Search Results for “BBC News”


July 29, 2019
Emily Flitter and Karen Weise / New York Times

Emily Flitter and Karen Weise / New York Times  
Firewall Misconfiguration by Capital One Allowed Hacker to Steal Millions of Credit Applications, Social Security and Bank Account Numbers Affecting More Than 100 Million People in North America

In one of the largest cases of bank data theft ever, software engineer Paige Thompson hacked into a server holding customer information for Capital One, exploiting a firewall misconfiguration in the bank’s network to steal millions of credit card applications, federal prosecutors say. Thompson, who used the online handle “erratic” was the organizer of a group on Meetup, a social network, called Seattle Warez Kiddies, described as a gathering for “anybody with an appreciation for distributed systems, programming, hacking, cracking.” The F.B.I. noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and the Slack messaging service. Thompson stole 140,000 U.S. Social Security numbers and 77,000 bank account numbers, along with one million Canadian social insurance numbers affecting more than 100 million people in the United States and Canada. A“firewall misconfiguration” by the bank had allowed Ms. Thompson to communicate with the server where Capital One was storing its information and, eventually, gain access to customer files, an FBI agent investigating the case said in court documents. Ms. Thompson worked as a systems engineer at Amazon from 2015 to 2016.

Related: CNN, Reuters, Associated Press, Axios, CNBC, NBC News, Politico, Capital One, The Register, Bloomberg, Washington Post, TechCrunch, TechCrunch, Wired, Justice.gov, Ars Technica, CNET, Wall Street Journal, The Verge, The Hill, Venture Beat, Law360, Reuters, Daily Mail,DataBreachToday.com, BGR, USATODAY, Business Insider, The Daily Swig, Newsweek, Financial Times, CRN, CRN, UPI.comDataBreaches.net, SecurityWeek, MobileSyrup.com, BetaNews, The Verge, GBHackers On Security, SlashGear » security, E-Commerce Times, CNN.com, PCMag.com, The VergeEvening Standard, EngadgetMarketWatch.com – Software Industry News, TechSpot, Digital Trends, Neowin, Fast Company, Mother Jones, New York Daily News, New on MIT Technology Review, FOX News, The Hacker News, Help Net Security, CBSNews.com, Fortune, Technology News | Boston.com, SecurityWeek, The Huffington Post, Cyberscoop, IT World Canada, ARN, The Guardian, Digital Trends, The Next Web, Android Central , GeekWire, SC Magazine, Techerati, SlashdotABC News: U.S., Graham Cluley, Japan Times,Security Affairs, Cyber Kendra, PYMNTS.com, Heavy.com, Computer Business Review, TechNadu, Silicon Republic, Infosecurity Magazine, The State of Security, DataBreaches.netGadgets Now, Courthouse News Service, BBC News – WorldBleepingComputer.comITV News, RT USA, AOL, New York Post, EJ Insight, Mercury News, TODAYonline, CBC , Deutsche Welle, Gizmodo, News : NPR, POLITICO, Gizmodo, Daily BeastGeekWire

Tweets:@zackwhittaker @briankrebs @cnbcnow @gregotto @yoda @RepKatiePorter @zackwhittaker @Wired @BleepingComputer @kimzetter @dnvolz @BleepingComputer @McGrewSecurity @weldpond @h0tdish @hacks4pancakes @RayRedacted @catcalvinla @malwarejake @somanyshrimp @TorresLuzardo

