| ▲ | dspillett 2 hours ago | |
> in Argentina all this info is assumed to be public Same here. You can probably can find my address and phone numbers fairly easily from my name by a number of methods. That doesn't mean it isn't bad when an organisation spews out, or allows to be sucked out, huge numbers of people's data. With a leak like this it is practical to try scam everyone the list, searching for each person's details individually, and having to enumerate those people in the first place⁰, would mean no such attack would scale in a way to make it worthwhile bothering¹. -------- [0] This seems strange when you first think it, but: the most important thing being on such a list says about you, is that you are a real existing person, whose identity could be exploited somehow. That fact is what makes any other information valuable. [1] except for high-worth targets, which is why spear-phishing is a thing | ||
| ▲ | gus_massa 2 hours ago | parent [-] | |
> That doesn't mean it isn't bad when an organisation spews out, or allows to be sucked out, huge numbers of people's data. I completely agree. | ||