Safer Internet: What Do You Have to Hide?

Quotes | Summary | Who's at Risk | Types of Info | Identify Theft, Credit Freeze | Farfetched Example? |
References: General | Attacks,Leaks | Equifax, Credit Bureaus & Freezes |
Face | Financial | Health | Home | Identity Theft | Location | Vehicles | Voting

---

Quotes

• "What happens in Vegas... ends up on YouTube." ~Tim Lebrecht
• "There are only two types of companies... Those that have been hacked
  and those that will be hacked." ~Robert Mueller, FBI Director, 2012.
  Steve's addition: some companies don't know they've been hacked, don't care, or hide/deny it.
• "If you give me six lines written by the hand of the most honest of men,..
  I will find something in them which will hang him." ~Cardinal Richlieu
• "If you think it, don't say it. If you say it,... don't write it.
  If you write it -- don't be surprised". ~Soviet proverb
• "Data is the new... oil." ~Your personal information is now the world's most valuable commodity
• "We live in what's called an open society, which of course means...
  they open our emails, open our phone records, and open our medical records." ~Jay Leno
• "Even if you're not doing anything wrong,... you are being watched and recorded." ~Edward Snowden
• "Surveillance is the... business model of the internet." ~On internet privacy, be very afraid
• "Reality #1: Bad guys already have access to... personal data points that you may believe
  should be secret but which nevertheless aren't, including your credit card information,
  Social Security number, mother's maiden name, date of birth, address, previous addresses,
  phone number, and yes -- even your credit file.
  
  Reality #2: Any data point you share with a company will in all likelihood eventually be hacked,
  lost, leaked, stolen or sold -- usually through no fault of your own. And if you're an American,
  it means (at least for the time being) your recourse to do anything about that when it does happen
  is limited or nil.
  
  Once you've owned both of these realities, you realize that expecting another company to
  safeguard your security is a fool's errand, and that it makes far more sense to focus instead
  on doing everything you can to proactively prevent identity thieves, malicious hackers or
  other ne'er-do-wells from abusing access to said data." ~Krebs: What the Marriott Breach Says About Security
• Your data -- the abstract portrait of who you are, and, more importantly,
  of who you are compared to other people -- is... your real vulnerability
  when it comes to the companies that make money offering ostensibly free services to millions of people.
  Not because your data will compromise your personal identity. But because it will compromise your
  personal autonomy. "What these companies are doing is building little models, little avatars,
  little voodoo dolls of you. Your doll sits in the cloud, and they'll throw 100,000 videos at it to see
  what's effective to get you to stick around, or what ad with what messaging is uniquely good at
  getting you to do something."
  
  With 2.3 billion users, "Facebook has one of these models for one out of every four humans on earth.
  Every country, culture, behavior type, socio-economic background," said Raskin. "With those models,
  and endless simulations, the company can predict your interests and intentions before you even know them...
  Without having to attach your name or address to your data profile, a company can nonetheless compare
  you to other people who have exhibited similar online behavior" ~Why data, not privacy, is the real danger
• "I give the fight up: let there be an end, a privacy,... an obscure nook for me.
  I want to be forgotten even by God." ~Robert Browning
• "Arguing that you don't care about the right to privacy
  because you have nothing to hide... is no different than saying
  you don't care about free speech
  because you have nothing to say." ~Edward Snowden
• "It's impossible to move, to live, to operate at any level... without leaving traces,
  bits, seemingly meaningless fragments of personal information." ~William Gibson
• "The internet is just... a world passing notes around a classroom." ~Jon Stewart
• "Some might say 'I don't care if they violate my privacy; I've got nothing to hide.'...
  Help them understand that they are misunderstanding the fundamental nature of human rights.
  Nobody needs to justify why they 'need' a right: the burden of justification falls on the one seeking
  to infringe upon the right. But even if they did, you can't give away the rights of others because
  they're not useful to you. More simply, the majority cannot vote away the natural rights of the minority."
  ~Edward Snowden, on caring about privacy 5/21/2015
• "My name is Avery Ryan. I was a victim of cyber crime... Like you, I posted on social media,
  checked my bank account balance on line, even kept the confidential files of my psychological practice
  on my computer. Then I was hacked, and as a result, one of my patients was murdered. My investigation
  into her death led me to the FBI, where I joined a team of cyber experts to wage a war against a
  new breed of criminal hiding on the Deep Web...infiltrating our daily lives in ways we never imagined
  ...faceless...nameless...lurking inside our devices, just a keystroke away. It can happen to you." ~CSI: Cyber 2015-2016

Summary

• Who's at Risk? have SSN? use credit card? post on social media? read privacy policies? high-profile?
• Types of Info contacts, financial, location, medical, passwords, ...
• Identify Theft, Credit Freezes
• Example -- farfetched, or is it?
• References

Who's at Risk?

• Everyone's information, even a fragment, can valuable to someone for
  profiling, money (e.g., advertisers, hackers) and/or control (e.g., governments, abusers).
• [1] Anyone who has ever had a loan or credit card -- very likely affected by 9/2017 Equifax breach
• [1] Anyone whose SSN, email or other sensitive details have been
  or will be leaked by a careless company or incompetent government agency
• [1] Anyone who's posted to Facebook or other social media
• [1] Anyone unaware of current recommended privacy and security practices.
• [2] Anyone who's read privacy policies and changed some settings -- there's always more to review / do
• [3] Any high-profile target: celebrity, politician, business, political dissident,
  investigative journalist, whistleblower

Types of Info

• Contact information: home address, phone, email -- yours and family
• Vital Statistics: your birthday, birthplace, family members
• Financial information: SSN, credit cards, purchases, tax returns, bank statements
• Your current and past locations -- via smartphone or car
• Photos
• Medical information: health records, DNA
• Biometrics: fingerprints, face scans, movement (motion sensors)
• Password(s): if a password is stolen, login to that site and change it, before a hacker does
  -- hopefully, you have devious security question answers
  and/or 2-factor authentication for any sensitive accounts.
• However, if you re-used that password for other sites -- a big no-no -- you'll have to scramble...
• Email, chat, and other communication history
• Browsing behavior -- current and historical {List. TCYOP-4: 87-98; TCYOP-3: 73-74}; browser 'footprint'
• Personally-identifiable vs. anonymously-aggregated information; content vs. metadata
• Data across different sites via cookies or IP address (or 'browser fingerprint')
  can be mined/aggregated to reveal patterns, and lead to individuals
• How anonymous/unique are you: zip code + birthdate + gender?
• Other devices: voting systems, (smart)TV, set-top/streaming box, game console,
  smart watch, health/fitness trackers, home automation, car; section: "Internet of Things" (IoT)
• Others' devices: cameras, wearable technology
• NYT quiz: How Many Times Has Your Personal Information Been Exposed to Hackers?
• NIST Quiz: Are you Safe Online?
• Pew: Cybersecurity Knowledge Quiz
• haveibeenpwned.com check if you have an account that has been compromised in a data breach;
  pwned (gaming term) = totally dominated, conclusively defeated
• HPI Identity Leak Checker check whether your email address, along with other personal data
  (e.g. telephone number, date of birth or address), has been made public on the Internet
  where it can be misused for malicious purposes

