Stop IT Incompetence masthead.
Stop IT Incompetence motto.

Data Breaches tab.

Not black hat hacker Einstein, bad coding clown.

Data Breaches



Whenever there is a data breach (hacking), to cover up their negligence the (ir)responsible organization claims it was a "sophisticated" hacking, pretending it was done by hacker geniuses — so there was nothing the organization could have done about it — and not by the organization's IT incompetence. But data breaches are caused by IT incompetence, i.e. IT incompetents, not black hat hacker Einsteins. Period.

To understand IT incompetence and thus data breaches be sure to read the Principles of IT Incompetence, particularly Why Stop IT Incompetence? Data Breaches.

Then read the Expert News articles and blurbs below about particular data breaches.


Russian President Vladimir Putin photo, Russian flag, hacker photo, U.S. President Joe Biden photo, U.S. flag, radiation invalid Star Trek Captain Christopher Pike photo, CISA seal, bandit-masked government clown photo, Peach Bottom nuclear power plant photo, Chernobyl photo, radiation sickness victim photo (John Cusack playing character based on nuclear scientist Louis Slotin, who died from radiation sickness, in the movie Fat Man and Little Boy), present CISA Director Jen Easterly photo, present CISA Deputy Director Nitin Natarajan photo, former CISA Director Chris Krebs photo, former CISA Deputy Director Matthew Travis photo, former CISA Assistant Director for Cybersecurity Jeanette Manfra photo, former CISA Assistant Director for Cybersecurity Bryan Ware photo.

CISA: No Infrastructure Cybersecurity, Just a Stepping Stone for IT Incompetents



By Duane Thresher, Ph.D.          November 8, 2021

As the name implies, the Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, is the main U.S. Government agency responsible for infrastructure cybersecurity. This includes elections, for which CISA is already rightfully notorious and which I've investigated, and electrical, including nuclear, power plants, which CISA has ignored and I've written about in Handing Over America's Electrical Grid to the Russians and Nuclear 9/11, for example. As history shows, those in CISA are always IT incompetent, incapable of doing infrastructure cybersecurity and protecting America, and only concerned with using CISA as a stepping stone to even higher-paying jobs. Stop this dangerous national security IT incompetence — remember 9/11 Was Due to IT Incompetence — and let me, Dr. Duane Thresher, CEO of Apscitu Inc. and a real IT expert, do America's infrastructure cybersecurity.


Russian President Vladimir Putin photo, Russian flag, hacker photo, Peach Bottom nuclear power plant CIO Kelly Lyman photo, American flag, blond woman clown photo, Peach Bottom nuclear power plant photo, Chernobyl photo, radiation sickness victim photo (John Cusack playing character based on nuclear scientist Louis Slotin, who died from radiation sickness, in the movie Fat Man and Little Boy).

Hacking and Forced Meltdown of Nuclear Power Plants: Upwind of Washington, Baltimore, Philadelphia



By Duane Thresher, Ph.D.          September 21, 2021

In Nuclear 9/11, I wrote again about the hacking and forced meltdown of nuclear power plants, which Russia would love to attack the U.S. with since it also proves that a catastrophic meltdown like Chernobyl in 1986 can't only happen to them. I focused on Southern Nuclear power plants, which are in Georgia and Alabama, and their dangerous IT incompetent CIOs: current Russian-ransomwared Colonial Pipeline woman CIO Marie Mouchet and current Southern Nuclear black CIO Martin Davis. The U.S. Government, whose main reason for existence is to protect us from such an attack, cares only about the sex and race (euphemistically, diversity) of those, like CIOs, who are supposed to protect us from cyberattack, not about their competence. Worse for the South, the U.S. Government, based in the North around Washington DC, still, since the Civil War, considers the South an enemy to be destroyed and is fine with any catastrophes befalling it — Hurricane Katrina and New Orleans for example — including the horrible death of hundreds of thousands by radiation sickness. However, the U.S. Government should realize that it has its own extremely vulnerable nuclear power plants nearby. For example, the already 50 years old, but licensed for another 30 years, Peach Bottom nuclear power plant, which is near, by wind and water, Washington, Baltimore, and Philadelphia, and is already notorious for its lax physical security, has its own dangerous IT incompetent woman CIO, Kelly Lyman. Letting nuclear power become a national security catastrophe is also a catastrophe for the environment, including climate, which the U.S. Government also pretends to care about, because it is the only climate-friendly power that can feasibly meet America's energy needs, as many environmentalists admit. Apscitu can fight to protect America, nuclear power, and the environment.


