Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Data Breach. Show all posts
Roku
2FA Credential Stuffing Data Breach Password Roku

Roku Security Breach Exposes Over 500,000 User Accounts to Cyber Threats

 


In a recent set of events, streaming giant Roku has disclosed an eminent security breach affecting over half a million user accounts. Following a recent data breach, Roku has uncovered additional compromised accounts, totaling approximately 576,000 users affected by the breach.

Security Breach Details

Last month, Roku announced that around 15,000 customers might have had their sensitive information, including usernames, passwords, and credit card details, stolen by hackers. These stolen credentials were then utilised to gain unauthorised access to other streaming platforms and even to purchase streaming gear from Roku's website. Subsequently, the compromised Roku accounts were sold on the dark web for a mere $0.50 each.

Method of Attack

The hackers employed a tactic known as "credential stuffing" to gain access to the jeopardised accounts. This method relies on using stolen usernames and passwords from other data breaches to gain unauthorised access to various accounts. It highlights the importance of avoiding password reuse across different platforms, no matter how convenient the idea of having one go-to password may seem. 

Proactive Measures by Roku

Roku took proactive steps in response to the security incidents. While investigating the initial breach, the company discovered a second similar incident affecting over 500,000 additional accounts. Roku clarified that there's no evidence indicating that their systems were directly laid on the line. Instead, the hackers likely obtained the credentials from external sources, such as previous data breaches or leaks.

Protecting Your Roku Account

To safeguard users' accounts, Roku has implemented several measures. Firstly, the company has reset the passwords for all affected accounts and initiated direct notifications to affected customers. Additionally, Roku is refunding or reversing any unauthorised charges made by hackers. Furthermore, two-factor authentication (2FA) has been enabled for all Roku accounts, adding an extra layer of security.

User Precautions

Despite Roku's efforts, users are advised to take additional precautions. It's crucial to use strong, unique passwords for each online account, including Roku. Password managers can assist in generating and securely storing complex passwords. Additionally, users should remain watchful for any suspicious activity on their accounts and monitor their bank statements closely.

As Roku continues its investigations, users are urged to stay cautious online. There's a possibility of hackers attempting targeted phishing attacks using stolen information. Therefore, users should exercise caution when interacting with emails purportedly from Roku and verify the authenticity of any communication from the company.

The recent security breaches bear down on the critical need for strong cybersecurity practices by both companies and users. While Roku has taken considerable steps to address the issue, users must remain proactive in protecting their accounts from potential threats. Stay informed and take necessary precautions to safeguard your online ecosystem. 

Read more »
iCabbi
Data Breach Data Currency Data Exposure Global Reach iCabbi

Data Exposure Incident: iCabbi’s Security Breach

Data Exposure Incident

Data is the new currency, but what happens when the guardians of our privacy mess up? The recent incident involving iCabbi, a taxi software vendor, brings notice to the delicate balance between convenience and security.

The Breach Unveiled

On a seemingly ordinary day, the walls of iCabbi’s security were compromised, revealing a treasure trove of personal data. Nearly 300,000 individuals found themselves unwittingly thrust into the spotlight. Their names, email addresses, phone numbers, and user IDs were laid bare, like fragile artifacts in an open museum. But this was no ordinary museum; it was the vast expanse of the internet, where information travels at the speed of light.

The Cast of Characters

Among the affected were individuals with high-profile roles. Imagine the BBC’s senior executives, their email addresses now exposed. Picture the corridors of power in the UK Home Office, where officials grappled with the aftermath. 

Even former Members of Parliament (MPs) and an EU ambassador were caught in the data facade. It’s a curious mix—a blend of media, government, and diplomacy—all ensnared by a single vulnerability.

Academic Curiosities

But wait, there’s more. Approximately 2,000 academic email addresses (those with the revered .ac.uk domain) were also part of the leak. Academia, often seen as a sanctuary of knowledge, suddenly found itself on the wrong side of the firewall. Professors, researchers, and students—each represented by a string of characters—now had their academic pursuits intertwined with the chaos of compromised data.

iCabbi’s Global Reach

Dublin-based iCabbi isn’t a household name, but its impact reverberates across 15 countries. With software powering more than 800 taxi fleets, it’s the silent conductor orchestrating the movement of cabs through bustling streets. 

Their suite of services includes fleet dispatching, consumer-facing ride-hailing apps, and tools for managing account-based customers. In the digital dance of supply and demand, iCabbi plays a crucial role.

The Anatomy of Exposure

How did this happen? The exposed data appears to be linked to the customer-facing apps powered by iCabbi’s technology. Staff details remained hidden, like backstage crew members in a theater production. 

But the curtain was drawn, and the audience—the cybercriminals—had a front-row seat. Fortunately, a security researcher stepped in, offering a responsible disclosure notice instead of a ransomware demand. It was a race against time, a battle fought in the shadows of cyberspace.

Lessons Learned

The following lessons have surfaced:

Vigilance: No system is impervious. Regular security audits and vulnerability assessments are our shields against unseen threats.

Data Minimization: Collect only what’s necessary. The more data we hoard, the more we expose ourselves to risk.

Encryption: Encrypt sensitive information. It’s the digital equivalent of locking the vault.

Responsible Disclosure: Researchers and hackers alike can be allies. Responsible disclosure channels pave the way for remediation.

Read more »
security alerts
Apple Cyber Threats Data Breach Digital Security iPhone mercenary spyware attack remote targeting security alerts

Apple Alerts iPhone Users of 'Mercenary Attack' Threat

 

Apple issued security alerts to individuals in 92 nations on Wednesday, cautioning them that their iPhones had been targeted in a remote spyware attack linked to mercenaries.

The company sent out threat notification emails, informing recipients, "Apple has detected that you are being targeted by a mercenary spyware attack," suggesting that the attack might be aimed at specific individuals based on their identity or activities. 

These types of attacks, termed as "mercenary attacks," are distinct due to their rarity and sophistication, involving substantial financial resources and focusing on a select group of targets. Apple emphasized that this targeting is ongoing and widespread.

The notification warned recipients that if their device falls victim to such an attack, the attacker could potentially access sensitive data, communications, or even control the camera and microphone remotely.

While it was reported that India was among the affected countries, it remained uncertain whether iPhone users in the US were also targeted. Apple refrained from providing further comments beyond the details shared in the notification email.

In response to the threat, Apple advised recipients to seek expert assistance, such as the Digital Security Helpline provided by the nonprofit Access Now, which offers emergency security support around the clock.

