back to article First they came for Equifax and we did nothing because America. Now they are coming for back-end systems and we're...

A company that develops and supports software for handling consumer reports and background checks says it was hacked by a miscreant who made off with thousands of people's information. Imag-I-Nation Technologies (not to be confused with the graphics chip designer of the same name) said that in November of last year, someone …

  1. JimmyPage Silver badge
    FAIL

    Imag-I-Nation Technologies

    Personally I wouldn't have trusted them with a name like that to start with.

  2. Anonymous Coward
    Anonymous Coward

    Codswallop

    "We have also reviewed our internal data management and protocols and have implemented enhanced security measures to help prevent this type of incident from recurring."

    Show me your last review, the one before that and the one prior to that too. Don't have them? then these security measures will be worthless in 12 months anyway, what's the point?

    1. Captain Scarlet Silver badge
      Childcatcher

      Re: Codswallop

      Its to prevent the PHB being from being fired and so Marketting has something to go with their "We care about you" statements

    2. ecofeco Silver badge

      Re: Codswallop

      Every place I have ever worked has so busy putting out fires from understaffed and underfunded systems that reviews of any kind simply do not get done.

      I have yet to work anywhere that is different.

      1. Anonymous Coward
        Anonymous Coward

        Re: Codswallop

        Mine is different, we have the staff but they aren't in protected posts, they have to cover tons of other non-information/cyber security related matters which could all be done by someone earning far less. But that would cost money, so to hell with that let's just have lower standards..

  3. DaLo

    "...it was not aware of anyone selling or misusing the pilfered information"

    Well they didn't notice someone breaching their system so the chance of them 'being aware' of anything is slim. It's quite galling when this line is trotted out, as though them being aware makes any difference whatsoever to whether someone is at risk of their information being abused. You can assume that if someone went to the trouble of hacking their systems and gaining some extremely valuable data then it already has been misused and it is likely to be misused further - why wouldn't it.

    Completely meaningless.

    1. Mark 85

      Isn't this the normal mode of operation? Breech, "oops" statement, followed by weasel words of care and concern?

  4. Anonymous Coward
    Anonymous Coward

    Blackface?

    I suspect this story's picture will soon be in the trash pile these days. You can't show this in America.

    1. Anonymous Coward
      Anonymous Coward

      Re: Blackface?

      Stick in a picture of a Suffolk, or a Scottish blackface, let the axe grinders come up with a solution to those sheep's wanton cultural appropriation.

      1. Version 1.0 Silver badge

        Re: Blackface?

        It's just America chewing its own backside - they are just nuts these days ...

    2. PacketPusher
      Unhappy

      Re: Blackface?

      I really wish I could laugh at this, but I saw an article last week about the chimney sweep scene in Mary Poppins being racist blackface because of the theatrical soot on their faces.

      1. Gene Cash Silver badge

        Re: Blackface?

        Or offended by coal miners with real soot on their faces

        https://www.azcentral.com/story/opinion/op-ed/2019/01/28/downtown-phoenix-photo-men-soot-blackface/2683881002/

    3. BigBear

      Re: Blackface?

      That's not blackface — that's just a ski mask (to keep the face warm on a sub-zero [Fahrenheit] ski slope), like bank or jewelry store robbers sometimes wear to hide their identity. Sometimes they use a stocking, but stockings are not as effective and they probably reduce your vision considerably.

  5. Anonymous Coward
    Devil

    So they took almost three months to notify people involved?

    It took so long to delete any evidence that could put the full blame on them?

    1. Doctor Syntax Silver badge

      Re: So they took almost three months to notify people involved?

      Any of those people in the EU? Three months could be expensive.

    2. Jay Lenovo
      Facepalm

      Re: So they took almost three months to notify people involved?

      ...was accessed some time around November 1 and the intrusion was discovered and locked down on November 14.

      They locked themselves down the very day it was discovered, but the peoples' exposure and needed remediation couldn't be shared for 90 days.

      Your situation was never a priority, just the hassle of an overdue obituary.

  6. EnviableOne

    if you dont Know you've been hacked

    there in the walls

  7. Anonymous Coward
    Anonymous Coward

    So of those effected hands up if you remember signing anything with their name on it

    How did this company obtain the information they failed to secure, who certified that this company was competent to deal with personal data.

    Most banks and many others in the UK insist upon passing their customer's personal information to these credit report people even when no credit is involve

    Personally I would make the agency yyou passed the data to responsible for any losses and in the case of more than one company being involved then all must take the responsibility for "oops we did it again, expect some identity theft in the future"

  8. thexfile

    We do nothing because America.

    1. Aodhhan

      Really? Do you not read your own local news?

      American's understand you having an inferiority complex--giving you the need to bash something else to make you feel big and mighty (especially on the Internet); however, at least have the brains to think about it for 30 seconds beforehand... to keep your own shoe from flying towards your mouth.

  9. Anonymous Coward
    Anonymous Coward

    Sigh, add another year's free credit monitoring to my pile, lololololol, the credit monitoring companies fail the credit monitoring,lolololol - it's just so stupid,lolololo,stupid,lololol

  10. ecofeco Silver badge

    Nobody suspects!!

    The Spanish Inquisition!!

    Seriously, the number of large scale data breeches to date has become a Monty Python satire at this point.

    1. Anonymous Coward
      Stop

      TMI

      I don't want to hear about your breeches, unless perhaps they become relevant to a story like last week's Dabbs. What you choose to wear is your business.

  11. Phil Endecott

    Based out of North Carolina

    Does “Based out of North Carolina” mean that their office is in North Carolina, or not in North Carolina?

    If it’s base outside North Carolina, where is it? What has North Carolina got to do with anything?

  12. Kev99 Silver badge

    Idiot companies that use the internet to store proprietary and confidential. The bean counters seem to think the net is free and there are no other costs. And they won't admit a net is just a bunch of holes held together with string. They deserve whatever pain the courts hit them with.

  13. BigBear

    No fines or criminal penalties? Why is data online? Where's the outrage?

    After the innumerable such breaches, why aren't there large civil and painful criminal penalties for failure to adequately secure such data? There should be an expectation of "best practices" when dealing with such data. If you can't afford to do it, then you are in the wrong business.

    Why is the data even on the Internet continuously? The server on which the data resides could be kept offline except during periods when data transfers occur. All data on the server should be fully encrypted, not just hashed. The public should be outraged every time this happens. There's no longer any excuse.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like