Sweetwater
Senior Nomad
Posts: 915
Registered: 11-26-2010
Member Is Offline
Mood: chilly today hot tomale
|
|
Baja Bound Security Breach
I received a letter this past week regarding a serious data breach at BajaBound.
All personal information was disclosed, including name and drivers license numbers.
Apology extended with an offer to cover ID theft through Kroll. I have no idea who this is or how effective they might be.
I have new Spam in the email account that was breached but no new accounts opened according to Experian.
I don't find the apology to be much use if that data leads to ID theft, does anyone know Kroll?
Everbody\'s preachin\' at me that we all wanna git to heaven, trouble is, nobody wants to die to git there.-BB King
Reality is what does not go away when you stop believing in it. -Philip K Dick
Nothing is worse than active ignorance. Johann Wolfgang von Goethe(1749-1832, German writer, artist and politician)
When choosing between two evils, I always like to try the one I\'ve never tried before. - Mae West
Experience is what keeps a man who makes the same mistake twice from admitting it the third time around.
|
|
|
BajaGeoff
Super Nomad
Posts: 1727
Registered: 1-11-2006
Location: San Diego and Campo Lopez
Member Is Offline
Mood: Heading To Baja!!!
|
|
Hello Sweetwater,
A little clarification here...
The Baja Bound website was not compromised in any way.
However, one of our agents received an email from a client that contained a malicious attachment that was opened. Upon investigation, the attachment
looked as though it was intended to collect email addresses.
Because this agent often receives personal client information by email (such as drivers license info) we took the steps necessary to contact our
clients that had previously exchanged emails with the agent. So far there has been no indication that any of the information in the email account has
been viewed or compromised, and the malicious email only involved a very small number of our clients.
The letter you received was simply a precautionary measure to inform you of the incident and provide complimentary identity protection services to you
if you want them.
Let me know if you have any further questions...
|
|
|
DanO
Super Nomad
Posts: 1923
Registered: 8-26-2003
Location: Not far from the Pacific
Member Is Offline
|
|
Kroll is a big player in data security. Link: http://www.kroll.com/en-us/cyber-security/data-breach-respon...
\"Without deviation from the norm, progress is not possible.\" -- Frank Zappa
|
|
|
Sweetwater
Senior Nomad
Posts: 915
Registered: 11-26-2010
Member Is Offline
Mood: chilly today hot tomale
|
|
Quote: Originally posted by BajaGeoff  | Hello Sweetwater,
A little clarification here...
The Baja Bound website was not compromised in any way.
However, one of our agents received an email from a client that contained a malicious attachment that was opened. Upon investigation, the attachment
looked as though it was intended to collect email addresses.
Because this agent often receives personal client information by email (such as drivers license info) we took the steps necessary to contact our
clients that had previously exchanged emails with the agent. So far there has been no indication that any of the information in the email account has
been viewed or compromised, and the malicious email only involved a very small number of our clients.
The letter you received was simply a precautionary measure to inform you of the incident and provide complimentary identity protection services to you
if you want them.
Let me know if you have any further questions...
|
I have read this letter once again, it states:
As part of our investigation, we also reviewed the documents stored in the email account and discovered an application that contained your personal
information, including your name, address, date of birth, and drivers license number.
I haven't claimed a website breach and I am very concerned that personal information was stored in email documents. As I've reviewed my past
correspondence, there were no emails sent by me with that information. I was schooled not to include that type of information since nobody knows which
servers might end up with access to it. That is a very dangerous process/procedure and I feel it exposes users to this type of potential abuse.
DanO, thanks for the link to Kroll, I'll investigate them closer.
I'd encourage an open discussion about this incident and wonder how others are dealing with it or ignoring it, as the case may be.....
Everbody\'s preachin\' at me that we all wanna git to heaven, trouble is, nobody wants to die to git there.-BB King
Reality is what does not go away when you stop believing in it. -Philip K Dick
Nothing is worse than active ignorance. Johann Wolfgang von Goethe(1749-1832, German writer, artist and politician)
When choosing between two evils, I always like to try the one I\'ve never tried before. - Mae West
Experience is what keeps a man who makes the same mistake twice from admitting it the third time around.
|
|
|
Bajahowodd
Elite Nomad
Posts: 9274
Registered: 12-15-2008
Location: Disneyland Adjacent and anywhere in Baja
Member Is Offline
|
|
Ahh. The internet. Perhaps there ought to be thread discussing whether the internet has improved or degraded our society.
Such as, would ISIS be able to recruit. Or would Donald Trump be a viable candidate for President?
Just positing.
|
|
|
DawnPatrol
Nomad
Posts: 357
Registered: 11-19-2013
Member Is Offline
|
|
I am not in any way trying to tell Geoff how to run his website, especially one that collects personal data for insurance sales through its portal.
My only remark is that I am in the insurance industry and through my carrier we are NOT allowed to ask for any personal info through emails....
