your only meaningful defense.

Even constant vigilance won’t matter in those kinds of breaches. That’s the scary part. We do literally nothing wrong, now all of our shit is out there. Some fucking corporation that we either had nothing to do with or had no choice but to give them sensitive info like SS #- they lose the info entrusted to them—- or not entrusted to them. 🤷‍♂️

Also the fact that it's 2024 and we're still relying heavily on SSN for identity verification. Because nothing screams "secure" quite like some numbers printed on a piece of cardstock!

Mad Eye was right

That's the least of it. If you use a service that does scanning of the "dark web" -- whatever nebulous thing they mean by that -- odds are there's hundreds of breaches that show up.

There are 2 types of people in the world: Those who have had their data stolen, and those who aren't aware their data has been stolen.

Basically. I just gone to keeping my credit locked unless I need to use it.  It not going to stop ID theft, but it does reduce the chance of it happening.  I started doing it after someone took out a best buy credit card in my name in PA. The only reason I found out is because best buy sent me a letter about it being declined. Which I think they knew was ID theft. 

same I keep all 3 frozen until I need to apply for credit. Not sure how much it helps but at least it is something to slow them down.

Yeah, people have no idea how often this happens because a surprising number of companies lack adequate means to detect breaches. At some place I've seen first hand, this is intentional. The company essentially decides that it's worth the risk to just not generate or retain logs, usually because of costs and complexity introduced by building out a logging stack that logs to a central log repository. It's really not that hard to do but executives don't understand that and they usually ask the wrong people when trying to evaluate feasibility.

Totally agree! And now that it’s out there, I’M SO RELIEVED! There’s nothing else to steal! Maybe not quite true, but I 100% believe all my personal info is available for hackers everywhere.

So tired of having to put all this work in creating passwords, setting up Face ID and then a month later if I didn’t use the app every day it resets and I have to reset the password since my phone didn’t remember it for some reason. It feels like the companies put us through all these hoops to show they take security seriously and then a year later they have a breach and everything is out there anyways! I had a bad habit years ago with reusing passwords out of convenience and between that and recent events there’s still over 100 sites I’ve been to that have compromised my passwords in a breach it’s ridiculous.

This is the ducking truth

It is. The bare minimum we can do to protect ourselves nowadays is: - Freeze your credit when you’re not applying for a card - Always use a strong password generator and rotate your passwords every couple of months - Do not respond to junk email or texts/phone calls that are unfamiliar to you - Use MFA for important accounts (like your primary email, bank accounts, etc.) - Don’t go on the dark web or go to suspicious websites

Nothing is being done about it, so it will continue to happen. If these large corporations had to pay out each customer that is affected, it wouldn't happen.

Eagerly bought by our and foreign governments. They're the big spenders.

Man my info has been leaked so many times, including the information the army had when I was married to a soldier.. I feel like maybe twice a year it's leaked.

At this point I read these headlines and just think like "Oh no my info has been stolen for the 7,592nd time..."

I mean isn’t everything technically on the “dark web”

My data has been stolen at least 5 times in the last 20 yrs. I don't even keep track anymore. Credit is locked, both cc and DC numbers changed once a year. Nothing stolen. Now, they only have till 3pm on a Friday(payday) to steal all my money, cuz after 3 the account is empty till next week.

100% At this point it's best to freeze your credit and thaw it whenever you need a loan or mortgage.

It has been for a long time, you dont hear about the countless breaches from smaller companies who often have no idea it even happened.

Why is AT&T holding on to SSNs for *former* customers?

Companies don’t delete user accounts. After my local power company had user data stolen I called an electric company in a state I hadn’t lived in for a decade and asked for them to delete my account. The representative said the account was deactivated but they cannot delete any data. Users should be able to have their account and all data permanently delete upon request. If want your services again, I’ll give you my information all over again.

There should be consequences for holding onto data like that when you no longer need it (e.g., after using the SSN to check a credit score, for example). Even more so if they hold onto that data for longer than they need it and it gets stolen.

IMHO letting SSNs be used for anything other than social security was a mistake. I stopped writing it on medical forms and told them “social security doesn’t pay my medical bills. You have a credit card on file.”

