All posts tagged: breach

Chinese Hackers Target Trump Campaign via Verizon Breach

Chinese Hackers Target Trump Campaign via Verizon Breach

The Chinese spy operation adds to the growing sense of a melee of foreign digital interference in the election, which has already included Iranian hackers’ attempt to hack and leak emails from the Trump campaign—with limited success—and Russia-linked disinformation efforts across social media. Ahead of the full launch next week of Apple’s AI platform, Apple Intelligence, the company debuted tools this week for security researchers to evaluate its cloud infrastructure known as Private Cloud Compute. Apple has gone to great lengths to engineer a secure and private AI cloud platform, and this week’s release includes extensive detailed technical documentation of its security features as well as a research environment that is already available in the macOS Sequoia 15.1 beta release. The testing features allow researchers (or anyone) to download and evaluate the actual version of PCC software that Apple is running in the cloud at a given time. The company tells WIRED that the only modifications to the software relate to optimizing it to run in the virtual machine for the research environment. Apple also …

Data breach exposes details of 25,000 current and former BBC employees | BBC

Data breach exposes details of 25,000 current and former BBC employees | BBC

The BBC has launched an investigation after the details of more than 25,000 current and former employees were exposed in a data breach. The corporation’s pension scheme wrote to members on Wednesday to say their details had been stolen in a data security incident that it was taking “extremely seriously”. A spokesperson for the pension scheme said the details of about 25,290 people had been affected. The BBC said it had seen no evidence that the incident was a ransomware attack – a type of hack commonly used by organised cybercrime groups to steal large amounts of personal data. The BBC has one of the biggest occupational pension schemes in the UK, with more than 50,000 members. In its email to those affected, the pension scheme did not explain how the breach had happened, beyond saying that private records had been “copied from an online data storage service”. The data leaked includes the name, date of birth and sex of members, their home address, national insurance number and an indication that they are a member …

Dell warns 49 million customers about massive data breach

Dell warns 49 million customers about massive data breach

Dell has warned customers of a massive data breach following a hacker’s claims they accessed information belonging to roughly 49 million customers. The U.S. computer manufacturer has started distributing data breach notifications to customers impacted by the incident, detailing how an attacker gained unauthorized entry to an online portal that housed customer purchase information on its website. The email seen by ReadWrite stated, “We are currently investigating an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell.” Dell states that the breach is not a “significant risk to our customers” According to Dell’s data breach notification, it seems that the attack resulted in the theft of personal information only, without compromising any financial data. The information stolen includes names, physical addresses, as well as hardware and order details from its systems. The company stated that it “promptly implemented our incident response procedures, began investigating, took steps to contain the incident and notified law enforcement.” It added that a third-party forensics firm has been engaged …

Former township clerk and lawyer in Michigan face charges over voter data breach

Former township clerk and lawyer in Michigan face charges over voter data breach

A former township clerk and her attorney will face charges in Michigan over allegations of a voter data breach related to the 2020 election, Michigan Attorney General Dana Nessel announced Wednesday. Former Adams Township Clerk Stephanie Scott and her private attorney, Stefanie Lambert, allowed “an unauthorized computer examiner access to voter data, including non-public voter information, concerning the 2020 General Election,” Nessel’s office alleged in a news release. Scott faces six charges — five felonies and a misdemeanor — including concealing or withholding a voting machine and using a computer to commit a crime. Lambert faces three felony charges, including using a computer to commit a crime. It is unclear how they pleaded. Scott, 52, and Lambert, 42, have touted conspiracy theories about the results of the 2020 presidential election in Michigan. “Ensuring election security and integrity stands as the cornerstone of our democracy,” Nessel said in the statement. “When elected officials and their proxies use their positions to promote baseless conspiracies, show blatant disregard for voter privacy, and break the law in the process, it …

Elite Russian hackers breach Scholz’s German socialist party – POLITICO

Elite Russian hackers breach Scholz’s German socialist party – POLITICO

The European Union can impose sanctions against hacking groups. In 2020 it imposed a second round of cyber sanctions on Fancy Bear for its attacks on the German Bundestag in 2015. The European Union’s top diplomat Josep Borrell in a statement “strongly condemn[ed] the malicious cyber campaign” by Fancy Bear against Germany and the Czech Republic. “The EU is determined to make use of the full spectrum of measures to prevent, deter and respond to Russia’s malicious behaviour in cyberspace,” Borrell said. NATO also issued a statement backing Berlin and Prague, adding that allies of the defense alliance were “determined to employ the necessary capabilities in order to deter, defend against and counter the full spectrum of cyber threats to support each other, including by considering coordinated responses.” Fancy Bear has regularly conducted cyberattacks against European government targets for years. So far, EU sanctions and diplomatic tussling have done little to deter them. Since the start of the war in Ukraine, European countries have suffered from increased cyber, disinformation and so-called “hybrid” attacks like sabotage, often with …