Identity Theft

• A good place to start: FTC: identitytheft.gov
• 2023 cyber-attacks targeted a vulnerability in the MOVEit filesharing technology used by
  many federal & state agencies and corporations around the world. This exposed personal information
  of millions of people, including social security numbers in many cases.
• e.g., MOVEit hack spawned over 600 breaches but is not done yet -- cyber analysts Reut; 8/8/2023
• Your bank or financial institution may offer a free credit monitoring service; set up credit freezes (below).
• If you have ever had a loan, mortgage or credit card,
  you are very likely affected by the Equifax breach (9/2017)
  -- with at least your birthdate, name, address, SSN available to hackers worldwide
• Equifax grand leak total (5/2018): 146.6 million names, 146.6 million dates of birth,
  145.5 million social security numbers, 99 million addresses
  and 209,000 payment cards (number and expiry date) exposed;
  also 38,000 American drivers' licenses and 3,200 passport details
• You may be vulnerable due to other past or future leaks
  from other companies or government agencies with sloppy security.
• However, there are still some things you can do to minimize the damage
  -- many of them free (with some redundancy)
• Closely monitor credit card activity for unrecognized charges
  with your credit card companies -- at least monthly, but preferably more often.
• Set up SMS and/or email notifications and fraud alerts with your credit card company
  for charges over certain amounts or from certain sources, esp. online, international.
• Check your credit report & score, e.g., annualcreditreport.com free; creditkarma.com
• If your credit card is missing or stolen, in addition to checking your report,
  you can set up notifications/alerts with some credit agencies.
• optoutprescreen.com: to reduce mailed credit and insurance offers
  which might be stoken from your mailbox; opt-out for 5 years (electronically), for life (via mail)
• File your income taxes as early as possible -- and setup an online account with IRS
  to review past tax returns -- so that a hacker doesn't file early (with your SSN) and claim a refund,
  or steal your info/identity: Get Transcript; View Your Tax Account

Check/Freeze Credit Reports

• Freeze credit reports with all 3 major credit reporting agencies
  -- to prevent future applications for mortgages, auto loans, credit cards with your SSN
• Federal law now requires credit bureaus to offer security freezes free of charge,
  and they're much simpler to set up than in the past;
  some states used to charge $10; unfreezes should also be free?
• A freeze accomplishes the same thing as a lock, but with a freeze, your rights are defined by law.
• With credit locks, the credit bureaus set the rules;
  the lock option is more prominent on their websites -- but I've provided direct links for setting up freezes below
• If you set up only a lock earlier with EquiFax (or the other agencies),
  re-enroll with a freeze; note: any pre-existing lock will be removed, e.g., TrustedID Premier
• Save the generated PIN, e.g., in your password manager, in order to unfreeze
  when applying later for a new loan or credit card.
• Equifax: Freeze
• TransUnion: Freeze
• Experian: Freeze
• Innovis: Freeze; lesser known than the 'big 3' credit agencies, but since it's free, why not?
• National Consumer Telecom and Utilities Exchange for telecommunication, pay TV and utility accounts
• Some credit/identity monitoring services may be free (with ads):
  e.g., CreditKarma.com; or included in membership, e.g., ProtectID (AAA)
• Credit agencies and others may offer some free credit/identity monitoring services,
  but beware of paid upgrades for these and other services -- they're often unnecessary,
  duplicative, overpriced, e.g., Equifax: Complete Premier, Family Plan, ID Patrol
  do you really want to trust and reward the company (Equifax) that leaked your info in 2017?;
  or Lifelock which paid FTC fines for deceptive advertising?

Farfetched Example?

CALLER: Is this Gordon's Pizza?

GOOGLE: No sir, it's Google Pizza.


CALLER: I must have dialed a wrong number. Sorry.

GOOGLE: No sir, Google bought Gordon’s Pizza last month.


CALLER: OK. I would like to order a pizza.

GOOGLE: Do you want your usual, sir?


CALLER: My usual? You know me?

GOOGLE: According to our caller ID data sheet, the last 12 times
you called you ordered an extra-large pizza with three cheeses,
sausage, pepperoni, mushrooms and meatballs on a thick crust.


CALLER: OK! That’s what I want.

GOOGLE: May I suggest that this time you order a pizza
with ricotta, arugula, sun-dried tomatoes and olives
on whole wheat gluten free thin crust?


CALLER: What? I detest vegetables.

GOOGLE: Your cholesterol is not good, sir.


CALLER: How the hell do you know?

GOOGLE: Well, we cross-referenced your home phone number with your
medical records. We have your blood test results for the last 7 years.


CALLER: But I do not want your rotten vegetable pizza!
I already take medication for my cholesterol.

GOOGLE: Excuse me sir, but you have not taken your medication regularly.
According to our database, you purchased a box of 30 cholesterol tablets
only once, at Drug RX Network, 4 months ago.


CALLER: I bought more from another drugstore.

GOOGLE: That doesn’t show on your credit card statement.


CALLER: I paid in cash.

GOOGLE: But you did not withdraw enough cash
according to your bank statement.


CALLER: I have other sources of cash.

GOOGLE: That doesn’t show on your last tax return unless you bought
them using an undeclared income source, which is against the law.


CALLER: WHAT THE HELL?

GOOGLE: I'm sorry, sir, we use such information only
with the sole intention of helping you.


CALLER: Enough already! I'm sick to death of Google, Facebook, Twitter, WhatsApp
and all the others. I'm going to an island without internet,
cable TV, where there is no cell phone service
and no one to watch me or spy on me.