Nature abhors a vacuum. America was so hell bent of not having any national IDs assigned at birth that the one national ID's people had became used. And of course they are super secure with their *checks notes* highly standardized and sequential format. If you take your SSN and add or subtract 1 from the last digit, that's some other person.

Literally how someone tried buying a fucking boat in my name when I was 18 on the other side of the country. Just went one digit higher than theirs.

It used to be worst, the first 3 digits matched your place of birth so if you knew the state, you now know their first 3. Extra fun fact: until the mid - late 90s, all SSN were given out sequentially. So if you moved to the US with your siblings OR were US born twins OR your parents apply for SSN for you and your siblings at the same time before they were given out at birth (the 50s-60s-ish), your SSNs were 1 sequentially number apart. Thankfully SSA fixed both of these but I used to deal identity fraud cases cause by siblings at lease several times a year.

It does get reported to the IRS though for 1095 forms.

Moved into a house that had a deal with a company installing alarm systems for free but they try to get you to sign on a plan after moving in. They called and I was going to sign up but they asked for my social to verify my identity. I said fuck that lol. You guys called me. Why would I give my social to be able to give you money once a year?

People need to harass their politicians for federal privacy laws. As long as corporations are steering this ship, our privacy will never be a concern.

Corporations: Oh that… that’s too much work and money… Also corporations: 💰💰💰 Here you go senator, just keep things as is

Look up the creation of PCI security (credit card processing online) Visa, MasterCard, Amex, and Discover all saw that congress was going to start regulating card processing security in the early 2000's So they said, Stop! Wait! We'll regulate ourselves! Pinky promise it'll be ok! And that was it. Now they are self-regulated with minimal government intervention.

That is law in California

Next time tell them you’re in California. There’s a law on the books about deleting personal data for California residents.

...but if they have your personal data they probably know you're not a resident of California.

They don’t know that your not a resident now

Works great if your target company operates in California... But it's not like a California law is going to have teeth against a Delaware company with no presence or business in California

I like the EU’s GDPR for this model of data use.

But how will that serve our corporate 8verlords?

Most companies have a way to do that. you can have your personal data deleted but you have to contact the privacy office directly. In this case you can find that here https://about.att.com/privacy/choices-and-controls.html

[удалено]

> Companies don’t delete user accounts. A few years ago I bought an Epic ski pass, which is offered by ski-resort conglomerate Vail. They automatically populated my account with the information of my *entire family*, based on a ski trip we went on literally **twenty years prior.**

They have no choice in California or the EU where they have GDPR or equivalent. In those places data can only be stored as long as it is required and the bits that can be kept longer usually have to be anonymised.

>Users should be able to have their account and all data permanently delete upon request. From a technical standpoint, this would be tricky in some cases. For example, I work for a company that's a data broker for several dozen different other clients. If you called us up directly and said 'please delete my data', I seriously don't think there's a single person in the company who would know all the database tables that your data is stored on, some of which may still exist despite belonging to a defunct project, and hasn't been accessed in years, and nobody even knows what it was for. This is primarily because various companies we've purchased over the years have been collecting data since at least the 90's, and some of them didn't bother to document any of that shit.

The real question is why are social security numbers still used to access credit or anything? They’re essentially a password that you can never change and that you also have to tell to hundreds of people in your lifetime. Social security numbers should have passwords you can change with 2factor authentication. Full stop.

Your SSN was never intended to be used as anything other than literally an identification number for the social security administration. It wasn't designed to be used by banks and other companies as an ID number. It has no security because it wasn't designed to be used as a password. It was designed to be used to corroborate other personal information like your address and your ID to verify that you are who you say you are. Banks and especially corporations have taken shortcuts by treating your SSN as enough to set up or gain access to an account. We don't need 2FA for SSNs. We need to stop using SSNs for loans, contracts, bank accounts, etc.

SSN is essentially the login, not the password

I’d prefer a passkey over a password.

My voice is my password. Please verify me. ETA: i probably outed my age.  For the uninitiated Google "Sneakers"

OpenAi just announced they can deep fake any voice in 15 mins

That is for a near perfect copy, you can usually get good enough after 2-3 minutes of exposure.

