Hi do you have any advice for people who have found out their identity including social security number have been stolen? Cause guess what
Oof, I'm sorry that sucks.
I do, unfortunately, have experience with this. Since you said SSN, I'm guessing you're in the US, in which case IdentityTheft.Gov is where you need to go to figure out who to call and what to do.
Briefly, here's what you're probably going to have to do:
File a police report (ESPECIALLY if anyone has opened cards in your name). The police won't do anything but you need the report number to properly file stuff with credit agencies. You will probably have to be pushy about filing the report because they won't want to file the report.
Pull your credit report and see if anyone has applied for credit in your name; if so, you need to call the various places they applied for credit and contest the application.
Freeze your credit (so people can't apply for more stuff in your name).
Make sure nobody has fraudulently filed for your tax return.
Consider updating/replacing ID, depending on what's happened.
The individual steps to look through are here; the IdentityTheft.Gov website basically has a worksheet that you can move through. It's a huge pain in the ass and I'm sorry you're dealing with it.
And from a security perspective I'm going to say reset your passwords (starting with primary email account) and recommend making sure that you're using unique passwords with all your online accounts (by using a password manager - I recommend bitwarden) and set up 2FA on all of the accounts that will take it, because unfortunately the last 4 of your social are probably used to verify your ID on a lot of sties.
Good luck, and please give yourself some variety or other of treat or nice experience while you're wrestling with this.
202 notes
·
View notes
One of the biggest hacks of the year may have started to unfold. Late on Friday, embattled events business Live Nation, which owns Ticketmaster, confirmed it suffered a data breach after criminal hackers claimed to be selling half a billion customer records online. Banking firm Santander also confirmed it had suffered a data breach impacting millions of customers and staff after its data was advertised by the same group of hackers.
While the specific circumstances of the breaches—including exactly what information was stolen and how it was accessed—remain unclear, the incidents may be linked to attacks against company accounts with cloud hosting provider Snowflake. The US-based cloud firm has thousands of customers, including Adobe, Canva, and Mastercard, which can store and analyze vast amounts of data in its systems.
Security experts say that as more details become clear about hackers' attempts to access and take data from Snowflake’s systems, it is possible that other companies will reveal they had data stolen. At present, though, the developing situation is messy and complicated.
“Snowflake recently observed and is investigating an increase in cyber threat activity targeting some of our customers’ accounts,” wrote Brad Jones, Snowflake’s chief information security officer in a blog post acknowledging the cybersecurity incident on Friday. Snowflake has found a “limited number” of customer accounts that have been targeted by hackers who obtained their login credentials to the company’s systems, Jones wrote. Snowflake also found one former staff member’s “demo” account that had been accessed.
However, Snowflake doesn’t “believe” it was the source of any leaked customer credentials, the post says. “We have no evidence suggesting this activity was caused by any vulnerability, misconfiguration, or breach of Snowflake’s product,” Jones wrote in the blog post.
While the number of Snowflake accounts accessed and what data may have been taken have not been released, government officials are warning about the impact of the attack. Australia’s Cyber Security Center issued a “high” alert on Saturday, saying it is “aware of successful compromises of several companies utilizing Snowflake environments” and companies using Snowflake should reset their account credentials, turn on multifactor authentication, and review user activity.
“It looks like Snowflake has had some rather egregiously bad security compromise,” security researcher Troy Hunt, who runs data breach notification website Have I Been Pwned, tells WIRED. “It being a provider to many other different parties, it has sort of bubbled up to different data breaches in different locations.”
Details of the data breaches started to emerge on May 27. A newly registered account on cybercrime forum Exploit posted an advertisement where they claimed to be selling 1.3 TB of Ticketmaster data, including more than 560 million people’s information. The hacker claimed to have names, addresses, email addresses, phone numbers, some credit card details, ticket sales, order details, and more. They asked for $500,000 for the database.
One day later, the established hacking group ShinyHunters—which first emerged in 2020 with a data-stealing rampage, before selling 70 million AT&T records in 2021—posted the exact same Ticketmaster ad on rival marketplace BreachForums. At the time, Ticketmaster and its parent company Live Nation had not confirmed any data theft and it was unclear if either post selling the data was legitimate.
On May 30, ShinyHunters also claimed to be selling 30 million customer details and staff information from Santander, putting a $2 million price tag on the information. Both posts on BreachForums have drawn attention to the illegal marketplace, which was recently revived by ShinyHunters after the FBI took the website down on May 15. The posts may, at least in part, be efforts to restore the disrupted forum’s damaged reputation with criminals.
The two hacks were linked to Snowflake’s systems by Israeli security firm Hudson Rock, which, in a now-removed blog post, posted conversations its researchers had with the alleged hacker who claimed to have accessed Snowflake’s systems and exfiltrated data. The hacker claimed they had tried to sell the data back to Snowflake for $20 million. (Hudson Rock did not respond to WIRED’s questions about why it has removed its research).
