Gadgetory

welcome to the 359 I'm Ben Fox Ruben I'm Alpha Bang equifax is CEO Rick Smith is retiring effective immediately three weeks after his credit moderating monitoring agency suffered a massive cyber attack with up to 143 million Americans affected so alfred did this need to happen first of all that's out of footnotes that retiring with witty quotation with quotes retiring really he's stepping down or forced out whatever you want to cut i and i would say that this definitely needed to happen on four equal faxes sake just because of the way that they've been responding to this I think had you know their CEO Rick Smith handled this you know checking to see if you were affected by it you know the millions of people that wanted to know whether or not they could sue the company after it had happened the website that they made for it that had a lot of security flaws and things like that I would say you know they're botched response to it was the biggest reason for his you know early retirement as they would like to people to recognize it as I would agree it was a severely botched response especially the fact that it seemed that they knew that this was coming and they had quite a bit of time to actually they had more than a month to prepare for this and you know this is what you got right exactly but at the same time this was also one of the biggest tax out there so do you actually think that he may have been able to hold on and stay on if for whatever reason they did a better job on did properly he likely would still be in this position right now in his statement he said when he left you know he said he was dedicated to making it right and he said he felt it would be best if the company had new leadership he had been with the company for about 12 years obviously he was in charge when this breach happened and when the company found out in July and you know for them to have the kind of response that they did you know it was a whole month after it just it reflected very poorly on him and equifax his stocks I'm stocking shares were we're basically tumbling down up until today they had to halt it for a bit and then you know let it resume after the announcement came out and it's just incredibly embarrassing on their end and I think they're hoping that this new interim CEO plus the CEO that they appoint eventually is gonna you know get rid of that like terrible image that they have right now yeah so a lot of people are also going to be affected by this let's run through some of the how-to stuff of what you should do or just some some advice that people should should follow if they are affected they want to find out that they well naturally after breach you're supposed to go to a credit monitoring agency do you know check on these things like on these things but you know what do you do when what happened is at a credit monitoring agency so you know they offered free identity protection and things like that for up to a year obviously I wouldn't do it Equifax just that's just me you can because of their driver or the best thing you can do though I would say is a credit freeze just because you know that's a standard thing on its own that's not you know giving trusting some other company to to to monitor your ID and then you know potentially they can also be breach if you do a credit freeze that's like across the board that's gonna you know save you on a lot of things right next up the newest version of Apple's Mac operating system called high sierra is out folks may have heard about a potential security vulnerability with the new OS alfred is that a concern well Apple put out a statement yesterday basically saying you know there's so many hurdles that you have to jump through to you know have this vulnerability we'd be present but you know that's Apple that's them trying to cover their own their own tracks here on but at the same time they also it's a good specify yeah yeah they said that like look hi Sierra has the same issue as the other OS yes did you can update comfortably without yeah worrying that it's going to be more vulnerable yeah than previous OS yeah so you know it's not high sierra only that's affected by this vulnerability but i think the point that the vulnerability was trying to make or the exposure which kind of make was basically even though this is the latest OS it can still be affected by this right there are a couple of other additional changes that you'll see in high sierra but a lot of it is back-end architectural stuff either way check us out on SEANET for more information on that and more about these stories my name's Ben Fox Ruben my name is Alfred Inge thanks for listening and I cut to the wrong screen cuz I'm at practice apparently one day we're just glad we're back yeah were you guys actually affected by the Equifax hack I want her site and I said I I allegedly was their website is so bad that which is part of their botched response that it's hard to tell you know it like I put in my name as doe and my social security number the last six digits as one two three four five six and you were affected so yeah it's one of those things where I'm like I don't I don't even know like if it's true or not and granted that what I believe your check was immediately after they put up the site and they may have done some of the appropriate fixes since then yeah but I mean I I feel like it's at a point right now we're like honestly you should just get a credit freeze just in case because if it's not with this breach it'll be some other one yeah it's like six months the important thing that people should know about a credit freeze is if at any point you need to open a new line of credit you want to you know have a mortgage new credit card whatever you have to temporarily lift the credit for you yeah so that is for