GOOGLE: I understand sir, but you need to renew your passport first.
It expired 6 weeks ago.

References

• {TCYOP-3: 13-17; TCYOP-3: 11-15}
• sections: Refs: Attacks,Leaks; Equifax, Credit Bureaus & Freezes; Face; Financial;
  Health; Home; Identity Theft; Location; Vehicles; Voting
• topics: credit freeze, data imports, dating, DNA, elections, FOIA, haveibeenpwned.com,
  hospitals, pacemakers, revenge porn, surveillance
• companies/organizations: Anthem, Apple, Ashley Madison, Blue Cross, Comcast, Deloitte,
  Delta, Dow Jones, Equifax, Facebook, FDA, Google, Hyatt, IRS, &J, Kickstarter, Lifelock, Medicare,
  Orbitz, Panera, Scottrade, Sears, Strava, SWIFT, T-Mobile, Tinder, Uber, Under Armour, Whole Foods
• see course sections: Malware: cyberwar, ransomware; Shopping: Payment / Credit Cards
• Wikipedia: Information Privacy; Privacy Law; operations security (opsec)
• Wikipedia: revenge porn sexually explicit media that is distributed without the consent of the individual(s) involved
• Predict My Profile predicts psychological traits from digital footprints of human behaviour, e.g., Facebook or blog posts
• Keep Your Data Secure With a Personalized Plan interactive; choose devices; needs; situations; Consumer Reports
• Security News This Week
  each weekend, WIRED rounds up the security vulnerabilities and privacy updates that deserve your attention
• How to Avoid Online Scams and What to Do if You Become a Victim NYT; 8/10/2024
• It's not worth paying to be removed from people-finder sites, study says
  the best removal rate was less than 70%,
  and that didn't beat manual opt-outs; Ars; 8/8/202
• Welcome to Scam World NYT; 4/21/2024
• EFF adds Street Surveillance Hub so Americans can check who's checking on them EFF Street Surveillance hub; Reg; 1/22/2024
• Eight Steps to Protect Your Digital Privacy After a Bad Breakup LH; 1/12/2024
• How to Remove Your Personal Info From Google by Using Its 'Results About You' Tool set up alerts for whenever your home address, phone number, and email address appears in Search; Wired; 9/3/2023
• Americans Flunked This Test on Online Privacy NYT; 2/7/2023
• How to rescue your hacked account: Facebook, Instagram, Snapchat, and more
  Apple, Facebook, Google, Instagram, Snapchat, Spotify, TikTok, Twitter; Verge; 10/17/2022
• The Default Tech Settings You Should Turn Off Right Away
  Apple, Google, Meta, Amazon, Microsoft; NYT; 7/27/2022
• Steps to Simple Online Security: Extra security for financial and health data;
  What to do if you think you've been hacked NYT; 4/22/2022
• Your Digital Footprint: It's Bigger Than You Realize CNet; 4/4/2022
• 6 Ways to Delete Yourself From the Internet Wired; 1/3/2022
• How a Burner Identity Protects Your Inbox, Phone, and Credit Cards
  Private email forwarding: SimpleLogin;
  Throwaway email: Maildrop;
  Virtual credit card: Privacy;
  Second phone number: Google Voice;
  All-in-one burner identity: MySudo;
  NYT; 6/28/2021
• What Would Happen If All Personal Data Leaked at Once? Giz; 9/7/2020
• 9 Apps to Boost Your Phone's Security and Privacy Wired; 8/16/2020
• Privacy Threats in Intimate Relationships
  those closest to us know the answers to our secret questions, have access to our devices,
  and can exercise coercive power over us; 6/5/2020
• Giving People Property Rights In Data Will Not Solve Privacy, But... TD; 6/1/2020
• BlackBaud affected SOU Foundation donors; 5/2020
• Work-from-Home Security Advice 3/19/2020
• Here's How to Protect Yourself When Your Data Inevitably Leaks
  2FA; different userids/passwords; Giz; 3/4/2020
• Infosec Buzzword Bingo: 2020 Edition MB; 2/11/2020
• Researchers Find 'Anonymized' Data Is Even Less Anonymous Than We Thought MB; 2/3/2020
• Phone Hacks Can Happen to Anyone. Here's How to Protect Yourself.
  vacation clues, hotel Wi-Fi and inadequate verification procedures; NYT; 1/31/2020
• Want Your Personal Data? Hand Over More Please NYT; 1/15/2020
• Novelists, poets and artists imagine life in the age of surveillance NYT; 1/3/2020
• The Decade We Learned There’s No Such Thing as Privacy Online
  And a corrupt U.S. government seems incapable and unwilling to do anything about it; MB; 12/31/2019
• Why an internet that never forgets is especially bad for young people
  Obsessive documentation of one's life online has made it hard for young people to shed their past identities
  and might have bad effects for society at large; MIT; 12/27/2019
• What’s the Worst That Could Happen With My Phone Data?
  Our Journalists Answer Your Questions NYT; 12/26/2019
• The Worst Hacks of the Decade Stuxnet; Shamoon; Sony Hack; Office of Personnel Management Breach;
  Ukrainian Blackouts; Shadow Brokers; 2016 US Presidential Hack; NotPetya; Equifax; Aadhaar; Wired; 12/23/2019
• Freaked Out? 3 Steps to Protect Your Phone directions avail. for And, iOS;
  1. Stop sharing your location with apps;
  2. Disable your mobile ad ID;
  3. Prevent Google from storing your location; NYT; 12/19/2019
• How to Opt Out of the Most Popular People Search Sites
  Family Tree Now, Whitepages, Spokeo, Instant Checkmate, Pipl, Intelius; LH; 12/12/2019
• Company Leaves 752,000 Birth Certificate Copy Applications
  Publicly Exposed on Amazon Cloud Account Giz; 12/10/2019
• How to Protect Yourself After T-Mobile's Big Data Breach LH; 11/25/2019
• You’re Tracked Everywhere You Go Online. Use This Guide to Fight Back.
  Don’t hand over data unless you have to; opt out of advertiser tracking: simpleoptout.com;
  check how social media sites are using your data; NYT; 11/24/2019
• Amnesty International says Facebook and Google's omnipresent surveillance
  is inherently incompatible with the right to privacy and is a danger to human rights AI; 11/21/2019