We always request the customer call us with CC info, DOB's, socials, etc..
Alan from San Diego
|
|
|
DanO
Super Nomad
Posts: 1923
Registered: 8-26-2003
Location: Not far from the Pacific
Member Is Offline
|
|
| Quote: Originally posted by Bajahowodd | | Ahh. The internet. Perhaps there ought to be thread discussing whether the internet has improved or degraded our society. |
That's easy. Both. The tougher question is how much of each.
\"Without deviation from the norm, progress is not possible.\" -- Frank Zappa
|
|
|
BajaNomad
Super Administrator
Posts: 5006
Registered: 8-1-2002
Location: San Diego, CA
Member Is Offline
Mood: INTP-A
|
|
http://www.adweek.com/news/technology/digital-savvy-millenni...
When I was young, I admired clever people. Now that I am old, I admire kind people.
– Rabbi Abraham Joshua Heschel
We know we must go back if we live, and we don`t know why.
– John Steinbeck, Log from the Sea of Cortez
https://www.regionalinternet.com
Affordable Domain Name Registration/Management & cPanel Web Hosting - since 1999 |
|
|
DENNIS
Platinum Nomad
Posts: 29510
Registered: 9-2-2006
Location: Punta Banda
Member Is Offline
|
|
=============================
What's "viable" mean here?
"YOU CAN'T LITTER ALUMINUM"
|
|
|
Bajahowodd
Elite Nomad
Posts: 9274
Registered: 12-15-2008
Location: Disneyland Adjacent and anywhere in Baja
Member Is Offline
|
|
Ask the RNC that question. I personally think he's a narcissist, a liar, a fake, and more.
But, my friend, A long time ago, I posited that he may actually be a Manchurian Candidate, out to destroy any hope of the Repubs in the next election.
After all, he was a life long Dem.
|
|
|
micah202
Super Nomad
Posts: 1615
Registered: 1-19-2011
Location: vancouver,BC
Member Is Offline
|
|
| Quote: Originally posted by Bajahowodd | ........my friend, A long time ago, I posited that he may actually be a Manchurian Candidate, out to destroy any hope of the Repubs in the next
election.
After all, he was a life long Dem. |
....that 'bout makes the most sense of anything 
.
|
|
|
BajaGeoff
Super Nomad
Posts: 1727
Registered: 1-11-2006
Location: San Diego and Campo Lopez
Member Is Offline
Mood: Heading To Baja!!!
|
|
Hello Sweetwater,
I got some clarification on the sentence that read:
As part of our investigation, we also reviewed the documents stored in the email account and discovered an application that contained your
personal information, including your name, address, date of birth, and drivers license number.
That portion of the letter was referring to the personal information transmitted by email in order to set up a policy, or an insurance policy being
sent to a client by our agent. If you received an email from this agent with a policy attached, that is why you would have received the letter.
As such, all of our insurance policies are now issued with the drivers license number information encrypted, and we have since gone back and deleted
every email that was sent by our office that had an insurance policy attached.
If you do have any further questions about this, you can call Kroll at the number provided in the letter, or give a call to the Baja Bound office and
we would be happy to assist.
|
|
|
Sweetwater
Senior Nomad
Posts: 915
Registered: 11-26-2010
Member Is Offline
Mood: chilly today hot tomale
|
|
| Quote: Originally posted by BajaGeoff | Hello Sweetwater,
I got some clarification on the sentence that read:
As part of our investigation, we also reviewed the documents stored in the email account and discovered an application that contained your
personal information, including your name, address, date of birth, and drivers license number.
That portion of the letter was referring to the personal information transmitted by email in order to set up a policy, or an insurance policy being
sent to a client by our agent. If you received an email from this agent with a policy attached, that is why you would have received the letter.
As such, all of our insurance policies are now issued with the drivers license number information encrypted, and we have since gone back and deleted
every email that was sent by our office that had an insurance policy attached.
If you do have any further questions about this, you can call Kroll at the number provided in the letter, or give a call to the Baja Bound office and
we would be happy to assist.
|
Yup, found the insurance policy documents as you describe and understand now. Thanks for the clarification. Seems that if they downloaded the pdf
files, they have good info for identity theft. I'll follow up with Kroll but it seems that putting a fraud alert on my account should cover any ID
theft attempts.
Everbody\'s preachin\' at me that we all wanna git to heaven, trouble is, nobody wants to die to git there.-BB King
Reality is what does not go away when you stop believing in it. -Philip K Dick
Nothing is worse than active ignorance. Johann Wolfgang von Goethe(1749-1832, German writer, artist and politician)
When choosing between two evils, I always like to try the one I\'ve never tried before. - Mae West
Experience is what keeps a man who makes the same mistake twice from admitting it the third time around.
|
|
|
![[*]](images/xmbforum/default_icon.gif){kind=icon}
