Search Results for “Associated Press”


July 29, 2019
Emily Flitter and Karen Weise / New York Times

Emily Flitter and Karen Weise / New York Times  
Firewall Misconfiguration by Capital One Allowed Hacker to Steal Millions of Credit Applications, Social Security and Bank Account Numbers Affecting More Than 100 Million People in North America

In one of the largest cases of bank data theft ever, software engineer Paige Thompson hacked into a server holding customer information for Capital One, exploiting a firewall misconfiguration in the bank’s network to steal millions of credit card applications, federal prosecutors say. Thompson, who used the online handle “erratic” was the organizer of a group on Meetup, a social network, called Seattle Warez Kiddies, described as a gathering for “anybody with an appreciation for distributed systems, programming, hacking, cracking.” The F.B.I. noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and the Slack messaging service. Thompson stole 140,000 U.S. Social Security numbers and 77,000 bank account numbers, along with one million Canadian social insurance numbers affecting more than 100 million people in the United States and Canada. A“firewall misconfiguration” by the bank had allowed Ms. Thompson to communicate with the server where Capital One was storing its information and, eventually, gain access to customer files, an FBI agent investigating the case said in court documents. Ms. Thompson worked as a systems engineer at Amazon from 2015 to 2016.

Related: CNN, Reuters, Associated Press, Axios, CNBC, NBC News, Politico, Capital One, The Register, Bloomberg, Washington Post, TechCrunch, TechCrunch, Wired, Justice.gov, Ars Technica, CNET, Wall Street Journal, The Verge, The Hill, Venture Beat, Law360, Reuters, Daily Mail,DataBreachToday.com, BGR, USATODAY, Business Insider, The Daily Swig, Newsweek, Financial Times, CRN, CRN, UPI.comDataBreaches.net, SecurityWeek, MobileSyrup.com, BetaNews, The Verge, GBHackers On Security, SlashGear » security, E-Commerce Times, CNN.com, PCMag.com, The VergeEvening Standard, EngadgetMarketWatch.com – Software Industry News, TechSpot, Digital Trends, Neowin, Fast Company, Mother Jones, New York Daily News, New on MIT Technology Review, FOX News, The Hacker News, Help Net Security, CBSNews.com, Fortune, Technology News | Boston.com, SecurityWeek, The Huffington Post, Cyberscoop, IT World Canada, ARN, The Guardian, Digital Trends, The Next Web, Android Central , GeekWire, SC Magazine, Techerati, SlashdotABC News: U.S., Graham Cluley, Japan Times,Security Affairs, Cyber Kendra, PYMNTS.com, Heavy.com, Computer Business Review, TechNadu, Silicon Republic, Infosecurity Magazine, The State of Security, DataBreaches.netGadgets Now, Courthouse News Service, BBC News – WorldBleepingComputer.comITV News, RT USA, AOL, New York Post, EJ Insight, Mercury News, TODAYonline, CBC , Deutsche Welle, Gizmodo, News : NPR, POLITICO, Gizmodo, Daily BeastGeekWire

Tweets:@zackwhittaker @briankrebs @cnbcnow @gregotto @yoda @RepKatiePorter @zackwhittaker @Wired @BleepingComputer @kimzetter @dnvolz @BleepingComputer @McGrewSecurity @weldpond @h0tdish @hacks4pancakes @RayRedacted @catcalvinla @malwarejake @somanyshrimp @TorresLuzardo