CNN: A hacker gained access to 100 million Capital One credit card applications and accounts
Reuters: Capital One reveals 100M affected by data breach, hacker arrested
Associated Press: Capital One says hacker gained access to personal information of more than 100 million people
Axios: 100 million credit card applications stolen from Capital One
CNBC: Capital One data breach exposes tens of thousands of Social Security numbers, linked bank accounts
NBC News: Over 100 million credit card applicants at risk in Capital One breach, Seattle woman arrested
Politico: Capital One reveals historic data breach after FBI arrests Seattle suspect
Capital One: Capital One Announces Data Security Incident
The Register: Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants
Bloomberg: Capital One Says Breach Hit 100 Million Individuals in U.S.
Washington Post: Capital One says data breach affected 100 million credit card applications
TechCrunch: Capital One’s breach was inevitable, because we did nothing after Equifax
TechCrunch: Capital One hacked, over 100 million customers affected
Wired: THE ALLEGED CAPITAL ONE HACKER DIDN’T COVER HER TRACKS
Justice.gov: Seattle Tech Worker Arrested for Data Theft Involving Large Financial Services Company
Ars Technica: Feds: former cloud worker hacks into Capital One and takes data for 106 million people
CNET: Capital One data breach involves 100 million credit card applications
Wall Street Journal: Capital One Reports Data Breach Affecting 100 Million Customers, Applicants
The Verge: Massive Capital One breach exposes personal info of 100 million Americans
The Hill: Woman arrested, accused of hacking 100 million Capital One records
Venture Beat : Capital One announces hack affecting 106 million U.S. and Canadian customers
Law360: Capital One Says Breach Impacted 106M As Suspect Arrested – Law360
Daily Mail : Ex-tech worker arrested for Capital One hack after stealing data from 100 million customers
DataBreachToday.com: Woman Arrested in Massive Capital One Data Breach
BGR: Hacker steals data for more than 100 million Capital One users, then brags about it and gets arrested
USATODAY: Massive data breach hits Capital One affecting more than 100 million customers
Business Insider: Capital One data breach, affecting tens of millions
The Daily Swig: Millions affected by Capital One data breach
Newsweek: Capital One Data Breach: How to Know, and What You Should Do, If Your Account Has Been Compromised
Financial Times: Capital One reports massive data breach
CRN: Capital One Breach Exposed Data From 106M Credit Card Applicants, Users
UPI.com: Capital One data breach affects 100M credit card applicants
DataBreaches.net: Capital One says data breach affected 100 million credit card applications
SecurityWeek: CapitalOne Discloses Massive Data Breach: 106 Million Impacted
MobileSyrup.com: Capital One data breach could have affected six million Canadian bank accounts
BetaNews: Personal details of 106 million Americans and Canadians stolen in huge Capital One data breach
The Verge: Massive Capital One breach exposes personal info of 100 million Americans
GBHackers On Security: Capital One Hacked – Over 100 Million Credit Card Application Data Exposed
SlashGear » security: Capital One hack affects over 100 million people in the US and Canada
E-Commerce Times: Equifax Data Breach Settlement No Wrist Slap
CNN.com: Worried about the Capital One hack? Here’s what to do
PCMag.com: Capital One Suffers Data Breach Affecting 100 Million Customers
Evening Standard: Capital One data breach 2019: What to do if you have been affected
Engadget: Capital One data breach affected 100 million in the US
MarketWatch.com – Software Industry News: Everything you need to know about the massive Capital One hack, but were afraid to ask
TechSpot: Capital One hack exposed 100 million US customers’ personal details
Digital Trends: New Capital One data breach affects 100 million people. Here’s the very latest
Neowin: Over 100 million accounts compromised after Capital One data breach
Fast Company: Capital One data breach: what was stolen and how to find out if you are affected
Mother Jones: What’s In Your Wallet?
New York Daily News: Capital One hit with data breach affecting some 100 million U.S. customers
New on MIT Technology Review: A hacker stole the personal data of 100 million Capital One customers
FOX News: Capital One data breach exposes info of 106M customers, applicants; suspect arrested
The Hacker News: Capital One Data Breach Affects 106 Million Customers; Hacker Arrested
Help Net Security: Capital One breach: Info on 106 million customers compromised, hacker arrested
CBSNews.com: Capital One data breach hits more than 100 million people
CNBC: Capital One data breach exposes tens of thousands of Social Security numbers, linked bank accounts
Fortune: Hacker May Have Stole Info About Millions of Capital One Customers, U.S. Says
Technology News | Boston.com: Capital One target of massive data breach
SecurityWeek: Capital One Target of Massive Data Breach
The Huffington Post: Credit Card Company Reveals 100 Million People May Be Affected By Hack
Cyberscoop: Capital One announces massive data breach; lone suspect arrested in Seattle
IT World Canada: Six million Canadians impacted by Capital One data breach
ARN: Capital One: hacker gained access to personal information of over 100 million Americans
The Guardian: Capital One: hacker stole data of over 100m Americans
Ars Technica: Hacker ID’d as former Amazon employee steals data of 106 million people from Capital One
Axios: 100 million credit card applications were stolen from Capital One
The Next Web: Capital One data breach compromises 106 million customers’ personal data
Android Central : Capital One breach exposes personal details of over 100 million customers
SC Magazine: Capital One hacker who stole personal info on 100M arrested | SC Media
AP Breaking News: Capital One target of massive data breach
Techerati: Capital One breach affecting 106 million customers caused by misconfigured cloud storage
Slashdot: Capital One Says Hacker Breached Accounts of 100 Million People; Ex-Amazon Employee Arrested
ABC News: U.S.: Capital One target of massive data breach
Graham Cluley: Woman arrested after Capital One hack spills personal info on 106 million credit card applicants
Japan Times: Hacker accesses over 100 million Capital One credit applications in massive data breach
Zero Hedge: Capital One Admits Massive Data Breach: 100 Million Americans Affected, Seattle Woman Arrested
Security Affairs: Capital One data breach: hacker accessed details of 106M customers before its arrest
Cyber Kendra: Capital One Suffered Data Breach 106 Million People Affected
PYMNTS.com: Cap One Hack Hits 100M Credit Card Applications
Heavy.com: Paige Adele Thompson: 5 Fast Facts You Need to Know
Computer Business Review: Capital One Hacker was Ex-AWS Employee
TechNadu: Capital One Reports a Major Data Breach Affecting 106 Million Individuals in the USA & Canada
Infosecurity Magazine: Capital One Breached by Cloud Insider in Major Attack
Tech Insider: Amazon’s cloud was at the heart of the big Capital One hack, even though it doesn’t seem to be at fault (AMZN, COF)
The State of Security: Woman arrested after Capital One hack spills personal info on 106 million credit card applicants
DataBreaches.net: Capital One says data breach affected 100 million credit card applications
Gadgets Now: Capital One hacked, says information of 100 million-plus users leaked
Reuters: Capital One says information of over 100 million individuals in U.S., Canada hacked
BBC News – World: Capital One data breach: Arrest after details of 100m US individuals stolen
TIME: Capital One Information Hacked in Massive Data Breach
NDTV Gadgets360.com: Capital One Bank Targeted in Massive Data Breach
BleepingComputer.com: Capital One Data Breach Affects 106 Million People, Suspect Arrested
ITV News: 100 million applications targeted in Capital One bank data breach
RT USA: 100mn+ people’s data exposed in Capital One bank hack, thousands of SSNs & accounts leaked
AOL: Capital One: information of over 100 mln individuals in U.S., Canada hacked
New York Post: Capital One reveals 100M affected by data breach, hacker arrested
EJ Insight: Capital One data breach affects millions in US, Canada
Mercury News: Capital One: Hacker got info on 100M in the US, 6M in Canada
CBC : Hacker obtained personal information of 6 million people in Canada
Deutsche Welle: Capital One data theft: US arrests ‘erratic’ hacker
Gizmodo: Hacker Claims to Be in Possession of Personal Info on Up to 20,000 LAPD Applicants
The Register: Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants
POLITICO: Capital One reveals historic data breach after FBI arrests Seattle suspect
Daily Beast: Tens of Millions of Credit Card Applications Stolen in Capital One Breach
GeekWire: Seattle engineer arrested for Capital One hack that affected 100M people