Russian President Vladimir Putin photo, hacker photo, Russian flag, Bitcoin logo, U.S. President Joe Biden photo, radiation invalid Star Trek Captain Christopher Pike photo, CISA Director Jen Easterly photo, blue long haired woman clown photo, Southern Nuclear Vogtle nuclear power plant photo, Chernobyl photo, radiation sickness victim photo (John Cusack playing character based on nuclear scientist Louis Slotin, who died from radiation sickness, in the movie Fat Man and Little Boy), NRC CIO David Nelson photo, bandit masked government clown photo, Southern Nuclear CIO Martin Davis photo, Damon Wayans's Homey D. Clown photo, Colonial Pipeline and former Southern Nuclear CIO Marie Mouchet photo, woman clown photo.

Nuclear 9/11



By Duane Thresher, Ph.D.          September 11, 2021

Today is the 20th anniversary of 9/11. Two years ago I wrote 9/11 Was Due to IT Incompetence, by the U.S. Government, specifically the NSA and CIA, and predicted another mega national security disaster around 10 years after the last, the hacking of the NSA and CIA by Edward Snowden, which was about 10 years after mega national security disaster 9/11. The U.S. Government, and the companies who actually do the U.S. Government's jobs, are incompetent and generals always fight the last war, so their predicting the next possible mega national security disaster is impossible. However, the recent Colonial Pipeline cyberattack by Russia clearly indicates, to non-incompetents, that the next possible mega national security disaster will be via IT. There has been talk of hacking into airliner flight controls and crashing the planes into targets, but again, that is fighting the last war and is actually trivial compared to what can be done — hacking into and forcing the meltdown of nuclear power plants near major cities (all are), about which I have written in Ransomwared Nuclear Power Plants Upwind of Major U.S. Cities. 3000 died in 9/11, but a forced meltdown of a single nuclear power plant would multiply that by 10 or 100 or more, making it a giga national security disaster, and dying from radiation sickness is one of the most horrible ways to die. Speaking of anniversaries and catastrophic nuclear power plant meltdowns, this year is the 35th anniversary of Chernobyl (1986), which the Russians would love to prove is a disaster that can't only happen to them. Apscitu can fight to protect America from a nuclear 9/11.


Accenture Head CISO Kelly Bissell photo, sleepy clown photo, CISO, Enron/Accenture/Arthur Andersen/Deloitte logos, IT Education, DeVry University logo, Fake, Russian President Vladimir Putin photo, hacker photo, Russian flag, Bitcoin logo, U.S. President Joe Biden photo, invalid Star Trek Captain Christopher Pike photo.

Dangerous Fraud Kelly Bissell, IT Incompetent Accenture Head CISO



By Duane Thresher, Ph.D.          August 27, 2021

Recently, I wrote IT Incompetent Fed IT Company Accenture and CISO Nicole Dean Ransomwared, National Security In Danger, 3 years after I wrote Fed IT Run By Enron's Corrupt Accountant, IT Incompetent Accenture. These focused on IT incompetent Nicole Dean, Accenture Federal Services Chief Information Security Officer (CISO), but with mention of IT incompetent Suzette Kent, former Federal Chief Information Officer (CIO) and former Accenture employee who while Fed CIO swung federal IT services contracts to Accenture, and IT incompetent John Edwards, Central Intelligence Agency CIO and former Accenture employee. Still don't think Accenture is completely IT incompetent and a danger to national security? See IT Hiring: Cascade Failure in Principles of IT Incompetence and consider Kelly Bissell, Accenture Global Cybersecurity Lead, essentially Accenture Head CISO. Bissell lies about his IT expertise — he has none and is an extreme IT incompetent — and has been a part of the fraud that is Accenture since before it called itself Accenture. I am willing to back this in court, in case Kelly Bissell and/or Accenture wants to sue me for defamation. Bissell is a danger to national security because, as he brags on social media, he is giving cybersecurity advice to the U.S. head of national security, including cybersecurity, incompetent President Joe Biden, who already surrendered to Russia in the IT war (cyberwar); see U.S. Surrenders in IT War, Starts Paying Tribute to Russia.