CNN: A hacker gained access to 100 million Capital One credit card applications and accounts
Reuters: Capital One reveals 100M affected by data breach, hacker arrested
Associated Press: Capital One says hacker gained access to personal information of more than 100 million people
Axios: 100 million credit card applications stolen from Capital One
CNBC: Capital One data breach exposes tens of thousands of Social Security numbers, linked bank accounts
NBC News: Over 100 million credit card applicants at risk in Capital One breach, Seattle woman arrested
Politico: Capital One reveals historic data breach after FBI arrests Seattle suspect
Capital One: Capital One Announces Data Security Incident
The Register: Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants
Bloomberg: Capital One Says Breach Hit 100 Million Individuals in U.S.
Washington Post: Capital One says data breach affected 100 million credit card applications
TechCrunch: Capital One’s breach was inevitable, because we did nothing after Equifax
TechCrunch: Capital One hacked, over 100 million customers affected
Wired: THE ALLEGED CAPITAL ONE HACKER DIDN’T COVER HER TRACKS
Justice.gov: Seattle Tech Worker Arrested for Data Theft Involving Large Financial Services Company
Ars Technica: Feds: former cloud worker hacks into Capital One and takes data for 106 million people
CNET: Capital One data breach involves 100 million credit card applications
Wall Street Journal: Capital One Reports Data Breach Affecting 100 Million Customers, Applicants
The Verge: Massive Capital One breach exposes personal info of 100 million Americans
The Hill: Woman arrested, accused of hacking 100 million Capital One records
Venture Beat : Capital One announces hack affecting 106 million U.S. and Canadian customers
Law360: Capital One Says Breach Impacted 106M As Suspect Arrested – Law360
Daily Mail : Ex-tech worker arrested for Capital One hack after stealing data from 100 million customers
DataBreachToday.com: Woman Arrested in Massive Capital One Data Breach
BGR: Hacker steals data for more than 100 million Capital One users, then brags about it and gets arrested
USATODAY: Massive data breach hits Capital One affecting more than 100 million customers
Business Insider: Capital One data breach, affecting tens of millions
The Daily Swig: Millions affected by Capital One data breach
Newsweek: Capital One Data Breach: How to Know, and What You Should Do, If Your Account Has Been Compromised
Financial Times: Capital One reports massive data breach
CRN: Capital One Breach Exposed Data From 106M Credit Card Applicants, Users
UPI.com: Capital One data breach affects 100M credit card applicants
DataBreaches.net: Capital One says data breach affected 100 million credit card applications
SecurityWeek: CapitalOne Discloses Massive Data Breach: 106 Million Impacted
MobileSyrup.com: Capital One data breach could have affected six million Canadian bank accounts
BetaNews: Personal details of 106 million Americans and Canadians stolen in huge Capital One data breach
The Verge: Massive Capital One breach exposes personal info of 100 million Americans
GBHackers On Security: Capital One Hacked – Over 100 Million Credit Card Application Data Exposed
SlashGear » security: Capital One hack affects over 100 million people in the US and Canada
E-Commerce Times: Equifax Data Breach Settlement No Wrist Slap
CNN.com: Worried about the Capital One hack? Here’s what to do
PCMag.com: Capital One Suffers Data Breach Affecting 100 Million Customers
Evening Standard: Capital One data breach 2019: What to do if you have been affected
Engadget: Capital One data breach affected 100 million in the US
MarketWatch.com – Software Industry News: Everything you need to know about the massive Capital One hack, but were afraid to ask
TechSpot: Capital One hack exposed 100 million US customers’ personal details
Digital Trends: New Capital One data breach affects 100 million people. Here’s the very latest
Neowin: Over 100 million accounts compromised after Capital One data breach
Fast Company: Capital One data breach: what was stolen and how to find out if you are affected
Mother Jones: What’s In Your Wallet?
New York Daily News: Capital One hit with data breach affecting some 100 million U.S. customers
New on MIT Technology Review: A hacker stole the personal data of 100 million Capital One customers
FOX News: Capital One data breach exposes info of 106M customers, applicants; suspect arrested
The Hacker News: Capital One Data Breach Affects 106 Million Customers; Hacker Arrested
Help Net Security: Capital One breach: Info on 106 million customers compromised, hacker arrested
CBSNews.com: Capital One data breach hits more than 100 million people
CNBC: Capital One data breach exposes tens of thousands of Social Security numbers, linked bank accounts
Fortune: Hacker May Have Stole Info About Millions of Capital One Customers, U.S. Says
Technology News | Boston.com: Capital One target of massive data breach
SecurityWeek: Capital One Target of Massive Data Breach
The Huffington Post: Credit Card Company Reveals 100 Million People May Be Affected By Hack
Cyberscoop: Capital One announces massive data breach; lone suspect arrested in Seattle
IT World Canada: Six million Canadians impacted by Capital One data breach
ARN: Capital One: hacker gained access to personal information of over 100 million Americans
The Guardian: Capital One: hacker stole data of over 100m Americans
Ars Technica: Hacker ID’d as former Amazon employee steals data of 106 million people from Capital One
Axios: 100 million credit card applications were stolen from Capital One
The Next Web: Capital One data breach compromises 106 million customers’ personal data
Android Central : Capital One breach exposes personal details of over 100 million customers
SC Magazine: Capital One hacker who stole personal info on 100M arrested | SC Media
AP Breaking News: Capital One target of massive data breach
Techerati: Capital One breach affecting 106 million customers caused by misconfigured cloud storage
Slashdot: Capital One Says Hacker Breached Accounts of 100 Million People; Ex-Amazon Employee Arrested
ABC News: U.S.: Capital One target of massive data breach
Graham Cluley: Woman arrested after Capital One hack spills personal info on 106 million credit card applicants
Japan Times: Hacker accesses over 100 million Capital One credit applications in massive data breach
Zero Hedge: Capital One Admits Massive Data Breach: 100 Million Americans Affected, Seattle Woman Arrested
Security Affairs: Capital One data breach: hacker accessed details of 106M customers before its arrest
Cyber Kendra: Capital One Suffered Data Breach 106 Million People Affected
PYMNTS.com: Cap One Hack Hits 100M Credit Card Applications
Heavy.com: Paige Adele Thompson: 5 Fast Facts You Need to Know
Computer Business Review: Capital One Hacker was Ex-AWS Employee
TechNadu: Capital One Reports a Major Data Breach Affecting 106 Million Individuals in the USA & Canada
Infosecurity Magazine: Capital One Breached by Cloud Insider in Major Attack
Tech Insider: Amazon’s cloud was at the heart of the big Capital One hack, even though it doesn’t seem to be at fault (AMZN, COF)
The State of Security: Woman arrested after Capital One hack spills personal info on 106 million credit card applicants
DataBreaches.net: Capital One says data breach affected 100 million credit card applications
Gadgets Now: Capital One hacked, says information of 100 million-plus users leaked
Reuters: Capital One says information of over 100 million individuals in U.S., Canada hacked
BBC News – World: Capital One data breach: Arrest after details of 100m US individuals stolen
TIME: Capital One Information Hacked in Massive Data Breach
NDTV Gadgets360.com: Capital One Bank Targeted in Massive Data Breach
BleepingComputer.com: Capital One Data Breach Affects 106 Million People, Suspect Arrested
ITV News: 100 million applications targeted in Capital One bank data breach
RT USA: 100mn+ people’s data exposed in Capital One bank hack, thousands of SSNs & accounts leaked
AOL: Capital One: information of over 100 mln individuals in U.S., Canada hacked
New York Post: Capital One reveals 100M affected by data breach, hacker arrested
EJ Insight: Capital One data breach affects millions in US, Canada
Mercury News: Capital One: Hacker got info on 100M in the US, 6M in Canada
CBC : Hacker obtained personal information of 6 million people in Canada
Deutsche Welle: Capital One data theft: US arrests ‘erratic’ hacker
Gizmodo: Hacker Claims to Be in Possession of Personal Info on Up to 20,000 LAPD Applicants
The Register: Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants
POLITICO: Capital One reveals historic data breach after FBI arrests Seattle suspect
Daily Beast: Tens of Millions of Credit Card Applications Stolen in Capital One Breach
GeekWire: Seattle engineer arrested for Capital One hack that affected 100M people