some people that might be a bit of an annoyance but at the same time it is preventative measure though but yeah yeah so if you got a credit freeze you can still use your credit card you can still you know well yeah use your credit card I think that's like the most important thing here but like it doesn't affect like your bills or a credit score in any way it's really just if you're opening a new credit card or if you're trying to buy like a new house or something which really how often are you doing I don't know I buy a new house like at least once every other week so you know and that's why we have that GoFundMe for Ben's dead so how bogus is the information coming from the reference website where you could go and type in your name and Social Security not a loss that's the thing they they they don't have a lot of credibility right now so I don't know how like legitimate it is and the thing that's awful about is that there's literally the only source so there were some very obvious flaws in the system right off the bat alfred mentioned one of them i think some other people were just putting in gibberish and it was coming back as you may have been hacked so i think there was like a default script in it that just said better safe than sorry you're screwed there were it just it was pretty obvious that they were unprepared yeah for this for this announcement even though they did have time to do it so i I would agree with Alfred in many ways that they don't have a lot of credibility and unfortunately there aren't a lot of places for people to go for this type of information one of the other things that I think we may not have mentioned during the podcast is just continue monitoring your own credit and information I mean yeah you can get free credit report there were also a lot of like third-party free a credit and credit report not because I think that right they actually I think make you pay stuff that's there is like I just like that song is there is a government website that does provide you your free credit report I also know like through your you know through your bank you can be able to monitor your credit much more easily than you used to only like two years ago so there are a lot of things out there and you know also third-party credit monitoring sites if you don't want to go through Equifax MP Cody says 143 million Americans affected I think that's about everyone who could possibly have a credit score to be compromise right and luckily this probably doesn't affect children you know one of the new elements of you know identity theft and credit theft are you know getting Social Security numbers of kids and then they don't actually realize that their credit has been ruined until they're up the age to get a credit card yeah the Equifax didn't have their information because they weren't old enough to have that's why oh that's why I'm hoping I'm not in this bridge right because you're snowbear I didn't get my I didn't get my first credit card until like yesterday actually yeah yeah yeah I don't like Slate June the thing is it's possible but at the same time I think that they do keep that information very up-to-date with Equifax I mean my the the thing that I also wonder is is this something that's actually going to take down Equifax there are three credit monitoring agencies there's also TransUnion and Experian yeah if Equifax goes down is somebody else going to replace them this is just such a big embarrassing fail on their part that you know yeah the CEO went down a couple of other folks in the company went down but their loss of credibility in the marketplace it does make me wonder what are gonna be the long-term impacts on that they're still probably getting a nice lovely departure package shorts if they all get yo-yoed unquote retire storm king says it seems like these hacks are done to let companies know that they're vulnerable less to be actually malicious more just like hey remember how weak you are that's the nicest way to with this I mean there are hackers that do that there's our mind that like they really only hack like social medias and they like they take like HBO or Marvel or Fox's like Twitter accounts like hey your Twitter accounts not that safe email us for more maybe you want to hire us so that like they do that this one and Yahoo no it definitely wasn't for that if it were they wouldn't have stolen all the social security and credit card no I wouldn't have known who and we would have no no like our mind like very directly says like we're the ones that hacked you they want the glory right and they also want to get paid you know yeah if it's just a friendly reminder of how vulnerable you are I don't think yeah that this isn't it I think a friend I didn't say friendly no it's it's I think a friend of mine also like had their credit information stolen from this hack and like already had to do like a credit freeze so there were already people that are getting impacted by this I mean if you haven't been impacted by this and you may have been it's it's it's possible that your credit just hasn't been impacted because there are so many different social security numbers that they stole afraid having gotten to you yet a friend of mine had to K go missing on them over the weekend it's crazy yeah I've just got every possible alert for any of my monetary exchange bank credit card anything any of my systems every alert email is like you made a transaction yep yep I went and I bought beer yes I know yeah it's we were talking about wanna cry only a couple months ago and I feel like that ransom attack a lot of people open their eyes to the fact that like they were like oh my god holy crap like this is really bad ultimately that one had a kill switch and it wasn't nearly as bad as people expected but like this one