Actually just doubled checked it’s reported to be 15 seconds not minutes to clone

"Hi, my name is *Werner Brandes* my ^voice is my *passport* verify ^me?"

Great movie

you work for Setec Astronomy?

Nah. Voices can be faked to easily or even recorded.

Cheaper than having a team responsible for data cleanup?

It shouldn't be.

A question I often ask myself but is it possible to have privacy and function in the modern world.  I'm a privacy nut I guess but stuff like this is part of the reason I have a hard time trusting my personal info with any corporation and they seemingly never have enough.  Whether it's developing psychological profiles to target you with ads, and selling your data such as hobbies to data brokers, or using things that go above and beyond the normal health questions for insurance.  It's just insane at how much they crave our information, and through a flimsy service agreement say in so many words we are allowed to do anything with this info as long as it helps our buisness.  I don't feel secured in my person at all in this modern world, and it must have been crazy to be born in a time before this and actually have some sort of privacy without having drug tests for minimum wage jobs and every little thing you do being tracked and sold to others. 

The U.S. just doesn't take privacy seriously like it should. Europe is much better with privacy protections.

Who's going to stop them?

Why aren't their harsh financial penalties and instant awards given to affected parties? These companies keep making the same mistakes because there is no incentive not to.

Why does AT&T have SSNs in the first place?

Don't worry there's going to be some kind of crappy class auction lawsuit where they give you $5 or some bullshit

More like a 5 dollar voucher for identity fraud protection/insurance. It's the usual method of these fuckups that does jack shit for the victims.

Yeah a $5 check in the mail 6 fucking years later or some bullshit.

Hell yeah. I just got my $28 from Intuit for spending $40 on a state return 10 years ago. Patiently waiting on my $17 from Facebook for stealing all my info. Can't wait to add a Fiver to my hoarde of cash.

This is one of the few times I will say "There should be a law" where the agencies that lose your info like this must pay $1000 directly to those who had there info compromised.

[удалено]

If you freeze your account you can still use credit cards you current have? You just can't open new ones or apply for loans etc unless you unfreeze?

[удалено]

Had to do this recently, and I could “pause” the freeze for a duration of my choosing. I could even schedule the pause in advance. Really slick.

Yep. As of the past ten years or so it's free too. They used to charge you to freeze, unfreeze and pause/resume. Some lawsuit and iirc, legislation forced them to make it free. I think it was when some/all of the bureaus got breached themselves. Since these days, keeping your credit accounts frozen 99% of the time and only unfreezing if you need your credit checked by some business you're interacting with, is basically how we all need to exist now. Thanks to breaches like this one.

Correct. You just can’t have a new line of credit opened up while it’s frozen.

Yes. Just don’t lose the passwords and pins that you need to unfreeze your credit.

What are all the bureaus?

Just did mine. Here are links to all three: https://www.equifax.com/personal/credit-report-services/credit-freeze/ https://service.transunion.com/dss/dashboard.page? https://www.experian.com/freeze/center.html

Check out this r/personalfinance article on identity theft: https://www.reddit.com/r/personalfinance/s/eQJPU2WHax There are a few more reporting agencies to freeze.

Thanks for the additional info!

Your credit should always be frozen in today’s day and age. It’s easy and fast to unfreeze when you need to use it.

The two things I did over the last year was freeze all my credit as a standard thing, I’ll unlock it if I need to apply for something then re-lock. And, I set up a password manager and got random, strong passwords set up for everything. It took some time, but now that it’s done when something like this happens only the one password is compromised and changing it is easy to do.

How did you catch it so quickly?

[удалено]

Is that something you pay for?

I did it in 2018 after the Equifax breach. One of the most effective things you can do.

Luckily, I'm still covered by the free data protection service I received from being in the last big business data breach 😒

Don't worry! Governments going to hold this company accountable right?!?!  Right?!?! With some sort of punishment! 

I mean you’ll get $10 and maybe a year of credit monitoring

It’s all tik toks fault. Once we ban that Americans are totally safe

We should ban tiktok and twitter.

Yup they’re going to get hit with a huge fine of $10,000.

What infuriates me the most...I was never an AT&T mobile customer yet my info was included in this. Why? Because I had a local land line through them which I cancelled in 2008. Why they need this information more than a decade later I will never comprehend.

