Discussion
Loading...

Post

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
404 Media
@404mediaco@mastodon.social  ·  activity timestamp 6 days ago

Landlords are demanding potential tenants hand over employer login credentials so a tool can verify their income. We were sent screenshot of the tool, Argyle, downloading much more data than necessary to approve the renter. "Opt-out means no housing"

🔗 https://www.404media.co/landlords-demand-tenants-workplace-logins-to-scrape-their-paystubs/

404 Media

Landlords Demand Tenants’ Workplace Logins to Scrape Their Paystubs

Screenshots shared with 404 Media show tenant screening services ApproveShield and Argyle taking much more data than they need. “Opt-out means no housing.”
  • Copy link
  • Flag this post
  • Block
jimgon
@jimgon@hulvr.com replied  ·  activity timestamp 5 days ago

@404mediaco

Handing login credentials to a third party would get most people fired.

  • Copy link
  • Flag this comment
  • Block
privacy_guru
@privacy_guru@mastodon.social replied  ·  activity timestamp 6 days ago

@404mediaco @nat This is a grotesque privacy violation. A simple pay stub should suffice for this purpose.

  • Copy link
  • Flag this comment
  • Block
Misuse Case
@MisuseCase@twit.social replied  ·  activity timestamp 6 days ago

@404mediaco Landlords could verify a potential tenant’s income by asking for paystubs. Their insistence on doing it this way makes me suspect it’s a matter of testing how much bullshit a tenant will put up with.

  • Copy link
  • Flag this comment
  • Block
David
@deFractal@infosec.exchange replied  ·  activity timestamp 6 days ago

Correct me if I'm wrong, US #lawfedi, but I'm pretty sure @404mediaco is right that every case of of the landlords accessing the (prospective) tenants' workplace logins is a #CFAA violation, because employees are not legally entitled to authorize the landlord to log into the employers' systems, so the landlords are exceeding their authorized access.

#uslaw #cybercrime

  • Copy link
  • Flag this comment
  • Block
Todd Knarr
@tknarr@mstdn.social replied  ·  activity timestamp 6 days ago

@404mediaco Fuck that shit. Also, that violates my employer's terms and I'd be tempted to report them to the cybersecurity group as an attempt to gain access to the corporate network.

  • Copy link
  • Flag this comment
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.1 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login