• [2] A Paranoid Guide to Fighting the ‘Bugging Epidemic’
  With surveillance gear cheaper and easier to use, security experts say checking your environment
  for cameras and microphones is not a crazy idea; NYT; 11/15/2019
• This Website Has Solved Cybersecurity ;-) new parody website generates random excuses
  to explain why companies got hacked and apologize to their users; MB; 11/6/2019
• Americans and Digital Knowledge Survey of 4,272 US adults shows patchy knowledge on tech issues:
  many answered correctly on cookies and phishing, few knew about 2FA, https, or private browsing; Pew; 10/9/2019
• [2] A technical look at Phone Extraction PI; 10/14/2019
• Personal information of most of Ecuador's population, including 6.7M children,
  left exposed online with home addresses, phone numbers, work information, more ZD; 9/16/2019
• I Shared My Phone Number. I Learned I Shouldn't Have. NYT; 8/15/2019
• How Many Times Has Your Personal Information Been Exposed to Hackers? NYT; quiz; 7/30/2019
• You're very easy to track down, even when your data has been anonymized
  A new study shows you can be easily re-identified from almost any database, even when
  your personal details have been stripped out; check your anonymity (w/ zip, birthdate, gender); MIT; 7/23/2019
• Amazon offers $10 to Prime Day shoppers who hand over their data
  let Amazon track the websites you visit; Reut; 7/16/2019
• The One Company I Gave My Address To Won't Delete It MB; 7/16/2019
• Selling Your Private Information Is a Terrible Idea rights; NYT; 7/5/2019
• 6 Unexpected Places Hackers Can Find Your Information
  1. Social Media
  2. E-Commerce Websites
  3. Quizzes
  4. Search Engines
  5. Fitness Trackers
  6. Digital Trash Bins; MF; 7/2/2019
• You Care More About Your Privacy Than You Think plus, how to sext securely; NYT; 6/11/2019
• Poor People's Privacy Can't Be an Afterthought NYT; 4/25/2019
• Think You're Discreet Online? Think Again "data inference" technology; NYT; 4/21/2019
• Why You Can No Longer Get Lost in the Crowd NYT; 4/17/2019
• Do You Know What You've Given Up? Introducing The Times Privacy Project; NYT; 4/10/2019
• It's Time to Panic About Privacy We claim to want it, companies claim to provide it,
  but we all just accept that, well, you have no privacy online; NYT; 4/10/2019
• Where Would You Draw the Line? The boundaries of privacy are evolving quickly.
  Show us where you would set them; survey; NYT; 4/10/2019
• My Phone Knows All, and That's Great Sure, electronic eyes are spying.
  But look at all this pocket computer can do! NYT; 4/10/2019
• What the Bible Says About Secrets Scripture offers at least two views of privacy:
  It's necessary for a healthy spiritual life, but it also provides a place where sin can be committed; NYT; 4/10/2019
• Education and Science Giant Elsevier Left Users’ Passwords Exposed Online MB; 3/18/2019
• [3] How a Bitcoin Evangelist Made Himself Vanish, in 15 (Not So Easy) Steps
  Step No. 10: Buy a decoy house to fool the DMV; NYT; 3/12/2019
• Is Your Seatmate Googling You? We underestimate the risks to privacy in our everyday,
  offline lives; experiment to determine difference between the privacy we think we have when we’re in public
  and the privacy we actually have; NYT; 3/8/2019
• People Are Concerned About Their Privacy in Theory, Not Practice, Says New Study
  81% of consumers say they’ve become more concerned about how companies use their data,
  while 87% think companies should be more heavily regulated on personal data management;
  apparently it’s not enough for them to take actions in response. 71% said that they were willing
  to give up privacy to get access to what technology can offer. Only 45% have updated their privacy
  settings on products in response and 16% walked away from a company because of data misuse; Fortune; 2/26/2019
• Your phone and TV are tracking you, and political campaigns are listening in
  'digital fence' pushed ads onto the iPhones and Androids of all those attending the meeting.
  Not only that, but because the technology pulled the unique identification numbers off the phones,
  a data broker could also use the digital signatures to follow the devices home. Once there,
  the campaign could use so-called cross-device tracking technology to find associated laptops,
  desktops and other devices to push even more ads; possible solutions? VPN, ad blocking,
  app settings (or safer apps), TV settings; LAT; 2/20/2019
• Feds share terror watchlist with 1,400 private groups 2/20/2019
• NATO Group Catfished Soldiers to Prove a Point About Privacy
  What can we find out about a military exercise just from open source data?
  What can we find out about the participants from open source data, e.g., social media?
  Can we use all this data to influence the participants' behaviors against their given orders? Wired; 2/18/2019
• The Wired Guide to Your Personal Data (and Who Is Using It)
  What Constitutes "Personal Data"? Who Buys, Sells, and Barters My Personal Data?
  The History of Personal Data Collection; The Future of Personal Data Collection; Wired; 2/13/2019
• Stolen Internet Account Data AshMUG; .pdf; 2/9/2019
• Why data, not privacy, is the real danger
  Personal data harvested at scale and exploited via microtargeting threatens people's autonomy;
  they can predict what you’re talking about without actually listening; NBC; 2/4/2019
• Run a Comprehensive Background Check on Yourself
  Credit Agencies; Employment Screening; Tenant/Housing Screening;
  Bank and Check Screening; Medical Insurance; LH; 1/31/2019
• He Reported on Facebook. Now He Approaches It With Caution.
  privacy practices on his devices; NYT; 1/23/2019
• Cyberstalkers are crowdsourcing danger to victims’ doorsteps with dating apps CNet; 1/22/2019