Accenture CISO Nicole Dean photo, woman clown photo, CISO, Enron/Arthur Andersen/Accenture logos, Colorado Technical University logo, Fake, Russian President Vladimir Putin photo, hacker photo, Russian flag, Bitcoin logo, Department of Defense seal, Defense Information Systems Agency seal, Department of Homeland Security seal, Defense Intelligence Agency seal, United States Intelligence Community seal, Cybersecurity & Infrastructure Security Agency seal, Hacked.

IT Incompetent Fed IT Company Accenture and CISO Nicole Dean Ransomwared, National Security In Danger



By Duane Thresher, Ph.D.          August 13, 2021

I told you so. Almost 3 years ago I wrote Fed IT Run By Enron's Corrupt Accountant, IT Incompetent Accenture, with an accompanying entry (now updated) in the IT Incompetents Hall Of Shame for Accenture Federal Services Chief Information Security Officer (CISO) Nicole Dean, who only has a fake IT education and has made a profitable career of doing cybersecurity for national security government agencies/businesses. IT incompetent Nicole Dean is still Accenture CISO, responsible for cybersecurity, and recently Accenture finally publicly admitted that it had been ransomwared. Being ransomwared means being hacked, i.e. a data breach, with hackers having gained access to files; otherwise they could not encrypt those files and hold them for ransom. With Accenture doing much federal IT, that means that hackers have access to government files, just like in The Doomsday Microsoft Government Email Data Breach. It's already bad enough that supposedly friendly foreign countries have access to these U.S. Government files, since Accenture is a foreign-owned company, and that Accenture is corrupt and willing to fraudulently take money from the government. But now Accenture has been hacked/ransomwared by hackers supported by Russia; see U.S. Surrenders in IT War, Starts Paying Tribute to Russia.


Southern Nuclear power plants Vogtle, Hatch, and Farley photos, Chernobyl meltdown photo, Russian President Vladimir Putin photo, hacker image, Russian flag, Bitcoin logo, Southern Nuclear CIO Martin Davis photo, woman clown photo, Southern Nuclear logo on white flag, NRC logo on white flag, NRC CIO David Nelson photo, masked clown photo.

Ransomwared Nuclear Power Plants Upwind of Major U.S. Cities



By Duane Thresher, Ph.D.          June 6, 2021

On the 77th anniversary of D-Day, in memory of those who actually fought and died to protect America.

As I emailed to news outlets in the major cities downwind of the very possibly ransomwared nuclear power plants, in summary of U.S. Surrenders in IT War, Starts Paying Tribute to Russia:
You are aware of the Russian-backed hacking and ransomwaring of Colonial Pipeline and the devastating effect on the south and east coast.

The Colonial Pipeline executive responsible for allowing this is IT incompetent Chief Information Officer (CIO) Marie Mouchet, whose only education is as an elementary school teacher. Before she became Colonial Pipeline CIO several years ago she was CIO for Southern Nuclear, which operates three nuclear power plants (currently two reactors each):

Colonial Pipeline facility photo, Colonial Pipeline logo on white flag, Southern Nuclear facility photo, Southern Nuclear logo on white flag, Russian President Vladimir Putin photo, hacker image, Russian flag, Bitcoin logo, Colonial Pipeline CIO Marie Mouchet photo, woman clown photo, FBI Cyber Division head Bryan Vorndran photo, masked clown photo, President of United States Joe Biden photo, invalid Captain Christopher Pike photo from original Star Trek series.

U.S. Surrenders in IT War, Starts Paying Tribute to Russia



By Duane Thresher, Ph.D.          May 31, 2021

On Memorial Day, in memory of those who actually fought and died to protect America.

