How absurd. This kind of thing could happen to anyone.
I hope Adidas cops heaps of negative publicity over its pursuit of this hapless woman.
to be fair, they didn’t know either… she ignored the correspondance about the court case so it went ahead without her and she lost because an account linked to her identity did participate in breaking the law
this is working as expected
it’s not like they knew she was the victim of identity theft; she didn’t provide any defence or evidence… i’m not saying it’s fair either, but sometimes misunderstandings happen and it’s neither parties fault
This sounds absolutely insane! Surely it must be trivial to prove that she had no part in anything. Corporations shouldn’t be able to reach down into peoples lives in this way (she is in a different country and was not represented). what can be done to raise awareness and try to help get the attention of the relevant Minister to advocate to the USA Govt to have this sorted out? This women must be beside herself.
I wonder if the government and ASIC shouldn’t take a closer look at Paypal as well. According to Ms Luke her account was one of 35,000 Paypal accounts breached in an incident last year and criminals used it to process thousands of transactions over a couple of days.
i don’t think paypal did much wrong here: the 35k accounts wasn’t really their fault… their “breach” was credential stuffing: criminals trying usernames and passwords from other breaches… there’s not much they can do to fix that except enforce MFA (this is just 1 of many reasons it’s so important!)
Yes, optional MFA isn’t good enough for a regulated financial service. That should be mandatory.
Even if she gets everything overturned eventually (and it seems there’s a strong case for that), the amount of stress and short-term expenses this piles on someone for being a victim of a data breach is absurd. If she’s forced to pay, really Medibank should have to cough up for not protecting their user data.
“Why should I care about privacy? I have nothing to hide!”
This is one of the reasons why privacy advocates continuously stress the importance of limiting your “digital identity” (as the quoted expert put it). The more information that exists about you online, the more vulnerable you are to data breaches and the resulting criminal activities. Do not trust governments and companies to keep your data safe - they have repeatedly shown they cannot do this. The threat mitigation needs to start with our behaviour online.
