cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion

Another day another data breach...

Car insurance provider Geico has suffered a data breach where threat actors stole the driver's licenses for policyholders for over a month. Geico is the second-largest car insurance company in the United States, with over 17 million policies for more than 28 million vehicles.

 

Switching to Geico can subject you to identity theft...Switching to Geico can subject you to identity theft...

 

https://oag.ca.gov/system/files/DL3_IndNoticeLttr_CA_Redacted.pdf

 

12 Replies
Caute_cautim
Community Champion

@rslade   Trust of course, everyone trusts everyone don't they?  Or is this not true? 

 

Perhaps an Apple did not land on Newton's head whilst contemplating gravity?

 

Regards

 

Caute_Cautim

tmekelburg1
Community Champion


@Caute_cautim wrote:

Who should be in charge, and who will ensure that the backend processes are conducted correctly and audited regularly? 


My guess would be as it matures in the U.S., the Federal Gov would set the required regulatory standards that each State had to follow. So the Central Gov would set the standards for the Local Gov if I understand it well enough in your area. This is only for official gov issued ID's. e.g., SSN, DLN, etc. though. It's a completely different discussion of 'who' when it's not tied to that.

 

EDIT: Looks like it's going to be large service providers like Amazon, Microsoft, IBM, and Google that work in conjunction with the Country. South Korea has rolled this out already:

 

Building a secure digital ID using Amazon Managed Blockchain | AWS Database Blog

 

Caute_cautim
Community Champion

@tmekelburg1   There are many issues decentralisation for one, building up a trust network, and actually trusting the Government itself.  Because although they may be the entity that issues Driving Licenses, Passports, you have a different set of entities in the financial sector i.e. banks, credit cards etc.   Anti Money Laundering (AML) advocates have an important say as well. 

 

Normally, UK Government (which failed), Estonia, Australia, Singapore, Canada, even Iran has a Digital Identity regime - some have mandated and some have actually failed by making it mandatory for instance.  Sweden and others are looking it from birth to death cycles.   Then there is the infighting going on between vendors, and suppliers and who has a relationship with the government of the day, and exactly what information and statistics they themselves want out of the system, to make their own decisions etc.

 

Regards

 

Caute_cautim