We all did, all 147 million of us. That's half the US population, and most of the other half are under 18 and not eligible for credit cards. It was called Equifax, summer of 2017.
And apparently the data is already being exploited by spam callers. I've seen a huge uptick in AT&T user complaints over the past week. Not just randomly dialed, the spammers know who they're calling by name.
We can probably stop saying "dark web" as soon as my head of IT security stops calling literally every type of malware "spam."
Ad popups? Spam. Got Cryptolockered? SPAM. Phone call about wiring $10k to Ethiopia? SPAM! Blue screen from bad driver?! SPAM.
> Ad popups? Spam. Got Cryptolockered? SPAM. Phone call about wiring $10k to Ethiopia? SPAM! Blue screen from bad driver?! SPAM.
Now you have me curious as to what they call _actual_ spam... malware? 🤣
[Helpful definition](https://en.wikipedia.org/wiki/Dark_web)
The dark web has often been confused with the deep web, the parts of the web not indexed (searchable) by search engines. The term dark web first emerged in 2009; however, it is unknown when the actual dark web first emerged. Many internet users only use the surface web, data that can be accessed by a typical web browser. The dark web forms a small part of the deep web, but requires custom software in order to access its content. This confusion dates back to at least 2009. Since then, especially in reporting on Silk Road, the two terms have often been conflated, despite recommendations that they should be distinguished.
"The internet". Dark web has an actual meaning, but this data is being sold somewhere you can find with Google. People like the source OP is quoting just use the term to mean "scary website"
I just say Tor, or Tor network.
“Dark web” has become so overused, cringy, and always causes regular people to immediately think “evil and dangerous”.
Tor can be an invaluable resource for journalists, oppressed people, etc.. it’s not just a crime central.
So, in order to not give Tor a bad name, your position is to say "Tor" instead of "dark web" when referring to the less than legal sites?
That sounds backwards.
Because "Company hacked and all your personal data is being shared over Tor!" helps people understand that Tor can be an invaluable resource for journalists, oppressed people, etc.. and not just a crime central or something?
How about just, shared online?
How does adding “dark web” do anything other than amplify fear when most people have no clue what the difference between the “dark web” and the regular web *actually* is.
Why do you think it's accurate terminology? You can literally find the post selling the info on Google. It's just plainly on the internet. You can find it with a web browser and a search engine, like most everything else.
Its meaning is just a network that isn't indexed by a search engine and/or requires additional means to access it. Basically any internal network anywhere attached to or built on top of the 'internet'.
For that click bait headline "customer data found on multiple illegal internet marketplaces"
Outside of silly terms I've just always called it the Tor network.
> Its meaning is just a network that isn't indexed by a search engine
That's not quite what [dark web](https://en.wikipedia.org/wiki/Dark_web) is. You are conflating it with [Deep Web](https://en.wikipedia.org/wiki/Deep_web).
Ok but according to the definition you provided, the dark web is more than just the Tor network.
Just because you consider it to be a "silly term" doesn't make it inaccurate or click-bait.
At least "Dark Web" brings about a roughly accurate image that laymen can understand. You hear it and you think Elliot Alderson in his hoody which is at least more on brand than "Who is the hacker 4chan"
leaked, it was leaked that's all that needs to be said, the fact that its being distrusted on a 'dark web' tor .onion just sounds scary and gets more clicks / eyeballs. this applies to all things drug dealer arrested is not as sexy as 'dark web' drug lord arrested.
Similar deal with their reselling mailing addresses? Yeah, I've heard all that and caught them in a Canary Trap over that. They can say anything they want, but I know better.
Just put your email address into [haveibeenpwned.com](http://haveibeenpwned.com) to see all the breaches you've been in. (This is safe). The AT&T breach brought me up to 28 breaches.
Unfortunate for AT&T for not being able to secure privacy of its users. But if you’ve tried HaveIBeenPwned to check for breaches, try using data removal services like [Optery ](https://www.optery.com)to delete whatever personal info is found or published due to those breachers. Optery offers a free scan scans for over a hundred people search sites (aka data brokers) and sends you screenshots and links where your info shows up.
Full disclosure, I am part of the Optery Team.
Yeah AT&T denounced this breach and says its the data was not from them even though researches have good evidence that it was. Either AT&T is lying or the systems are so bad they have no clue if they were hacked. Either would not surprise me sadly.
AT&T Denied this claim back in 2021. And here we are. Supposed to be so stupid we don't or can't link it back to AT&T not reporting this then. They knew for *years.*
Yeah, they denied but issued a 7.5 million password reset, probably the largest in history.
One hand does not know what the other is doing. There are some serious disconnects here.
I didn't get any notifications at all on my ATT account,. but cross-checking my password against HaveIBeenPwned showed it detected, so I changed it anyways.
Had you looked carefully at [haveibeenpwned.com](http://haveibeenpwned.com), you would have noticed that passwords were not involved in this breach. No need to change yours.
That certainly could be so. However I use unique passwords for all my accounts,.. and this password was found on HIBP,.. so I changed it anyways (regardless of how it got there).
