cross-posted from: https://links.hackliberty.org/post/2667522
Apparently some company I do business with shared my data with another corp without me knowing, then that corp who I did not know had my data was breached.
WTF?
Then the breached corp who could not competently secure the data in the first place offers victims a gratis credit monitoring services (read: offers to let yet another dodgy corp also have people’s sensitive info thus creating yet another breach point). Then the service they hired as a “benefit” to victims outsources to another corp and breach point: Cloudflare.
WTF?
So to be clear, the biggest privacy abuser on the web is being used to MitM a sensitive channel between a breach victim and a credit monitoring service who uses a configuration that blocks tor (thus neglecting data minimization and forcing data breach victims to reveal even more sensitive info to two more corporate actors, one of whom has proven to be untrustworthy with private info).
Cannot make this shit up. I am now waiting for someone to tell me it’s a prank… “you’ve been punk’d!”.
(update)
Then the lawyers representing data breach victims want you to give them your e-mail address so they can put Microsoft Outlook in the loop. WTF? The shit show of incompetence has no limit.