@zackwhittaker: Wow. Capital One discloses massive data breach: 100M in US, 6M in Canada. One person in FBI custody. Credit files, applications, the lot. Hard to see this as anything other than Equifax 2.0. (link: http://press.capitalone.com/phoenix.zhtml?c=251626&p=irol-newsArticle&ID=2405043) press.capitalone.com/phoenix.zhtml?…
@briankrebs: Nice write up. Yes, this appears to be her resume. Worked at Amazon 2015-2016
@cnbcnow: BREAKING: Capital One says data breach has “affected approximately 100M individuals in the United States & approximately 6M in Canada” but “no credit card account numbers or log-in credentials were“ taken and “99% of Social Security numbers” weren’t stolen
@gregotto: According to the FBI, a firewall misconfiguration was partly responsible for allowing Thompson to access the Capital One cloud storage
@yoda: what kind of wordsmith fuckery is this???
@RepKatiePorter: One week *to the day* after Equifax announced its settlement terms. It’s clear corporations won’t clean up their acts on their own. We need to create an enforceable federal data privacy standard, so I’m drafting that bill.
@zackwhittaker: Incredible. Capital One's data breach site is titled "Facts."And yet it also pulls this bullshit by saying that no Social Security numbers were breached... except for all the Social Security numbers that were breached.Fuck you, Capital One.
@Wired: On Monday, the FBI and Capital One disclosed a data breach of 106 million credit card applications, one of the biggest breaches of a major financial institution ever.And now someone has been arrested in connection with the crime:
@BleepingComputer: The suspect allegedly posted about her accessing of Capital One's data on GitHub. A security researcher saw her post and contacted Capital One.
@kimzetter: This Capital One breach definitely has more going on to it than the headlines suggest. Perhaps not a coordinated vuln disclosure gone wrong ?but something is def weird about it - she used Tor to access the data but then publicly posted the data to an account with her name?
@dnvolz: The arrested suspect behind the hack, Paige Thompson, is a former employee of Amazon Web Services, according to people familiar with the matter. She is accused of breaching a misconfigured Capitol One firewall to access data stored in AWS. via @nicole_hong
@BleepingComputer: This breach was discovered by a security researcher who responsibly disclosed a vulnerability to Capital One. After investigating the vulnerability, Capital One discovered that an unauthorized user accessed their systems and data between March 22 and 23, 2019.
@McGrewSecurity: Located the Capital One hacker's twitter (also thanks to those that backchanneled on the topic). Clearly they were/are in a bad state mentally/emotionally. I've deleted the earlier tweets about her. I hope they find some peace.
@weldpond: The FBI said the suspect, Paige A. Thompson, was apprehended after she “made statements on social media for evidencing the fact that she has information of Capital One, and that she recognizes that she has acted illegally,”
@h0tdish: Insider/ex employee threats and those who willingly commit crimes, creating, selling malware or stealing info via exploit/breach ARE NOT hero's & anyone who frames it that way has to explain why they're not currently launching a legal $ raiser for her but did for other criminals.
@hacks4pancakes: I feel a great disturbance in the Force, like dozens of Capital One cybersecurity analysts who were screaming futilely for into the wind for years were suddenly silenced.
@RayRedacted: I have removed all of my OSINT posts about the Capital One hacker, because it is clear that she is suffering from mental illness.Mental illness does not discriminate. It can affect anyone. I truly hope she gets the help she needs.
@catcalvinla: At this point, I’m getting like two breach notices a day. Who DOESN’T have my info?
@malwarejake: Takeaways from #CapitalOne: 1. Having a disclosure program may have saved them. I'm FAR less likely to report to an org that lacks a disclosure policy. (link: http://press.capitalone.com/phoenix.zhtml?c=251626&p=irol-newsArticle&ID=2405043) press.capitalone.com/phoenix.zhtml?…
@somanyshrimp: Losing your personal information in a massive data breach is just a thing that happens now, like 110 degree days and regular mass shootings
@TorresLuzardo: I'm trying to come up with an analogy but there's really no topping this.No SSNs were stolen except 140,000 of them.


September 24, 2019
Leo Kelion / BBC News

Leo Kelion / BBC News  
EU’s Top Court Rules That Google Doesn’t Have to Apply Right to Be Forgotten Globally

The EU’s top court, the European Court of Justice has ruled that Google does not have to apply the right to be forgotten globally, requiring the firm to remove links only from its search results in Europe after receiving an appropriate request. The decision stems from a demand by the French privacy regulator CNIL which ordered the firm to globally remove search result listings to pages containing damaging or false information about a person. The right to be forgotten gives EU citizens the power to demand data about them be deleted.

Related: CBC , The Hindu – News, The Hindu – News, AP Breaking News, Channel News Asia, Engadget, The Next Web, BetaNews, The Verge, EJ Insight, Tech Insider, New York Times, NYT > Business Day, WRAL Tech Wire, Silicon Republic, Fortune, Deutsche Welle, Washington Post, The Guardian, AFP, Gizmodo

Tweets:@WomaninHavana @eLAWnora @StevePeers @alemannoEU

CBC : Google wins ‘right-to-be forgotten’ fight with France
The Hindu – News: Google not required to apply ‘right to be forgotten’ worldwide: European Court of Justice
AP Breaking News: EU top court rules in favor of Google on search engine issue
Channel News Asia: Google wins ‘right to be forgotten’ fight with France
Engadget: Google told it doesn’t have to apply ‘right to be forgotten’ results globally
The Next Web: EU top court rules Google doesn’t need to apply the ‘right to be forgotten’ globally
BetaNews: Court rules Google need only apply the ‘right to be forgotten’ in Europe, not worldwide
The Verge: ‘Right to be forgotten’ only applies to Google in the EU, court rules
EJ Insight: Google wins in ‘right to be forgotten’ fight with France
Tech Insider: Google has just been told it doesn’t have to apply ‘right to be forgotten’ globally
New York Times: Europe’s Top Court Limits ‘Right to Be Forgotten’ Privacy Rule
WRAL Tech Wire: EU’s top court backs Google on ‘right to be forgotten’ limits
Silicon Republic: Google wins EU case to limit the right to be forgotten
Fortune: Top Court Rules Google Doesn’t Have to Censor Around the World Because of European Privacy Laws
Deutsche Welle: EU court: Google need not apply ‘right to be forgotten’ outside EU
Washington Post: Google scores major victory in E.U. ‘right to be forgotten’ case
The Guardian: ‘Right to be forgotten’ on Google only applies in EU, court rules
AFP: Google wins EU fight against ‘right to be forgotten’ worldwide
Gizmodo: Google told it doesn’t have to apply ‘right to be forgotten’ results globally