Furthermore, Apple referenced Pegasus, a sophisticated spyware created by Israel's NSO Group, in its notification regarding the recent mercenary attack. Apple had previously filed a lawsuit against the NSO Group in November 2021, seeking accountability for the surveillance and targeting of Apple users using Pegasus. This spyware has historically infiltrated victims' devices, including iPhones, without their knowledge. Since 2016, instances have surfaced of Pegasus being employed by various entities to monitor journalists, lawyers, political dissidents, and human rights activists.
Read more »
User Privacy
Data Breach Data Leak GMA Social Security Number U.S. Firm User Privacy

Hackers Siphon 340,000 Social Security Numbers From U.S. Consulting Firm

 

Greylock McKinnon Associates (GMA) has discovered a data breach in which hackers gained access to 341,650 Social Security numbers. 

The data breach was disclosed last week on Friday on Maine's government website, where the state issues data breach notifications. In its data breach warning mailed to impacted individuals, GMA stated that it was targeted by an undisclosed cyberattack in May 2023 and "promptly took steps to mitigate the incident." 

GMA provides economic and litigation support to companies and government agencies in the United States, including the Department of Justice, that are involved in civil action. According to their data breach notification, GMA informed affected individuals that their personal information "was obtained by the U.S. Department of Justice ("DOJ") as part of a civil litigation matter" supported by GMA.

The purpose and target of the DOJ's civil litigation are unknown. A Justice Department representative did not return a request for comment. 

GMA stated that individuals that were notified of the data breach are "not the subject of this investigation or the associated litigation matters," adding that the cyberattack "does not impact your current Medicare benefits or coverage.” 

“We consulted with third-party cybersecurity specialists to assist with our response to the incident, and we notified law enforcement and the DOJ. We received confirmation of which individuals’ information was affected and obtained their contact addresses on February 7, 2024,” the firm noted. 

GMA notified victims that "your private and Medicare data was likely affected in this incident," which included names, dates of birth, home addresses, some medical and health insurance information, and Medicare claim numbers, including Social Security numbers.

It remains unknown why GMA took nine months to discover the scope of the incident and notify victims. GMA and its outside legal counsel, Linn Freedman of Robinson & Cole LLP, did not immediately respond to a request for comment.
Read more »
User Privacy
Dark Web Data Breach Data Leak Private Data Tech Firm User Privacy

Private Data of 7.5 million BoAt Users Leaked in Massive Data Breach

 

More than 7.5 million boAt customers' customer information has surfaced on the dark web. It is possible to purchase personally identifiable information (PII) such as a name, address, contact number, email ID, customer ID, and more. The threat actor leaked around 2GB of data on the forum. 

On April 5, a hacker dubbed ShopifyGUY claimed to have accessed the data of audio products and smartwatch maker boAt Lifestyle. The threat actor leaked data breach files comprising 75,50,000 entries of personally identifiable information (PII) from consumers. Forbes India validated the report by speaking with a number of the consumers who have recently purchased boAt items. 

These data breaches have implications that extend beyond the immediate loss of private data. People are more susceptible to monetary fraud, phishing scams, and identity theft. Threat Intelligence Researcher Saumay Srivastava notes that sophisticated social engineering assaults could be carried out by threat actors who employ users' personal information to get access to bank accounts, carry out transactions, and fraudulently use credit cards.

“The consequences for companies include a loss of customer confidence, legal consequences and reputational harm. The major implications make it even more essential to implement adequate security practices,” Saumya added. 

The leaker's profile (ShopifyGUY) is rather new, with only this leak under his belt. Because the data is genuine, the hacker will establish a good reputation among the forum community, increasing future data purchases, explains Rakesh Krishnan, senior threat analyst at NetEnrich. 

"Considering the timeline, we can assume that the hackers gained access to the boAt customer database at least one month ago and put the data on the forum yesterday.”

Ideally, the company should notify all users, conduct a thorough investigation into how the attackers gained access and what else they could access, and then overhaul their security measures to ensure this does not happen again, but realistically, it will deny and move on, explains Yash Kadakia, founder of Security Brigade. 

The data is available for eight credits on several forums, thus it practically costs two euros to purchase it. It will most likely be available for free on Telegram within a few days. Many scammers will use this information to carry out various phone and email scams, Kadakia noted. 

According to an IDC report, boAt, which was founded in 2016 by Aman Gupta, a judge on Shark Tank, and Sameer Mehta, is now the second most popular wearable brand as of the third quarter of 2023. The Gurugram-based business is well-regarded by Indian customers and is renowned for its affordable headphones and other audio equipment. In addition, it produces speakers and smartwatches.
Read more »
SurveyLama
Data Breach Emails Online Security Password Personal Data SurveyLama

SurveyLama Data Breach Exposes Millions of Users' Information

 



A major data breach has impacted the online survey platform SurveyLama, putting the sensitive data of over four million individuals at risk. The breach, which occurred in February of this year, was confirmed by the company to Troy Hunt, the creator of the well-known website Have I Been Pwned?, which tracks email addresses exposed in data breaches.

What Happened:

Unknown attackers gained unauthorised access to SurveyLama's database, compromising users' names, dates of birth, email addresses, IP addresses, passwords, phone numbers, and postal addresses. This breach leaves users vulnerable to identity theft and phishing scams.

Implications for Users:

SurveyLama rewards its users for completing surveys, making them potential targets for phishing emails. While passwords were stored in encrypted forms (salted SHA-1, bcrypt, and argon2 hashes), some could still be susceptible to brute-force attacks, especially those hashed with SHA-1, which has known vulnerabilities. Users are strongly advised to update their passwords immediately as a precautionary measure.

Protective Measures:

SurveyLama has reportedly notified affected users via email about the breach. However, users should remain cautious of any suspicious emails, particularly those promising rewards in exchange for quick action. Although the stolen information has not yet been publicly posted or sold on the dark web, proactive steps should be taken to secure accounts.

Expert Insight:

Troy Hunt, upon receiving information about the breach, independently verified the data's authenticity. SurveyLama confirmed the security incident and assured users that passwords were stored in encrypted forms. Nonetheless, users are encouraged to reset their passwords not only on SurveyLama but also on other platforms where similar credentials may have been used.

While SurveyLama has taken steps to address the breach and notify affected users, the potential risks remain significant. The possibility of the stolen data being exploited privately or leaked to cybercriminals underscores the importance of immediate action by users to safeguard their personal information.

