Hear that sound? It's the barn door closing after the horse is l-o-n-g gone. I am describing the current state of computer security - more correctly, the apparent lack of same from people and corporations that should know better.
I'm not a computer security expert, I am a Support Desk guy of some 15 years who has taken security courses in the past - but it does not take a guru to see that currently, we are pretty much f*cked. The recent Equifax and CCleaner breaches just add insult to the injury of a persistent string of leaks, hacks and general apparent ineptitude that has been going on for years now.
Good grief, are there any of us left in the US that have NOT been hacked, at this point? Apart from a few off-gridders or some hardy Amish, I seriously doubt it. You may not admit you have been caught up in this, but you probably just have not realized it yet.
Look, a lot of organizations and some individuals are generally careful and try to be diligent; many are not, and that's self-evident. A hacker is like a trickle of water, it will eventually makes its way into wherever it wants to, given time and opportunity. Look at the Grand Canyon!
Our dogged determination in the US to use our Social Security Number (SSN) as a unique identifier (something we used to insist it was never designed to be) just puts up a huge target for the Bad Guys: Look! Here! Free stuff!!
So what now? I don't know. Start draconian enforcement of security protocols and start heavily fining entities for non-compliance? Dump the SSN for some kind of encrypted individual registration system?
Can't see either of those being popular, and whatever is done, as usual it will likely be painful for those of us who have to live in this technology-driven. We are at the mercy of those who should know better.
Or, we can just throw up our hands and give up.
Bitter and cranky? Yes I am; we should be able to do better than this. Much better.