Colonial Pipeline Company is a corporation headquartered near Atlanta Georgia, like also-hacked Equifax is. Like most large corporations, it is incorporated in Delaware, to take advantage of their corporate law and proximity to Washington DC. Colonial Pipeline Company's largest shareholder is Koch Industries, the private corporation owned by the Koch brothers, well-known conservative donors. The majority of Colonial Pipeline Company however, is owned by foreigners. Colonial Pipeline owns a critical pipeline, actually two, that runs from a refinery near Houston Texas (been there) up the East Coast to New York City (lived there), through major cities, including Atlanta, or with branches to them, including Richmond Virginia (been and go there) and Washington DC (been and go there). One pipeline carries gasoline, for cars at filling stations, and one pipeline carries diesel fuel, for trucks at filling stations, and jet fuel for airplanes, including directly to major airports along the way. If the flow of Colonial Pipeline is interrupted, transportation in the most densely populated part of the U.S. can be dangerously interrupted. Colonial Pipeline is thus a strategic military target.


Microsoft/ABPAC/India logo, Brad Smith photo, Satya Nadella photo, John Thompson photo, David Brock photo, Suzan DelBene photo, Kurt DelBene photo, evil business clown, Kevin Scott photo, Rajesh Jha photo, hacker, Outlook logo, Exchange logo, federal seals, HACKED.

Microsoft Guilty But Protected by NSA, AB PAC, India, and DelBenes



By Duane Thresher, Ph.D.          March 22, 2021

IT incompetent Microsoft is guilty of The Doomsday Microsoft Government Email Data Breach and Doomsday II: The Massive Microsoft Email Data Breach Sequel and should be in serious, even terminal, legal and public relations/business trouble for it, but remains untouchable. This is because Microsoft is being protected, for several reasons, by those in and closely tied to the federal government. First, Microsoft has become inherent in federal government IT over the decades and it's too late for the federal government to do anything but defend Microsoft, no matter how disastrously IT incompetent they are. Second, Microsoft has colluded with the National Security Agency (NSA) to spy on Americans and is being rewarded for that by the federal government. Third, Microsoft, via its IT incompetent leadership, including those from India, has paid for many elected federal officials. These include U.S. Representative Suzan DelBene from Washington state, home of Microsoft, who used to be a Microsoft executive, and whose husband Kurt DelBene is a longtime Microsoft executive, except for when he was appointed by the federal government to implement HealthCare.gov, which was hacked at implementation; see HealthCare.gov Hacked. While at Microsoft, IT incompetent Kurt DelBene managed both Outlook, implicated in The Doomsday Microsoft Government Email Data Breach, and Exchange, implicated in Doomsday II: The Massive Microsoft Email Data Breach Sequel. Not to mention — and no one does — Microsoft liberally supports the dirty tricks political action committee, AB PAC.


Microsoft logo, Brad Smith photo, Satya Nadella photo, blindfolded clown lawyer photo, James Duff photo, blind leading blind justice off a cliff, hacker, federal seals, PACER logo, CM/ECF logo, HACKED.

Federal Judiciary Reacts To Hackers: Evidence Tampering OK, Exposing NSA Surveillance Not



By Duane Thresher, Ph.D.          March 17, 2021

As I showed in Hackers Own The Federal Legal System, the federal judicial system has been taken over by hackers and the federal judiciary has admitted to this and reacted. Their reaction were orders on Highly Sensitive Documents (HSDs) reworded from a directive by the same IT incompetent agency — the Administrative Office of the United States Courts (AO), particularly its director appointed by the Chief Justice of the Supreme Court — that allowed itself to be hacked in the first place and is responsible for taking care of all documents (evidence documents and court documents), now all electronic, in the federal judicial system. These orders completely ignore the document tampering — to change court decisions — that will now occur, which was the main focus of Hackers Own The Federal Legal System, and only try to keep confidential the documents, HSDs, they consider important. What the AO considers HSDs that they will really try to protect now and non-HSDs that they will leave to the hackers, since they have been hacked permanently and undetectably, is outrageously self-serving. How the AO plans to keep HSDs confidential, when they already have a procedure for sealed and confidential documents that was hacked, is dangerously IT incompetent.


