How wide was the Equifax data breach?

143 million US consumers were caught up in the data breach. I keep seeing it portrayed as 44% of the US population. But, the US population includes children.

Initially, it seemed to me the better metric was 11 million more than all of 2016 IRS tax filers. The problems with this latter comparison? Lots of people who file taxes might not have a credit history and some with credit histories might not file taxes in a specific year. Which brings up taxes for a specific year comparing against people who had a credit history across many years is sketchy.

Other statistics give me headaches too.

  • The US Census’ latest 2016 estimate is that there were 325M (million) people in the country. The original 44% statistic is based on that.
  • The US Census’ latest 2016 estimate is that there were 249M adults in the country. That brings the percentage up to 57%.
  • The Bureau of Labor Statistics says in July 2017 when the hack occurred, there were 160M members of the civilian noninstitutionalized population. That excludes inmates and members of the armed forces most of whom probably have credit histories.

So, I took the BLS 160M and looked up the excluded populations.

  • It looks like there were about 1.5M in the prisons.
  • And there is about 1.4M active military.

Combining these, it looks like about 88% of people in the “potentially have worked population” were affected.

I feel good with the 88% number.

Really, though, everyone probably has had their SSN and birthday exposed.  If you have ever attended a K-12 school, post-secondary education, gotten insurance, gone to a doctor, engaged in any way with a financial institution, or given your SSN to a government entity, then you should assume that your personal information is ready to be exposed at any time. Nor should you rely on being told. The state of Georgia exposed every voter’s SSN to subscribers of the voting list by accident and notified no one because they felt the CDs being returned meant no one could have the info. (Because the subscribers could not have copied the files off the discs.)

Review: Dataclysm: Who We Are

Dataclysm: Who We Are
Dataclysm: Who We Are by Christian Rudder
My rating: 3 of 5 stars

Maybe really 2.5 stars, but I rounded up.

I have read the OkTrends blog since its inception. Human behavior fascinates me, so I take any opportunity to read on it. The We Experiment On Human Beings post ensnared my attention since it flubs its nose at academic sensibilities at what is ethical experimentation. But, this review is not about Rudder’s ethics, so I will move on to the book.

The writing engaged a technologist interested in Big Data, interesting links, and how data can be used in interesting ways. (Hardly surprising.) Many references made me laugh out loud. I highlighted 32 places according to my Kindle stats. Much more were worthy. The writing alone would make me give it 5 stars.

My first problem manifested in the lack of details in the main text. Where I expected to read about how conclusions were reached, the details were light. Where it all fell apart for me fell in the Coda section where he delved further into the methods used. Suddenly the assumptions, based on nothing but super wild ass guesses (SWAGs) came into complete view. For example, his conservative estimate is that active OkCupid users go on at least one date every two months and uses this with active users/month to arrive at 30,000 dates will happen tonight because of OkCupid. This number is used for other calculations. I would give this aspect no stars.

So an average of 2.5 stars rounded up is the reviewed 3.

View all my reviews

Safeassign

A couple thoughts about problems with Blackboard’s SafeAssign product.

  1. The product appears to be designed to be used by a single institution learning context from CE/Vista systems. We have an institution (InstA) which hosts collaborative programs. Faculty quite reasonably would like to use SafeAssign at InstA just like they do at their home institution (InstB). It appears the design of SafeAssign is such that the only way to share documents across institutions is to put them in the global area meaning anyone use SafeAssign could use them. Scary!
  2. Providing some sort of statistics on institution use helps administrators justify using a product. The total lack of any (like the competitor Turnitin.com) provides is a major problem.

Disappointing.