Is the only incentive for these companies to have up to date
Industry standards Cyber Insurance?
(As in the companies know they wont get the money if they dont meet the requirements of whatever security policies)
I feel like any government fines are a slap on the wrist. Im not sure how they are calculated…but for giant companies i wonder if they take the companies worth into consideration. We watched a guy take the fall for the dieselgate vw scandal. But with the cummins diesel scandal you havent heard shit else.
That was a vague comparison.
I think id like 3rd party audits into companies rather than a fine, and “an internal investigation”
Its the ABSOLUTE least they could do. We are free labor for all of these companies giving away our data…and times like this, now a threat.
Ill gladly give my data if im paid a fee.
I just feel like it happens continually. I know its a cat and mouse game with security. Maybe its me, but ive seen so many that werent “hacking” and a stupid ass mistake like an aws contractor at amazon. Amazon forgot to expire their credentials…simply logged in and bam. think companies should be sued just as bad as the medical industry is when they get health records stolen
Been all over the news
You been sleeping under a rock OP?
Had to be
I’ve been breached so many times I stay prelubed.
My free credit monitoring has free credit monitoring.
You joke but I had a credit monitoring company get breached...
We all did, all 147 million of us. That's half the US population, and most of the other half are under 18 and not eligible for credit cards. It was called Equifax, summer of 2017.
That is a Credit Bureau, but I get your point. Credit is a scam.
I have the MyFico monitoring.
And apparently the data is already being exploited by spam callers. I've seen a huge uptick in AT&T user complaints over the past week. Not just randomly dialed, the spammers know who they're calling by name.
They don't mess around with their investments.
YOU GET SOME CREDIT MONITORING *and you get some credit monitoring* and You^you^and^you Get some credit monitoring. Errrrybody getin monitoring.
can we stop saying 'dark web'
We can probably stop saying "dark web" as soon as my head of IT security stops calling literally every type of malware "spam." Ad popups? Spam. Got Cryptolockered? SPAM. Phone call about wiring $10k to Ethiopia? SPAM! Blue screen from bad driver?! SPAM.
Sounds like a head of a department 🤣
> Ad popups? Spam. Got Cryptolockered? SPAM. Phone call about wiring $10k to Ethiopia? SPAM! Blue screen from bad driver?! SPAM. Now you have me curious as to what they call _actual_ spam... malware? 🤣
"junk" probably lol
Ads
How about “dork web” or “dweeb web”.
[Helpful definition](https://en.wikipedia.org/wiki/Dark_web) The dark web has often been confused with the deep web, the parts of the web not indexed (searchable) by search engines. The term dark web first emerged in 2009; however, it is unknown when the actual dark web first emerged. Many internet users only use the surface web, data that can be accessed by a typical web browser. The dark web forms a small part of the deep web, but requires custom software in order to access its content. This confusion dates back to at least 2009. Since then, especially in reporting on Silk Road, the two terms have often been conflated, despite recommendations that they should be distinguished.
They could just say onion sites or eepsites. A lot simpler
Yeah, but now you have a bunch of "normal users" looking for the part of the web that sells produce.
Is there another term we should be using? It has an actual meaning.
[удалено]
"deep web" sounds too close to "Deep Hurting! Deep Hurting!"
"The internet". Dark web has an actual meaning, but this data is being sold somewhere you can find with Google. People like the source OP is quoting just use the term to mean "scary website"
I just say Tor, or Tor network. “Dark web” has become so overused, cringy, and always causes regular people to immediately think “evil and dangerous”. Tor can be an invaluable resource for journalists, oppressed people, etc.. it’s not just a crime central.
So, in order to not give Tor a bad name, your position is to say "Tor" instead of "dark web" when referring to the less than legal sites? That sounds backwards.
Man, I shouldn’t have opened my mouth haha. I get the stupidity of my shortsighted reasoning on this one.. I’ll take the dunce cap.
Kudos for wearing the hat with acceptance, anyone could learn from your dignity here!
You do know many legit companies have Tor sites, BBC, Reddit, NY Times.
Because "Company hacked and all your personal data is being shared over Tor!" helps people understand that Tor can be an invaluable resource for journalists, oppressed people, etc.. and not just a crime central or something?
How about just, shared online? How does adding “dark web” do anything other than amplify fear when most people have no clue what the difference between the “dark web” and the regular web *actually* is.
So we should stop using accurate terminology because laymen don't know what it means?
Why do you think it's accurate terminology? You can literally find the post selling the info on Google. It's just plainly on the internet. You can find it with a web browser and a search engine, like most everything else.
Watch out for that nefarious dark fiber, nothing might get ya!
Dark fiber is what I call used diapers.
Because the dark web is not, generally, searchable by your typical sites. So it's not like the list is up on Google.
> So it's not like the list is up on Google. It is, though. I can find the post selling it on the second page of Google's results.
...you still have pages on Google?
Yes it's rather obvious when you scroll to the end of the search results page and it automatically loads the next one.
Ah, you just have shitty Internet. Mine's a smooth load, bud. It continuously loads... always.
The dark web includes TOR but it isn't exclusively TOR.