The Hudson Rock post claimed that a Snowflake employee may have been infected by an infostealer that collected the details the hacker needed to log in to its systems. Charles Carmakal, the chief technology officer at Google-owned security firm Mandiant, told BleepingComputer that its investigations, which have been taking place in recent weeks, indicate information-stealing malware may have been used to get Snowflake account credentials.
A Ticketmaster spokesperson told TechCrunch that its stolen database was hosted on Snowflake after the company acknowledged a data breach in a filing to the Securities and Exchange Commission on Friday evening. In the middle of May, before its data was advertised online, Santander first said it had seen unauthorized access to one of its databases “hosted by a third-party provider,” however it has refused to name the third party.
Snowflake’s CISO, Jones, acknowledged the security incident on Friday, saying that if a “threat actor obtains customer credentials, they may be able to access the account.” The company says it became aware of the suspicious activity on May 23 but has since found out it had been happening since mid-April. Jones’ post says Snowflake has notified all of its customers and “encouraged” them to review account settings and ensure they have implemented multi-factor authentication. In an additional security bulletin, Snowflake says it has seen “malicious traffic” from a client calling itself “rapeflake” and also connections from another client called “DBeaver_DBeaverUltimate.” A company spokesperson tells WIRED they have “nothing else to add” beyond the information included in company posts.
Cloud security company Mitiga says its investigations have seen a threat actor targeting organizations using Snowflake databases and using an attack tool called “rapeflake” in the process. Roei Sherman, field CTO at Mitiga, tells WIRED one possible scenario is that a threat actor managed to get information about Snowflake’s systems and then stole information about its clients, possibly using automated tools and brute-forcing their way into accounts.
Sherman says little is known about what data was stolen at the moment or the “rapeflake” tool, but that the attack could have wider ramifications going forward. There are already early signs other companies may be impacted.
Sherman says some of Mitiga’s customers have reached out to it for help, while Mandiant told BleepingComputer it had been assisting Snowflake customers in recent weeks. Cybersecurity researcher Kevin Beaumont shared online that he knows of six companies that have been impacted. And Australian events company Ticketek has also revealed customer names and email addresses stored in a “cloud-based platform, hosted by a reputable, global third-party supplier” have been accessed, although a spokesperson refused to confirm if this was related to Snowflake at all.
“We haven’t seen the entire blast radius yet,” Sherman says. “Snowflake has thousands of clients—they offer self-registration—and some of their clients are huge companies. We expect to learn about additional companies compromised.”
19 notes
·
View notes
Guys. I’m in love. These are some small, quick exercises for people who are bed-bound. It’s linked, but for anyone who doesn’t want to read it:
Hands, Shoulders, and Arms
Shrugging Shoulders
This exercise works best when it is done while sitting down. Shrug shoulders in a way that the shoulders reach the back of your head. It is best to repeat it 5 to 10 times a day.
Palm Stretching
To do this, open your palm and extend your fingers for a few seconds. Try to extend as much as you can until you feel a stretch. Now, touch your thumb with each finger individually. Repeat the same for both hands.
Arm Raises
A very simple exercise is to raise your left arm as high as you can above the head. After repeating it five times, repeat this five times with your right arm.
Now, raise your left arm again in front of you and then change your arm five times. These are called forward arm raises.
Now, for one of the best bed exercises for arms, raise your arm straight out to the side, this is called lateral arm raise. Do it one by one for each arm. If you have the strength, then do this for both arms at the same time.
Arm Crosses
For this, move your arms to the sides until you feel a minor stretch. Now, bring the arms closer to each other in a way that they pass each other in a cross.
Neck
Head Rotation
You can do this while sitting. You need to tilt your head to one side and then rotate it 360 degrees gradually. Repeat the exercise from one side and then repeat it in the reverse direction.
Head Turns
For this, you need to turn your head slowly from one extreme to another. Stretch your head in a way that you feel extreme tension on the side of the neck. Repeat this five times a day and increase the number of repetitions every few days.
Leg, Ankles, and Feet
Leg Rotation
To perform this, keep one of your legs still. Move the other leg to the outer side, a little away from the first leg. Bring it back again and repeat it for the same leg several times. Now, do the same for the other leg.
Ankle Rotation
For this one, extend your legs while sitting down or lying down. Now, raise your leg slightly above the surface. Rotate your ankles clockwise and anticlockwise. Do this at least five times each.
Toe Bends
While lying down, flex your toes when you point them. Stretch the toes outwards and then inwards, towards yourself.
Ankle Bends
Bend your toes in a way that they are pointing towards the ceiling and then backward.
Full Body
Hip Raises
To do this, you can lie down on your back and raise your lips slightly from the bed. You need to keep the hips in the air for a few seconds before you bring them down.