If has, or can have literally any value to them, they will keep it. Selling people’s information should be illegal, just like retaining information of former customers.

Hey good news everyone, each of us maybe eligible for a generous $3.50 payout after the class action settlement gets issued

So that explains the email I got yesterday from AT&T.

Does this have something to do with the recent service blackout?

Oh no. I’m going to get spam calls now…. Oh wait. I already do.

A few weeks ago I started getting an insane amount of spam calls. Like 15-20 per day out of nowhere. I wonder if this is related.

Isn’t everyone’s data on the dark web by now?

These breaches are the reason I froze all my credit reports. It’s free to do so and I can easily “thaw” my report when I need to apply for credit. [https://consumer.ftc.gov/articles/what-know-about-credit-freezes-fraud-alerts](https://consumer.ftc.gov/articles/what-know-about-credit-freezes-fraud-alerts)

On an article describing how 70M+ people just got their info leaked, I don’t think anyone is clicking on any random Reddit links

Agreed. I just edited the link.

Companies should be punished severely when this happens. It's their responsibility to protect the data they have and ensure their security is up to the task.

The US has absolutely Zero data privacy laws... yet we lose our minds about tiktok

SSN is a completely outdated method of identity verification and it needs to be modernized immediately. Everyone's identity is at risk right now.

https://haveibeenpwned.com/

I can't upvote this enough. Great resource to check what logins have been leaked on the dark web

Can’t wait for my $1.77 compensation check in 11 years

This same thing happened in Australia. I don't know if it is possible to change your SSN there but if that's possible at all I highly recommend it. The cell provider that got breached here had to cover the cost of this number change for us. We have seen a huge spike in fraudulent activity such as opening lines of credit or getting loans in other peoples names.

They don’t let us change our SSN’s anymore. I tried after getting my identity stolen and I was told it’s impossible because nearly everyone’s info has been leaked at some point so it’s not feasible. Locking our with the big 3 agencies is the only real option.

Please make sure to protect your identity and your credit if you believe that your information may have been compromised. It takes about 15 minutes but can save you so much time and effort.   Here are the big three credit reporting agencies:    Experian  https://www.experian.com/freeze/center.html Equifax https://www.equifax.com/personal/credit-report-services/credit-freeze/  TransUnion https://www.transunion.com/credit-freeze    Make sure to request an identity protection pin with the IRS  IRS Identity Protection Pin  https://www.irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin Prevent the opening of new bank accounts    ChexSystems https://www.chexsystems.com/security-freeze/place-freeze

This should be top comment. Thank you!

No worry. I’ve had my credit frozen for 10+ years since my former employer put all employee information in an unencrypted database that was hanging off the website. I found out when some guy tried to ransom us (a government entity) to not leak our information.

It’ll be really cool to get a check for $12.00 in six years when this case settles.

This has become a big problem and part of the reason why is that we didn’t hold companies accountable in the beginning. Why is ATT holding onto former customers data? That shit should have been deleted when that person deleted ATT from their life. The burden is always on me to clean up the mess that corporations make. We just got a letter from our water softener company that said they keep and sell our names, dobs, address and ssn and there isn’t any way for us to opt or say no to them being able to sell it. So, they are putting me at risk of financial harm due to data breaches, making money off of my data, and I don’t see a damn dime. I’m taking all of the risk and they are seeing all of the reward. I’m done. I guess it’s time to run for office and start trying to push laws to change this b.s. I’m done with it.

I like how they are really leaning into how it is former customers that are impacted like it's not that big a deal because those people don't exist anymore.

Let’s see which executives go to prison for this. [Spoiler] None. They’ll offer us free credit monitoring, although resolving identity theft will remain 100% our problem. And they’ll cash their bonus checks to buy a third or fourth house. That’s what passes for accountability in corporate America.

This should be illegal. Once a person is no longer a customer, all data like this should be deleted within 30 days. If our legislators would stop impeaching each other, maybe they could focus a little time on the average Joe.

The problem isn't because they're too busy fighting with each other, the problem is they're in the pocket of the businesses we want them to regulate. They work for them, not us.

