Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
tcgv 3 hours ago

My full name, phone number, and address were leaked by TAP Air Portugal about five years ago, along with the details of my parents who were on the same booking. Since then, my dad has been targeted by those types of scams where a fraudster impersonates me to ask for money.

I never received a notification from TAP; I only found out a year later through my Google One security feature. I certainly didn't get an apology—much less a free travel ticket!

Brybry 2 hours ago | parent | next [-]

The world of today is so weird sometimes.

When I was a kid most adults' full name, phone number, and address were available for free in the phone book.

Macha an hour ago | parent [-]

If the scam success rate is 0.1%, and it takes days to comb a phone book and put together a list of potential relationships and takes a human 10 minutes per phone call, the economics of scamming works out a lot less profitable than importing a data leak and emailing or robocalling everyone in the list.

ghm2180 2 hours ago | parent | prev | next [-]

I do use an email alias everywhere. But I don't believe you can do the same with phone numbers. I tried using my twilio rented number and there is a way systems use to figure out if that is a real number for a person or a VoIP one. Though it is sometimes successful in use for signups and hence spam reduction.

Scoundreller 2 hours ago | parent [-]

Could set up 6 digit long extensions and only ever issue a few hundred of them in total.

Guess wrong 3x and goodbye.

Can also set some/most/all to go to voicemail so they can get in touch with you, but not really.

Or blackhole the invalid extensions to /dev/null voicemail but then you run the risk of legit misdials and you never get some important message.

The real vs “fake” number issue could be worked around by having your cell phone provider forward all calls to your VoIP number. It’s baked into gsm, don’t need a phone after initial setup: https://www.geckobeach.com/cellular/secrets/gsmcodes.php

tiagod 3 hours ago | parent | prev | next [-]

That TAP data was leaked on a tor hidden service, in multiple files, and download was extremely slow on the days following the leak. One of the files was much smaller, and my friend had the bad luck to have his data in that one.

His phone was spammed so incessantly he had to change his number almost immediately.

VadimPR 3 hours ago | parent | prev | next [-]

I'm dissatisfied about the TAP leak as well! I was affected, and like you, didn't even receive a notification - nevermind compensation for having leaked my personal data to the dark web enabling all sorts of shenanigans that make my personal life difficult.

nunobrito 2 hours ago | parent [-]

About 2 million portuguese there. Basically all active portuguese adults that have enough financial conditions to travel by airplane.

It was a fantastic leak, based from an excel file asked by a marketing department which forgot it inside a shared folder on the hacked (private) server. There was far more info there than just that, also included the details of employees and more interesting if they were on medical leave.

Curiously enough many of those employees were family members from politicians and well-known people. Some of those in long term sick leave were receiving a monthly salary while conducting live shows on festivals during the summer.

Nothing happened on the news. They all went silent about this case.

lostlogin 2 hours ago | parent [-]

It’s scams all the way down.

lostlogin 2 hours ago | parent | prev [-]

> I never received a notification from TAP

They have been reporting millions in profits despite rising costs. What you propose would further elevate costs. Shareholders don’t want that.