Attacks, Leaks

• haveibeenpwned.com check if you have an account that has been compromised in a data breach;
  pwned (gaming term) = totally dominated, conclusively defeated; now available via 1Password
• What to Know About the Latest Social Security Number Breach NYT; 8/15/2024
• The Massive AT&T Data Breach Doesn't Affect Just AT&T Customers. Here's How to Protect Yourself. NYT; 7/16/2024
• Rite Aid says breach exposes sensitive details of 2.2 million customers Ars; 7/16/2024
• Apple Explains How to Identify Social Engineering Attacks TB; 7/15/2024
• How to tell if your online accounts have been hacked TC; 7/14/2024
• RockYou2024: 10 billion passwords leaked in the largest compilation of all time 7/4/2024
• Microsoft reveals how hackers breached its Exchange Online accounts BC; 1/16/2014
• Microsoft network breached through password-spraying by Russian-state hackers MFA not used? Ars; 1/19/2024
• MOVEit, Capita, CitrixBleed and more: The biggest data breaches of 2023 TC; 12/27/2023
• The 23andMe User Data Leak May Be a Million Times Worse Than Believed due to credential stuffing? Wired; 10/18/2023
• Take These Steps to Protect Your Data After a Cyberattack
  if you're a Dish, SlingTV, or Boost Mobile customer, you need to protect yourself now; LH; 4/7/2023
• A look at 2022's worst breaches, leaks, ransomware attacks,
  state-sponsored hacking campaigns, and digital takeovers, including at least two Twilio breaches Wired; 12/31/2022
• What to Do if Your Password Is Exposed in a Data Breach Giz; 7/27/2022
• The Worst Hacks and Breaches of 2022 So Far Wired; 7/4/2022
• The Biggest Hacks of 2021 (So Far) Giz; 10/7/2021
• Reset Your Twitch Password Right Now LH; 10/6/2021
• Company That Routes Billions of Text Messages Quietly Says It Was Hacked
  hackers had unauthorized access to Syniverse's system for years; Vice; 10/4/2021
• Fallout begins for far-right trolls who trusted Epik to keep their identities secret
  colossal hack of Epik, an Internet-services company popular with the far right, has been called the
  “mother of all data lodes” for extremism researchers; WaPo; 9/25/2021
• T-Mobile has been hacked yet again -- but still doesn't know what was taken
  Data reportedly includes SSNs, driver license numbers,
  and more for 100 million people; Ars; 8/16/2021
• Update Your Snapchat Password Immediately
  Snapchat users are receiving repeated 2FA login alerts, and no one knows why; LH; 6/24/2021
• Mystery malware steals 26M passwords from 3M PCs Ars; 6/9/2021
• Ten Years Of Breaches In One Image
  Nearly 8 billion usernames have leaked since June 2011; Verge; 6/8/2021
• In epic hack, Signal developer turns the tables on forensics firm Cellebrite
  to infect investigators' computers; Ars; 4/21/2021
• No password required: Mobile carrier exposes data for millions of accounts
  Q Link Wireless made data available to anyone who knows a customer's phone number; Ars; 4/9/2021
• How to Check if Your Phone Number Is in the Huge Facebook Data Leak checker; Giz; 4/5/2021
• Reset Your Ubiquiti Passwords Right Now LH; 4/1/2021
• There's a vexing mystery surrounding the 0-day attacks on Exchange servers
  a half-dozen groups exploiting the same 0-days is unusual, if not unprecedented; Ars; 3/11/2021
• Microsoft's 'Crazy Huge Hack,' Explained Exchange Server; Giz; 3/8/2021
• Hackers Just Looted Passenger Data From Some of the World's Biggest Airlines
  SITA / Star Alliance; Giz; 3/5/2021
• How A Cybersecurity Firm Uncovered The Massive Computer Hack NPR; 12/21/2020
• More Hacking Attacks Found as Officials Warn of 'Grave Risk' to U.S. Government SolarWinds; NYT; 12/17/2020
• Spotify resets passwords after a security bug exposed users’ private account information
  over past 7 months, data exposed may have included email address, preferred display name,
  password, gender, and date of birth -- only to certain business partners of Spotify; TC; 12/10/2020
• A hacker is selling access to the email accounts of hundreds of C-level executives
  Office 365 and Microsoft accounts of CxO, President, Director, ...; ZD; 11/27/2020
• What to Do About the Data Leak That Hit 8 Major Hotel Booking Sites
  Agoda; Amadeus; Booking.com; Expedia; Hotels.com; Hotelbeds; Omnibees; Sabre; LH; 11/9/2020
• How to Know If You’ve Been Hacked, and What to Do About It Wired; 7/19/2020
• A Brazen Online Attack Targets V.I.P. Twitter Users in a Bitcoin Scam
  employees who had access to internal systems had their accounts compromised in a
  'coordinated social engineering attack'; NYT; 7/15/2020
• Should You Worry About MGM's Latest Data Breach?
  142 million MGM Resorts guests; LH; 7/14/2020
• Police Are Buying Access to Hacked Website Data MB; 7/8/2020
• The Worst Hacks and Breaches of 2020 So Far Wired; 7/3/2020
• How Have I Been Pwned became the keeper of the internet’s biggest data breaches
  10 billion+ breached accounts; TC; 7/3/2020
• Hacks Are Always Worse Than Reported: Nintendo's Breached Accounts Magically Double TD; 6/10/2020
• What to Do if Your Old LiveJournal Password Was Leaked LH; 5/28/2020
• EasyJet admits data of nine million hacked BBC; 5/19/2020
• GoDaddy Was Apparently Hacked Last Year, So Check Your Hosting Account Credentials Giz; 5/5/2020
• Nintendo account hack FAQ: What happened, who's at risk, and how you can secure your ID PC; 4/24/2020
• 10 Billion Wrecked Accounts Show Why You Need 'Have I Been Pwned' LH; 4/9/2020
• Marriott says 5.2 million guest records stolen in another data breach TC; 3/31/2020
• Dear Ashley Madison user. I know everything about you. Pay up or else.
  Emails threaten to publish intimate details unless members pay a hefty ransom; Ars; 2/1/2020
• Iranian hackers have been 'password spraying' the US grid
  State-sponsored group "Magnallium" has been probing US utilities for the past year; Ars; 1/12/2020
• Not so IDLE hands: FBI program offers companies data protection via deception
  FBI's IDLE program teases thieves with 'decoy data'; Ars; 12/20/2019
• It's Time to Secure Your Zynga Account LH; 12/19/2019
• T-Mobile says it suffered a data breach that affected over one million customers,
  exposing their names, billing addresses, phone numbers TC; 11/22/2019
• Hackers breached Macy’s website and hijacked customers’ payment info TNW; 11/19/2019
• 7.5 Million Adobe Accounts Exposed by Security Blunder Adobe Creative Cloud; Giz; 10/25/2019
• Whirlpool Left Appliance Data, User Emails Exposed Online TD; 10/25/2019
• Data Breach Warning For 200 Million Android And iOS Gamers Zynga: Words With Friends; 9/30/2019
• Hackers Stole Data on Nearly 5M DoorDash Users, Including Order History
  email address, phone numbers, driver's licenses, and more; TNS; 9/26/2019
• Capital One Data Breach Affects 100 Million; Woman Charged as Hacker NYT; 7/29/2019
• Slack is resetting passwords due to 2015 hack CNet; 7/18/2019
• Sprint says hackers had access to customers' names, billing,
  device details, and more via Samsung's website ZD; 7/16/2019
• Gen. Nakasone on US CyberCommand Defending Forward; .pdf; Joint Force Quarterly, #92; Q1/2019
• You have around 20 minutes to contain a Russian APT attack
  from initial foothold to full-on breach of your cyber-security defenses; North Korea and China a little longer; ZD; 2/19/2019
• Hacker Lexicon: What Is Credential Stuffing?
  attackers take a massive trove of usernames and passwords (often from a corporate megabreach) and try to "stuff"
  those credentials into the login page of other digital services. Because people often reuse the
  same username and password across multiple sites, attackers can often use one piece of credential info
  to unlock multiple accounts; Wired; 2/17/2019
• Marriott now lets you check if you’re a victim of the Starwood hack use checker at own risk; TC; 2/15/2019
• Hacker claims to have posted ~617M online account details stolen from
  16 hacked companies for sale on the dark web
  MyHeritage and 500px confirm stolen data; Reg; 2/11/2019
• A second, massive Collections leak of 2.2 billion email addresses probably has your information
  "Collections #2-#5" leak; PC; 1/31/2019
• [2] Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts 'SS7' attacks; MB; 1/31/2019
• Monster 773 million-record breach list contains plaintext passwords to be added to haveibeenpwned.com;
  widely circulated "Collection #1" was used in automated credential stuffing attacks; Ars; 1/17/2019
• [2] Some of the biggest web hosting sites were vulnerable to simple account takeover hacks
  Bluehost, DreamHost, Hostgator, OVH, iPage; via phishing links; TC; 1/14/2019
• Marriott Concedes 5 Million Passport Numbers Lost to Hackers Were Not Encrypted
  far easier for an intelligence service to track people who cross borders; NYT; 1/4/2019

