P CorralFeb 24
Dave Rahardja

ONE BILLION personally-identifiable records were leaked by IDMerit an “AI-powered digital identity verification solutions provider”. The leaked data included:

Full names
Addresses
Post codes
Dates of birth
National IDs
Phone numbers
Genders
Email addresses
Telco metadata

Good thing we’re not uploading personally-identifiable documents for age or identity verification or anything whatsoever OH WAIT

FUCK all this surveillance tech. FUCK this identity verification bullshit. No one can be trusted with this information.

#dataBreach #surveillance #privacy

https://cybernews.com/security/global-data-leak-exposes-billion-records/

Feb 23 at 8:45pmWeb
Show threadKevin RussellFeb 23

@drahardja

AI is the future they say. Ha ha ha

Show threaddrathirFeb 23
@drahardja no one can and no one should ever at first place period! (however ppl still willingly agree for data harvesting... give up rest privacy them get left all bc of made up/coverup excuses...)
Show threadVeeFeb 24
@drahardja 👍 💯
Show threadDingoFeb 24
@drahardja
"The only data that's safe from leaking, is the data that isn't collected"
Show threadMichael McWilliamsFeb 24
@drahardja Another day. Another data breach. Is any business actually *trying* to keep their data safe?
Show threadÁineFeb 24
@drahardja i refuse to think these are leaks, this is data laundering
Show threadKeeyaFeb 24
@drahardja Was it the personal data that was deleted immediately after processing or some other data? 
Show threadDave RahardjaFeb 24
@keeya When you say “immediately”…
Show threadKeeyaFeb 24
@drahardja … as soon as our 1584 partners have processed your data. For your safety. They will of course delete it again. Honest!
Show threadDeltaWyeFeb 24

@keeya @drahardja

“Delete data immediately”

“Well, that was a fucking lie.” - Tyler, the Creator

Show threadnicole mikołajczykFeb 24

@drahardja is there anything that confirms the leak actually happened tho?

https://x.com/vxunderground/status/2025064578569162931

vx-underground (@vxunderground) on X

I keep seeing news about this. The source is from CyberNews, a known peddler of misinformation. The CyberNews article itself is AI generated and provided zero proof of their claims other than AI slop. Yes, KYC bad and dangerous, but don't misinformation and lie

X (formerly Twitter)
Show threadDave RahardjaFeb 24

@mkljczk Good question. If this is misinformation I’m sad to have reposted it.

The breach story has been re-reported dozens of times by reputable news outlets (based on the same source). On the other hand the denials of the story seem to be entirely astroturfed: don’t believe the story, because it’s cybercriminals extorting ID verification companies! Why doesn’t IDMerit state plainly that there was no breach? They have a blog on their website. Why not deny the story there?

I think it’s likely that a breach has occurred, but also that cybercriminals may be extorting them over it.

Show threadnicole mikołajczykFeb 24
@drahardja There’s definitely a demand for news about ‘identity verification provider’ companies getting what they deserve, so
Show threadDave RahardjaFeb 24
@mkljczk I think it’s in IDMerit’s business interest to deny the story. Why haven’t they done so?
Show threadjohnny anhedonicFeb 24
@drahardja oh fintech. yeah that sounds about right
Show threadAlexander JanßenFeb 24
@drahardja #Tja
Show threadPflege42Feb 24
@drahardja
Thinking about if your own data is part oft this leak?
One way to find out is here
https://haveibeenpwned.com/
Have I Been Pwned: Check if your email address has been exposed in a data breach

Have I Been Pwned allows you to check whether your email address has been exposed in a data breach.

Have I Been Pwned
Show threadDave RahardjaFeb 24
@Pflege42 I’ve been online long enough that I’m pretty sure the answer for me is YES.
Show threadDave RahardjaFeb 24
@Pflege42 lol
Show threadDeltaWyeFeb 24
@drahardja “We’re sowwwwrrryyyyy” (they get the most gentle slap on the wrist possible)