Unwise

I read this piece on the Equifax data breach by Gary Leff. I was looking for the punch line.

We’re stuck dealing with the consequences, and while the average consumer maybe should get a credit freeze I’m not going to, it’s a pain and slows down the credit origination process and not all issuers will follow up manually to get permission to access your credit. At this point I’m just going to aggressively monitor my accounts.

Unfortunately, he's serious.

While I hate the idea of the kind of personal information being freely available that would allow someone to social engineer access to my accounts, enough correct details to convince a bank to reset my password or make a wire transfer, that sort of attack is manual and time-consuming and not the sort of thing that will be done across 100,000,000 customers. So safety comes in the form of security by obscurity, sure I can be hacked but the odds that I’ll be one of the ones hacked are pretty low.

I'd like him to provide some risk assessment to back up that statement.

Author: Khürt Williams

A human who works in information security and enjoys photography, Formula 1 and craft ale. #nobridge