2K notes
·
View notes
Random fandom thoughts/feelings
The reblog button is turned off on this post but I think it's another incredibly important one to be thinking about. I enjoy their framing of how the profit economy of other social media sites has been bleeding into fandom spaces on both tumblr, and like this post focuses on, Ao3. It's something that I've been noticing more and more and it really rubs me the wrong way and I feel like OP's post words it perfectly in a way I've been struggling to express.
This sort of connects the previous post I reblogged on the topic talking about how fandom is not a good in road for becoming internet famous.
A facet of this that's really bamboozled me recently is that I feel like i've been seeing more and more of is the idea that a singular person has a right to call "dibs" on a specific piece of media. Which is honestly totally fucking wild to me and if I'm being totally frank kind of dumb.
Every single one of us who interacts with fandom and by extent and IP is flirting with copy right law, the consequences of which everyone should be extremely familiar with by now with the fall of LJ and various lawsuits by authors, dmca notices, etc.
We have all heard the adage "there's no such thing as an original idea"; the idea that everything we create is the amalgamation of all the things that influence us, good and bad.
This is totally normal and good, actually.
For example, if I and another person both watch a TV show, see a production photograph that we really like and decide to draw it and post them one after the other it would be considered extremely bad behaviour to then turn around and make a big stink about how someone else had the gall to turn around and draw the same thing that I did. We can all look at a picture, video, lyrics to a song, become inspired and create something wildly different based on our tastes and influences--but we also are equally, if not more so, likely to create something nearly identical to our peers, especially in a fandom space where ideas are concentrated and we are all consuming each other's thoughts, opinions, and creations. More than once I've come up with an idea for a fic or a drawing that someone else had had a nearly identical execution of without us communicating or viewing each other's work. That's just the way the human brain works, we're hard wired to make connections in a fairly similar way.
You do not have a right to call dibs on any one photograph, clip of video, song lyrics or any other bit of media you might consume.
This stands for artists, writers, gif makers, AMV creators, and any other way you choose to express your love of fandom creatively.
If you are really hard pressed to focus on the numbers and work at being ~influential~ the burden is on you to distinguish yourself creatively.
There's a reason why not being able to see follower counts is so important to the way fandom and tumblr functions. The concept of ~small creators~ and ~big creators~ or BNF or whatever are all burdens you place on yourselves. No one is taking anything away from you by engaging with the same bit of media you are in a similar way. We all have a right to express ourselves creatively and emotionally through any snippet of media that sparks our interest. You do not get to "own it" just because you happened to pump something out first. There are no creative "dibs". This isn't even some sort of "fandom" etiquette thing that has gone thus unspoken. It's a strange possessive thing that I've seen crop up more and more as the idea of being a capital "C" Creator brain rots people's minds and atrophies their ability to be creative.
Sort of on a tangent, but I have a bunch of other personal random thoughts about how this push to be prolific stagnates fandom, but these are more complicated for me and I'm not as clear on how I want to express them. On one had I am completely on board with the "there is no such thing as cringe" mindset and that everyone has a right to create whatever super indulgent thing they want to without having to suffer people being snobby about it. But, on the other hand I feel very strongly that the cycle of people seeing one trope or characterization being repeated repeated over and over and gaining popularity, reading only that--writing only that--leading others to also only consume that, really stymies creativity and makes it harder to grow the fandom if people that are trying to enter aren't into That One Thing, while also ostracizing people who are already in the fandom that aren't into That One Thing. I strongly believe that people's tastes are at least 70% just what they're exposed to, and obviously not everyone is going to be into whatever weird niche concept they're exposed to through fandom, but the more they are the more opportunity they have to expand that horizon. I don't know how many times I've gotten a version of the "I wasn't sure I would like this but I gave it a shot and it turns out I really love it!" and how good that feels and how much I wish other people were emboldened to do the same instead of being so wrapped up in how their work may or may not be received.
This is mostly a subjective thing though, so it's less cut and dry. Like for example, I really struggle with engaging with transgender fic despite being transgender myself because of the way most AFAB fic is written to the point where I avoid it now almost entirely. Which, frankly, really fucking sucks but also I will be the first person to fight for other's ability to write transgender characters wether they appeal my personal feelings and taste or not.
Anyway, this is one of the reasons I'm so protective of fandom community events, especially ones that employ aspects of the fandom gift economy such as exchanges. There are one of the few wholly un self-centred places left where the focus is on gifting someone something they will love and giving back to the fandom at large by flooding it with art and opportunities appreciation and engagement with each other. It is not supposed to be an opportunity for you to think about yourself and "getting something good" in return or using it a convenient deadline. It also offers you an opportunity to engage with fic tropes and genres that you've never considered writing or reading before.
TL;DR if you've found yourself recently squabbling over how many notes your gifs, art, writing, etc. has been getting compared to other people instead of focusing on forging community ties and your own creative expression, I'm sorry to say you're doing it wrong.
73 notes
·
View notes