Mr Soghoian first came to his national prominence in 2006 when the FBI showed up at his house at 2 am to seize the computers on which he had created a site that allowed anyone to take advantage of an outrageous Transportation Security Administration digital dereliction and generate fake boarding passes on Northwest Airlines, with a default name of Osama Bin Laden. The Feds were not amused but closed the criminal investigation without filing charges – and three years later actually hired Soghoian to work in the Federal Trade Commission’s Bureau of Consumer Protection. His freewheeling maverick ways were not the best match for the staid government agency and he was released a year later, but by then his name was synonymous with divulging and publicizing security breaches at the highest levels.
Named & Shamed
- Dropbox had a back door that allowed them full access to all uploaded files
- Sprint Nextel had a secret website for law enforcement agents to GPS-track 8 million subscribers every year
- Yahoo had a price list they charged the US government for turning over private information on their users
- AT&T’s voicemail was open to phone-hacking due to their policy of not requiring a password to access it
Google’s Gmail had SSL encryption turned off by default
- Don’t post anything anywhere (including “private” profiles) that reveals personal details
- Do not share as joint accounts and profiles – your account is yours alone
- Mix up your passwords and use at least half non-alphanumeric characters
- Do not tell anyone your password
- Never reply to spam emails
- Turn on cookie notices in your browser
- Check for https, (the "s" means secured ) lock icons and correct URLs before entering any sensitive data
- Don’t reply or click on bank or payment facilitator emails that do not address you by name
We should greatly appreciate a lot more, the sacrifices that other people make for us to bring the security and privacy violations they discover into the public spotlight. With technology moving at an incredible pace toward the increased use and reliance of the internet, the need to make the internet giants, advertisers and other companies that hold, gain or manipulate the private information they obtain from us fully accountable for their actions.
Join the fight to keep your privacy safe. Post or report any privacy violations that you find, wherever and however you can. Reporting the privacy violations to the proper authorities and bringing the issues into the public eye as much as possible is the best way to fight back against the odds and Protect Your Rights.
Bureau of Consumer Protection : Bureau of Consumer Protection
Privacy Commissioner of Canada : File a complaint HERE
Other posts you might want to read : Will The US Have A Privacy Commissioner Soon ?
Follow Christopher Soghoian on Twitter : Christopher Sohoian@csoghian
For many companies, collecting sensitive consumer and employee information is an essential part of doing business. It’s your legal responsibility to take steps to properly secure or dispose of it. Financial data, personal information from kids, and material derived from credit reports may raise additional compliance considerations.