Miscellaneous

Stolen personal data. How to minimize your risks

Hello.

Every week we are upset by the fact that once again this or that data has leaked. Sometimes it

however, sometimes someone creates the appearance of a leak,in order to kick their competitors more painfully, and then the stewardess is dug up every six months, talking about the same data ad infinitum. An emotional reaction to a leak is always guaranteed, there is no doubt about it. There are several topics in our lives that always cause an unequivocal reaction - officials, price changes, greedy sellers of something and the list goes on. Among the hot topics is the leakage of personal data, but we often do not ask ourselves what kind of trouble our data can bring in the open world, what exactly we are losing. And here opinions differ, most people cannot answer exactly what is bad in this situation, questions only show the depth of their ignorance. Bad, period!

Table of Contents

  • The most important identifier of a modern person is a phone number.
  • Data leakage - what data is important and what is not
  • Data leaked - what to do, where to run

Let's try to review the recentleaks, evaluate how unpleasant and dangerous they are for users. To begin with, every time I read about the leakage of certain data, I try to find a file with this information in order to check what it contains, how up-to-date the data is. The task is not easy, it is often almost impossible to find data - the number of publications about them is huge, but the data itself is not available. It turns out that the leak seems to exist in nature, but it is not clear who can access it. And here you need to ask yourself what is a full-scale leak, and what is informational noise that is not supported by data.

Typically, a leaked data file looks like a set ofparameters, it is deprived of a convenient shell, you have to manually search for this or that information in it. For most people, this is an inconvenience, as we are used to comfort. We can evaluate this moment on a specific example of a leak from Yandex.Food, when a database appeared with millions of order lines, personal data of people, their addresses, notes on how to get to the entrance, mobile phones. The company reported the leak on March 1, 2022, but it happened a little earlier, the database was available for download. The search in the database was not convenient, you had to create queries by hand. And no scandal happened, although the data was of great interest to any interested person.

A few weeks later enterprising peoplecreated a website on which they organized a shell for this data - you could choose houses on the map, see who ordered and how much (there were no orders themselves, although they were contained in the database), it was possible to view personal data.

It was the user-friendly interface that made this leakpopular, a huge number of people rushed to look at the numbers of their friends and relatives, to study what and where they ordered. The reason is that it was convenient to search for information, let's say, peep through the keyhole. He looked with interest at the orders of his children, at what he ordered himself, studied the spending of his neighbors, and at the same time learned the codes from the intercom. Yandex very quickly asked to block the RKN website, which was done. Now this resource wanders to different addresses, it is blocked quite quickly. Most people do not have access to it, nor does there exist a convenient local base for finding information from this leak.

Data leakage in the Yandex.Food service is a problem of personal data

Data leakage in the Yandex.Food service - what you ate, how much you spent, where you live. And all this in a convenient form on the map.

Personal data and its leakage. How to protect your data

Large-scale leaks of personal data, whether we can protect ourselves or not; why many data are critical - the entrance ceases to be a closed space; HIV tests and other aspects of our data.

We all need to understand that this leak,just like any other, once hitting the network, it remains there forever. The only question is whether the broad masses will be able to access it, in most cases interest in the leak quickly disappears.

Fear of data leakage is irrational inIn most cases, it is explained by the fact that we do not understand what attackers can do with this data, how they can harm us. Let's look at the most typical situations, as well as how we can protect ourselves from them.

Miscellaneous

Affiliate material

Reality and prospects of the IT professions market

What professions are the most popular and highly paid?

Saturday coffee #213

Pour a cup of invigorating Saturday coffee andcheck out the news of the week. Samsung introduced new foldable smartphones, Xiaomi also showed its device with a flexible screen, and Motorola did not stand aside by presenting the RAZR 2022…

Volkswagen Passat Alltrack test. Interesting station wagon

The Volkswagen Passat sedan has been discontinued, but the model itself remains on the market. For Europe, the car is available in a station wagon, and for us they offer its modified version of Alltrack ...

Warranty service for parallel imports. Underwater rocks

Parallel import product warranty, where to look for support and what to think about when buying. Repair difficulties.

The most important identifier of a modern person is a phone number.

It so happened that the most important identifierfor us, the phone number has become - we link social networks, a banking application, various services and services to it. Convenience is not in doubt, but there is one huge “but”! If for some reason we lose the number, life turns into an endless nightmare, overnight you can lose access to applications and services, your money and much more.

Several important steps need to be taken tospread straws in case of trouble. The first is setting a PIN code on the SIM card, any phone and smartphone allows you to do this, you can also bind the SIM card to be used only in a specific phone (not all smartphone models today have this option). Secondly, you should not be too lazy and write a statement to the telecom operator that issuing a new SIM card by proxy is impossible (not all operators and not in all regions allow this, check the possibility of such a service). In a separate article, he described these points in more detail.