All in all, the SurveyLama data breach serves as a reminder of the ever-present threats to online security and the importance of vigilance in protecting personal data. Users must stay informed, remain cautious of suspicious activities, and take proactive measures to enhance their online security posture.


Read more »
Privnote
Cryptocurrency Breach Data Breach Data Theft malicious phishing Privnote

Privnote Secure Messaging App Is Under Phishing Threat

 

Privnote.com, launched in 2008, revolutionized secure messaging with its encryption technology. It allows users to send messages with a unique link, ensuring privacy as the content self-destructs after reading. However, its popularity among cryptocurrency enthusiasts also drew the attention of malicious actors who engaged in phishing activities. 

Phishers exploit Privnote's model by creating clones, such as privnote[.]co, that mimic its functionality. These clones surreptitiously replace cryptocurrency addresses when users create notes containing crypto wallets. Thus, unsuspecting users fall victim to sending funds to the phisher's address instead of the intended recipient. 

GitHub user, fory66399, lodged a complaint last month against MetaMask, a cryptocurrency wallet, alleging wrongful flagging of privnote[.]co as malicious. Threatening legal action, fory66399 demanded evidence and compensation. However, MetaMask's lead product manager, Taylor Monahan, swiftly debunked these claims by providing screenshots showing the fraudulent activities of privnote[.]co. 

According to DomainTools.com, the domain privatenote[.]io has changed hands between two individuals: Andrey Sokol from Moscow and Alexandr Ermakov from Kiev, over two years. While these names may not be the real identities of the scammers, they provide clues to other sites targeting Privnote since 2020. 

Furthermore, Alexandr Ermakov is linked to several other domains, including pirvnota[.]com, privatemessage[.]net, privatenote[.]io, and tornote[.]io, as per DomainTools. This suggests a potential network of fraudulent activities associated with Privnote, emphasizing the need for caution in identifying phishing attempts. 

Let’s Understand Suspicious Activities on Privnote: 

Domain Registrations: The domain pirvnota[.]com saw a change in registration details from Andrey Sokol to "BPW" and "Tambov district" as the registrant's state/province. This led to the discovery of pirwnote[.]com, along with other suspicious domains like privnode[.]com, privnate[.]com, and prevnóte[.]com, all linking to the same internet address. Interestingly, pirwnote[.]com is now selling security cameras from a Hong Kong-based internet address. 

Deceptive Legitimacy: Tornote[.]io appears to have undergone efforts to establish credibility. A Medium account has published numerous blog posts endorsing Tornote as a secure messaging service. However, testing reveals its malicious intent, as it also alters cryptocurrency addresses in messages. 

Search Engine Manipulation: Phishing sites manipulate search engine results to appear prominently for terms like "privnote." Currently, a Google search for "privnote" lists tornote[.]io as the fifth result. These sites rotate cryptocurrency addresses every five days to evade detection. 

According to the Privnote website, it is a web-based service focused on privacy, allowing users to create encrypted notes shared via unique one-time-use HTTPS links. Notes and their contents are processed securely in users' browsers, with no readable data stored on Privnote's servers. 

IP addresses are processed solely for communication and promptly deleted thereafter. Personal data within notes remains encrypted and inaccessible to Privnote. The service uses cookies for functional and non-functional purposes, respecting user privacy preferences. Privnote does not target children under 16 and commits to regularly updating its Privacy Policy.
Read more »
patient information
affected patients Cyberattack Data Breach Data Privacy data security notification letters Ontario hospitals patient information

Ontario Hospitals Dispatch 326,000 Letters to Patients Affected by Cyberattack Data Breach

 

Five hospitals in Ontario, which fell victim to a ransomware attack last autumn, are initiating a mass notification effort to inform over 326,000 patients whose personal data was compromised.

The cyber breach on October 23, targeted Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, and Windsor Regional Hospital.

While electronic medical records at all affected hospitals, except Bluewater Health, remained unscathed, personal health information stored within their systems was unlawfully accessed. Subsequently, some of this pilfered data surfaced on the dark web.

A collective statement released by the hospitals highlights that approximately 326,800 patients were impacted, though this figure might include duplications for individuals seeking medical care at multiple sites.

The hospitals have undertaken a meticulous data analysis process spanning several months to ensure comprehensive notification of affected patients. For those whose social insurance numbers were compromised, arrangements for credit monitoring will also be provided.

The hospitals confirm that their notification strategy was devised in consultation with Ontario’s Information and Privacy Commissioner. Expressing regret for the disruption caused by the cyber incident, the hospitals extend their apologies to patients, communities, and healthcare professionals affected.

Apart from the hospitals, TransForm, a non-profit organization overseeing the hospitals’ IT infrastructure, was also affected by the ransomware attack. Despite the disruption to hospital operations and data breach affecting certain patient and staff information, the group opted not to meet ransom demands, based on expert advice.
Read more »
Waterfall Security
Data Breach Data Theft IoT IT OT Ransomware Waterfall Security

Rise of Hacktivist Groups Targeting OT Systems

Recent research from Waterfall Security Solutions has revealed important insights into the changing nature of cyberattacks on Operational Technology (OT) organizations. One key finding is the rise of hacktivist groups as major players in targeting OT systems. 

Additionally, the study emphasizes that most disruptions in OT environments do not occur directly through manipulation of OT systems but rather as a result of IT-based attacks, particularly ransomware incidents. In simpler terms, hackers are increasingly using ransomware to disrupt OT operations, and these disruptions are causing significant problems for OT organizations. 

Let’s Understand Operational Technology 

Operational Technology (OT) involves using both hardware and software to control industrial equipment, focusing on how it interacts with the physical world. This includes systems like programmable logic controllers (PLCs), distributed control systems (DCSs), and supervisory control and data acquisition (SCADA) systems. 

OT environments are responsible for overseeing and managing real-world processes in industries like manufacturing, energy, healthcare, building management, and environmental systems. 

Differences Between OT, IT, and IOT 

The blending of Operational Technology (OT) and Information Technology (IT) is changing industries in the era of the Internet of Things (IoT). OT deals with managing physical equipment, while IT deals with data systems. IoT connects ordinary objects to the internet, allowing smooth communication and automation. This merging presents fresh chances for making processes more efficient and fostering innovation in various fields. 

Following the report, it highlights a worrying trend a nearly 20% rise in cyberattacks causing physical consequences. 