The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics

The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics

Police and federal agencies are responding to a massive breach of personal data linked to a facial recognition scheme that was implemented in bars and clubs across Australia. The incident highlights emerging privacy concerns as AI-powered facial recognition becomes more widely used everywhere from shopping malls to sporting events. The affected company is Australia-based Outabox, which also has offices in the United States and the Philippines. In response to the Covid-19 pandemic, Outabox debuted a facial recognition kiosk that scans visitors and checks their temperature. The kiosks can also be used to identify problem gamblers who enrolled in a self-exclusion initiative. This week, a website called “Have I Been Outaboxed” emerged, claiming to be set up by former Outabox developers in the Philippines. The website asks visitors to enter their name to check whether their information had been included in a database of Outabox data, which the site alleges had lax internal controls and was shared in an unsecured spreadsheet. It claims to have more than 1 million records. The incident has rankled privacy experts …

Exclusively Christian RE not a breach of human rights, court rules

Exclusively Christian RE not a breach of human rights, court rules

Northern Ireland’s Court of Appeal has ruled exclusively Christian-focused religious education and worship at primary schools in Northern Ireland does not breach human rights. The court upheld a previous finding that the curriculum is “not conveyed in an objective, critical, and pluralistic manner”, which could amount to evidence of “forbidden” indoctrination. However, the court also ruled that no violation of rights was established because parents have the “unqualified right” to withdraw their children from religious education (RE) and collective worship (CW). The court said that the “unqualified nature” of the right of withdrawal made it capable of being a “safeguard against indoctrination in the school setting”. The ruling overturns a previous judgement that current arrangements for CW and RE breach Article 2 of Protocol 1 of the European Convention on Human Rights . Article 2 requires the state to “respect the right of parents’ religious and philosophical convictions in respect of education and teaching”. The law in NI mandates state-funded schools to “include collective worship whether in one or more than one assembly” every day. …

HYBE, the agency behind BTS, files complaint against subsidiary head Min Hee-jin over breach of trust

HYBE, the agency behind BTS, files complaint against subsidiary head Min Hee-jin over breach of trust

The South Korean agency behind K-pop sensation BTS on Thursday (Apr 25) filed a legal complaint against its powerhouse subsidiary’s head for allegedly orchestrating a plan to break away from the parent company. The agency, HYBE, said it filed a complaint against Min Hee-jin, the chief of its subsidiary label ADOR, which manages mega-popular girl group NewJeans, for breach of trust in business. “The complaint (against Min) was filed today” to a police station in Seoul, a HYBE spokesperson told AFP late Thursday. HYBE has secured “physical evidence” confirming that Min orchestrated a “plan to seize the management rights” of the subsidiary and separate from the holding company, it said in a statement sent to AFP earlier Thursday. It also claimed in a separate statement that Min had been inappropriately “coached” by a shaman on management matters while leading ADOR. Min, a famed super-producer, denied the accusations in a tearful news conference Thursday afternoon and claimed she has “no interest” in management rights. “What have I done wrong? I believe my only fault is having …

Health insurance giant Kaiser will notify millions of data breach after sharing patients’ data with advertisers

Health insurance giant Kaiser will notify millions of data breach after sharing patients’ data with advertisers

U.S. health conglomerate Kaiser is notifying millions of its members of a data breach after confirming it shared patients’ information with third-party advertisers, including Google, Microsoft and X (formerly Twitter). In a statement shared with TechCrunch, Kaiser said that it conducted an investigation that found “certain online technologies, previously installed on its websites and mobile applications, may have transmitted personal information to third-party vendors.” Kaiser said that the data shared with advertisers includes member names and IP addresses, as well as information that could indicate if members were signed into a Kaiser Permanente account or service and how members “interacted with and navigated through the website and mobile applications, and search terms used in the health encyclopedia.” Kaiser said it subsequently removed the tracking code from its websites and mobile apps. Kaiser is the latest healthcare organization to confirm it shared patients’ personal information with third-party advertisers by way of online tracking code, often embedded in web pages and mobile apps and designed to collect information about users’ online activity for analytics. Over the past …