Phone number - hidden problems when buying a SIM card. Protecting the SIM card

What problems can you face when buying a SIM card from an operator; why the phone number does not belong to you and who is responsible for its use; how to protect the sim card.

Your SIM card is extremely important to you and everythingyou do. So please try to protect her. But there is another point that is extremely important - two-factor authorization. Most modern services allow you to set this type of login. That is, you need not only to know the password for the service, but also to have access to the phone (as an option, the application). No need to be lazy, enable this type of authorization, it will protect you from possible problems. The password can be compromised, but not having access to your phone will serve you well.

I don't hide my phone number, sometimes itflashes in videos or reviews, often it is simply accidentally skipped, not covered with asterisks or overwritten. And very often those who discovered it write to me, start ringing the bells - a security threat! In fact, the threat is imaginary, and here's why. Knowing the number of a person does not give you any advantage, since you do not physically have access to it. The maximum you can do is to engage in hooliganism, connect a service bomber, it will start sorting through open services that send SMS for authorization, and such messages will start to get to your phone. There will be no trouble if you do not share the data from these messages with anyone.

Maybe it's frustrating that someone is throwing yousuch SMS, and it is clearly a hooligan, but a person cannot cause harm. This is an attempt to exert emotional pressure. In serious cases, when you are at the forefront of the attack, attackers can try to find out these codes - they usually call and pretend to be bankers, law enforcement officers and try to find out the codes. You can safely hang up and not talk to them.

The biggest problems we can cause ourselvesonly ourselves, we should memorize it by heart. Only you are capable of revealing your data to strangers and harming yourself. Therefore, make sure that this does not happen, learn the rules of digital hygiene, do not communicate with strangers who are supposedly trying to help you.

The next important point is to enable biometrics on your smartphone, as an option, a password. These simple steps will help protect your data, even if you lose your device.

Mobile-review.com How to protect your data from leakage, hacking, and your phone from loss or theft. Digital Security

Details on how to protect your data on your Android smartphone so that it does not get stolen, your account is not hacked, and a lost phone does not become a disaster.

The most restless can do the same asI used to do (paranoid mode). I have the most important applications, bank cards are tied to a second SIM card, the number of which I do not show anywhere. I don’t call from it, I don’t go online - the SIM card is only for registering in services, as well as for banking services. Yes, some kind of spam is pouring on it, but the attackers cannot attack me on this map, they simply do not know that it exists. This SIM-card lives in the second slot of the phone, which completely suits me.

For ads on Avito or other services, you can quickly and painlessly get an additional phone number from the operator on your own SIM card.

Data leakage - what data is important and what is not

Most scams today take place indigital world, attackers really dislike the real world, as it is easy to catch them. In Moscow, in fact, the total space under video surveillance, other cities are being pulled up to this level. Even knowing the address of a person, the attacker will not dare to take any action in the physical world, since his traces will be too obvious. The threat is almost always digital in nature.

Therefore, if in which service your data aboutthat you live at such and such an address, it is unpleasant, but it cannot cause any special problems. Depending on the area, on what kind of house you have, the level of security may differ, but you can always improve it, for example, install cameras in the apartment or install them in the intercom, and so on. Such opportunities exist, and they are available to most people. The main thing is that here we are protecting ourselves from threats from the past, the number of burglaries in recent years has greatly decreased in Moscow and other cities.

Recognition of silhouettes of people - why is it needed in cities

Silhouette recognition is ridiculed in the business press. After identifying faces, it seems that the technology is outdated, but this is not at all the case and even vice versa.

Turning Thieves into IT Specialists

Why criminals refuse thefts and robberies and become people of mental labor. IT against crime.

Hence the simple conclusion - your home address is notis of particular interest, it is difficult to use it. But, for example, the access code to the entrance may be of interest not to those who have a grudge against you, but to pawnbrokers and other unpleasant personalities. Therefore, you do not need to provide an access code to the entrance, let the courier who brings food or goods ring the intercom, and you let him go. And this is a good rule - do not leave the information that can be used by strangers.

I have a concierge sitting in the entrance, after the leak“Yandex.Food” she was exhausted, because for about a month and a half or two young people tried to get into the entrance, they needed something. Persistently breaking through the youth periodically got inside, they dug up pots with plants, rummaged through the pipes and persistently searched for something. After the police were called several times, the visits stopped. Interestingly, the access codes to the entrance were from that Yandex.Food leak. As a result, everyone had to change the usual codes, they became new ones. But such behavior is more an exception than a reality for the majority, people are not used to bothering themselves with anything like that.

Operators

Vladimir Nimin

Operator news: new Tele2 tariff

It seems that the new tariff from Tele2 looks like a great reason to throw a gamepad into your backpack so that you always have it at hand.