@WomaninHavana: It’s the day for landmark judgments.CJEU on the #righttobeforgotten #Google case as to whether it has to remove links to sensitive personal data worldwide or only within the EU. #privacy #freedomofexpression
@eLAWnora: BREAKING: CJEU rules that in right to be forgotten cases a search engine is not required to undertake global delisting. However, it mandates EU-wide delisting and geo-blocking
@StevePeers: CJEU clarifies the obligations of search engines re the "right to be forgotten":
@alemannoEU: Has Google won? Not yet. EU Court requires Google to #nudge users: while no global delisting obligation exists (beyond the EU), #Google expected to prevent, or at least discourage, users from circumventing EU right to be forgotten via access to third-countries’ links #forgotten


October 10, 2019
Jack Nicas / New York Times

Jack Nicas / New York Times  
Apple Caves to Chinese State Criticism and Pulls App That Allowed Hong Kong Protesters to Track Police

In a move among several recent developments that shows the power of the Chinese state to dictate policies by American companies, Apple removed an app, HKmap.live, from its app store that enabled protesters in Hong Kong to track the police, a day after facing intense criticism from Chinese state media for it. Apple’s removal of the app followed an editorial by the People’s Daily, the flagship newspaper of the Chinese Communist Party, that accused Apple of aiding “rioters” in Hong Kong. Apple said it verified with the Hong Kong Cybersecurity and Technology Crime Bureau that the app has been used to target and ambush police, threaten public safety, and criminals have used it to victimize residents in areas where they know there is no law enforcement.

Related: The Next Web, Reuters, Forbes, ZDNet Security, News.com, Apple Insider, Newsweek, Israel National News, South China Morning Post, The Korea Times News, Hong Kong Free Press HKFPPOLITICO, Financial Times, iMoreDaring FireballFortune, Security, Privacy & Tech Inquiries, EJ Insight, The New Daily, RT News, rthk.hk Local, WRAL Tech Wire, MacRumors, TechCrunch, Tech Insider, iPhone Hacks, MacRumors, Silicon Republic, Tech Insider, Z6 Mag, Global Voices, ReutersFortune  iMore, Tech Insider, WRAL Tech Wire, Fortune, Z6 Mag, BBC News, CRN, NDTV, Telegraph, QuartzNaked Security, EFF, Threatpost

Tweets:@juhasaarinen @Pinboard @thegrugq @jpwarren @jeffstone500

The Next Web : Apple bans app that warns Hong Kong citizens about police activity, again
Reuters : Apple pulls police-tracking app used by Hong Kong protestors after consulting authorities
Forbes : Apple Removes App Used To Track Hong Kong Police After Pressure From China
ZDNet Security: Apple pulls HKmap.live from app store
News.com.au : Apple bans app after China threat
Apple Insider : Apple again pulls police monitoring app from Hong Kong app store
Newsweek: What is HKmap? Apple’s Removal of App Used by Hong Kong Protesters is ‘Political Decision to Suppress Freedom,’ Devs Say
Israel National News : Apple withdraws Hong Kong police-tracking app
South China Morning Post: Swedish tech firm Yubico hands Hong Kong protesters free security keys amid fears over police tactics online
The Korea Times News: Swedish firm gives Hong Kong protesters security keys amid police hacking fear
Hong Kong Free Press HKFP: ‘You’re not alone’: Hong Kong activists united over raising awareness about gender-based violence
POLITICO: U.S. passing Hong Kong human rights and democracy act will ‘punish the wrong people,’ says ex-Trump envoy
Financial Times: Apple pulls Hong Kong map used by protesters from App Store
iMore : Hong Kong mapping app removed from App Store
Daring Fireball: Apple Removes HKmap.live From App Store
Fortune: Apple Removes Hong Kong Protest Map From App Store The Day After Beijing Complains
Security, Privacy & Tech Inquiries: Censorship-resilient apps with Progressive Web Applications
EJ Insight: Apple pulls HK police-tracking app after China criticism
The New Daily: Apple removes Hong Kong police tracker app
RT News: Apple removes app that Hong Kong protesters used to track police movements following vandalism, attacks on officers
rthk.hk Local: Apple pulls HK protester app after Beijing warning
WRAL Tech Wire: Apple drops Hong Kong activists app; Huawei may be able to buy some US goods
MacRumors: Apple Pulls Hong Kong Protest App From App Store Following Chinese Criticism
TechCrunch: Apple pulls HKmap from App Store, the day after Chinese state media criticized its “unwise and reckless decision” to approve it
Tech Insider: China’s grip on Apple tightens as it boots a Hong Kong police-tracking app and news app Quartz
iPhone Hacks: Tim Cook Explains Why Apple Removed the Controversial Hong Kong Protest App
MacRumors: Tim Cook Defends Removal of Hong Kong Mapping App From App Store in Leaked Memo
Silicon Republic: Apple accused of bowing to political pressure amid Hong Kong app removal
Tech Insider: Hong Kong lawmaker who relied on the banned HKMap Live app warns Apple from becoming an ‘accomplice for Chinese censorship’
Z6 Mag: Apple CEO Tim Cook justifies removal of Hong Kong maps app from App Store
Global Voices: Google removes Hong Kong protester role-playing game from its Play Store
Reuters : Apple pulls app used to track Hong Kong police, Cook defends move
Fortune: Apple CEO Tim Cook Defends Decision to Drop Hong Kong Protest Map From App Store After China Complaint
iMore: Read Charles Mok’s open letter to Tim Cook about Hong Kong
Tech Insider: Hong Kong lawmaker who relied on the banned HKMap Live app warns Apple from becoming an ‘accomplice for Chinese censorship’
WRAL Tech Wire: Tim Cook’s choice: Apple kowtows to China or face punishing costs
Fortune: Apple CEO Tim Cook Defends Decision to Drop Hong Kong Protest Map From App Store After China Complaint
Z6 Mag: Apple CEO Tim Cook justifies removal of Hong Kong maps app from App Store
BBC News : Few convinced by Apple’s case for Hong Kong app removal – BBC News
CRN : Apple criticised for pulling app that tracks Hong Kong police
NDTV : Apple Removes Quartz News App From China App Store Over Hong Kong Protest Coverage
Telegraph : Fury as Apple pulls US news app Quartz from China ‘over Hong Kong coverage’
Quartz: Tim Cook doesn’t seem to know how the Hong Kong app Apple removed actually works
Naked Security: Apple removes app that tracks Hong Kong police and protestors
EFF: China’s Global Reach: Surveillance and Censorship Beyond the Great Firewall
Threatpost: China’s Sway Over Tech Companies Tested with Apple, Blizzard

