Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Businesses

100,000 More Social Security Numbers Exposed 325

Posted by Zonk from the that-why-we-use-these-password-things dept.
ThinkComp writes "PayMaxx, Inc. is a web-based payroll processing company, and they recently notified me that my on-line form W-2 was available. And so it was, along with the W-2 (including SSN and salary data) of every other one-time PayMaxx customer dating back at least five years, possibly 100,000 in all. Through news.com, PayMaxx reports, 'PayMaxx has made and continues to make every effort to secure its system against any breach,' which is why part of their site has been down now for several days."
This discussion has been archived. No new comments can be posted.

100,000 More Social Security Numbers Exposed More

100,000 More Social Security Numbers Exposed

Comments Filter:

  • Free credit reports... (Score:2, Informative)

    by borawjm ( 747876 ) on Friday February 25, 2005 @05:31PM (#11781881)
    I guess it's a good thing that I can get free credit reports [annualcreditreport.com] from each of the nationwide consumer credit reporting companies starting March 1st.

  • Alternate link (Score:3, Informative)

    by caryw ( 131578 ) <carywiedemann.gmail@com> on Friday February 25, 2005 @05:32PM (#11781900) Homepage
    There is a more in-depth article about this at the Boston Globe [boston.com].
    First ChoicePoint now this? How long until a major government database like one from the IRS gets hacked and information on almost every US citizen is available? Scary thought.
    - Cary
    --Fairfax Underground [fairfaxunderground.com]: Where Fairfax County comes out to play

  • Re:Uh oh... (Score:2, Informative)

    by learn fast ( 824724 ) on Friday February 25, 2005 @05:35PM (#11781947)
    This is a reference from yesterday's Daily Show.

    But, I noticed, that couldn't be Jon Stewart's real social security card, because the name that would appear would be his real name, which is Jonathan Stuart Leibowitz.

  • Re:Define "breach" (Score:5, Informative)

    by Ironsides ( 739422 ) on Friday February 25, 2005 @05:36PM (#11781965) Homepage Journal
    Well, since their security consisted of "So long as no one increments their unique number we assigned them by 1 in the browser location bar", I'd say that they were pretty much dumb idiots. Sloppy doesn't begin to cover this.

  • He changed his name (Score:1, Informative)

    by Anonymous Coward on Friday February 25, 2005 @05:45PM (#11782094)
    From: http://www.answers.com/topic/jon-stewart

    Stewart married long-time girlfriend Tracey McShane in 2000, at which time they both legally changed their last names to "Stewart." The couple had their first child, Nathan Thomas, on July 3, 2004.

  • Re:Free credit reports... (Score:3, Informative)

    by borawjm ( 747876 ) on Friday February 25, 2005 @05:48PM (#11782139)
    I believe they are doing it in phases.

    From ftc.gov [ftc.gov]...
    Free reports will be phased in during a nine-month period, rolling from the West Coast to the East beginning December 1, 2004. Beginning September 1, 2005, free reports will be accessible to all Americans, regardless of where they live.

    Consumers in the Western states -- Alaska, Arizona, California, Colorado, Hawaii, Idaho, Montana, Nevada, New Mexico, Oregon, Utah, Washington, and Wyoming -- can order their free reports beginning December 1, 2004.

    Consumers in the Midwestern states -- Illinois, Indiana, Iowa, Kansas, Michigan, Minnesota, Missouri, Nebraska, North Dakota, Ohio, South Dakota, and Wisconsin -- can order their free reports beginning March 1, 2005.

    Consumers in the Southern states -- Alabama, Arkansas, Florida, Georgia, Kentucky, Louisiana, Mississippi, Oklahoma, South Carolina, Tennessee, and Texas -- can order their free reports beginning June 1, 2005.

    Consumers in the Eastern states -- Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, New Jersey, New York, North Carolina, Pennsylvania, Rhode Island, Vermont, Virginia, and West Virginia -- the District of Columbia, Puerto Rico, and all U.S. territories can order their free reports beginning September 1, 2005

  • Re:Time to write to my Congressman (Score:2, Informative)

    by L1nux_L0ser83 ( 860647 ) on Friday February 25, 2005 @05:53PM (#11782207) Homepage Journal
    federal law mandates that you can reqeust a auditor of your health and financial information from a company at any time...HIPPA which is a health privacy law and Graham-Leach-Biley act ( which we use all the here at work) mandate that a person can request in writing to a company any time that his /her financial info was released to another company/person and the reasons behind it...these things are in place..its just getting companies to follow it

  • here's some info for you related to this (Score:2, Informative)

    by Itanshi ( 861931 ) on Friday February 25, 2005 @05:54PM (#11782213)
    and choicepoint http://informationweek.com/story/showArticle.jhtml ?articleID=60403673/ [informationweek.com] news article on about how congress wants the california law to be aended and spread over all the states, should fix this nicely hmm any complaints?

  • Back the bus up... (Score:3, Informative)

    by XorNand ( 517466 ) on Friday February 25, 2005 @05:54PM (#11782218)

    If you check the Boston.com article [boston.com] that's been posted by another user, you'll see that "Think Computer" was demanding payment to tell them about this bug. This sounds a little bit like extortion, don't you think? What gets even more interesting, is that I recognized this guy from an earlier story [slashdot.org] on Slashdot. He wrote a rambling, alarmist "whitepaper" about how unsecure WiFi was in the Boston subway. Furthermore, searching Massachusetts business filings [state.ma.us] doesn't show that any "Think Computer" corporate entity exists.

    I believe that this is just some young kid who desperatly wants for himself to be seen as some sort of security expert. His techniques are highly unprofessional and insulting to those of us in the industry who do, in fact, have a clue as to how IT consulting works.

  • Re:Credit report monitoring (Score:2, Informative)

    by RmanB17499 ( 829438 ) on Friday February 25, 2005 @06:31PM (#11782634)
    I believe you are confusing torts and criminal law.

    Find me a criminal law that says negligent release of sensitive information is a crime??

    However, if you are referring to negligence in a tort action at common law then there is a possibility. However, again there is no law making them protect the information. In a tort action we must find an actual breach of duty that is required by law. The only duty that may apply is if this company had a privacy policy or contract that said they would protect the information.

    Without such a contract or policy known to the public there is no basis of a breach of duty that I can think of.

    If you give me your social security number I can give it out with impunity as long as I do not give it to a known identity thief or constructively assist in the perpretration of a fraud since that would be an obvious accessory or aiding crime.

  • Re:Use of SSN fundamentally flawed. (Score:3, Informative)

    by lax-goalie ( 730970 ) on Friday February 25, 2005 @07:07PM (#11782983)
    Better check to see that derivatives of your SSN are prohibited, as well, otherwise, your ID will become XXX-XX-XXXX-01 or somesuch. Think that's too stupid to happen? That's exactly what happened in Virginia when passed a similar law.

    The result? Another trip to the legislature required...

  • Re:Uh oh... (Score:2, Informative)

    by SCVirus ( 774240 ) on Friday February 25, 2005 @09:19PM (#11784024) Journal
    Indeed it would be a bad thing to find out that Jon Stewarts SSN is 547749875

Slashdot Top Deals

To program is to be.

Close