As per report, last year, cyber incidents inflicted hefty financial blows on companies like Johnson Controls and Clorox, racking up costs of approximately $27 million and $49 million, respectively. In Massachusetts, MKS Instruments faced a staggering $200 million loss due to a cyberattack that halted its operations temporarily. Moreover, its supplier, Applied Materials Inc. based in California, reported an additional loss of $250 million stemming from the same incident. 

Further it reveals that only about 25% of cyberattacks cause problems for operational technology (OT) but instead compromise other parts of the network infrastructure directly. Various attacks happen by compromising machines in the IT network. 

Andrew Ginter, from Waterfall, explains that companies often shut down their OT systems as a precaution when there is a risk of nearby compromised processes. For example, Hahn Group GmbH turned off its systems after an attack last March, leading to weeks of recovery work. Similarly, UK Royal Mail had printers hijacked to print ransom notes, resulting in nationwide mail export suspensions and £42 million in losses. 

Furthermore, Ginter points out if there is a problem with the IT network, it can affect the OT network and vice versa, potentially leading to disruptions in physical operations that rely on these networks.
Read more »
User Privacy
Data Breach Data Leak Financial Firm SEC filing User Privacy

Prudential Financial Notifies 36,000 Victims of Data Leak

 

Last Friday, Prudential Financial began informing over 36,000 people of a data incident that occurred in early February 2024. 

The breach, first disclosed in a regulatory filing with the SEC in February, occurred on February 4 and was purportedly discovered the next day. 

Prudential reported at the time that the attackers had gained access to systems including business administrative and user data, as well as employee and contractor accounts. 

A week later, the ransomware gang Alphv/BlackCat claimed credit for the attack and added Prudential to their Tor-based leak site. This organisation was also responsible for a large outage in the US health system last month, hitting Change Healthcare systems and services. 

As per a March 29 complaint with the Maine Attorney General's Office, Prudential has verified that the hackers have gained access to the personal data of 36,545 people. 

We discovered through the investigation that on February 4, 2024, an unauthorised third party gained access to our network and removed a small percentage of personal information from our systems, the report reads. 

“Companies are always likely to remain wary of really rapid disclosure, given the financial impact these things can have on them, and use all the ‘tricks’ they can to delay,” commented Nick France, chief technology officer at Sectigo. 

“Ultimately, I believe that the new SEC regulations should make these processes work faster; however, given the wording of the regulation and the fact that it only came into effect at the very end of 2023, it may take some time before we see disclosures happening at the 4-day pace.” 

Individuals impacted by the Prudential breach are being notified of the issue by written notice. Names and other personal identifiers, as well as driver's licence numbers or non-driver identity card numbers, were among the compromised data.
Read more »
sensitive files
confidential documents Data Breach Data protection data security European Union Europol Investigation Law Enforcement Personal Information Security Breach sensitive files

Sensitive Documents Vanish Under Mysterious Circumstances from Europol Headquarters

 

A significant security breach has impacted the European Union's law enforcement agency, Europol, according to a report by Politico. Last summer, a collection of highly confidential documents containing personal information about prominent Europol figures vanished under mysterious circumstances.

The missing files, which included sensitive data concerning top law enforcement officials such as Europol Executive Director Catherine De Bolle, were stored securely at Europol's headquarters in The Hague. An ongoing investigation was launched by European authorities following the discovery of the breach.

An internal communication dated September 18, revealed that Europol's management was alerted to the disappearance of personal paper files belonging to several staff members on September 6, 2023. Subsequent checks uncovered additional missing files, prompting serious concerns regarding data security and privacy.

Europol took immediate steps to notify the individuals affected by the breach, as well as the European Data Protection Supervisor (EDPS). The incident poses significant risks not only to the individuals whose information was compromised but also to the agency's operations and ongoing investigations.

Adding to the gravity of the situation, Politico's report highlighted the unsettling discovery of some of the missing files by a member of the public in a public location in The Hague. However, key details surrounding the duration of the files' absence and the cause of the breach remain unclear.

Among the missing files were those belonging to Europol's top executives, including Catherine De Bolle and three deputy directors. These files contained a wealth of sensitive information, including human resources data.

In response to the breach, Europol took action against the agency's head of Human Resources, Massimiliano Bettin, placing him on administrative leave. Politico suggests that internal conflicts within the agency may have motivated the breach, speculating on potential motives for targeting Bettin specifically.

The security breach at Europol raises serious concerns about data protection and organizational security measures within the agency, prompting an urgent need for further investigation and safeguards to prevent future incidents.
Read more »
Security
Cyberattacks CyberCrime Cybersecurity Cyberthreats Data Breach data security ID IntelBroker Pandabuy Passcodes Security

1.3 Million Customers Affected: Pandabuy Grapples with Data Breach Fallout

 


A data breach allegedly occurred on Sunday at Pandabuy, an online store that aggregates items from Chinese e-commerce sites. As a result, 1,348,307 accounts were affected. A large amount of information has been leaked, including user IDs, first and last names, phone numbers, emails, login IP addresses, full addresses, and order information. 

Sanggiero and IntelBroker both exploited multiple vulnerabilities to breach the company's systems, allegedly leading to the leakage of the company's data. People throughout the world can use Pandabuy’s marketplace to access products from Chinese online marketplaces, such as JD.com, Tmall, and Taobao. 

Approximately 1.3 million PandaBuy customers' data has been accessed after two threat actors exploited multiple vulnerabilities to gain access to PandaBuy's system, according to PandaBuy's website. In addition to allowing international customers to purchase goods from a variety of Chinese e-commerce platforms, including Tmall, Taobao, and JD.com, PandaBuy is offering international users to purchase products from different e-commerce platforms. 

There was a breach at PandaBuy yesterday claimed by an individual known as 'Sanggiero', allegedly performed by 'IntelBoker' in conjunction with the threat actor 'Sanggiero'. The breach, according to Sanggiero, was possible as a result of exploiting critical API vulnerabilities, which allowed unauthorized access to internal platform services.

It has been found that over 3 million unique user IDs are now available on underground forums. These data include personal information such as names, phone numbers, e-mail addresses, and even more. For interested parties to obtain this information, they will need to pay a nominal fee in cryptocurrency, further aggravated by the breach itself. 

PandaBuy has reported that 1,348,407 PandaBuy accounts are being compromised, according to data breach aggregation service Have I Been Pwned (HIBP), which confirmed the breach. Furthermore, Sanggiero has provided a sample of leaked data containing email addresses, customer names, transaction information, and order details as well as a sample of the leaked data to verify the authenticity of it. 

