Oh great another breach 
Oh great another breach
I havenāt received an e-mail yet but I expect to be getting one.
I wonder what ridiculous oversight was made this time by a major Australian company.
Nothing yet. My last purchase from them was in November so Iād presume Iāve been hit by it.
Did you have CC details stored? Or does it say they got your last four digits etc? Might be worth getting a new card on that front.
Other than that if you used the same password anywhere else - change it there too. Probably worth changing the password on your key accounts (e.g. Google/Phone etc) just in case.
I always assume that anything in one breach will be added to any data lost in any other breach.
The TicketMaster breach apparently included payment info, but the Ticketek one reckons itās only name, email & dob.
Iāll be pissed if it turns out to include CC details, as it was only last week I went through the whole dance of cancelling/reissuing two different cards (one a business card), and updating any direct debits, because of some fraudulent transactions.
I generally opt for Apple Pay as much as possible these days (where offered), because of the whole āmerchant never gets your actual card detailsā aspect.
My bank doesnāt offer those virtual cards that can be created/cancelled on a whim for online purchases etc.
I really donāt know why, as it would mean that the scope of any compromised card is limited to only the places it was used (assuming you could create as many as you wantā¦eg a unique one for each direct debit you have).
Cheers thanks for the info. Apparently they didnāt get any card info, just name, email and DOB. I will change passwords as you suggest. Hopefully its just a minor inconvenience this time.
An outsourced call centre dealing with customers for a data breach had a data breach.
Weāre completely fucked.
Off the back of the Ticketmaster/Ticketek breaches, over the past few days Iāve been practicing a bit of password hygiene, going through all of the entries in my password manager and:
Fuck itās time consuming, but therapeutic all the same.
Kudos, I did something similar as well but the frustrating thing is that it really only would help prevent your additional accounts being compromised if one service is breached, and thatās as much as we can do at our end.
I canāt remember where I saw the suggestion, but Iād be in favour of a 2-year ban on retaining sensitive personal info for any organisations that allow it to be compromised. Drastic sure, but most of these āhacksā seem to be from insecure design or social engineering of employees, and it might force them to start taking it seriously, and/or search for other solutions. Why the hell does ticketek need to know (and keep!) my date of birth anyway?
Yeah, it was weirdly satisfying to try logging into a site I havenāt used in years and for them to no longer have any knowledge of my account.
That should be the norm for most e-commerce sites where the only thing you could lose by purging old accounts is your order history.
For a site that holds content of yours that you might not want to lose (coughā¦.SFCUā¦ā¦) then a āweāve disabled your account due to inactivity, contact us to unlockā approach is ideal.
Far less satisfying was the number of sites that didnāt notify me via email that someone (me) had changed my password, that didnāt offer any form of 2FA, or would let me change the password without reconfirming the current one. Some really poor security practices out there.
So I have 2 factor authentication set up with my Ubisoft account, but there was a good 6 month period where someone from overseas managed to actually log into the account. How does that work?
That was me on twitter, but I want a 5 year ban, if they canāt or wonāt protect peopleās data, they donāt get to retain it, they can use it as data in motion for transactions, but not data at rest.
This would cause significant issues, but after the first ban, everyone else would be far more diligent about their efforts to protect customer data.
What if those costs make a business unviable? Tough shit, privacy before profit 100% of the time.
So I just got an email from Apple, flogging their new Vision Pro device. It looks interesting but I doubt Iād buy one. I check the price anyway and it looks to start at 6k hahaha
Probably wonāt get one
Iām sure theyāll sell a heap though.
Hasnāt that been out for a while, or has it only just landed here?
I feel like there was a 12 weeks worth of social media content around the traps then it went very, very quiet when people realised it was a piece of shit.
No way Iād shell out $6k for one, but if you have a spare half hour and youāre near an Apple Store, Iād encourage anyone to book in for the Vision Pro demo.
It is very impressive. You do a quick calibration and setup process to get the right fit, they teach you a few key gestures, and then take you through a scripted series of demos.
Very cool tech. Still not gonna buy one though.
Cool tech, but whatās the point of it? From a normal consumer point of view.
Exactly. I struggle to think of how Iād use one day to day.
Iāve heard a number of people who got one when they first launched in the US used it for a few weeks then it sat idle because there are few (compelling) apps for it and little additional content (immersive stuff) from Apple.
Best use I can come up with would be that it would be nice for in-flight movies.
You can buy a $450 pair of dual 1080p glasses for that instead of Apples hilariously overpriced offering.
I am glad that some people are buying it, because the tech will trickle down, but I still think useable VR/AR is 5-7 years away.
I thought you wrote that using these for VAR is a few years away and saw referees running around with them on their head.
Brilliant idea.