@juhasaarinen: Apple pulls http://HKmap.live from app store https://zd.net/2nxabSt via @ZDNet & @dobes
@Pinboard: This is important. Note the hypothetical language used here by Hong Kong police—they contacted "several app stores" (presumably including Apple) with the complaint that @hkmaplive "could leak the officers' whereabouts, which could facilitate the criminals to ambush our officers."
@thegrugq: This pure information warfare attack surface is brilliant. Blizzard punished a player for being pro Hong Kong. Players are attempting to get Blizzard games banned by Chinese censors. Winnie the Pooh is already censored due to memes about Xi, so this isn’t too unrealistic a goal.
@jpwarren: I am doubling my order of @Yubico keys and telling everyone I know to do the same, because of their principled stance on Hong Kong. And so should you. Please RT.
@jeffstone500: Censorship is just the beginning. China is using powerful DDoS attacks to knock foreign websites offline, per @EFF @Mala. Recent victims include Telegram, a Hong Kong protest forum, and social media outside government control.


August 20, 2019
Tony Romm / The Washington Post

Tony Romm / The Washington Post  
Facebook Unveils ‘Off-Facebook Activity’ Tool Giving Users Leeway to Limit Data Collected About Them Elsewhere on the Web, New Controls Do Not Allow Users to Delete Data in Full

Facebook unveiled its long-awaited feature, called “Off-Facebook Activity,” which allows users to limit businesses, apps and other groups that collect data about them on the Web and pass that information to the tech giant. The feature does not, however, allow users to delete that information from Facebook in full but instead has been designed to “shed more light” on a form of online tracking that determines some of the ads people see on Facebook. Users now can choose to remove this history from their accounts and turn off some or all of that tracking in the future although these actions merely disconnect information from being identified to a specific user but do not delete it. The new controls also won’t prevent Facebook from reporting back to another business whenever users generally purchase their product after seeing an ad targeted to them. The complexity of the system likely won’t prevent privacy advocates from criticizing the company because company CEO Mark Zuckerberg implied a more robust deletion tool one year ago when he vowed Facebook would develop a “Clear History” tool.

Related: TechCrunch, CNET, The Guardian, The Verge, Buzzfeed News, Wall Street Journal, Facebook, New York Times, BBC News, The Verge, Tech Insider, AP Breaking News, The Sun, Slashdot, Tech Insider, WRAL Tech Wire, Z6 Mag, New York Times – Business, Neowin, Tech Insider, Sky News, The Next Web, Channel News Asia, SecurityWeek, The Straits Times Tech News, CNN.com

Tweets:@geoffreyfowler @kashhill @ashk4n @fbnewsroom @zackwhittaker @ruskin147 @tonyromm @gcluley @stevekovach @alexhern

TechCrunch: Facebook unveils new tools to control how websites share your data for ad-targeting
CNET: How to use Facebook’s new privacy tool to control your data
The Guardian: Facebook launches ‘clear history’ tool – but it won’t delete anything
The Verge: Facebook’s Clear History privacy tool finally begins rolling out in three countries
Buzzfeed News: You Can Finally See All Of The Info Facebook Collected About You From Other Websites
Wall Street Journal: Facebook to Let Users Control Their Data From Other Companies
Facebook: Now You Can See and Control the Data That Apps and Websites Share With Facebook
New York Times: Facebook’s New Tool Lets You See Which Apps and Websites Tracked You
BBC News: Facebook to stop stalking you off-site – but only if asked
The Verge: Facebook’s Clear History privacy tool finally begins rolling out in three countries
Tech Insider: Facebook is finally letting users control the info that other websites are sharing with the social network about them (FB)
AP Breaking News: Facebook rolls out tool to block off-Facebook data gathering
The Sun: Facebook launches ‘off-platform activity’ tool to stop it tracking you across the internet – and you can even wipe your history
Slashdot: You Can Finally See All Of The Info Facebook Collected About You From Other Websites
Tech Insider: Advertisers have been grappling for alternatives ahead of Facebook’s ‘clear-history’ tool that could limit one of its most powerful targeting tools
WRAL Tech Wire: New Facebook tools enables users to turn off tracking
Z6 Mag: Control the data you share via ‘Off-Facebook Activity’
New York Times – Business: Facebook’s New Tool Lets You See Which Apps and Websites Tracked You
Neowin: Facebook adds new tool that helps you control its off-site stalking
Tech Insider: Facebook is finally letting users control the info that other websites are sharing with the social network about them (FB)
Sky News: Facebook to let users stop app and website tracking
The Next Web: Facebook lets you (sorta) control what info it gets from other sites
Channel News Asia: Facebook launches tool to let users control data flow
SecurityWeek: Facebook Launches Tool to Let Users Control Data Flow
The Straits Times Tech News: Facebook launches tool to let users control data flow
CNN.com: Facebook finally rolls out privacy tool for your browsing history

