101
top 8 comments
sorted by: hot top controversial new old
[-] ChaoticEntropy@feddit.uk 24 points 1 year ago* (last edited 1 year ago)

It's almost like letting companies hold sensitive information, who don't give a fuck and/or don't have a clue, is a bad thing.

[-] ElleChaise@kbin.social 1 points 1 year ago

Woah there! What are ya; one o' them filthy pinkos?

[-] autotldr 6 points 1 year ago

This is the best summary I could come up with:


A security researcher said he discovered millions of Chinese citizen identity numbers spilling online after an e-commerce store left its database exposed to the internet.

Viktor Markopoulos, a security researcher working for CloudDefense.ai, said he found the database belonging to Zhefengle, a China-based e-commerce store for importing goods from overseas.

The database contained more than 3.3 million orders spanning 2015 through 2020, Markopoulos said, but had not been protected with a password.

Many of the orders also include uploaded copies of the customer’s identity card, TechCrunch has seen.

Anyone who knew the IP address of the database could access the data inside using only their web browser.

TechCrunch contacted the owners of the online store with details about the exposed database.


The original article contains 212 words, the summary contains 121 words. Saved 43%. I'm a bot and I'm open source!

[-] dojan@lemmy.world 3 points 1 year ago

In Sweden IDs are public domain! Easiest way to find out the social security number of someone is if you know their name and/or address. Stalker's paradise.

[-] vox@sopuli.xyz 5 points 1 year ago* (last edited 1 year ago)

btw Ukraine has a huge open data platform; basically if you know someone's name or even just a phone number, their address is likely in one of those public domain multi-gigabyte json files, together with some miscellaneous info like crime history, parents and list of government progams.
Unfortunately only expired ids are public.

[-] dojan@lemmy.world 6 points 1 year ago

That's terrible. I don't understand why governments do that.

[-] asdfasdfasdf@lemmy.world 3 points 1 year ago

SSNa were supposed to not be sensitive info in the US as well, but in practice they were used as such.

[-] dojan@lemmy.world 1 points 1 year ago

Oh it's much worse than just the SSNs. Thankfully you can't do much with SSNs alone, though you totally can with some social engineering, or offical looking documents. There are people that have legally died because death certificates have been filed on them, from non-existing doctors. Legally died as in the person is very much still alive. That kind of thing is a fucking mess to fix.

The thing is, if you knew my name, or my address and age, you'd be able to find out crazy details about me.

  • My birth date
  • My full name
  • My social security number
  • Which apartment I live in
  • Directions my apartment from the building entrance
  • How large my apartment is
  • How many rooms it has
  • When I moved in
  • My criminal record
  • Which schools I've attended
  • Where I've worked
  • What I've studied
  • Who my current employer is
  • If I have a spouse, if so who they are and all of this info about them
  • My yearly income
  • The average income of the people in my area
  • All of this information about everyone in my building
  • If I own any vehicles
  • If so what model, make, and lit. everything about it (purchase date, approx value, when it was last serviced, odometer settings)
  • Which animals I have registered on my name
  • Their name, sex, breed, and age

Like it's extensive and there are websites that are built to collate all this information under one roof, then have people pay to access parts of it. You can access this info through official means for free but it won't be neatly presented in a singular packet. I've also left out a lot of stuff, like my company ownership/board member status, if I've been politically engaged, etc. The list was getting too long.

this post was submitted on 08 Nov 2023
101 points (97.2% liked)

Technology

59467 readers
3365 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS