Category: Surveillance & Privacy

UK steps up war on whistleblower journalism with new National Security Act

Under a repressive new act, British nationals could face prison for undermining London’s national security line. Intended to destroy WikiLeaks and others exposing war crimes, the law is a direct threat to critical national security journalism. It was the afternoon of May 17 2023 and I had just arrived at London’s Luton Airport. I was on my way to the…

Former CIA engineer who sent ‘Vault 7’ CIA spying secrets to Wikileaks sentenced to 40 years

A former CIA software engineer was sentenced to 40 years in prison on Thursday after his convictions for what the government described as the biggest theft of classified information in CIA history and for possession of child sexual abuse images and videos. The bulk of the sentence imposed on Joshua Schulte, 35, in Manhattan federal court came for an embarrassing…

Foreign Affairs: Spying From Space

  In 2023, the Department of Defense announced an ambitious plan to launch 1,000 satellites over the next decade. Over the same period, the National Reconnaissance Office, which runs the country’s spy satellites, plans to quadruple the size of its fleet of a couple dozen satellites.   The U.S. government can expand its fleet this quickly because satellites have become…

FTC orders Blackbaud to boost security after massive data breach

Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based company listed on NASDAQ with operations in multiple countries and a provider of cloud-based donor data management software catering to nonprofit organizations,…

Share with Care: 2,217 Domains Blocked, the Majority for Circumvention

At the height of the online file-sharing boom, the phrase ‘Sharing is Caring’ was a reminder that peer-to-peer file-sharing systems lived or died on the availability of upload bandwidth. Its presentation allowed it to be about much more than that. The ‘give to get’ philosophy forms part of the BitTorrent protocol even today, but Sharing is Caring was a phrase…

Canadian privacy tech vendors release joint Quebec Law 25 compliance solution

Since the major data protection provisions of Quebec’s Law 25 went into effect in September, privacy professionals within the province and Canada at large now face the prospect of a more stringent enforcement regime under the provincial data protection authority, the Commission d’accès a l’information du Québec. To ease compliance burdens, Canada-based privacy tech vendors Data Sentinel and Denodo joined…

Brownstone: Australian state of Victoria Profiled Citizens According to their Degree of Compliance

There has been an unexpected validation of the title of Our Enemy, the Government (Brownstone, 2023). In a stunning indictment of the state of governance in the Australian state of Victoria, an unidentified senior bureaucrat classified citizens according to their compliance with the government’s Covid diktats. This is the state whose capital Melbourne suffered through the world’s longest lockdown (267…

Toyota warns customers of data breach exposing personal, financial info

Toyota Financial Services (TFS) is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack. Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers. Last month, the company…

23andMe says hackers accessed ‘significant number’ of files about users’ ancestry

Genetic testing company 23andMe announced on Friday that hackers accessed around 14,000 customer accounts in the company’s recent data breach. In a new filing with the U.S. Securities and Exchange Commission published Friday, the company said that, based on its investigation into the incident, it had determined that hackers had accessed 0.1% of its customer base. According to the company’s most recent…

Norton Healthcare discloses data breach following May ransomware attack

Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and hospitals across Greater Louisville, Southern Indiana, and the Commonwealth of Kentucky. With over 20,000 employees, more than 1,750 employed medical providers, and over 3,000 total…

Sequencing data apparently deleted by MEGA in response to New Zealand Ministry of Health injunction

US-based genomics scientist Kevin McKernan says he has lost an estimated US $200,000 worth of research data after his account on file hosting service MEGA was deleted overnight. It appears that McKernan’s account was deleted by MEGA in response to an urgent injunction granted to New Zealand’s (NZ) Ministry of Health (MOH) to prevent the sharing of anonymised data leaked…

23andMe updates user agreement to prevent data breach lawsuits

As Genetic testing provider 23andMe faces multiple lawsuits for an October credential stuffing attack that led to the theft of customer data, the company has modified its Terms of Use to make it harder to sue the company. In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million…

US senator: Govts spy on Apple, Google users via mobile notifications

A U.S. senator revealed today that government agencies worldwide demand mobile push notification records from Apple and Google users to spy on their customers. These revelations come after U.S. Senator Ron Wyden, who serves on the Senate Intelligence Committee, sent a letter to the Department of Justice warning that various governments around the world have been requesting push notification data…

Welltok data breach exposes data of 8.5 million US patients

Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service providers across the U.S., maintaining online wellness programs, holding databases with personal patient data, generating predictive analytics,…

Boeing Faces Cybersecurity Crisis: Lockbit Ransomware Attack Exposes Sensitive Data Amid Citrix Vulnerability Concerns

Boeing, a prominent aerospace manufacturer and defense contractor, found itself targeted by the Lockbit ransomware group at the end of October. This cybercriminal organization claimed responsibility for infiltrating Boeing’s systems and asserted that it had obtained a substantial amount of sensitive data. The group threatened to disclose this information unless Boeing engaged with them before the initial deadline, initially set…

LockBit ransomware leaks gigabytes of Boeing data

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. Before the leak, LockBit hackers said that Boeing ignored warnings that data would become publicly available and threatened to publish a sample of about 4GB of the most recent files. Backup data published LockBit ransomware has leaked more…