Category: Surveillance & Privacy

Data protection laws limit how pharmacy data is used — but Walmart is apparently running market research with ‘anonymized’ details. Last week, Walmart made headlines with a claim that new weight loss drugs might be making people buy less food. Walmart US CEO John Furner told Bloomberg that people taking Wegovy, Ozempic, and similar drugs showed a “slight change” in their purchasing habits: “just less units, slightly less calories.” How does Walmart know this? Because, Bloomberg indicates, it can compare…

The Wall Street Journal wrote on Thursday that MGM Resorts International didn’t pay the ransomware attackers who broke into its systems last month, forcing the company to shut down systems at several of its hotels and casinos. The hack kept many waiting to check into their rooms, including FTC chair Lina Kahn, who was in Las Vegas, Nevada to attend meetings about a merger between Kroger and Albertsons. MGM said in a press release that hackers made off with customer…

23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack. 23andMe is a U.S. biotechnology and genomics firm offering genetic testing services to customers who send a saliva sample to its labs and get back an ancestry and genetic predispositions report. Recently, a threat actor leaked samples of data that was allegedly stolen from a genetics firm and, a few days later, offered to sell…

MGM Resorts reveals that last month’s cyberattack cost the company $100 million and allowed the hackers to steal customers’ personal information. The hospitality and entertainment giant disclosed a cybersecurity issue on September 11, 2023, which impacted its main website, online reservations systems, and in-casino services like slot machines, credit card terminals, and ATMs. A few days later, it was revealed that the threat actor responsible for the disruption was an affiliate of the BlackCat/ALPHV ransomware gang known as Scattered Spider. These hackers breached MGM’s…

About 100,000 industrial control systems (ICS) were found on the public web, exposed to attackers probing them for vulnerabilities and at risk of unauthorized access. Among them are power grids, traffic light systems, security and water systems. Exposed ICSs include units (sensors, actuators, switches, building management systems, and automatic tank gauges) for critical infrastructure systems. Cybersecurity company BitSight alerted of the threat after identifying the problem in multiple sectors and impacting many Fortune 1000 companies in 96 countries. Bitsight told BleepingComputer…

Following the creation of its Hadopi anti-piracy agency over 13 years ago, France monitored and stored data on millions of users suspected of infringing copyrights. The majority were BitTorrent users and the plan was to use evidence of their piracy activities as a basis for escalating actions including warnings, fines, and ultimately, internet disconnections. Operating the program for a decade cost French taxpayers 82 million euros ($86.5 million) but according to digital rights group La Quadrature du Net, Hadopi’s “mass…

Unintended Consequences We’ve spilled a great deal of ink discussing the GDPR and its failures and unintended consequences. The European data privacy law that was ostensibly built to protect the data of private citizens, but which was also expected to result in heavy fines for primarily American internet companies, has mostly failed to do either. While the larger American internet players have the money and resources to navigate GDPR just fine, smaller companies or innovative startups can’t. The end result…

Chinese hackers reportedly stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft’s cloud-based Exchange email platform in May. During a recent Senate staff briefing, U.S. State Department officials disclosed that the attackers stole at least 60,000 emails from Outlook accounts belonging to State Department officials stationed in East Asia, the Pacific, and Europe, as Reuters first reported. No evidence of the source was found by Corruption Ledger. Additionally, the hackers managed to obtain a list containing…

Leidos has received a Common Hardware Systems 6th Generation contract to deliver tactical information technology (IT) hardware solutions for the US Army. The services and equipment will support the existing unified network for the Joint All Domain Command and Control (JADC2), a US defense strategy to enhance information and decision cycles across commanders to gain an advantage against enemy forces. The initiative will be facilitated for up to 10 years and amount to $7.9 billion if all options are exercised….

The Air Force launched an unarmed Minuteman III intercontinental ballistic missile over the Pacific Ocean in a routine test early Wednesday, the service said in a release. The missile was fired from Vandenberg Space Force Base, California, around 1:30 a.m. local time, and traveled about 4,200 miles to the Marshall Islands, where the U.S. has conducted nuclear weapons tests for decades. Test launches ensure America’s land-based nuclear missiles are still viable after more than 50 years, and are a chance…

  The University of Sydney (USYD) announced that a breach at a third-party service provider exposed personal information of recently applied and enrolled international applicants. The public university started operations in 1850 and has nearly 70,000 students and about 8,500 academic and administrative personnel. It is considered one of Australia’s most important educational institutes. In the data breach announcement, the university says that incident had a limited impact and the preliminary investigation found no evidence that local students, staff, or…

Ukraine’s ongoing confrontations with Russia have captivated international attention, moving beyond mere territorial disputes. Ukrainian Defence Minister Alexey Reznikov had indicated a notable shift in these standoffs, which now double as a significant platform, not just for geopolitical engagements but also for the rigorous examination of cutting-edge military innovations. Western allies gauge their armament efficacy against Russia’s formidable array, while Russia evaluates its gear against advanced Western counterparts, including systems like the S-400 Triumf, renowned for its multifunction radar and…

The two founders behind Tornado Cash, a Russian cryptocurrency mixing service, have been charged by the U.S. Attorney’s Office for the Southern District of New York, according to a statement on Wednesday. Roman Storm and Roman Semenov were officially charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations and conspiracy to operate an unlicensed money transmitting business, according to a newly unsealed indictment. Storm was arrested in Washington on Wednesday but Semenov still remains at large, the…

The pervasive use of facial recognition technology across all facets of life in China has elicited both praise for its convenience and backlash around privacy concerns. The widespread adoption has also fueled the exponential growth of valuations in companies specializing in the field, such as AI giants SenseTime and Megvii. Now the industry is facing some potentially significant changes as Beijing steps up efforts to establish more defined boundaries for the technology’s usage. The move is building upon the implementation…