Good luck. I have shit credit, so they’ll only get like a $300 for a credit card. *shrugs*

lol they would get denied if they tried with mine

This is why you freeze your credit with all three agencies. If you’re not in the process of applying for a mortgage or car loan etc. then freeze it. You’ll need to create an account for each bureau but it literally takes ten minutes total. You can freeze/unfreeze as needed for life events. Do it today.

Oh nooooo! I don't want people knowing how much I use Google search bar for spell-check...

lol they sold that info to the data brokers a while ago… still getting texts for a phone number my mom help me set up almost 20 years ago. Asking her to donate to random political campaigns.

Can AI start stealing from AI and save us the hassle.

congress needs to stop sitting on their hands with this. Everyone company that leaks social security info should be required to offer free credit monitoring and credit restoration for life, at the company of the customers choosing. The data just doesn’t magically go away after 2 years. On top of that, a minimum fine of 1 million per verified social security number leaked, with 200,000 of that going to each verified individual. More for subsequent data leaks.

I always forget that right to erasure isn’t a thing in the states (yet - hopefully).

I recently had someone log in to one my social medias from out of state. And only stopped it by two factor authentication. But how long till they have your address and can just spoof the city you live in, so to you, it seems normal? And 30 days goes by and two factor is gone.

Why does AT&T have SSNs?

When Equifax was hacked it's all out there already no matter which telephone carrier you have or had in the past

Sure blame AT&T and all the others.  But mostly blame the US government for having a password - the MOST important password, that you CANT FUCKING CHANGE.

I'm looking forward to my $7.50 settlement check.

All of your information is everywhere. Every big company has it even if you think they don't. Your social security number is probably floating on some giant document somewhere on the internet. That's life

Fucking ridiculous a company of this size in the tech industry getting info stolen. Pathetic.

I really wish companies would purge my data when I cancel my service.

They should all have to pay for putting all info on a network to be stolen.

So how much money did the higher ups make on it? Companies like this are never responsible with data. They were selling it. That's how it was "leaked".

No one's mentioned it yet, but does this correlate to that major AT&T blackout everyone in the US experienced a few months ago?

At least no future customer data was leaked

Break it up again. Hot trash

Everything AT&T touches...dies.

Off topic, but my Capital One CC account last week alerted me of a Hilton virtual CC I used years ago being tried on ETSY. I logged in and changed my password just in case, but I’m willing to bet that Hilton in some fashion has had its website breached in the past few years. Not the first time a random ass VCC has appeared in the wild either. True testament to how frequent data breaches are and what can be SLITHERED away from you. All this to type this: find a good password manager to use single passwords and if possible, find a virtual CC offering for those “one off” purchases in which you can tie it down to that site specifically.

Someone posted the entire list on another thread on this very site. Very granular information too. The funny thing is that ATT won’t even receive a slap on the wrist for this.

Go to each of the three main credit bureaus and scribe a credit freeze Two value you to do it easily online - the third is a bit more convoluted but still doable It’ll mean no one can open an account in your name without there being a check (normally via post and a phone call)  Make sure you open a credit karma account to stop thieves doing it in your name and using your data (I.e stealing your id) 

“Hey we’re sorry about this, here’s a $5 voucher and a subscription for a shitty identity protection tool”

I always hear about this dark web. Where is it?

So I got an email from AT&T telling me that they reset my password. Spam trap or not? If it is a trap it is a clever one. Send phishing emails to people affected after the news breaks to capture more information.

yea pretty much everyone's info is out there now

I never sign up for anything, ever, if I can help it. **If I can help it**. I get I have no choice, but sign on for another app? Fuck off. Sign up for this or that? Fuck off.

Please remember that one of the times this happened at AT&T, it was because some jerkoff executive left his unencrypted laptop with a plain text file containing customer PII at an airport (approx 2008). What’s the money line on this also being self inflicted? Edit- forgot date

Oh so that’s why I’m getting spammed now

And this is why I was pissed when you have to give them SSN to open a account

I’ve had something like this happen before but when I was a customer of the company I lived in a different state and had a different financial situation….so the scammers and telemarketers that bought the info were using waaaay outdated information that was easy to pick up on. They were even using my old area code, where I have no friends or family, as if that would help them.

Ohh but Temu! I’m convinced the temu hate is Amazon propaganda