could have really lasting impact I mean Alfred do you agree with that oh yeah I mean half of the American population or you know most likely everybody that has a credit card they're really gonna have to figure out what to do if social security numbers now because you know it's not like a password getting leaked when Yahoo billion users got affected you know it's just change your password don't use the same password yeah let me just go and change my social security number which granted is possible but extremely time cannot mer I've heard that you can do it it's possible but they make it very very hard to do so they better get in line now or just don't don't use social security numbers as an identifying measure which you're not supposed to anyway I mean when you were in college do they do that also I remember when I was at the University of Pittsburgh you used your social security number for like virtually everything like that was your identify that was yours no identify just used my like my like fingerprints and my face mm-hmm no that's not all right so good morning everybody in the chat thanks for chiming in thanks for joining us Matthew doctor asks is a - do you think this is possibly the worst hack that's happened so far I don't think it's I I think it's the worst as far as impact goes you know as far as you know getting all that like like critical information obviously like Yahoo has set the record for the most accounts hacked at 1 billion but that's like usernames and passwords and you know it's not exactly credit card information as far as you know social security cards your name your number your birth date all your address all this stuff yeah I think it's the worst for the u.s. also and a global scheme like it's not that much but like as far as like if we were like relating to just the America yeah it's it's probably the worst as far as impact and like reach that like the consequences will have so let's expand on that a listener we have James favor I think he's in the UK he's asking is this a worldwide concern or is it the isolated to the US this has happened so it's mostly in the US but there's also victims in Canada and in the UK that might have been on the same server but it's mostly isolated to the US but I mean you know these are these are people who have family and like name and you know relatives and things like that and in other countries and things like that so it could have lasting impact like everywhere yeah while we're at it a dog asks so what about people who don't yet have a credit card and he'll in the chat is already chiming in and saying if you have loans or any sort of credit you're at risk yeah it's basically because you know it's a credit monitoring service so even if you don't sign up for Equifax directly you know if you ever apply for anything you have to hand over your social security number and then they they're the ones that check like what your credit score is and they keep tabs on that like consistently and that's why you know this was such like a heavy hit on a company like Equifax yeah back into the chat Danny Green's asks wasn't there something about not being able to file a lawsuit if you accepted their offer for free monitoring yes so there was there was a major confusion over that and the New York State Attorney General's Office and several lawyers had to go and look at it and actually Equifax and themselves had to come out with a statement after it basically saying that applies to everything else you can still use this and sue us guys because so many people didn't want to use it which again was part of their like boch respondent yeah there was some crisis management there was some form language in it's an arbitration clause yeah there was an arbitration clause that was was basically like if you get tell me from right here if you just wanted to check Equifax to see whether you were or weren't affected that arbitration clause was included in the language for yeah like through and therefore you were wiped out from the ability to sue that if you even checked that's what that's what a lot of people thought because it was in the language it was in their terms of use on their webpage but then you know a lot of people like read through the fine print and saw that the arbitration clause in there and saw it and thought well I want to check I want to see you guys so what's going on they had to come out and say no no no that only applies for other Equifax to it you can use this one and still sue us which which may be coming and I think there are there's a class-action lawsuit out of Oregon there's been a class-action lawsuit out of Georgia where Equifax is based there in Atlanta and then there's been a lawsuit from the Massachusetts state attorney general's office and those are just some ones that were made public there's I'm sure there's more lawsuits out there that you know people aren't like tweeting or telling the world about geez all right it's a mess let's slam through a couple more questions before we wrap it up for the day we are running low on time Josh Buddha asks if that much information was stolen won't the chances be slim of your information being sold no oh no no your information will probably be sold by well jump in yeah a lot of the times what happens is that you know they sell them in in batches on the dark web so they'll be like oh you can buy like fifty thousand Social Security numbers for like 50 cents each unfortunately that's how much your social security number is worth online but you know that's because there's so many of them this applies so large that they can afford to price them so low and still make twenty five thousand dollars per badger yeah so it's not all gonna be sold at once but you know the eventually it'll get to your name and they because they sell them