@geoffreyfowler: Facebook’s long-promised “clear history” tool has arrived, but it is not the data re-set we really needed.@tonyromm has the details here @posttech : https://wapo.st/2ZkWXoYWhat’s missing? Thread -->
@kashhill: In news you can't actually use yet (unless you live in Ireland, S. Korea, or Spain), Facebook is giving you a way to make your Instagram ads way less creepy.
@ashk4n: Facebook just announced their long awaited 'Clear History' tool -- tho it only really lets you 'Disconnect Activity' (and even then its pretty limited)PR release: https://newsroom.fb.com/news/2019/08/off-facebook-activity/Fact sheet: https://facebook.com/off-facebook-activityTechnical writeup: https://engineering.fb.com/data-infrastructure/off-facebook-activity/
@fbnewsroom: With Off Facebook Activity, you can see a summary of the info that websites and apps send to help show you relevant ads - you can also disconnect this info from your account. Learn more: https://newsroom.fb.com/news/2019/08/off-facebook-activity/
@zackwhittaker: This sounds great! But nowhere in this blog post does it say how we get it.
@ruskin147: My story on Facebook’s new “Off-Facebook Activity” tool which shows you why those shoes are following you around the Internet
@tonyromm: Zuck in 2018 used the word "flush" and other FB execs used the word "delete" but it's not exactly what's happening here, so it will be interesting to see how users and regulators react
@gcluley: Good thread here on Facebook's "Clear History" announcement.Most people won't ever turn off "Off-Facebook activity" of course.. but even if you do, you may be interested to hear what it does (and doesn't) do.
@stevekovach: The best way to clear your Facebook history is to delete Facebook
@alexhern: The clear history tool Mark Zuckerberg announced over a year ago is finally coming (except it won’t actually clear your history from Facebook’s servers)


July 24, 2019
BBC News

BBC News  
Police Arrest 25-Year-Old on Suspicion of Carrying Out Cyber-Attack on Lancaster University

A 25-year-old from Bradford, UK, has been arrested on suspicion of carrying out a “sophisticated and malicious” cyber-attack against Lancaster University, according to the country’s National Crime Agency (NCA). NCA said that “[o]fficers from the NCA’s National Cyber Crime Unit arrested the man on Monday (22 July) and he has since been released under investigation while enquiries are ongoing.”  Lancaster University was hit by a data breach affecting more than 12,000 students and applicants.

August 19, 2019
BBC News

BBC News  
Teenage TalkTalk Hacker Sentenced to 20 Months in Jail, Ordered to Pay $494,000 in Restitution

Nineteen-year-old Elliott Gunton who admitted to hacking the UK’s TalkTalk phone service, has been sentenced to twenty months in jail, ordered to pay back £407,359 (around $494,000) and given a three-and-a-half-year community order, which restricts his internet and software use, for stealing personal data in exchange for hundreds of thousands of pounds in cryptocurrency. Gunton was found guilty of hacking the telecommunications firm when he was 16.

September 25, 2019
Joe Tidy / BBC News

Joe Tidy / BBC News  
GandCrab Gang Appears to Have Emerged from Retirement to Push New Ransomware REvil Which Disrupted Twenty-Two Municipalities in Texas

The infamous hacker crew, the GandCrab gang, that announced it was retiring in May appears to be behind a wave of new attacks being carried out across the world, researchers at SecureWorks concluded after analyzing a new strain of computer virus. The purported Russian gang previously sold customized malware to other criminals. Secureworks has linked the group to a new strain of ransomware called REvil or Sondinokibi which has caused major disruption to hundreds of dental practices in the US as well as 22 Texas municipalities.

September 12, 2019
Daniel Lippman / Politico

Daniel Lippman / Politico  
Israel Was Most Likely Behind Placement of Surveillance Stingray Devices Near White House Which Aimed to Spy on Donald Trump, Administration Failed to Rebuke Israeli Government, Sources

The U.S. government concluded within the last two years that Israel was most likely behind the placement of cell-phone surveillance devices known as Stingrays, or more formally international mobile subscriber identity-catchers or IMSI-catchers, that were found near the White House and other sensitive locations around Washington, D.C., yet the Trump Administration did nothing about it and failed to rebuke the Israeli government. The devices were intended to spy on Donald Trump as well as his top aides and closest associates. U.S. officials shared their findings with relevant federal agencies, according to a letter a top DHS official, Christopher Krebs, wrote in May 2018 to Sen. Ron Wyden (D-OR.). According to a detailed forensic analysis, the FBI and other agencies working on the case felt confident that Israeli agents had placed the devices, sources say. Israel issued a pro forma denial that it is the culprit behind the stingrays.