Microsoft logo, Brad Smith photo, Satya Nadella photo, Abbott and Costello cops photo, Davison Douglas and David Novak photo, Outlook logo, Exchange logo, PACER logo, CM/ECF logo, hacker, federal law seals, HACKED.

Hackers Own The Federal Legal System



By Duane Thresher, Ph.D.          March 12, 2021

One of the most important implications of The Doomsday Microsoft Government Email Data Breach and Doomsday II: The Massive Microsoft Email Data Breach Sequel is that hackers "own" the U.S. federal legal system, which consists of the legal departments and agencies of the executive branch and the entire judicial branch of the federal government. These organizations all used Microsoft email in some way so had their networks of computers hacked into, permanently and undetectably. The very foundation of the legal system, and what is assumed by it, is that police evidence (usually documents) and court documents have not been tampered with, but hackers can now undetectably tamper with these documents at will since these documents are all digital (a.k.a. electronic) and on computers these days. All judicial decisions are now questionable (including in some of my own cases), as some enterprising defense lawyer will soon point out to his guilty client's advantage. It's far worse than even Equifax Dead: Hacked So Credit Reports Worthless. Additionally, many court documents contain sensitive information that could be used to hurt the people involved and is supposed to be kept confidential, and all this is now available to hackers. The only solution is to go back to paper only documents, mailing them, and physical security for them. This will not only make the legal process more secure, but more fair, as guaranteed by the Fifth Amendment right to due process.


Microsoft logo, Microsoft Exchange logo, Microsoft CEO Satya Nadella, China/Russia/India flags, hacker, the world, HACKED.

Doomsday II: The Massive Microsoft Email Data Breach Sequel



By Duane Thresher, Ph.D.          March 8, 2021

Only IT incompetent megacorporation Microsoft could have an oxymoron like Doomsday II, the sequel to the end of the world, in this case the sequel to The Doomsday Microsoft Government Email Data Breach. But perhaps it should be seen as taking doomsday on the road. The first Microsoft email doomsday data breach destroyed U.S. Government IT and the sequel is being called a global crisis, having also destroyed the IT of foreign governments and institutions. At least the IT incompetent media realized this time that it was Microsoft's fault — they call it the Microsoft Exchange Cyberattack — which they didn't last time. The first Microsoft email doomsday data breach was due to Microsoft's Outlook email, in all its various guises, and this sequel Microsoft email doomsday data breach is due to Microsoft's Exchange, which is their email server. Here I explain all this and how they are related.


Microsoft logo, Microsoft Outlook logo, Microsoft CEO Satya Nadella, China/Russia/India flags, hacker, 16 federal government department and agency seals, HACKED.

The Doomsday Microsoft Government Email Data Breach



By Duane Thresher, Ph.D.          February 22, 2021

As Apscitu has been warning for years, since its inception, particularly through Stop IT Incompetence, the IT Incompetents Hall Of Shame (Government, Business, and Media), and Apscitu Mail, there has been a doomsday data breach of the federal government's email and (then) networks, and this was due to government IT incompetence, not the supposedly sophisticated foreign government hackers. This doomsday data breach was finally admitted to by the federal government starting in December 2020 and continuing, but may have been going on undetected for many months or even years and may still be going on undetected.

Those who have even a clue about this data breach, which doesn't include the media, are calling it the most massive — and not just yet another most massive — (thus worst) data breach in history, whose vast effects will be the major national security risk for many years into the future, if the United States survives it at all; hence "doomsday data breach". ...


Apscitu Puzzle #6.

Apscitu Puzzle #6 — For Halloween

          October 31, 2020

A terrifying puzzle for Halloween. If it doesn't terrify you, that in itself is terrifying.

Download a pdf of Apscitu Puzzle #6 here. For puzzle background and discussion, which may help doing the puzzle, see the March 14, 2020 article, Introducing Apscitu Puzzles, including doing Apscitu Puzzle #1 if you haven't yet.


Apscitu Puzzle #5.

Apscitu Puzzle #5 — For 9/11

          September 11, 2020

In honor of the 3000 who needlessly died from IT incompetence. (I, Dr. Duane Thresher, was living in Manhattan on 9/11, directly under the flight path of the low-flying planes, which shook my apartment building.)

