| 6 months ago I went through every single website in my safari keychain and changed their password, even if the password was already unique. I also removed my credit card at some point after this from every single website - and changed the card in real life. So even if there is a card number somewhere in a db, it's not valid anymore. I'm tech savvy and this still took around a day, and it was a pain in the ass but hopefully mitigates some of the fallout from this hack - but to be statistically safe while continuing to use online services, id have to wipe my passwords and cards every few months given the frequency of hacks. I couldn't expect my family to put this much effort into doing this frequently. The system of holding a central database is completely bust. It's just too juicy a target to keep the hackers at bay. I really wish there was more effort today spent on changing this centralised paradigm to a decentralised one - my personal data should live on my computer, and my computer only. It should never ever leave it. It should always be hashed. If there was some way for web apps to be distributed and ran on my own personal computer, with zero knowledge proofs verifying transaction on the third party services side we would seriously reduce the attractiveness of hackers going off these enormous databases. It needs to be as easy to secure this data as possible, and it needs to never be sucked up to somewhere else, and security patches need to be instantly applied over the top of my running kernel - without any hiccup. Impossibly difficult you will scoff. No one wants to run their own software. They absolutely would if the tech industry put any effort into it. Also the fines need increased massively to incentivise action in this direction. It should be business-ruining if you lose your customers data like this. |