Equifax, Credit Bureaus & Freezes

• The Secret Checking Account Reports You Should Be Monitoring LH; 7/22/2024
• The Difference Between a Credit Freeze and a Credit Lock (and When to Use Each) LH; 5/16/2024
• TransUnion Failed to Quickly Place or Remove Freezes on Credit Reports
  The Consumer Financial Protection Bureau accused the credit bureau, one of three major
  credit reporting agencies, of "lying to consumers." NYT; 10/27/2023
• Identity Thieves Bypassed Experian Security to View Credit Reports 1/9/2023
• How to Handle a Suspicious Inquiry in Your Credit Report LH; 10/7/2020
• Your Equifax settlement $125 isn’t coming, but banks get their $5.5M Ars; 5/19/2020
• Equifax Doesn't Want You to Get Your $125. Here's What You Can Do. NYT; 9/16/2019
• Equifax Claims Administrator says victims must provide more info to claim cash
  credit monitoring service you already have; Ars; 9/9/2019
• Credit Karma glitch exposed users to other people's accounts TC; 8/14/2019
• Equifax Cash Settlement Backtracking Leaves a Bad Taste TB; 8/5/2019
• The Nitty-Gritty of the Equifax Settlement It may take you a while to get your $125 (or less); Slate; 7/29/2019
• Equifax Claims May Not Get You $125 NYT; 7/29/2019
• You're Entitled to $125 or More in the Equifax Breach Settlement TB; 7/26/2019
• Equifax Data-Breach Settlement: Get Up to $20,000 If You Can Prove Harm NYT; 7/22/2019
• Equifax Is Finally Getting Kicked in the Money Bags Due to Its Disastrous 2017 Hack Giz; 5/23/2019
• Now wanted by big credit bureaus like Equifax: Your alternative data
  e.g., phone and electric bills, rent, and payments to many types of credit providers such as payday lenders,
  rent-to-own stores, and online personal lenders; 4/6/2019
• MyEquifax.com is yet another security disaster
  need to provide SSN and DOB, but they were leaked earlier; TC; 3/8/2019
• The great Equifax mystery: 17 months later, the stolen data has never been found
  not on dark web; experts are starting to suspect a spy recruitment scheme; CNBC; 2/13/2019
• Year of Free Credit Report Monitoring Is Ending. Here's What to Do Now.
  switch to free credit freeze instead of lock; NYT; 1/11/2019

Face

• A Face Search Engine Anyone Can Use Is Alarmingly Accurate
  PimEyes, $30/mo.; NYT; 6/26/2022
• Are ‘10-Year Challenge’ Photos a Boon to Facebook’s Facial Recognition Technology? NYT; 1/19/2019

Financial

• IRS to adopt Login.gov as user authentication tool 2/22/2022
• IRS says taxpayers wanting to access their accounts online will not be subjected to facial recognition if they choose to ID themselves in "a virtual interview" NYT; 2/21/2022
• To Get the Most From Social Security, Log On
  a variety of online tools can guide retirees looking to make the most of this benefit; NYT; 1/28/2021
• Hacker Tricked Robinhood Support Into Revealing Data Of 5 Million Users TD; 11/15/2021
• Robinhood Hack Compromises Millions of Customer Email Addresses and Names Giz; 11/8/2021
• Use This IRS Security Tool to Protect Yourself From Refund Fraud
  Identity Protection PIN Opt-In Program; info; Giz; 12/4/2020
• Some Robinhood users say someone sold their investments and withdrew funds;
  Robinhood says users' personal email accounts were compromised, not its systems BB; 10/9/2020
• How Not to Become a Victim of Social Security Fraud Calls NYT; 3/6/2020
• Intuit Is Buying Credit Karma. Should You Cancel Your Account?
  effect on Equifax settlement? other options; NYT; 2/28/2020
• Why the IRS Wants You to Do Your Taxes Early protect your identity and prevent tax refund fraud; LH; 2/4/2020
• Database exposes names of risky potential bank customers
  Convicted criminals and people susceptible to extortion are named in a LexisNexis database; CNet; 12/13/2019
• Google will offer checking accounts, says it won’t sell the data Ars; 11/13/2019
• For Big Banks, It's an Endless Fight With Hackers Capital One, and others; NYT; 7/30/2019
• Credit Scores Could Soon Get Even Creepier and More Biased
  based on AI and non-traditional data such as your social media profile; MB; 6/13/2019
• 885 Million Records Reportedly Leaked Online: Bank Transactions, Social Security Numbers,
  and More First American Financial (title insurance); Giz; 5/24/2019
• Why Rewards for Loyal Spenders Are ‘a Honey Pot for Hackers'
  collect vast amounts of personal data, are easy to join and often have flimsy passwords; impersonate customers,
  breach loyalty profiles and then tap into separate accounts; deplete balances or sell points on dark web marketplaces; NYT; 5/11/2019
• Stolen Credit Card Numbers Are Now Worth About $15 Each Online
  chip cards were supposed to cut down on fraud. They may have just shifted it online; Slate; 5/8/2019
• Mystery data breach reportedly exposes 80 million names, addresses, and income info in U.S.
  from an insurance, healthcare, or mortgage company? PC; 4/29/2019
• Checking on Social Security Estimates Is a Good Idea, but Many People Don't Do It
  shift from paper; NYT; 4/12/2019
• A.I. Is Changing Insurance Some technologies are better left in the laboratory; NYT; 4/10/2019
• Personal Data of 2.3 Million Disaster Victims Was Released by FEMA, Report Says NYT; 3/22/2019
• How to Outsmart the Most Common Money Scams hang up the phone; prevent credit card fraud; LH; 3/1/2019