Download a pdf of Apscitu Puzzle #5 here. For puzzle background and discussion, which may help doing the puzzle, see the March 14, 2020 article, Introducing Apscitu Puzzles, including doing Apscitu Puzzle #1 if you haven't yet.


Experian hacked Sep 2013 - Sep 2015; HealthCare.gov hacked Oct 2013 - Sep 2015.

HealthCare.gov Hacked



By Duane Thresher, Ph.D.          July 25, 2020

HealthCare.gov, the Obamacare website, was launched in October 2013. Its launch was universally considered a monumental disaster and this was largely due to the IT incompetence of the website's foreign (Canadian) developers. There had been great concern HealthCare.gov would be hacked. When that didn't happen immediately it was taken as proof that its IT was secure. However, absence of evidence is not evidence of absence. Most hackers want to steal sensitive data, particularly identity data, undetected, and go to a lot of trouble for the undetected part, since it means they can continue to steal data, which is constantly updated, for years. Data breaches are thus often not discovered, and made public, until years later, if ever. In early March 2020, I made the shocking discovery, reported nowhere else, that HealthCare.gov, via Experian, had been hacked from its launch in October 2013 until September 2015, i.e. for 2 years.


No Twitter, fake Trump tweeting, nuclear explosion, Twitter dunce, hash, Apscitu.

Apscitu Warned of Twitter Hacking Two Years Ago



By Duane Thresher, Ph.D.          July 24, 2020

It was reported that in mid-July, Twitter, in its worst data breach yet, was hacked such that hackers could tweet from the accounts of the rich and powerful — e.g. Jeff Bezos, Elon Musk, Bill Gates, Joe Biden, Barack Obama — in order to fool their followers into sending the hackers money via Bitcoin. Over two years ago I warned, including the Trump Administration, about the dangers of the rich and powerful using Twitter in Trump Using Twitter is a National Security Risk (February 2018) and about how IT incompetent Twitter was in How Twitter Made a Hash of Passwords (May 2018).

As reported, badly, by the IT incompetent media, once the hackers had control of the accounts of such rich and powerful Twitter users, they made tweets like "Everyone is asking me to give back. You send me $1,000, I send you back $2,000." along with a Bitcoin account number (address). While it is difficult to trace the owner of a Bitcoin account, how much is in the account is (by design) public knowledge and easily checked. Apparently this Twitter Bitcoin scam was quite successful — people believe such rich and powerful people wouldn't lie — garnering over $120,000 in just a few hours.


Apscitu Puzzle #2.

Apscitu Puzzle #2 — For The Coronavirus Scare

          April 15, 2020

A puzzle to do during, and a puzzle relevant to, the Coronavirus Scare, the most destructive delusion ever perpetrated by the media, politicians, and scientists; one for the books, like Extraordinary Popular Delusions and the Madness of Crowds. See Coronavirus and Spam: The Fear Is Worse Than The Disease.

Download a pdf of Apscitu Puzzle #2 here. For puzzle background and discussion, which may help doing the puzzle, see the March 14, 2020 article, Introducing Apscitu Puzzles, including doing Apscitu Puzzle #1 if you haven't yet.


NSA seal, CIA seal, IT, clown, airliners crashing into World Trade Center towers.

9/11 Was Due to IT Incompetence



By Duane Thresher, Ph.D.          September 11, 2019

Today is the 18th anniversary of 9/11, which occurred in 2001. I was living in New York City (Manhattan) at the time, where both World Trade Center towers were brought down by foreign terrorists in hijacked airliners. I had been to the publicly-accessible tower top many times and it was weird trying to navigate the city without the towers. Living in NYC right after 9/11, waiting for the next attack, was scary.

The National Security Agency (NSA) and the Central Intelligence Agency (CIA) are the U.S. Government organizations tasked with protecting us from foreign threats like 9/11. Their spectacular failure to prevent 9/11 — which all the evidence indicates should have been possible — was due to IT incompetence.


Booz Allen logos, NSA IT seal, Edward Snowden, DHS Cyber seal, Fake, SEC C*O seal, bandit clown.