Related: Gizmodo, Slate, Bloomberg, The Guardian, Just Security, Washington Examiner, Israel National News, Haaretz.com, Washington Examiner, NBC News Top Stories, PressTV, South China Morning Post, FuturismCBSNews.com, Jerusalem Post, Vox, BBC News – World, CBSNews.com, The Times of Israel, Algemeiner.com, BBC News – World, SC Magazine, Reuters: World News, Slashdot

Tweets:@dlippman @thegrugq @maxblumenthal @olgaNYC1211 @kenklippenstein @yashar @KyleWOrton @NTarnopolsky @AkiPeritz @CrispinBurke @ericgeller @timothypmurphy @gregotto @russellbrandom

Gizmodo: Israel Allegedly Installed Stingray Devices Around D.C. to Spy on President Trump
Slate: Israel Reportedly Known to Be Spying on White House Cell Phones, but Trump Didn’t Do Anything About It
Bloomberg: Israel Denies Report it Planted Spying Devices in Washington D.C.
The Guardian: Israel accused of planting spying devices near White House
Just Security: The Early Edition: September 12, 2019
Washington Examiner: Israel blamed for spy devices found near White House
Israel National News : Report: Israel accused of planting spy devices near White House
Haaretz.com: Israel reportedly planted mysterious spy devices near White House
Washington Examiner: Israel blamed for spy devices found near White House
NBC News Top Stories: Netanyahu denies Israel planted spy devices near the White House
PressTV: Israel accused of placing spy devices near White House: Report
South China Morning Post: Israel accused of planting mysterious spy devices near the White House
Futurism: The FBI Reportedly Thinks Israel Spied on Trump’s Phone
CBSNews.com: Politico: Israel accused of planting spy devices near White House
Jerusalem Post: Trump says he does not believe Israelis are spying on the U.S.
Vox: Vox Sentences: Another hurdle for asylum seekers
BBC News – World: Netanyahu denies Politico report Israel spying on the White House
CBSNews.com: “StingRay” surveillance devices found near the White House
The Times of Israel: Trump says he doesn’t believe report of Israel spying on White House
Algemeiner.com: Netanyahu Denies Report of Israeli Spy Operation in US
BBC News – World: Netanyahu denies Politico report Israel spying on the White House
SC Magazine: Israel reportedly behind spying devices found near White House, other sensitive areas | SC Media
Reuters: World News: Trump says he does not believe Israelis are spying on the U.S.
Slashdot: Israel Accused of Planting Mysterious Spy Devices Near the White House

@dlippman: SCOOP: The U.S. government concluded within the last two years that Israel was most likely behind cell-phone surveillance devices that were found operating near the WH and other sensitive parts of D.C., according to three former senior U.S. officials.
@thegrugq: The counterintelligence threat of using commodity mobile phones for sensitive matters is very very real. The ISMSI catchers found around the WH a couple years ago were apparently intended to capture Trump & his crew’s phones.Linked, allegedly, to Israel.
@maxblumenthal: US govt has concluded within the last two years that Israel was most likely behind surveillance devices found near the White House and other sensitive locations around DCYet “the Trump administration did not rebuke the Israeli government” #IsraelGate
@olgaNYC1211: Wait let me get this straight.. Trump is accusing Israel off spying on him? Can't wait to see Trump cults response
@kenklippenstein: "after the FBI and other agencies concluded that the Israelis were most likely responsible for the devices, the Trump administration took no action to punish or even privately scold the Israeli government."
@yashar: New: Israel was most likely behind the placement of surveillance devices that were found near the White House. But even though officials believe the devices were planted to spy on POTUS and other officials, the WH did not punish Israel@dlippman scoops
@KyleWOrton: Espionage devices, designed to fool mobile telephones into giving up data, were found "near the White House and other sensitive locations around Washington, D.C.", targeting Trump and other senior officials. #Israel is almost certainly responsible.
@NTarnopolsky: #Breaking: The FBI accuses Israel of spying on the White House. Administration tried to downplay findings. Israeli embassy says "we don't spy on the United States."
@AkiPeritz: So it turns out it was Israel that places the Stingrays around downtown DC to collect intelligence on top US policymakers, like POTUS, Kushner and everyone else.
@CrispinBurke: "Unlike most other occasions when flagrant incidents of foreign spying have been discovered on American soil, the Trump administration did not rebuke the Israeli government, and there were no consequences for Israel’s behavior..."
@ericgeller: Israel planted StingRays in D.C. to spy on Trump, and his administration is fine with it because, you know, Israel. https://politico.com/story/2019/09/12/israel-white-house-spying-devices-1491351
@timothypmurphy: best frenz
@gregotto: Three officials tell Politico that Israel planted stingrays in areas around the White House
@russellbrandom: Israel planted Stingrays cell-trackers pointed towards the White House, per Politico


September 4, 2019
Natasha Singer and Kate Conger / New York Times

Natasha Singer and Kate Conger / New York Times  
Google and YouTube to Pay $170 Million to Settle Allegations by FTC, New York Attorney General That YouTube Violated COPPA by Illegally Collecting Children’s Personal Information

In the largest penalty paid to date for violation of a key children’s online protection law, Google and its subsidiary YouTube will pay a record $170 million to settle allegations by the Federal Trade Commission and the New York Attorney General that YouTube illegally collected personal information from children without their parents’ consent. Google and YouTube will pay $136 million to the FTC and $34 million to New York for allegedly violating the Children’s Online Privacy Protection Act (COPPA) Rule. The FTC and the New York Attorney General allege that YouTube collected personal information in the form of persistent identifiers that are used to track users across the Internet from viewers of child-directed channels, without first notifying parents and getting their consent. YouTube also agreed to create a system that asks video channel owners to identify the children’s content they post so that targeted ads are not placed in such videos. YouTube must also now obtain consent from parents before collecting or sharing personal details like a child’s name or photos. Critics, including Senator Ed Markey (D-MA), who sponsored COPPA back in 1998, say the settlement is merely slap on the wrist for Google given the Internet company’s massive financial resources and revenues.

