Dave RahardjaFeb 23

ONE BILLION personally-identifiable records were leaked by IDMerit an “AI-powered digital identity verification solutions provider”. The leaked data included:

Full names
Addresses
Post codes
Dates of birth
National IDs
Phone numbers
Genders
Email addresses
Telco metadata

Good thing we’re not uploading personally-identifiable documents for age or identity verification or anything whatsoever OH WAIT

FUCK all this surveillance tech. FUCK this identity verification bullshit. No one can be trusted with this information.

#dataBreach #surveillance #privacy

https://cybernews.com/security/global-data-leak-exposes-billion-records/

Show threadnicole mikołajczykFeb 24

@drahardja is there anything that confirms the leak actually happened tho?

https://x.com/vxunderground/status/2025064578569162931

vx-underground (@vxunderground) on X

I keep seeing news about this. The source is from CyberNews, a known peddler of misinformation. The CyberNews article itself is AI generated and provided zero proof of their claims other than AI slop. Yes, KYC bad and dangerous, but don't misinformation and lie

X (formerly Twitter)
Show threadDave RahardjaFeb 24

@mkljczk Good question. If this is misinformation I’m sad to have reposted it.

The breach story has been re-reported dozens of times by reputable news outlets (based on the same source). On the other hand the denials of the story seem to be entirely astroturfed: don’t believe the story, because it’s cybercriminals extorting ID verification companies! Why doesn’t IDMerit state plainly that there was no breach? They have a blog on their website. Why not deny the story there?

I think it’s likely that a breach has occurred, but also that cybercriminals may be extorting them over it.

Show threadnicole mikołajczykFeb 24
@drahardja There’s definitely a demand for news about ‘identity verification provider’ companies getting what they deserve, so
Show threadDave Rahardja
@mkljczk I think it’s in IDMerit’s business interest to deny the story. Why haven’t they done so?
Feb 24 at 6:23pmWeb