@zackwhittaker: Wow. Capital One discloses massive data breach: 100M in US, 6M in Canada. One person in FBI custody. Credit files, applications, the lot. Hard to see this as anything other than Equifax 2.0. (link: http://press.capitalone.com/phoenix.zhtml?c=251626&p=irol-newsArticle&ID=2405043) press.capitalone.com/phoenix.zhtml?…
@briankrebs: Nice write up. Yes, this appears to be her resume. Worked at Amazon 2015-2016
@cnbcnow: BREAKING: Capital One says data breach has “affected approximately 100M individuals in the United States & approximately 6M in Canada” but “no credit card account numbers or log-in credentials were“ taken and “99% of Social Security numbers” weren’t stolen
@gregotto: According to the FBI, a firewall misconfiguration was partly responsible for allowing Thompson to access the Capital One cloud storage
@yoda: what kind of wordsmith fuckery is this???
@RepKatiePorter: One week *to the day* after Equifax announced its settlement terms. It’s clear corporations won’t clean up their acts on their own. We need to create an enforceable federal data privacy standard, so I’m drafting that bill.
@zackwhittaker: Incredible. Capital One's data breach site is titled "Facts."And yet it also pulls this bullshit by saying that no Social Security numbers were breached... except for all the Social Security numbers that were breached.Fuck you, Capital One.
@Wired: On Monday, the FBI and Capital One disclosed a data breach of 106 million credit card applications, one of the biggest breaches of a major financial institution ever.And now someone has been arrested in connection with the crime:
@BleepingComputer: The suspect allegedly posted about her accessing of Capital One's data on GitHub. A security researcher saw her post and contacted Capital One.
@kimzetter: This Capital One breach definitely has more going on to it than the headlines suggest. Perhaps not a coordinated vuln disclosure gone wrong ?but something is def weird about it - she used Tor to access the data but then publicly posted the data to an account with her name?
@dnvolz: The arrested suspect behind the hack, Paige Thompson, is a former employee of Amazon Web Services, according to people familiar with the matter. She is accused of breaching a misconfigured Capitol One firewall to access data stored in AWS. via @nicole_hong
@BleepingComputer: This breach was discovered by a security researcher who responsibly disclosed a vulnerability to Capital One. After investigating the vulnerability, Capital One discovered that an unauthorized user accessed their systems and data between March 22 and 23, 2019.
@McGrewSecurity: Located the Capital One hacker's twitter (also thanks to those that backchanneled on the topic). Clearly they were/are in a bad state mentally/emotionally. I've deleted the earlier tweets about her. I hope they find some peace.
@weldpond: The FBI said the suspect, Paige A. Thompson, was apprehended after she “made statements on social media for evidencing the fact that she has information of Capital One, and that she recognizes that she has acted illegally,”
@h0tdish: Insider/ex employee threats and those who willingly commit crimes, creating, selling malware or stealing info via exploit/breach ARE NOT hero's & anyone who frames it that way has to explain why they're not currently launching a legal $ raiser for her but did for other criminals.
@hacks4pancakes: I feel a great disturbance in the Force, like dozens of Capital One cybersecurity analysts who were screaming futilely for into the wind for years were suddenly silenced.
@RayRedacted: I have removed all of my OSINT posts about the Capital One hacker, because it is clear that she is suffering from mental illness.Mental illness does not discriminate. It can affect anyone. I truly hope she gets the help she needs.
@catcalvinla: At this point, I’m getting like two breach notices a day. Who DOESN’T have my info?
@malwarejake: Takeaways from #CapitalOne: 1. Having a disclosure program may have saved them. I'm FAR less likely to report to an org that lacks a disclosure policy. (link: http://press.capitalone.com/phoenix.zhtml?c=251626&p=irol-newsArticle&ID=2405043) press.capitalone.com/phoenix.zhtml?…
@somanyshrimp: Losing your personal information in a massive data breach is just a thing that happens now, like 110 degree days and regular mass shootings
@TorresLuzardo: I'm trying to come up with an analogy but there's really no topping this.No SSNs were stolen except 140,000 of them.


