Why does this keep on happening?

Amazon C6bxxT
Jun 25 66 Comments

Why can't these cellphone companies keep our data safe? I just don't get it sometimes...Also, read so many and I mean sooooooo many articles about these companies combating robocalls and have not seen a difference at all. Get it together!

https://techcrunch.com/2019/06/24/hackers-cell-networks-call-records-theft/

comments

Want to comment? LOG IN or SIGN UP
TOP 66 Comments
  • Facebook aKfGi5
    They've already sold the data...that's why
    Jun 26 20
    • Facebook ExPo20
      Ok, Lol
      Jun 28
    • Oracle / Eng realcIay
      "PhD in building tech for unprivileged kids" - this enough for me to conclude that this person is gonna be virtue signaling piece of shit.
      Jun 30
    • Facebook ExPo20
      And I just realized that oracle and apple rhymes too. Probably the only time those two will show up in the same sentence. 😂
      Jun 30
    • Salesforce Usbj01
      Dick move by oracle dude. No contributions to the topic, pure trolling like a jackass.
      Jun 30
    • Facebook ExPo20
      Lol yea he is a presumptuous mofo but I just thot he's just stressed about layoffs. 😂
      Jun 30
  • Wayfair K1ZinB
    I don't get it either...Why is it so hard?
    Jun 26 3
    • Facebook / Eng
      bustycoder

      Facebook Eng

      PRE
      Facebook
      bustycodermore
      That's what she said
      Jun 26
    • LinkedIn M3gadeth
      Probably because it's lots of age old tech consisting of mountains of tech debt
      Jun 27
    • Microsoft BigWave
      Because deep down they really don’t want to try. You think a billion dollar company can’t find resources to keep this in check? No, their bottom line will hurt if they actually put real effort. Nothing is impossible, they just don’t have the motivation to do it.
      Jun 27
  • Intel / Eng Samaritan
    “Gotta feel kind of bad for nation-state hackers who spend years implanting and cultivating some hardware exploit, only to discover the entire target database is already exposed to anyone with a web browser.”
    Jun 26 0
  • Microsoft CykaBlyat
    Because a company has no incentive to do more than the absolute bare minimum with respect to security. Any fines or penalties they pay (if any at all) are peanuts compared to the cost of actually caring about security, and so few consumers care that the impact to their bottom line is negligible.

    Same with the financial industry repeatedly and intentionally committing massive fraud. The fines are a joke, dwarfed by the money they make through their crimes, so why not?

    Nobody ever goes to jail. No penalty of consequence is ever imposed. Hence there's no incentive for them to care.
    Jun 26 10
    • Capital One
      Drake

      Capital One

      BIO
      Nothing was the same.
      Drakemore
      How does the financial industry commit fraud? Are you talking about how loosely they protect your credit card information etc.?
      Jun 27
    • Microsoft CykaBlyat
      Is "how does the financial industry commit fraud" a serious question?

      Wells Fargo Account Fraud scandal
      The whole Bernie Madoff thing
      HSBC Money Laundering and Tax Evasion
      LIBOR Rate Manipulation
      UBS Tax Evasion Scandal
      Drug Cartel Money Laundering
      JPMorgan Chase London Trade Fraud
      Subprime Mortgage Crisis
      Municipal Bond Market Fraud
      FOREX Market Rigging
      Gold and Silver Market Price Collusion
      Panama Papers Scandal
      So many more...

      Like, seriously? I realize you work for Capital One so you feel like you've gotta protect your industry, but holy fucking shit, have you seriously just not been paying attention at all for the past, uh, 20 years?
      Jun 28
    • Capital One
      Drake

      Capital One

      BIO
      Nothing was the same.
      Drakemore
      Does it make you feel like a bigger person when you try to diminish others? Just because I work for a bank now I'm expected to know the past 20 years?
      Jun 28
    • Microsoft CykaBlyat
      No... that wasn't my goal at all. I'm sorry if it came across that way. I just can't fathom someone being completely unaware of any of the things I listed.

      I don't think expecting people to have a general awareness of current and recent events, especially as it relates to their industry, is unreasonable... do you?
      Jun 28
    • Capital One
      Drake

      Capital One

      BIO
      Nothing was the same.
      Drakemore
      General awareness isn't a list of specific events in the past 20 years. I asked because I didn't know. If people are made to feel stupid when they ask a question, they won't ask anymore and will just avoid the subject. No hard feelings.
      Jun 28
  • Microsoft / Eng isphere
    I’m getting the “Scam Likely” calls quite often. They seem to predict robocall fine. Just cannot block it all together somehow
    Jun 26 3
    • Microsoft oro
      Well it is interesting because of they are able to detect "Scam Likely" well just block it
      Jun 26
    • AT&T / Sales ef4515
      The problem is, that sometimes the network can assume that the call might be a Scam when it’s not.