A password reset request that Troy Hunt, the creator of HIBP, submitted by PandaBuy users confirmed the breach, confirming that at least 1.3 million email addresses were indeed linked to PandaBuy accounts. In any case, the initial claim of three million entries made by the threat actors appears inflated, with some entries being manufactured or duplicates. 

There are several forums where PandaBuy shoppers' information was leaked, and any registered members can obtain it by paying a symbolic payment of cryptocurrency in exchange for the data. The PandaBuy company has not yet acknowledged an incident of this nature, but one of its administrators on the firm's Discord channel pointed out that the incident was a result of old information, which was already dealt with. 

As a precautionary measure, PandaBuy users have been urged to reset their passwords immediately and to be vigilant against scam attempts. Consequently, PandaBuy customers are facing a significant security threat since their customer data was leaked on underground forums. During the test period, threat actors provided a sample dataset containing email addresses, customer names, order details, and payment information as a means of verifying the authenticity of the breach. 

Troy Hunt's validation of the leaked email addresses further corroborated the breach's legitimacy, emphasizing the urgency of corrective action required for it. The PandaBuy users who have been affected by the breach should act immediately to mitigate the risks. Resetting their passwords will help protect their accounts from unauthorized access in the future. 

It is also important to be vigilant against potential scams and to be very sceptical when receiving unsolicited communications. In addition to timely notifications, Have I Been Pwned integrations with data breach aggregation services ensure users can take proactive measures to protect their online security when data exposure occurs? It is essential that companies, particularly those that handle large amounts of consumer data, prioritize the security of their platforms to prevent such incidents. 

Consumers should remain vigilant and adopt best practices in terms of digital security to keep themselves safe, including strong, unique passwords, and be wary of phishing attempts that may try to steal personal information.
Read more »
wiki misconfiguration
Cybersecurity Data Breach OWASP Personal Information Security vulnerability wiki misconfiguration

OWASP Reveals Data Breach Stemming from Wiki Misconfiguration

 

The OWASP Foundation has recently made public a data breach incident where the resumes of certain members were inadvertently made accessible online due to a misconfiguration of its previous Wiki web server.

OWASP, which stands for Open Worldwide Application Security Project, is a nonprofit organization established in December 2001 with a focus on enhancing software security.

Over the years, it has garnered a large membership base, boasting tens of thousands of members and over 250 chapters worldwide, which organize various educational and training events. The breach was identified by OWASP in late February subsequent to numerous support requests.

The breach primarily impacted individuals who became members of the foundation between 2006 and 2014 and had submitted resumes as part of the membership process during that period.

Andrew van der Stock, the Executive Director of OWASP, disclosed that the exposed resumes contained sensitive personal information such as names, email addresses, phone numbers, and physical addresses. He clarified that during the mentioned period, OWASP used to collect resumes as a requirement for membership, aiming to establish a connection with the OWASP community. However, the organization no longer follows this practice.

Although many of the affected individuals are no longer associated with OWASP, the foundation has committed to notifying them via email about the breach. Despite this, the exposed personal data, in numerous cases, may be outdated.

In response to the breach, OWASP has taken several steps to mitigate the situation. This includes disabling directory browsing, reviewing the web server and Media Wiki configuration for other potential security vulnerabilities, and removing all resumes from the wiki site while also purging the Cloudflare cache. Furthermore, OWASP has approached the Web Archive to request the removal of the exposed resume information from its records.

Van der Stock reassured the affected individuals that OWASP has already taken measures to remove their information from the internet, thereby alleviating the immediate concerns. However, he advised caution for those whose information might still be relevant, urging them to exercise usual precautions when dealing with unsolicited communications via email, mail, or phone.
Read more »
Russia
Anti Kremlin Data Breach Data Leak Hacktivist group Russia

Navalny's Revenge? Hackers Siphon Huge Russian Prisoner Database: Report

 

Following the murder of Russian opposition leader Alexey Navalny, anti-Kremlin militants seized a database comprising hundreds of thousands of Russian prisoners and hacked into a government-run online marketplace, according to a report. 

Navalny was the most prominent Russian opposition figure and a strong critic of Russian President Vladimir Putin. He died on February 16 at a penal colony in Russia's Arctic region while serving his jail sentence. 

CNN reported that an international group of 'hactivists', comprising Russian expats and Ukrainians, stole prison documents and hacked into the marketplace by acquiring access to a computer linked to the Russian prison system. 

Following Navalny's death in February, overseas 'hactivists' allegedly acquired a Russian database containing hundreds of thousands of convicts, relatives, and contacts. 

As per the report, the hackers also targeted the jail system's online marketplace, where relatives of inmates purchase meals for their family members. The rate of products like noodles and canned meat was changed by the hackers from nearly $1 to $.01 once they gained access to the marketplace.

It took many hours for the administrators of the prison system to realise that something was wrong, and it took an additional three days to undo the hacker's work completely. 

The hackers also posted a photo of Navalny and his wife, Yulia Navalnaya, on the jail contractor's website, along with the statement "Long live Alexey Navalny". While the hackers claimed the database included information on approximately 800,000 prisoners, the report said there were some duplicate entries, but the data spilt by the hackers "still contains details on hundreds of thousands of inmates". 

What is 'hacktivism' and why did hackers siphon Russian databases? 

The terms "hacking" and "activism" are combined to form the phrase "hacktivism." It alludes to hacking operations in which hackers participate in activism for a specific cause. 

According to Clare Stouffer of the cybersecurity company Norton, hacktivism is a lot like activism in the real world, when activists create disruption to push for the change they want.

"With hacktivism, the disruption is fully online and typically carried out anonymously. "While not all hacktivists have malicious intent, their attacks can have real-world consequences," Stouffer wrote in a Norton blog.
Read more »
Data Safety
Cyberattacks CyberCrime Cybersecurity Cyberthreats Data Breach Data Safety

AT&T Data Breach Reveals 73 Million Users' Info on Hacker Forum

 


A telecommunications company, AT&T Inc., has confirmed that data that has recently been found to be on the dark web relating to 73 million of its past and present customers may have come from 2019 or earlier. Originally, the data was being for sale on the now defunct Raid Forums hacking forum in 2021 with the name Social Security numbers and dates of birth and was rumoured to have been for sale for that long. 