Related: Financial Times, AppleInsider, CNBC, Bloomberg, New York PostBBC News – Home, ITWeb.co.za latest news, FOX News, The Verge, Technology News | Boston.com, City A.M. – Technology, Ars Technica, AP Breaking News, VentureBeat, TIME, POLITICO EU, Tech Insider, Axios, RT News, WRAL Tech Wire, Federal Trade Commission, New York Attorney General

Tweets:@alfredwkng

Financial Times: Google and YouTube pay $170m to settle child privacy claims
AppleInsider: Google fined $170M for violating children’s privacy
CNBC: YouTube will pay $170 million to settle claims it violated child privacy laws
Bloomberg: Google to Pay $170 Million for YouTube Child Privacy Breaches
New York Post: Google fined $170M for YouTube’s violation of child privacy laws
BBC News – Home: YouTube fined $170m in US over children’s privacy violation
ITWeb.co.za latest news: Google to spend $200m on YouTube settlement
FOX News: YouTube to pay massive $170M fine as it settles claims it violated children’s privacy laws
The Verge: Google will pay $170 million for YouTube’s child privacy violations
Technology News | Boston.com: The Latest: Advocacy groups disappointed in YouTube-FTC deal
City A.M. – Technology: Google accused of sharing personal data with advertisers
Ars Technica: YouTube fined $170 million for violations of children’s privacy
AP Breaking News: YouTube to pay $170M fine after violating kids’ privacy law
VentureBeat: FTC fines YouTube $170 million for alleged child privacy violations
TIME: YouTube Fined $170 Million for Collecting Kids’ Data Without Parental Consent
POLITICO EU: Google’s YouTube hit with $170M fine over children’s privacy
Tech Insider: Google will pay $170 million to settle allegations that YouTube illegally collected kids’ data without their parents consent (GOOGL, GOOG)
Axios: Google to pay $170 million over claim that YouTube violated child privacy law
RT News: YouTube to cough up $170mn in fines over charge of grabbing kids’ data
WRAL Tech Wire: Feds fine YouTube $170M for collecting kids’ data without parents’ consent
Federal Trade Commission: Google and YouTube Will Pay Record $170 Million for Alleged Violations of Children’s Privacy Law
New York Attorney General: AG James: Google And Youtube To Pay Record Figure For Illegally Tracking And Collecting Personal Information From Children

@alfredwkng: . @SenMarkeywas the author of COPPA back in 1998. On today's settlement with YouTube, he says: "This settlement makes clear that this FTC stands for ‘Forgetting Teens and Children’."


August 19, 2019
Kate Conger / New York Times

Kate Conger / New York Times  
Facebook and Twitter Delete Accounts Originating in China That Attempted to Sow Political Discord in Hong Kong and Undermine Protesters on the Ground

Facebook and Twitter accounts that originated in China acted in a coordinated fashion to deliberately and specifically attempt to sow political discord in Hong Kong and undermine the legitimacy and political positions of the protest movement on the ground the two social media giants said. The companies took down the accounts, the first such actions against accounts linked to disinformation in China although the removal of yet another coordinated state-backed disinformation campaign darkly hints that these kinds of propaganda campaigns are now the “new normal” and a permanent fixture during times of political turmoil. Many of the tweets were in English, indicating an effort to sway public opinion globally. Facebook said it eliminated seven pages, three Facebook Groups and five accounts involved in the disinformation campaign about Hong Kong protesters. Twitter deleted 936 accounts and said it would ban state-backed media from promoting tweets after China Daily and other state-backed publications placed ads on its service that suggested the protesters were sponsored by Western interests and were becoming violent.

Related: The Verge,  Global Voices, ZDNet Security, Lawfare , Tweets Influencers, Cyberscoop, AP Top News, TIME, TechCrunch, City A.M. – Technology, Facebook Newsroom, Zero HedgeFortune, The Hill: Cybersecurity, Global Times, Twitter, CNN.com, ABCNews.com, BBC News, Yahoo Finance, Bloomberg

Tweets:@TechCrunch @rj_gallagher

The Verge : Facebook and Twitter uncover Chinese trolls spreading doubts about Hong Kong protests
Global Voices: Mainland Chinese netizens face ‘pink terror’ of patriotic trolls amid Hong Kong protests
ZDNet Security: Twitter bans 936 accounts managed by the Chinese state, aimed at Hong Kong protests
Channel News Asia : China accused of using Twitter, Facebook against HK protests
Lawfare : Today’s Headlines and Commentary
Cyberscoop: Twitter, Facebook scrub coordinated activity targeting Hong Kong demonstrations
AP Top News: China lashes out at Taiwan over Hong Kong asylum offer
TIME: Chinese K-Pop Stars Voice Support for Beijing’s One-China Policy on Hong Kong
TechCrunch: Twitter says accounts linked to China tried to ‘sow political discord’ in Hong Kong
City A.M. – Technology: Twitter and Facebook shut down network of Hong Kong misinformation accounts linked to Chinese state
Facebook Newsroom: Removing Coordinated Inauthentic Behavior From China
Zero Hedge: Twitter, Facebook Shutter 100s Of Accounts Intended To “Sow Discord” In Hong Kong
Fortune: Chinese Pop Stars Publicly Back Beijing on Hong Kong
The Hill: Cybersecurity: Twitter, Facebook accuse China of misinformation targeting Hong Kong protests
Global Times : HK youth deceived by West
Ecns: HK government, police condemn Saturday’s illegal acts
Twitter: Information operations directed at Hong Kong
CNN.com: Twitter bans advertising from state-run media after detailing effort from Chinese accounts to undermine Hong Kong protestors
ABCNews.com: Facebook, Twitter remove accounts they say Chinese government was using to undermine in Hong Kong protests
BBC News: Hong Kong protests: Twitter and Facebook remove Chinese accounts
Yahoo Finance: Facebook and Twitter accuse China of disinformation campaign
Bloomberg: Twitter, Facebook Say China Used Fake Accounts to Target Hong Kong Protests

@TechCrunch: Twitter is blocked in China, but its state news agency is buying promoted tweets to portray Hong Kong protestors as violent https://tcrn.ch/2KImaoU by @catherineshu
@rj_gallagher: Here's one of the Chinese govt propaganda tweets Twitter promoted to its users. Contains a video describing Xinjiang camps as "vocational education & training centers" & attacks European politicians & media, whose "hands are in a way soiled with blood"