Health

• HowStuffWorks: Will your electronic medical record be safe?
• I'm Worried About My Dad's Heart. So We Got Him an Apple Watch CNet; 12/23/2022
• How to protect your privacy when using mental health care apps NPR; 7/18/2022
• In a Post-Roe World, the Future of Digital Privacy Looks Even Grimmer NYT; 7/13/2022
• 11 Online Privacy Tips for Getting an Abortion Giz; 5/6/2022
• How to Protect Your Digital Privacy if Roe v. Wade Falls Wired; 5/5/2022
• How to Carry Your Covid Health Data on a Smartphone
  add SMART Health Cards to Apple and Google wallet apps;
  save a photo; NYT; 12/1/2021
• The Garmin Ransomware Hack Is Horrifying
  fitness tracking companies are vulnerable troves of sensitive data and aren't taking your privacy seriously; MB; 7/28/2020
• Despite qualms from some experts, Google and Apple's exposure notification API
  enables the most privacy-respecting approach to contact tracing in history TD; 5/20/2020
• Emergency Surveillance During COVID-19 Crisis 3/20/2020
• Why is the healthcare industry still so bad at cybersecurity? Ars; 2/9/2020
• Inside Google's Quest for Millions of Medical Records WSJ; 1/11/2020
• A tweet gave a journalist a seizure. His case brings new meaning to the idea of 'online assault.'
  GIF that strobed violently across his computer screen, flashing a red, yellow and blue geometric pattern behind the words
  "YOU DESERVE A SEIZURE FOR YOUR POSTS"; WaPo; 12/16/2019
• What to Consider Before Trading Your Health Data for Cash NYT; 11/27/2019
• How to Lock Down Your Health and Fitness Data Wired; 11/17/2019
• Google: You can trust us with the medical data you didn’t know we already had
  Google has 50M people's medical records but won't merge them with other Google data; Ars; 11/13/2019
• Popular health websites in UK are sharing sensitive user data with dozens of companies
  including Google and Facebook along with data-brokers and adtech firms FT; 11/12/2019
• Anyone Can Look at Millions of Americans' Medical Images and Data, Report Finds
  187 servers in the U.S. that lacked passwords or basic security precautions; data from more than 16 million medical scans
  worldwide are available online; some scans include sensitive information such as names, birthdates, and in some cases,
  Social Security numbers; ProPublica; 9/17/2019
• When Apps Get Your Medical Data, Your Privacy May Go With It NYT; 9/3/2019
• These Hackers Made an App That Kills to Prove a Point Medtronic insulin pumps; Wired; 7/16/2019
• How to Protect Your DNA Data Before and After Taking an at-Home Test
  privacy policies; larger (more accountable) companies; NYT; 6/12/2019
• Researchers: 33 of 36 apps for depression or smoking cessation shared data
  with third-parties and 2 apps shared very sensitive info, like health diary entries
  Do I trust the person who made the app, and do I understand where this data is going? Verge; 4/20/2019
• Making Babies in the Year 2045 Huge pools of health data collected over the past generation
  allow you to pick many of your child's genetic traits. Are you comfortable with that? NYT; 4/10/2019
• Homeland Security warns of critical flaws in Medtronic defibrillators TC; 3/22/2019
• Health Apps Can Share Your Data Everywhere, New Study Shows MB; 3/21/2019
• Storing Health Records On Your Phone: Can Apple Live Up To Its Privacy Values? NPR; 2/27/2019

Home

• How Your Landlord Could Be Tracking You
  Key fobs and other smart-access technologies make it easier for us to get in and out of our homes
  -- but they're also a privacy hazard; NYT; 12/17/2019

Identity Theft

• Wikipedia: Identity Theft; credit freeze aka credit report freeze, a credit report lock down,
  a credit lock down, a credit lock or a security freeze; 'In the credit origination process, access to a credit report
  is critical for a lender to make a risk assessment. Because a credit freeze effectively stops any access to the credit report,
  it places a block in the process of issuing credit. Individuals who freeze their credit reports must therefore unfreeze
  their reports before they wish to apply for credit themselves'
• HowStuffWorks: How can I find out what information exists about me online?;
  How Identity Theft Works; Is there such a thing as a free credit report?
• HowStuffWorks: How can I erase my identity and start over?
• About: How To Remove Your Information from Public Websites
• OR: credit freeze, fraud alert; search data breaches
• Privacy Rights Clearinghouse: Consumer Guides
• Protect Yourself From Identity Theft AAA Via, pp 26-27 Nov/Dec 2020
• Should You Use a 'Dark Web Scan' to Protect Your Identity? LH; 10/23/2020
• Never Email Your Social Security Number, I Am Begging You LH; 7/1/2020
• 'Pure Hell for Victims' as Stimulus Programs Draw a Flood of Scammers
  criminals have used people’s Social Security numbers, home addresses and other personal information
  -- much of which was available online from past data breaches — to assume their identities and bilk them
  out of their stimulus checks and unemployment benefits; portal allows people to enter a new bank account
  address for the government to send them their money, but it requires only a few pieces of data for verification:
  a Social Security number, an address, a phone number and a date of birth; NYT; 4/23/2020
• Scam Awareness Soc. Sec. Admin.: Office of the Inspector General; 1/2020
• Scammers Look for Vulnerability, and Find It in Older People NYT; 9/22/2019
• What is a “Dark Web Scan” and Should You Use One? 3/26/2019
• How Do Scammers Know So Much About Me?
  they're good sleuths, but too often we give our data away; AARP; 1/9/2019