Following a breach by a seller earlier this month, the same data appeared in an online search earlier this month. The information may have included AT&T account numbers, full names, email addresses, mailing addresses, telephone numbers, Social Security numbers, dates of birth, and passcodes. Aside from passcodes and Social Security numbers, AT&T also reported that the hacked data may have included email addresses, mailing addresses, phone numbers, and birth dates in addition to passcodes and Social Security numbers, AT&T said. 

A hacker forum reported the breach nearly two weeks ago. It is unknown if the leak is related to a similar breach in 2021 that was widely reported but AT&T did not acknowledge. Before the leak, the telecom giant denied that the data in question came from its systems, and disputed whether it contained accurate customer data. 

As of now, the “recycled” data includes 49 million email addresses and 44 million Social Security numbers, which were acquired from a third party. This is a repeat leak of customer data from the alleged 2021 hack that AT&T has consistently denied took place, and it was published on the popular hacker marketplace BreachForums on March 17th. 

When Recorded Future News was contacted about the dark web posting two weeks ago, a representative stated that AT&T did not have any evidence that AT&T's systems were ever compromised at the time, but that the company had "no indication" that they had been.  There was an indication by the spokesperson that the data set was similar to a set of data offered for sale in 2021 by the hacker group ShinyHunters, which amounted to 73 million AT&T customers. 

The attack was reported to have occurred in 2021 when a threat actor called Shiny Hunters was allegedly selling the stolen data of 73 million AT&T customers, including names, addresses, telephone numbers, social security numbers, and birth dates for many customers. AT&T denied at the time that they had suffered a breach or that the data was theirs. 

It has been discovered that a massive dataset was leaked on a hacking forum by another threat actor, claiming that it is the same data that Shiny Hunters claimed to have stolen. This incident revealed the same sensitive information that ShinyHunters claimed to have stolen, but not all customers' social security numbers or birth dates were exposed as a result. According to security researchers, ShinyHunters is a notorious hacker gang that is known for its high-profile data breaches, including that of 40 million T-Mobile users, just weeks before the AT&T claim, identified in 2020. 

It was found by security researchers that the gang were trying to sell user data stolen from both carriers on the dark markets within days of each other. ShinyHunters, who have been rumoured since then to have taken over the admin duties at BreachForums since the FBI raided the site last March, have been rumoured to have taken over the administrative duties at BreachForums since then. 

Even though AT&T has denied a breach and claims that the data was their own, they are still refusing to admit that such a breach occurred. It has been revealed that some AT&T and DirectTV customers have used Gmail or Yahoo's disposable email feature to create their own DirectTV or AT&T-specific email addresses and they use them only when they sign up for their service. It was confirmed that these email addresses had not been used on any other platform, suggesting that the data must have been generated by AT&T or DirectTV. 

According to AT&T's statement and a new page devoted to keeping AT&T accounts secure, more information about the breach will be shared with the public in the form of a published statement. As a result of analyzing the data, many reports have determined that it contains the same sensitive information that ShinyHunters claims to have stolen. The AT&T company denied, once again, that the breach occurred and that the data had originated from them. There are, however, not all of the customers whose social security numbers or birthdates have been exposed. 

According to BleepingComputer's interviews with more than 50 AT&T and DirectTV customers who have been interviewed since the data was leaked, the data has been leaked in the form of only AT&T account information, and this information has been accessed for AT&T accounts only. According to cybersecurity expert Troy Hunt, if affected customers are not notified promptly, there is a possibility of class action lawsuits resulting from the breach. 

There are approximately 290 million people within the reach of AT&T's wireless 5G network in the United States, putting it among the country's largest providers of mobile and internet services. AT&T previously came under scrutiny due to security lapses, but this is hardly the first time they have been under scrutiny. There was an incident at the end of last year when the company faced a widespread outage attributed to a coding error that caused the company's mobile phone service to go down. 

The incident has been attributed to vulnerabilities within AT&T's infrastructure, though AT&T has claimed that there was not a malicious attack behind it. It was first revealed in 2019 that AT&T employees had been bribed to set up an unauthorized WLAN (wireless access point) inside the infrastructure of the company by the company's executives.
Read more »
VPN
2024 cyber crimes CISA Cyber crimes cybersecurity advisory Cybersecurity Experts Data Breach Data protection FBI IMF VPN

Rising Cybercrime Threats and Prevention Measures Ahead of 2024

 

According to projections from Statista, the FBI, and the IMF, the global cost of cybercrime is anticipated to experience a substantial increase. By 2027, it is estimated to surge to $23.84 trillion, marking a significant rise from the $8.44 trillion reported in 2022. 

Security expert James Milin-Ashmore, from Independent Advisor VPN, has provided a comprehensive list of 10 crucial guidelines aimed at enhancing digital safety by avoiding sharing sensitive information online. 

These guidelines serve as proactive measures to combat the rising threat of cybercrime and safeguard personal and confidential data from potential exploitation. 

1. Avoid Sharing Your Phone Number on Random Sites 

Sharing your phone number online can expose you to a range of security risks, warns an expert. Cybercriminals could exploit this information to gather personal details, increasing the likelihood of identity theft and other malicious scams: 

  • Subscriber Fraud: Scammers set up fake cell phone accounts with stolen info. 
  • Smishing: Fraudsters send text messages to trick victims into revealing data or visiting harmful sites.
  • Fake Call Frauds: Scammers pose as legitimate entities to extract sensitive information. 
  • Identity Theft: Phone numbers are exploited to commit financial fraud and impersonate individuals. 

2. Do Not Update Your Current Location 

It is not new or unknown that people share their current locations on social media handles however, experts caution against sharing personal addresses or current locations online, citing heightened risks of theft, stalking, and malicious online activity. 

Such information can be exploited to tailor phishing attempts, rendering them more convincing and increasing the likelihood of falling victim to scams. 

3. Do Not Post Your Holiday Plans 

As the holiday season approaches, many individuals may feel inclined to share their vacation plans on social media platforms. However, security experts are warning against this seemingly innocent practice, pointing out the potential risks associated with broadcasting one's absence from home. 

Announcing your vacation on social media not only informs friends and family of your whereabouts but also alerts criminals that your residence will be unoccupied. This information could make your home a target for burglary or other criminal activities. 

4. Do Not Take Risks of Sharing Password Online 

Passwords serve as the primary defense mechanism for safeguarding online accounts, making them crucial components of digital security. However, security expert emphasizes the importance of protecting passwords and refraining from sharing them online under any circumstances. Sharing passwords, regardless of the requester's identity, poses a significant risk to online security. 

Unauthorized access to sensitive accounts can lead to various forms of cybercrime, including identity theft, financial fraud, and data breaches. 