July 25, 2019
Lisa Mascaro and Mary Clare Jalonick / Associated Press

Lisa Mascaro and Mary Clare Jalonick / Associated Press  
McConnell Kills Two Election Security Measures as Certainty of Ongoing Russian Meddling Efforts Solidifies, Senate Intel Committee Report Documents Widespread Russian Election Targeting During 2016 Election

Arguing that Democrats are trying to give themselves a “political benefit,” Senator Majority Leader Mitch McConnell (R-KY) blocked two election security measures a day after special counsel Robert Mueller testified before two House panels that Russian meddling in the U.S. election system is a dire threat to democracy and on the same day the Senate Intel Committee released its election security findings in the 1st volume of their Russia report showing extensive targeting of state-level election infrastructure. One bill that McConnell killed, a House bill that requires the use of paper ballots and includes funding for the Election Assistance Commission. McConnell killed a second bill that would require candidates, campaign officials, and their family members to notify the FBI of assistance offers from foreign governments.

Related: The Hill: Cybersecurity, News : NPR, Vox, CNN, Esquire, ABC News, UPI.com

Tweets:@ktumulty @donie @DerekDoesTech @RonWyden @nicoleperlroth @mattblaze @MNSteveSimon @EricHolder @MalwareJake @iainthomson @emptywheel

The Hill: Cybersecurity: McConnell blocks two election security bills
News : NPR: Threats To U.S. Elections Aren’t Going Away. What Have The 2020 Democrats Proposed?
Vox: Republicans are still blocking election security bills after Mueller’s testimony
CNN: Russians are still meddling in US elections, Mueller said. Is anybody listening?
Esquire: Mitch McConnell Does Not Give a Damn About the Future of This Country
ABC News: McConnell blocks 2 bills on election security on heels of Mueller warnings
UPI.com: Republicans again block election security bills in the Senate