      I go to Concordia University and before I saved the number on my phone, it would show as “Spam Alert” every time they called.
      Jun 26
  • Facebook Sffffft
    None of your info is truly safe. Lol Govern yourself accordingly.
    Jun 26 1
  • DigitalOcean / Eng howdoyouDO
    It's all about incentives. If there was a way to make them feel the cost of those breaches in their bottom line, their security would have become top-notch in no time. Same with CRAs -- they have one data breach after another, but it's not like their customers can leave to their competitors.
    Have you ever asked yourself why the websites of all medical insurance companies look straight out of the 90s, and don't work half of the time? Again, incentives. Their customers are locked into their medical insurance through their employer. Nobody changes employers because they can't download an EOB.
    Jun 26 0
  • Entrust Datacard notsomuch
    Privacy is dead in the US. Killed by a society that would sell it for a small saving on their grocery bill, or to see that meme. This started almost two decades ago, at least - I was there, I worked for a company that was a pioneer in the loyalty card market.

    It was frightening what they were doing with that data even then. Even more, it was frightening how quickly it accelerated.
    Jun 26 2
    • New galo
      Yeah the delta between the privacy people think they have and what they actually have is bigger than Godzilla. This thread shows that even tech workers are clueless AF.
      Jun 26
    • Facebook 5’6 Indian
      Tell us more
      Jun 27
  • Bandwidth Pynchon
    Blame the government for requiring carriers to keep CDR data for so long for their surveillance purposes.
    Jun 26 0
  • Amazon eldorodo
    I blame the old guard slow moving mental model they generally have.
    Jun 26 0
  • Accenture awfdjeif
    so they have the CDR metadata of my number. what are they going to do with it? snoop on my daily stand up calls? :p
    Jun 26 4
    • Microsoft / Eng isphere
      Maybe not specific to you, but: gather info about your communication network, perform a social engineering attack into your parents, find your banks by the call trace, know your employer... expand on the initial info into an attack on something material
      Jun 26
    • Accenture awfdjeif
      the article said targeted individuals. so they know who owns the number, then collect CDR data from a hacked source and not straight from the database.

      i've worked on one of these telcos and 7days worth of CDR data is ~800TB for LTE and with 5G it could be even more (stored in oracle exadata). they just age out this raw metadata and not keep history of it because it's just too big
      Jun 26
    • Avanade / Consultant MohyCS
      Since you’re part of Accenture, you know that maintaining your client’s privacy during those calls is crucial. But hey Accenture is just a body shop so who cares. Ironically enough one of our major clients is a popular American cell phone service provider.
      Jun 28
    • Accenture qwes
      you mean us? as body shops?
      Jun 28
  • Uber
    hsihxum

    Uber

    PRE
    Startup Shell
    hsihxummore
    Just don’t disconnect “Scam Likely” calls and after some time their algorithm with train itself to skip calling you as you’ll be wasting more robo spam call time than an average person.
    Jun 27 0
  • Microsoft / Eng DeviousOps
    Data don't leave servers on their own... This will keep happening as long as humans have access to the data...

    BTW operators are obliged to be able to provide information about the users if ordered by authorities... So someone has access... So you shall consider your data sold...
    Jun 27 0
  • Microsoft !=l33tc0d3
    Ss7 is weak and insecure
    Jun 27 0
  • Microsoft Nudibranch
    Assume breach. Any other expectation is delusional.
    Jun 26 0
  • Microsoft aCCX36
    Hiya is a startup in this space .. grew to 50 million MAU in 3 years.
    Jun 26 0
  • ConocoPhillips 77️⃣7
    You should start a privacy focused cellular company
    Jun 26 0
  • Microsoft / Other hammered
    I don't seem to have an issue. 🤷🏿‍♂️
    Jun 26 0
  • ADP / Ops
    sammy23

    ADP Ops

    PRE
    Verizon
    sammy23more
    When breaches like this happen, the FCC does actually fine the carriers. Even when cell sites are down for an extended period of time, it must be reported to the FCC, because people could literally die if they can’t call 911.
    Jun 29 1
    • Oracle / Eng bareback
      Looks like those fines are tiny
      Jun 30
  • AT&T / Eng
    DDM2K

    AT&T Eng

    PRE
    Optum, Windstream, AT&T, Verizon
    DDM2Kmore
    Come on Amazon... be that 4th carrier so T-Mobile and Sprint can merge...
    Jul 1 0