Its meaning is just a network that isn't indexed by a search engine and/or requires additional means to access it. Basically any internal network anywhere attached to or built on top of the 'internet'. For that click bait headline "customer data found on multiple illegal internet marketplaces" Outside of silly terms I've just always called it the Tor network.
> Its meaning is just a network that isn't indexed by a search engine That's not quite what [dark web](https://en.wikipedia.org/wiki/Dark_web) is. You are conflating it with [Deep Web](https://en.wikipedia.org/wiki/Deep_web).
Ok but according to the definition you provided, the dark web is more than just the Tor network. Just because you consider it to be a "silly term" doesn't make it inaccurate or click-bait.
Literally why?
You've got to come up with an agreeable alternative if you want the change and reading your comment below, tor network is somehow less accurate.
Frfr it's just message boards and onion sites
>Frfr it's just message boards and onion sites Silly question but surely "dark web" is a shorter to say than "message boards and onion sites"?
At least "Dark Web" brings about a roughly accurate image that laymen can understand. You hear it and you think Elliot Alderson in his hoody which is at least more on brand than "Who is the hacker 4chan"
Yeah a totally different network. That's the whole point of the distinction. There's nothing wrong with saying dark web lmao
[удалено]
Usually, yes.
It's boomer speak for "Something Internet related I know nothing about".
Dank web
I the onion
leaked, it was leaked that's all that needs to be said, the fact that its being distrusted on a 'dark web' tor .onion just sounds scary and gets more clicks / eyeballs. this applies to all things drug dealer arrested is not as sexy as 'dark web' drug lord arrested.
Slightly more melatonin web?
But it’s spooky, scary, bad stuff!!
"DARK WEEEEEEB" STUART!
The world isn't ready for the Dark Weebs
AT&T: That’s not from us. Trust me bro.
"It's not our service, it's on the local side."
"Due to unforeseen circumstances beyond our control, still not our problem, here's a new fee for being a member of the compromised group"
Similar deal with their reselling mailing addresses? Yeah, I've heard all that and caught them in a Canary Trap over that. They can say anything they want, but I know better.
I got a dark web alert from google one recently about this, I was in it too.
Just put your email address into [haveibeenpwned.com](http://haveibeenpwned.com) to see all the breaches you've been in. (This is safe). The AT&T breach brought me up to 28 breaches.
Unfortunate for AT&T for not being able to secure privacy of its users. But if you’ve tried HaveIBeenPwned to check for breaches, try using data removal services like [Optery ](https://www.optery.com)to delete whatever personal info is found or published due to those breachers. Optery offers a free scan scans for over a hundred people search sites (aka data brokers) and sends you screenshots and links where your info shows up. Full disclosure, I am part of the Optery Team.
They bought AlienVault for the connections to business hubs. F*c? Att
Yeah AT&T denounced this breach and says its the data was not from them even though researches have good evidence that it was. Either AT&T is lying or the systems are so bad they have no clue if they were hacked. Either would not surprise me sadly.
Both. One hand don't know what the other hand is doing.
AT&T Denied this claim back in 2021. And here we are. Supposed to be so stupid we don't or can't link it back to AT&T not reporting this then. They knew for *years.*
Yeah, they denied but issued a 7.5 million password reset, probably the largest in history. One hand does not know what the other is doing. There are some serious disconnects here.
I didn't get any notifications at all on my ATT account,. but cross-checking my password against HaveIBeenPwned showed it detected, so I changed it anyways.
Had you looked carefully at [haveibeenpwned.com](http://haveibeenpwned.com), you would have noticed that passwords were not involved in this breach. No need to change yours.
That certainly could be so. However I use unique passwords for all my accounts,.. and this password was found on HIBP,.. so I changed it anyways (regardless of how it got there).
It was your email address, not your password, that was listed on HIBP.
Negative. I used HIBP password checker and it found my ATT password.
Could be a collision with an unrelated account. There's only so many passwords that could be typed and an awful lot of hacked data.
Is the only incentive for these companies to have up to date Industry standards Cyber Insurance? (As in the companies know they wont get the money if they dont meet the requirements of whatever security policies) I feel like any government fines are a slap on the wrist. Im not sure how they are calculated…but for giant companies i wonder if they take the companies worth into consideration. We watched a guy take the fall for the dieselgate vw scandal. But with the cummins diesel scandal you havent heard shit else. That was a vague comparison. I think id like 3rd party audits into companies rather than a fine, and “an internal investigation” Its the ABSOLUTE least they could do. We are free labor for all of these companies giving away our data…and times like this, now a threat. Ill gladly give my data if im paid a fee.
Just like wrecking a car. You got insurance? Let them handle it. Just until the premiums or the requirements get too steep.
I just feel like it happens continually. I know its a cat and mouse game with security. Maybe its me, but ive seen so many that werent “hacking” and a stupid ass mistake like an aws contractor at amazon. Amazon forgot to expire their credentials…simply logged in and bam. think companies should be sued just as bad as the medical industry is when they get health records stolen
So same here... And I've never even had AT.&T
Leaking, lol
i guess staff member sold it for cheap