in such large batches and there's bots for this kind of thing so you know it's not like once they're sold it's not like one man on a keyboard earlier let me try this person social security okay nope let me they're not going through each one they develop these like BOTS that like it's called credential stuffing where they basically just like cram them all into this bond it does it all automatically and then you know if they get something they get something if not they didn't do any where it goes a bot they did it and they paid like 50 cents like a name right so in many ways one of the only invest things that you can do is monitor your own credit to do the things that you need to do on your end to create enough for roadblocks yeah try to prevent this kind of thing from affecting you because they they verify it for you right and they marry very well get to your Social Security look like cyber criminals because there's so many they take the easiest route possible like you so you know the bots not gonna be able to like oh let me do this and then also let me call this person's like line pretending like social engineering my way through it they're just oh the Bob didn't get that one right next one next one next one next one and then okay the bot got that one because that person didn't set like anything up do we think there's gonna be anybody on the banks side that's going to be more precautious about these kind of enquiries they're gonna have to be I think i bank with Chase Bank and I know I've gotten like messages from them saying like hey we're taking like these precautions as like a step to prevent that I can't say for any other bank that I like imagine soggies recent questions so if there's a class-action lawsuit is an Equifax dunzo good use good usage of the phrase oh there's been class-action lawsuits before for massive data breaches I think I can't remember the company's name but they settled for they usually settle the the one that I'm thinking of a settled for like 25 million dollars which is like you know just a small penny in these major corporations pockets so they were not gonna be done but and here's the other thing like because there's so many people affected by this if you ever see the money from this you're probably only 5 bucks yeah yeah it's not it's not even material the lawyers are the ones that are gonna end up with the money yeah for being cynical the other thing too is that if Equifax really does get harmed in a lawsuit more often than not what ends up happening in these cases and again this is gonna sound cynical by the company ends up getting acquired by a different company and changes its name so Equifax decides going Knorr is Equifax gonna be a verb yeah it's just gonna be like fax echo or whatever like you're just gonna like a lot of times when like there's there's too much of a blemish on a corporate name they they can sell it and just change the name I mean like Philip Morris did that there there are a handful of other companies that like you just kind of move on from from that corporate name but the actual infrastructure and the employee base and you know the the corporate structure continues to stay there just potentially under you know a different company lovely I like Michael Hoffs inclusion here please steal my social security number and clear all my expletive removed up I don't think this is a V vendetta situation one last question now that's a nightclub oh you're right it was Fight Club so yeah before we go one more from M Hill who's been giving lots of great advice in the chat about you know changing your card reopen your pin numbers so yeah the long story short is going to be like start from scratch if you want to be extra safe but we were just talking about no Equifax isn't too big to fail per se quoting Matthew dacher in the chat but M he'll what kind of golden parachute does the CEO get on their way out actually in the SEC filing yesterday for mr. Smith's retirement retirement the Board of Directors actually said they can-they up for up to a year they'll be able to at their discretion they can choose whether or not he gets his parachute or not so like during the course of it as this investigation into you know the incident given Baker chute give him a couple of cinderblock boots they can basically take away his retirement plan if they choose to it which is rare and which also could be very yeah often does not he's also not getting his bonus this year oh poor guy no but ya know Bo he's not getting his bonus and his retirement plan might be yeah so what's he gonna do with only three boats then alright one last thing before we go about Mac OS High Sierra being that there's some conditions at play here Derlin Santana asks how long do you think we should wait before you do the upgrade generally I like to wake a loaded question yeah generally when with any of these new OS is whether it's you know for mobile or your PC I always think it's a good idea unless you absolutely have to switch or you're you're like desperate to it's good to wait just to like wait for the unless you get all the kinks to run out you got a burner desktop you want to mess around with a beta on it sure and it's the same thing with your phone with like iOS 11 it just sometimes takes a little bit of time for all the kinks to work themselves out and unless you're like really desperate to check this stuff out there's really no lost time and like waiting a couple weeks nope I think you're right all right that's a perfect place to land for the day then you want to bring us home sure all right the 359 is available on iTunes tuned in stitcher SoundCloud Feedburner google play music and of course cnet.com thanks everybody for watching we'll see you again tomorrow and that'll do god that'll do God willing take care everybody