Location

• US Military Is Buying Location Data From Data Brokers,
  Including Data Pulled From US App Users TD; 11/20/2020
• Six Reasons Why Google Maps Is the Creepiest App On Your Phone
  1. Google Maps Wants Your Search History
  2. Google Maps Limits Its Features If You Don't Share Your Search History
  3. Google Maps Can Snitch On You
  4. Google Maps Wants to Know Your Habits
  5. Google Maps Doesn't Like It When You're Offline
  6. Google Makes It Seem Like This Is All for Your Own Good;
  Vice; 11/12/2020
• The Best Privacy-Friendly Alternatives to Google Maps
  easiest to use and most up to date -- use privacy settings; OpenStreetMap; OsmAnd; Apple Maps; Here; Wired; 9/11/2020
• How Your Phone Is Used to Track You, and What You Can Do About It NYT; 8/19/2020
• IRS Used Cellphone Location Data to Try to Find Suspects
  the unsuccessful effort shows how anonymized information sold by marketers is increasingly being used
  by law enforcement to identify suspects; WSJ; 6/19/2020
• Leaked dataset from a location data company reveals a log of the movements of
  12M+ Americans with 50B location pings across major cities between 2016 and 2017 NYT; 12/19/2019
• How to Set Your Google Data to Self-Destruct
  option to set search and location data to automatically disappear after a certain time; NYT; 10/2/2019
• Why It's So Easy for a Bounty Hunter to Find You wireless carriers selling location data; NYT; 4/2/2019
• Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom
  Into Giving Them Cell Phone Location Data MB; 3/12/2019
• Russia Votes to Ban Smartphone Use by Military, Trying to Hide Digital Traces
  social media revealed actions the Kremlin wanted to keep secret, e.g., in Ukraine, Syria; NYT; 2/19/2019
• Police departments are using 'reverse location search warrants' to force Google
  to hand over data on anyone near a crime scene Slate; 2/19/2019
• What A-GPS Data Is (and Why Wireless Carriers Most Definitely Shouldn’t Be Selling It)
  'assisted GPS' data is intended for first responders answering 911 calls; MB; 2/7/2019
• Big Telecom Sold Highly Sensitive Customer GPS Data Typically Used for 911 Calls
  ~250 bounty hunters and related businesses had access to AT&T, T-Mobile, and Sprint customer location data; MB; 2/6/2019
• ‘Businesses Will Not Be Able to Hide’: Spy Satellites May Give Edge From Above NYT; 1/24/2019

Vehicles

• HowStuffWorks: How can you use in-car Internet?
• Is Your Driving Being Secretly Scored?
  the insurance industry, hungry for insights into how people drive,
  has turned to automakers and smartphone apps like Life360; NYT; 6/9/2024
• We explore the apps that are quietly tracking drivers’ habits NYT; 6/9/2024
• Mozilla Says Modern Cars Are Data Collection Nightmares on Wheels TB; 9/7/2023
• Carmakers Strive to Stay Ahead of Hackers NYT; 3/18/2021
• Insecure wheels: Police turn to car data to destroy suspects' alibis NBC; 12/29/2020
• This Company Built a Private Surveillance Network. We Tracked Someone With It
  9 billion license plate scans accessible by private investigators; MB; 9/17/2019
• DMVs Are Selling Your Data to Private Investigators MB; 9/6/2019
• Your Car Knows When You Gain Weight NYT; 5/20/2019
• There Are Probably Cameras on Your Flight but Relax, They're Not On (Yet); NYT; 4/2/2019
• Locking More Than the Doors as Cars Become Computers on Wheels
  Concern that cars could be seriously hacked -- by criminals, terrorists or even rogue governments --
  has prompted a new round of security efforts on the part of the auto industry; NYT; 3/7/2019
• Singapore Airlines and American Airlines confirm that some seat screens have embedded cameras
  but say they are disabled, after a photo of one goes viral; BF; 2/21/2019
• Where automotive cybersecurity is headed in 2019 TNW; 2/10/2019

Voting

• Internet Voting still insecure
• Voting Security Has Come A Long Way Since 2016 — But Vulnerabilities Remain NPR; 11/3/2020
• Election 2020: a primer on how hackers are targeting the election
  and what officials are doing to protect it CNet; 10/27/2020
• 12 Cyber Threats That Could Wreak Havoc on the Election
  Attacks on Data, Access, and Availability:
  1. Ransomware
  2. Advance Voter Data Manipulation
  3. Day-of Vote Interruption
  4. Actual Vote Manipulation
  5. Messing With Reporting
  6. Distributed Denial-of-Service Attacks
  7. Infrastructure Attacks
  Information Operations:
  8. Hack-and-Dump
  9. Misleading Voting Information
  10. Voter-Targeted Disinformation
  11. Social Media Threats
  12. The Tweeter-in-Chief; Wired; 10/22/2020
• Ransomware Attacks Take On New Urgency Ahead of Vote NYT; 9/27/2020
• Don't Trust Facebook for Voting Information LH; 7/20/2020
• Amid Pandemic and Upheaval, New Cyber Risks to the Presidential Election NYT; 6/7/2020
• Q&A: Eugene Spafford on the Risks of Internet Voting 6/5/2020
• Putin Is Well on His Way to Stealing the Next Election Atl; 6/2020
• A Mobile Voting App That's Already in Use Is Filled With Critical Security Flaws Voatz; MB; 3/13/2020
• Despite Cybersecurity Risks And Last-Minute Changes, The 2020 Census Goes Online NPR; 3/2/2020
• 1 Simple Step Could Help Election Security. Governments Aren't Doing It using .gov domain; NPR; 1/29/2020
• 2020 Political Campaigns Are Trying To Avoid A 2016-Style Hack NPR; 1/28/2020
• New election systems use vulnerable software
  vast majority of 10,000 election jurisdictions nationwide use Windows 7 or an older operating system to create ballots,
  program voting machines, tally votes and report counts; lack of federal requirements or oversight; AP; 7/13/2019
• Hacking, Glitches, Disinformation: Why Experts Are Worried About the 2020 Census NYT; 7/3/2019

---