 5. Protect Your Financial and Employment Information 

Experts caution against sharing sensitive financial or employment details online, highlighting the potential risks associated with divulging such information. Financial details, including credit card numbers and bank account details, are highly sought after by online fraudsters. Similarly, sharing employment information can inadvertently provide criminals with valuable data for social engineering scams. 

 6. Protect Your ID Documentation 

Expert urges individuals to refrain from posting images of essential identification documents such as passports, birth certificates, or driver's licenses online. These documents contain sensitive information that could be exploited by identity thieves for various criminal activities, including opening unauthorized bank accounts or applying for credit cards. 

7. Stop Sharing Names of Your Loved Ones/Family/Pets 

Security experts advise against sharing personal details such as the names of loved ones or pets online. Hackers frequently attempt to exploit these details when guessing passwords or answering security questions. 

 8. Protect Your Medical Privacy 

Your medical history is a confidential matter and should be treated as such, caution experts. Sharing details about the hospitals or medical facilities you visit can inadvertently lead to a data breach, exposing personal information such as your name and address. 

 9. Protect Your Child's Privacy 

Expert warns against sharing information about your child's school online, as it can potentially put them at risk from online predators and expose them to identity theft. 

 10. Protect Your Ticket Information 

Expert advises against sharing pictures or details of tickets for concerts, events, or travel online. Scammers can exploit this information to impersonate legitimate representatives and deceive you into disclosing additional personal data. 

Furthermore, in 2023, the Internet Crime Complaint Center (IC3) reported a staggering surge in complaints from the American public. A total of 880,418 complaints were filed, marking a significant uptick of nearly 10% compared to the previous year. 

These complaints reflected potential losses exceeding $12.5 billion, representing a substantial increase of 22% in losses suffered compared to 2022. Also, according to the Forbes Advisors, Ransomware, Misconfigurations and Unpatched Systems, Credential Stuffing, and Social Engineering will be the most common threats in 2024.
Read more »
User Privacy
Car manufacturers Data Breach Data Privacy Smart Cars User Privacy

Here's How Smart Card Are Tracking Your Private Data

 

Smart cars are already the norm on our roads, thanks to increased connectivity and technological breakthroughs. However, beneath the slick exteriors and technological capabilities is a worrisome reality: your vehicle may be spying on you and documenting every step, including your private life. A recent study undertaken by the Mozilla Foundation revealed the alarming truth about how much personal data automakers collect and share.

The study analysed 25 different car brands and concluded that none of them passed consumer privacy criteria. Surprisingly, 84 percent of automakers have been found to review, share, or even sell data collected from car owners. The private data gathered significantly exceeds what is required for the vehicle's features or the car brand's relationship with its drivers. 

Six automakers go to alarming lengths to gather personal data about their drivers, including their driving habits, destinations, genetic makeup, and even their favourite music. This was discovered by Mozilla's research. Nissan even goes so far as to include "sexual activity" in the data it gathers, and in their privacy policy, Kia freely admits that it may collect data on your "sex life." 

According to Kia's privacy statement, it is allowed to handle "special categories" of data, which include private information on racial, religious, sexual, and political affiliations. The scope of data collecting goes beyond the in-car systems and includes linked services as well as external sources such as internet radio services and navigation apps. 

This massive amount of data isn't just dangling around; it's being utilised to develop profiles and draw conclusions about you, from your intelligence to your preferences. As the car industry embraces connectivity and autonomous driving, sales of services such as music and video streaming, driver assistance, and self-driving subscriptions are expected to increase. Carmakers can maximise profits by collecting more customer data through these services. 

Even Tesla, despite its dominance in the electric vehicle sector, failed Mozilla's security, data control, and AI tests. Tesla has previously been criticised for its privacy procedures, including cases in which staff exchanged recordings and photographs captured by customer car cameras. 

As the automotive sector evolves, concerns regarding data security and personal privacy grow. It remains to be seen if automakers will take the necessary safety measures to safeguard your personal information as the smart car revolution advances. In the meanwhile, it's critical to keep informed and cautious about the negative aspects of smart cars.
Read more »
XZ Utils Library
Breach CISA advisory Data Breach LZMA Malicious actor Microsoft XZ Utils Library

Critical Security Alert Released After Malicious Code Found in XZ Utils

 

On Friday, Red Hat issued a high-priority security alert regarding a discovery related to two versions of a widely-used data compression library called XZ Utils (formerly known as LZMA Utils). It was found that these specific versions of the library contained malicious code intentionally inserted by unauthorized parties. 

This code was designed with the malicious intent of allowing remote access to systems without authorization. This unauthorized access can lead to serious security threats to individuals and organizations utilizing these compromised versions of the library, potentially leading to data breaches or other malicious activities. 

The discovery and reporting of the issue have been attributed to Microsoft security researcher Andres Freund. It was revealed that the malicious code, which was heavily obfuscated, was introduced through a sequence of four commits made to the Tukaani Project on GitHub. These commits were attributed to a user named Jia Tan (JiaT75). 

What XZ Utils Used For? 

XZ is a compression tool and library widely utilized on Unix-like systems such as Linux. It is renowned for its ability to significantly reduce file sizes while maintaining fast decompression speeds. This compression is achieved through the implementation of the LZMA (Lempel-Ziv-Markov chain algorithm) compression algorithm, which is well-regarded for its efficient compression ratios. 

Let’s Understand the Severity of the Attack 

The breach has garnered a critical CVSS score of 10.0, indicating the most severe level of threat. This vulnerability has been found to impact XZ Utils versions 5.6.0 and 5.6.1, which were released on February 24 and March 9, respectively. 

The Common Vulnerability Scoring System (CVSS) is a widely used tool in the cybersecurity sector, offering a standardized approach to evaluate the gravity of security vulnerabilities found in computer systems. Its main objective is to aid cybersecurity experts in prioritizing the resolution of these vulnerabilities based on their urgency. 

"Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code," an IBM subsidiary reported. 

Additionally, Red Hat clarified that while no versions of Red Hat Enterprise Linux (RHEL) are affected by this security flaw, evidence indicates successful injections within xz 5.6.x versions designed for Debian unstable (Sid). It is also noted that other Linux distributions may potentially be impacted by this vulnerability. 

In response to the security breach, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken action by issuing its own alert.  "CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems".  

