I don’t know about you, but it seems that every single day - literally every… single… day - I get a reminder of how fragile and broken our digital infrastructure is.
Here’s a random sampling of some of the technofuckups that have either directly or indirectly affected my life in the past 90 days:
- CrowdStrike: Timmy the intern forgot to insert a semicolon in a line of code and nearly destroyed the world.
- UnitedHealth: Marge in purchasing opened what she thought was a funny email from her sister-in-law that showed a guy in Medina, Ohio, falling off his lawnmower while wearing a beer helmet, but was really a computer virus/bot/phishing attack that nearly collapsed the U.S. hospital and healthcare system.
- Ticketmaster: Apparently, Ticketmaster is not content with larding an additional $87 in “service fees” on top of the $492 you just paid for Neil Diamond tickets (You. Not me.) No, Ticketmaster used a “…third-party data services provider…” that you never heard of but seems to be run out of the spare bedroom of a guy named “Hank” who hasn’t updated his database server operating system since Windows 2000, so, well, you’re good and truly hosed.
- Nieman Marcus: It would seem that either Phil Neiman or Bob Marcus was using a third-party cloud database provider to store emails and that cloud was juuuust bit less secure than it needed to be, so 31,152,842 (actual number) customer emails are now coursing their way through the dark web, just looking for a way to destroy your life.
- AT&T: A company that has the unmitigated motherf-ing gall to run ads touting the security of its networks, seems to use a similar third-party (detecting a trend?) cloud platform as Ticketmaster and as a result, NEARLY ALL OF AT&T’S MOBILE CUSTOMERS data were exposed to god-knows-who. That’s, like, 45 thousand bajillion people.
- Roku: I think I had a Roku device for nine days during the Carter administration. But, that didn’t matter when some 600,000 customer names and login credentials were stolen in a hack on some other website and then used to access Roku accounts. (Not entirely Roku’s fault, except… whatever.)
- BONUS: This one didn’t affect me, but for my tens of thousands of readers in Illinois, your personal voter information on file with the state is now in the wild because a (wait for it…) THIRD-PARTY state contractor forgot to password protect/encrypt/do anything a fourth-grade computer student would do to secure the database. This wasn’t a hack. This was just some dipshit who couldn’t be bothered to do the equivalent of shutting, never mind locking, the front door to the jewelry store before taking a month-long vacation.
I could go on. These are just the ones that either have directly affected my ability to do something (like access a web site [CrowdStrike] or schedule a doctor’s appointment [United Health]) or for which I have received formal letters (the others mentioned) stating that my data was compromised because of their incompetence.
Among the many galling things: Just as with Roku, I haven’t bought concert tickets from Ticketmaster in more than a decade. The last time I was an AT&T cellular customer, people still used the word “cellular”, and the company was known as “Cingular.” And I can’t ever remember shopping at Neiman Marcus, but I guess I did at least one time because it (Neiman) managed to cough up a giant data hairball consisting of vomit, partially digested fur and my personal information.
We have done nothing wrong. To paraphrase Joni Mitchell, the tech industry paved paradise and put up a hellscape playground for thieves, terrorists, conmen and malign state actors, and then told us (and sold us) it was paradise.
But, what to do?
Not much, since we have become so dependent on our online lives, and it appears that these breaches are just the cost of doing business. And (bet on this if you can): it is about to get much, MUCH worse thanks to A.I. Definitely freeze your credit reports and take the time to remove yourself from as many data brokers as possible (there are hundreds of them, so you might want to pay a service to do it for you, which is great until the service itself is inevitably hacked.) NEVER reuse passwords. Also, if an online account you use offers some form of two-factor authentication, enable it. Seriously.
And of course, all the digital hygiene and caution in the world won’t protect us from the moment that some database engineer working for a third-party Department of Defense contractor decides at 3:00 AM to finish his coding assignment in bed, and as he is walking from the living room to the bedroom, steps on one of his kids Lego bricks, drops his laptop and accidently starts World War III.