@ktumulty: Robert Mueller made a case for election security, but lawmakers seemed largely uninterested. @Joseph_Marks_ w/ @TonyaJoRiley in The Cybersecurity 202:
@donie: Russians are still meddling in US elections, Mueller said. Is anybody listening?
@DerekDoesTech: Sen. @RonWyden in no mood for pineapple pizza jokes a day after Mueller hearing and subsequent blocking of his bill, the Senate Cybersecurity Protection Act, in the Senate.
@RonWyden: My opinion on pineapple pizza is Mitch McConnell and Donald Trump need to stop obstructing election security legislation
@nicoleperlroth: Of the two election security bills McConnell killed today, one required a candidate to report contact by a foreign government. #MitchMcConnell #ElectionSecurity
@mattblaze: Just finished reading the (redacted) Senate Intelligence Committee election report. Election systems in all 50 states were targeted. Note that these were primarily state and local back-end systems. There's more to election security that voting machines. (link: https://www.intelligence.senate.gov/sites/default/files/documents/Report_Volume1.pdf) intelligence.senate.gov/sites/default/…
@MNSteveSimon: “They’re doing it as we sit here.”As pundits analyze Robert Mueller’s testimony, let’s focus on his #1 warning: Attempts to interfere in our elections are happening now! Election security must be a top priority nationally, as it is for us in Minnesota. #electionsecurity
@EricHolder: McConnell is blocking legislation that would enable states to withstand attacks that are coming from the Russians and others. This is absurd, disgraceful and calls into question his true motives. Republicans, do your damn job-protect our electoral systems.
@MalwareJake: Snark like this is reason #63289 that Senator Wyden is freaking awesome.
@iainthomson: CISA to the burns unit please...
@emptywheel: One thing being downplayed in coverage of McConnell's refusal to protect our elections: These are BIPARTISAN bills. Stop repeating McConnell's bullshit about the bills being a big partisan hoax.


August 16, 2019
Kate Brumback / Associated Press

Kate Brumback / Associated Press  
Judge Bars Georgia From Using Insecure Paperless Touchscreen Voting Machines, Management System Beyond This Year

In a challenge to Georgia’s outdated voted system plagued with security vulnerabilities, U.S. District Judge Amy Totenberg ordered the state of Georgia from using its paperless touchscreen machines and election management system beyond this year. She also said the state must be ready to use hand-marked paper ballots if its new system isn’t in place for the March 24 presidential primary election. In late July, Georgia agreed to buy new voting machines from Denver-based Dominion Voting Systems that also print a paper record for each vote using a QR code. Voting activists contend that the new machines suffer from the same vulnerabilities as the old machines, although that issue was not before Totenberg in this specific challenge. Totenberg ordered election officials to develop a contingency plan in case the new system isn’t in place before the primary election. She also ordered a pilot of that contingency plan during elections this November and ordered state officials to develop a plan by January 3 to address errors and discrepancies in the state’s voter registration database.

July 30, 2019
Tami Abdollah / Associated Press

Tami Abdollah / Associated Press  
CISA Issues Security Alert for Small Planes Warning of CAN Bus Vulnerability That Would Allow Attacker to Manipulate Engine Readings, Compass Data and More

The Cybersecurity and Infrastructure Agency (CISA), an arm of the Department of Homeland Security (DHS), issued a security alert for small planes, warning that modern flight systems have a  security vulnerability that if someone manages to gain physical access to the aircraft, could allow an attacker to manipulate engine readings, compass data, altitude, and other readings. The alert was issued after cybersecurity firm, Rapid7, found that an attacker could potentially disrupt electronic messages transmitted across a small plane’s network, for example by attaching a small device to its wiring, that would affect aircraft systems. The flaw lies in open electronics systems known as “the CAN bus” which operate like a small plane’s nervous system. The agency said it independently confirmed the security flaw with outside partners and a national research laboratory and decided it was necessary to issue the warning. Rapid 7 only studied small planes because their systems are easier for researchers to acquire and larger planes must meet more stringent and complex cybersecurity requirements.