Official presentation of Samsung Galaxy Z Fold4, Z Flip4, Buds2 Pro and Watch5

We consider all the new products from Samsung, think about Russian prices and how much it makes sense to wait for them in Russia. All announcement details

What to watch in August: 2 blockbuster films and 2 series

And also a parody of Tim Cook from Universal Pictures, the new "Predator" and just good science fiction.

Month with Xiaomi Pad 5: 120 Hz screen and powerful processor

An excellent tablet for work, watching videos, playing games and just comfortable consumption of information…

In most services, you cannot providesome data that can harm you. Without your participation, attackers will not have enough data to do something in real life. There are rare exceptions, for example, in the summer of 2021, some users of Gosuslug discovered that they had microloans. Their passwords from the service were hacked, and the amount of data inside is such that it was possible to issue such loans. Here again, everything rests on the fact that people did not take care of a sufficient level of protection, and the service did not insist on it (which is also a reproach to him).

We cannot control what data is shared.on "Gosuslugi", and which are not. Convenience always outweighs potential hassles, which is why we share our data. You just need to approach this issue wisely.

Very often, when discussing leaks, all the data is raked in one lump, as if they are all important. Actually it is not. In my opinion, these data are not so important:

  • FULL NAME;
  • Your phone number;
  • E-mail address;
  • Home address.

This data, one way or another, can be obtained withoutleaks. The main thing is that if you are not a judge, not a law enforcement officer, do not communicate with mentally unbalanced people, your place of residence does not play any role. As well as other data. Blocking a psycho who calls at night and wants to chat is not so difficult, it's a couple of clicks. Plus, I just don’t get calls at night, the phone automatically goes into Do Not Disturb mode. In twenty years, I had about five incidents with some people calling and trying to say something. So for a non-public person, this will be even less of a test, even potentially.

Leaking passwords is a much more annoying thing, andhere I need to remind you that each service must have its own password! Keep them in a secure area of ​​your smartphone, of course you can use password storage apps, but remember that they do not guarantee 100% security, they can also be hacked in theory. And again, you can’t rely only on passwords, you must have two-factor authentication.

Data leaked - what to do, where to run

You wake up in the morning and find out that company Xleaked user data, you have ever had a relationship with this company or are its current customer. The first thing you need to do is change the password in the service. The second is to write to the support service and find out what specific data was compromised. You also need to ask what exactly the company is doing to minimize the damage.

Penalties for leakage of personal data in Russiaare minimal (“Yandex” paid 60 thousand rubles for data leakage in “Food”, funny, isn't it?). Therefore, it will be a good thing to go to court and spend your time, you will receive compensation in the amount of 10 thousand rubles or so, plus you will be reimbursed for legal costs. This approach will take your time, but will force companies to take care of data security, invest money in protection. In the US, the penalties for leaking personal data are astronomical, read the article at the link below, thanks to this, companies are afraid of losing them. We need something similar.

Spillikins No. 704. Half a billion dollars for the leakage of subscriber data

Penalties in America for leaking user data -T-Mobile, Uber; US crisis, why people don't pay AT&T; transport ticket in Germany for 9 euros, also a crisis; smartphone market in the second quarter; views of Belgorod; Yandex promotes YouTube.

In case of data leakage in the bank, it is necessary to changethe phone number that is linked to your account, enter another number, it's easy to do. Yes, and initially it is better that this is not your main number (but it must always be on, you cannot remove the card from the phone and turn it on if necessary!).

Always evaluate your potential risksexaggerate them, but don't underestimate them either. The main thing is to look at things soberly and understand what exactly can give you trouble and what does not. An emotional reaction to a data breach is a cause for grumbling, but often there is nothing about data breaches that can get you into real trouble. And besides, they are inaccessible to most, hence even less potential damage. That does not mean that leaks do not need to be dealt with. Companies need to protect our data once they have asked for it.

Very often we are required to provide redundant data,for example, the other day I visited the Moscow Urban Forum, where they asked me for my full name, phone number, mail - all this for a free ticket. Moreover, none of these data is checked, the ticket comes to the post office. Of course, he used a fictitious full name, and the mail - the one that he reserved just for such situations.

Whether we like it or not, the data will leak.In most cases, we ourselves create a set of this data and can regulate what to give to third-party services and what not. And it is not always necessary to write the truth in them, as above, in the case of registration for an exhibition. Assess your risks yourself, this is a necessary skill in today's world.

Tell us how you protect your data, what you consider critical, and what data is not important to you.

Data leakage in the Yandex.Food service is a problem of personal data

Data leakage in the Yandex.Food service - what you ate, how much you spent, where you live. And all this in a convenient form on the map.

Personal data and its leakage. How to protect your data

Large-scale leaks of personal data, whether we can protect ourselves or not; why many data are critical - the entrance ceases to be a closed space; HIV tests and other aspects of our data.

Phone number - hidden problems when buying a SIM card. Protecting the SIM card

What problems can you face when buying a SIM card from an operator; why the phone number does not belong to you and who is responsible for its use; how to protect the sim card.