CISA is advising users to downgrade their XZ Utils installations to a version unaffected by the compromise. Specifically, they recommend reverting to an uncompromised version such as XZ Utils 5.4.6 Stable.
Read more »
smart contract exploit
crypto industry Curio Ecosystem Cyvers Alerts Data Breach defi sector Ethereum platform hacks and scams MakerDAO PlayDapp Polkadot smart contract exploit

Hacker Generates 1 Billion CGT Tokens Valued at $40 Million within Curio Ecosystem

 

The Curio decentralized finance (DeFi) initiative encountered a breach, with experts from Cyvers Alerts approximating the incurred losses to be around $16 million. The breach appears to have been orchestrated through an exploitation of vulnerabilities within the permissioned access logic, allowing the attacker to generate an additional 1 billion CGT tokens, as per analysts at Cyvers Alerts. 

This breach consequently enabled the hacker to gain control over CGT tokens valued at close to $40 million. These findings from Cyvers Alerts come in the wake of a prior warning issued by Curio regarding a potential smart contract exploit.

Cyvers Alerts further highlighted that the compromised smart contract, which was based on MakerDAO, was a component of the ecosystem operating on the Ethereum platform. This revelation underscores the significance of ensuring robust security measures within smart contracts to mitigate such risks effectively.

Reassuringly, the Curio Ecosystem team has promptly responded to the breach, affirming their active engagement in addressing the situation. They have pledged to keep the community informed with updates on the progress of their efforts. Additionally, they emphasized that despite this incident, all contracts on the Polkadot side and within the Curio Chain ecosystem remain secure, aiming to instill confidence among users regarding the integrity of their platform.

In a broader context, the crypto industry witnessed a decline in losses attributed to hacks and scams during February, amounting to approximately $67 million, representing a notable decrease from the figures reported in January. Notably, all reported breaches during February were linked to the decentralized finance (defi) sector, with centralized platforms notably avoiding any significant incidents.

Delving into the specifics, the majority of losses incurred during February were attributed to breaches affecting platforms such as the gaming platform PlayDapp, which suffered.
Read more »
Technology Attacks
Automobiles Car Cyberattacks CyberCrime Cybersecurity Data Breach Privacy Threat Technology Attacks

Data Highways: Navigating the Privacy Pitfalls of New Automobiles

 


There is a possibility that these vehicles may be collecting vast amounts of information about their users that can be accessed by advertisers, data brokers, insurance companies and others, and that information could be shared with several companies including advertisers, data brokers, and insurance companies. 

Privacy experts believe users may want to hold off on getting all the connected accessories that come with new cars to protect their data. From the beginning, tech companies have known that data can be sold for dollars, so they have been collecting all the information possible for them to sell it to their highest bidder. 

Data sharing between users' cars is a long-standing practice, but it seems their part is much bigger than most people would suspect; in fact, it might even be the biggest seller of users' data. Car companies sometimes allow consumers to adjust the connectivity settings, and drivers can read about how that is done in their car's privacy policy, but there are times when it is not possible to turn off all data sharing. 

As connected cars become more prevalent, advocates of consumer data privacy are raising concerns about their proliferation, and their proliferation is raising alarms regarding their proliferation. The Counterpoint Technology Market Research report estimates that by 2030, more than 95% of passenger cars sold will have embedded connectivity. As a result, car manufacturers can now offer safety and security functions, predictive maintenance functions as well as prognostic capabilities. 

Although this is a good thing, it also opens the door for companies to collect, share, or sell personal information such as driving habits and other personal information that people may not wish to share publicly. Although most auto manufacturers offer the option of opting out of unnecessary data sharing, according to Counterpoint senior analyst Parv Sharma, these settings are often hidden within menus, as they are with many other consumer technologies that make a profit by selling data. 

By 2030, McKinsey reported that a variety of use cases for car data monetization could generate an annual revenue stream of $250 billion to $400 billion for automakers. It is true that there may be valid reasons for collecting information about a driver or vehicle for safety and functional purposes, and that certain essential services, such as data sharing for emergency and security reasons, may not be feasible or prohibitive to opt out of. 

In the world of predictive maintenance, there are many reasons why manufacturers are releasing more data, one of which is that manufacturers can use it to determine if a particular part they use in their fleet has a tendency to fail before they expected it, which is why a recall is issued, according to James Hodgson, a director of smart mobility and automotive research at global technology intelligence firm ABI Research. 

Despite this, there are growing concerns regarding privacy issues, especially as car companies get into the insurance business themselves, and as they share driver data with insurers. For instance, insurance carriers could report driving habits and car usage details to data collectors, who could then share them with them to determine rates. 

There is a new type of insurance, referred to as usage-based insurance, offered by Progressive and Root, which offers drivers the possibility of earning lower rates as a result of allowing insurers to install devices in their vehicles that track their driving patterns. To gain a better understanding of the data collected by the automobile manufacturer, consumers might want to read over its privacy policy.

In addition to their cars, consumers also have access to radio apps, GPS navigation, and On-Star services that all have their own privacy and data collection policies, Caltrider said. Although there are no federal laws regulating the privacy of personal information, some states have adopted legislation that addresses this issue. 

There are various regulatory efforts underway to understand carmakers' data-sharing practices and reign in possible violations of privacy, but Michigan isn't one of them. The state does have a more limited set of consumer privacy laws in place, but Michigan isn't one of them. In July 2023, the California Privacy Protection Agency's enforcement division announced that it would be conducting a review of the connected vehicle industry. 

A spokesperson declined to comment further, however, saying that the investigation is underway. A federal action could be taken against carmakers if they use data to share with other companies. According to Zweifel-Keegan, basic disclosure of a company's data practices will not always be sufficient to avoid the Federal Trade Commission's enforcement actions. Increasingly, the issue is receiving broader attention. 

Senator Edward J. Markey (D-Mass.), a member of the Senate Commerce, Science, and Transportation Committee, sent letters to 14 car makers in December asking them to ensure that privacy protections are implemented and enforced in their cars. As Hodgson pointed out, the best-case scenario for automakers and consumers might be that as consumer awareness grows, more carmakers will use stricter data privacy practices as a marketing tool, similar to how Apple makes its products stand out from its competition. 

A lawsuit against GM has been filed on behalf of consumers. GM, who is facing a lawsuit, says it has stopped sharing driver data with insurance brokers who work with insurance companies to avoid the lawsuit. There was a press release from GM, which stated, "Customer trust is very important to us, and we are continuously evaluating our privacy policies and procedures to protect it.".
Read more »
Subscribe to: Posts (Atom)