Related: Fifth Domain | Cyber, Technology News | Boston.com, Sydney Morning Herald, CNN.com – Politics, Bloomberg Politics, PCMag.com, UPI.com, The Hill: Cybersecurity, Cyberscoop, The Age, Technology – CBSNews.com, Verdict, Infosecurity Magazine, USA Today


July 26, 2019
Kate Brumback / Associated Press

Kate Brumback / Associated Press  
Georgia Election Integrity Advocates Allege State Officials Began Destroying Evidence in Voting Machine Security Lawsuit

State officials began destroying evidence within days of a lawsuit brought by election integrity advocates that allege that the touchscreen voting machines Georgia has used since 2002 are insecure and vulnerable to hacking according to a federal court filing by those advocates. “The evidence strongly suggests that the State’s amateurish protection of critical election infrastructure placed Georgia’s election system at risk, and the State Defendants now appear to be desperate to cover-up the effects of their misfeasance — to the point of destroying evidence,” the filing says. The brief was filed as U.S. District Judge Amy Totenberg held a hearing on requests that she should order the state to immediately stop using its current voting machines and switch to hand-marked paper ballots.

July 24, 2019
MARCY GORDON and BARBARA ORTUTAY / Associated Press

MARCY GORDON and BARBARA ORTUTAY / Associated Press  
FTC Privacy Probe Settlement Imposes $5 Billion Penalty, New Restrictions and Modified Corporate Structure on Facebook, Mark Zuckerberg Held Personally Responsible for Privacy Programs Compliance

The Federal Trade Commission (FTC) announced that Facebook will pay a record-breaking $5 billion penalty and submit to new restrictions and a modified corporate structure to hold the company accountable for the decisions it makes about its users’ privacy. The fine and new restrictions settle an FTC investigation into whether Facebook violated a 2012 FTC order by deceiving users about their ability to control the privacy of their personal information specifically in regards to the data of  87 million Facebook users used without their permission in the Cambridge Analytica scandal. Under the settlement between Facebook and the FTC, Mark Zuckerberg is held personally responsible in a limited fashion and will have to personally certify his company’s compliance with its privacy programs. False certifications could expose him to civil or criminal penalties.

Related: Gadgets Now, NDTV Gadgets360.com, The Drum, Al Bawaba, CCN, The Guardian, Wall Street Journal, CNET, E-Commerce Times, PYMNTS.com, Tech Insider, Tech Insider, MarketWatch.com – Software Industry New, Asia One World, Reuters, Federal Trade Commission, Politico, Vox, CNET, FOX News, Voice of America, Washington Post, Zero Hedge, Axios, AndroidHeadlines.com, TechCrunch, Facebook Newsroom, The Verge, TechCrunch, TIME, LA Daily News, CNET, Wall Street Journal, Technology News | Boston.com, The Age, Al BawabaUSA Today, Gizmodo, New York Times, Financial Times, News : NPR, USA Today, CNBC, TechJuice, Telecomlive.com, Courthouse News Service, TribLIVE, NYT > Business Day, CBC , Star Tribune, Chicago Tribune, CNBC, Engadget, Telecompaper Headlines, CCN, AppleInsider, CPO MagazineSky News, 9to5Mac, Tech Insider, Bloomberg, NDTV Gadgets360.com, VentureBeat