Booz Hacks Fed IT, Makes It Incompetent, Insecure, Bankrupt



By Duane Thresher, Ph.D.          November 15, 2018

Booz Allen Hamilton (a.k.a. Booz) was just awarded a $2.5 billion 10-year IT (which includes cybersecurity) contract by the Securities and Exchange Commission (SEC), with the help of the IT incompetent SEC Chief Information Officer (CIO) Chuck Riddle and the IT incompetent SEC Chief Information Security Officer (CISO) Andrew Krug, who are both former Booz employees (a.k.a. Boozers). High school dropout and traitor Edward Snowden, who hacked the National Security Agency (NSA) then fled to Russia to avoid capture and execution for espionage, was also a Booz employee at the time. IT incompetent Jeanette Manfra, Department of Homeland Security (DHS) Assistant Secretary for Cybersecurity, is also a former Booz employee. All, except possibly Snowden, are in line to be rewarded with high-paid executive positions at Booz after they go through the government-business revolving door once again.


Yahoo then Facebook dunce CISO Alex Stamos.

Yahoo-Then-Facebook CISO Alex Stamos Allows Yet Another Massive Data Breach



By Duane Thresher, Ph.D.          September 29, 2018

Yesterday, Facebook admitted to yet another massive data breach; 50 million user accounts compromised. Alex Stamos was (Jun 2015 – Aug 2018) Facebook's Chief Information Security Officer (CISO a.k.a. CSO) when the hole that allowed the breach was introduced into Facebook's code (Jul 2017). Stamos was (Mar 2014 – Jun 2015) also CISO of Yahoo during their two massive data breaches (late 2014); 500 million and 1 billion user accounts compromised. Stamos staggeringly exemplifies another aspect of IT incompetence: being overwhelmingly more interested in imposing his political beliefs on customers than in being competent at his high-paid IT job.


Left: Twitter logo bird wearing dunce cap and hash mark.  Right: A can of roast beef hash.

How Twitter Made a Hash of Passwords



By Duane Thresher, Ph.D.          May 4, 2018

Yesterday it was reported that Twitter user passwords may have been exposed, at least to Twitter employees, which may be a bigger security risk than you think, and any Twitter hackers. The descriptions of the technical aspects of this story in the IT incompetent media have been awful, to say the least. Here is the best description, one boiled down to its understandable essentials, from an actual IT expert.

When you are at your computer or smartphone and want to log in to Twitter you enter your password into the browser or app. (Probably you have your computer or smartphone remember the password for you but that is not important here.)


Photo of Equifax's tombstone.

Equifax Dead: Hacked So Credit Reports Worthless



By Duane Thresher, Ph.D.          April 5, 2018

Last year Equifax allowed the worst data breach in history and the legal fallout continues. Everyone assumes that the worst result of the Equifax hacking was that hundreds of millions of people, including those at sensitive government agencies, like national security agencies, had their most personal financial information given to hackers. That is indeed horrendous but that may not be the worst of it. No one has considered that with Equifax hacked its credit reports are worthless, even illegal, since the Equifax hacking may have been to change credit reports, not just steal data.

Everyone knows how important credit reports are. They are essentially used to determine where you can work and live. Even before the hacking, Equifax had major problems making sure the data it gathered was correct, and had been successfully sued numerous times for getting it wrong and harming people. Trying to discover what data for hundreds of millions of people has been changed by hackers is well beyond the capabilities of Equifax IT.


Photos of James Comey and Michael Horowitz.

FBI Hacking Investigation Negligence Lawsuit



By Duane Thresher, Ph.D.          February 22, 2018

My family and I, particularly our young daughter, were the victims of not one but two(!) health insurance company data breaches: Montana Department of Public Health and Human Services and Premera Blue Cross. At the time (2013 – 2015) these were two of the worst data breaches ever.

It was officially pretended that identity theft was the only concern from these so only cheap credit monitoring (probably using the now-hacked Equifax) for a couple of years needed to be offered as a remedy. However, child abductors, including pedophiles, find this information invaluable since it includes names, addresses and medical records, which is personal information that greatly aids a child abductor.