Tweets:@sarahfrier @sarahfrier @jtrevorhughes @DaveLeeBBC @ashk4n

Gadgets Now: Facebook to create privacy panel, pay $5 billion to US to settle allegations
NDTV Gadgets360.com: Facebook Said to Agree to Create Privacy Panel as Part of US FTC Settlement
The Drum: Facebook appoints board-level privacy panel as part of $5bn US FTC settlement
Al Bawaba: Facebook to Pay $5 Billion Fine Over Users’ Privacy Violations
CCN: Facebook’s Stock Falters as the DOJ Knives Come Out
The Guardian: Facebook agrees to pay $5bn in vast privacy settlement, insiders say
Wall Street Journal: Facebook Expected to Settle SEC Claims of Inadequate Disclosures Over Privacy Practices
CNET: Facebook to settle with SEC after probe into privacy practices
E-Commerce Times: Facebook Unfazed by $5B FTC Settlement
PYMNTS.com: Facebook Could Pay $100M To Settle SEC Investigation
Tech Insider: ‘Too cheap to keep ignoring’: Wall Street thinks Facebook is set to soar because its loyal users outweigh its endless scandals (FB)
MarketWatch.com – Software Industry News: The Wall Street Journal: Facebook set to pay fine of more than $100 million to settle SEC investigation
Asia One World: Facebook agrees to pay $6.8 billion fine over privacy issues; will set up privacy panel
Reuters: Facebook to create privacy panel, pay $5 billion to U.S. to settle allegations
Federal Trade Commission: FTC Imposes $5 Billion Penalty and Sweeping New Privacy Restrictions on Facebook
Politico: FTC announces $5B settlement with Facebook
Vox: Facebook will pay the US government a $5 billion fine for privacy failures — but it won’t have to change the way it does business
CNET: Facebook agrees to $100 million SEC settlement after privacy probe
FOX News: Facebook pays historic $5B fine and agrees to new privacy regulations as part of massive settlement
Voice of America: Big Tech Faces Broad US Justice Department Antitrust Probe
Washington Post: U.S. government issues stunning rebuke, historic $5 billion fine against Facebook for repeated privacy violations
Zero Hedge: Facebook To Pay Record $5 Billion Fine In FTC Settlement
Axios: Facebook settles with FTC regulators over privacy
AndroidHeadlines.com: FTC Slaps Facebook With $5B Fine Over Cambridge Analytica Scandal
TechCrunch: Facebook ends friend data access for Microsoft and Sony, the last 2 of its legacy partners, under FTC deal
Facebook Newsroom: Cleaning Up Data Access for Partners
The Verge: FTC hits Facebook with $5 billion fine and new privacy checks
TechCrunch: Facebook settles with FTC: $5 billion and new privacy guarantees
TIME: Facebook Agrees to Pay Record $5 Billion Settlement in Privacy Investigation
LA Daily News: FTC fines Facebook $5 billion, adds limited oversight on privacy
CNET: Facebook agrees to $100 million SEC settlement after privacy probe
Wall Street Journal: Facebook Expected to Settle SEC Claims of Inadequate Disclosures Over Privacy Practices
Technology News | Boston.com: FTC fines Facebook $5B, adds limited oversight on privacy
The Age: Facebook to pay record $7.1b fine over privacy violations
Al Bawaba: Facebook to Pay $5 Billion Fine Over Users’ Privacy Violations
USA Today: Facebook fined $5 billion by FTC, must update and adopt new privacy, security measures
Gizmodo: Report: FTC to Accuse Facebook of Using 2FA Numbers for Ads, Hiding Facial Recognition Settings
New York Times: Facebook Fined $5 Billion and Ordered to Add Oversight of Data Practices
Financial Times: Facebook to pay $5bn to resolve probe into privacy violations
News : NPR: FTC To Hold Facebook CEO Mark Zuckerberg Liable For Any Future Privacy Violations
USA Today: Facebook fined $5 billion by FTC, must update and adopt new privacy, security measures
CNBC: FTC slaps Facebook with record $5 billion fine, orders privacy oversight
TechJuice: Facebook won’t have to admit guilt in shocking user privacy settlement
Telecomlive.com: Why $5-bn fine is just the tip of the iceberg of Facebook’s settlement woes
Courthouse News Service: FTC Fines Facebook $5 Billion for Privacy Violations
CBC : FTC fines Facebook $5B for privacy violations
Star Tribune: FTC fines Facebook $5B, adds limited oversight on privacy
Chicago Tribune: Feds fine Facebook $5 billion for privacy violations, establish new oversight
CNBC: FTC slaps Facebook with record $5 billion fine, orders privacy oversight
Engadget: Facebook will pay $5 billion fine for Cambridge Analytica data breaches
Wall Street Journal: Facebook Agrees to Pay $5 Billion in FTC Settlement
Telecompaper Headlines: FTC confirms USD 5 bln fine and 20-year compliance agreement for Facebook privacy violations
CCN: Facebook’s Stock Falters as the DOJ Knives Come Out
AppleInsider: Facebook fined $5B by FTC over Cambridge Analytica scandal charges
CPO Magazine: Record-Setting $5 Billion Facebook Fine Too Little Too Late?
Sky News: Facebook to pay record $5bn fine to end US privacy probe
9to5Mac: [Update: It’s official] Facebook fined record $5 billion by FTC for privacy violations
Bloomberg: Facebook’s FTC Privacy Settlement Won’t Hinder Ad Business
NDTV Gadgets360.com: Facebook Said to Agree to Create Privacy Panel as Part of US FTC Settlement
VentureBeat: Facebook to create a privacy panel as part of $5 billion FTC settlement

@sarahfrier: Tucked deep in Facebook’s announcement of the $5 billion FTC settlement is the announcement of a $100 million SEC settlement
@sarahfrier: Both the FTC and Facebook are telling you the $5 billion settlement fundamentally changes how Facebook operates. But the company will still be able to collect the same data and target ads in the same way. @KurtWagner8 and I explain
@jtrevorhughes: Official now. Just as Mueller hearing starts.FTC Imposes $5 Billion Penalty and Sweeping New Privacy Restrictions on Facebook
@DaveLeeBBC: Facebook’s $5bn fine confirmed by FTC. Company must appoint privacy compliance officers + undergo privacy audits of which Zuckerberg must personally be a part. Also this morn - US financial regulator fines FB additional $100m for misleading investors.
@ashk4n: 1) UPDATE: Having now fully digested the FTC settlement and complaint, I'm of the opinion that this was a *terrible* outcome for our leading privacy regulator and a very sweet deal for @Facebook


August 13, 2019
Mary Clare Jalonick / Associated Press

Mary Clare Jalonick / Associated Press  
As Many as 16 Million People Will Vote on Paperless Voting Equipment in 2020, Raising Security Concerns Due to Lack of Auditability, Brennan Center

At least eight states will use some paperless voting systems in 2020, down from 14 in 2016, but still raising security concerns according to a report evaluating the state of the country’s election security published by the Brennan Center for Justice at NYU School of Law.  The Brennan Center estimates that as many as 12% of voters, or around 16 million people, will vote on paperless equipment in November 2020. Paperless voting machines are considered a check on any malicious digital election interference because they create a record that voters can review before casting their ballots and election workers can use to audit results.The report also finds that around a third of all local election jurisdictions were using voting machines that are at least a decade old, despite recommendations they be replaced after 10 years.

August 21, 2019
Gene Johnson / Associated Press

Gene Johnson / Associated Press  
Transgender Capital One Suspect Seeks Release From Federal Custody Pending Trial Because Imprisonment With Men Is a Serious Threat

Lawyers for transgender hacker Paige Thompson, who was arrested last month after the FBI said she obtained personal information from more than 100 million Capital One credit applications, asked a judge to release her from federal custody, saying that for her to remain jailed with men is a serious threat to her mental health. A hearing is slated for Friday before Magistrate Judge Michelle Peterson in Seattle on whether Thompson will remain at the Federal Detention Center in SeaTac pending trial. Her attorneys asked for her to be released to a halfway house where she would have better access to mental health care. “Longterm placement in a men’s facility will likely increase Paige’s gender dysphoria, depression, and risk of suicide.” a psychiatric evaluation of Thompson commissioned by her attorneys concludes.

September 17, 2019
Australian Associated Press

Australian Associated Press  
Australian Authorities to Charge 21-Year-Old Woman With Multiple Conspiracy Offenses Related to Cyber Fraud Ring That Stole Millions From Financial Accounts Using Identities Purchased From Darknet Markets

Millions of dollars have allegedly been siphoned from personal superannuation, or retirement, and share trading accounts as part of cyber fraud, the Australian federal police and the Australian Securities and Investments Commission announced. Authorities are expected to announce they will charge a 21-year-old Melbourne woman with multiple conspiracy offenses, including tampering with postage items for being part of a syndicate that used stolen identity information purchased from darknet marketplaces, together with single-use telephone SIM cards and fake email accounts, to achieve “identity takeover.” The fake identities were allegedly used to open at least 70 accounts at various domestic banking institutions. The crime syndicate allegedly siphoned money into the accounts as it stole funds from the victims’ superannuation and share-trading accounts in ASX-listed companies.

August 28, 2019
Rod Mcguirk / Associated Press

Rod Mcguirk / Associated Press  
Australia Has Formed a Cybersecurity, IP Task Force to Curb Foreign, Particularly Chinese, Interference, in Australian Universities

In what it says is an effort to reduce risk to university operations and the national interest from cyberattacks and foreign interference, the government of Australia has formed a task force to crack down on attempts by foreign governments to meddle in Australian universities, particularly possible infiltration of Beijing-funded Confucius Institutes at Australian universities. The move comes at a time when Chinese students are by far the largest group of foreign students in the country. The task force includes a cybersecurity working group that will better protect university networks against unauthorized access and damage as well as a research and intellectual property working group to protect academic freedom and intellectual property and safeguard universities against deception and undue influence.  China says that the”so-called infiltration” of its government in Australian higher education is”purely fabricated with ulterior motives.”