Chinese Police Exposed 1 Billion People’s Data in Unprecedented Leak

While states fight With the far-reaching implications of the June U.S. Supreme Court decision to reverse the constitutional right to abortion, WIRED examined the privacy risks posed by widely deployed automated license plate readers as the risks of being prosecuted. to seek an intensification of abortion across the country. . And the researchers stressed the value of digital self-defense of end-to-end encryption anywhere in the world, as civil rights protections and law enforcement powers evolve.

Apple announced this week a new protection known as “Lock Mode” for iOS 16 that will allow users to choose to operate their phone in a more limited way, but safer if they run the risk of being attacked with software invasive spy. And researchers say the new encryption algorithms announced by the National Institute of Standards and Technology that are designed to be resistant to quantum computers will be difficult to test in any practical sense for years to come.

We looked at how users can protect themselves from the worst scams on Instagram and took a look back at the worst hackers and data breaches of 2022 so far, and inevitably there are many more.

But this is not all. Every week we gather the news that we have not made known or deepened. Click on the headlines to read the full stories. And be safe out there!

In one of the most expansive and shocking personal data breaches of all time, the attackers took data from nearly 1 billion Chinese citizens from a Shanghai police database and attempted to extort the department for about $ 200,000. . The database contains names, telephone numbers, government identification numbers and police reports. The researchers found that the database itself was secure, but that a dashboard was publicly accessible from the open Internet, allowing anyone with basic technical skills to grab the information without a password. The scale of the gap is immense and is the first of its kind to affect the Chinese government, known for accumulating large amounts of data, not only on its own citizens, but on people around the world. China was memorably responsible for the non-compliance of the U.S. Personnel Management Office and the non-compliance of the Equifax credit bureau, among many others around the world.

FBI Director Christopher Wray and the head of the British security agency MI5, Ken McCallum, issued a joint warning this week that China is, as Wray said, the “biggest long-term threat to to our economic and national security “. The couple noted that China has carried out extensive espionage around the world and interfered in elections and other political procedures. Wray noted that if China moves to seize Taiwan, “it would represent one of the most horrific trade disruptions the world has ever seen.” McCallum said that since 2019, MI5 has more than doubled its focus on China and is now conducting seven times more investigations related to the Chinese Community Party than in 2018. The Foreign Ministry spokesman of China, Zhao Lijian, described British officials as trying to “exalt the public.” China’s threat theory. “He added that MI5 should” eliminate imaginary demons. “

The HackerOne bug rewards program, which manages the submission of vulnerabilities and rewards programs for companies, fired an employee this week for stealing vulnerability disclosures sent through the platform and sending them to companies affected to recover the reward for personal gain. HackerOne discovered the scheme when a client company flagged a vulnerability disclosure that was suspiciously similar to the one it had received in June from a different researcher. The rogue employee, who was new to the company, had access to the HackerOne platform from April 4 to June 23 and made seven vulnerability disclosures through stolen investigations. “This is a clear violation of our values, our culture, our policies and our employment contracts,” HackerOne wrote in an incident report. “Since then we have fired the employee and further strengthened our defenses to prevent similar situations in the future.”

The U.S. Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the Treasury Department said in a joint alert this week that North Korean hackers have targeted the health and security sectors. public health with the little-known Maui ransomware strain. They warned that paying these ransoms could violate U.S. sanctions. “North Korean state-sponsored cyberactors used Maui ransomware in these incidents to encrypt servers responsible for health services, including electronic health record services, diagnostic services, imaging services and intranet services “, warns the alert. “In some cases, these incidents disrupted services provided by target HPH sector organizations for extended periods.”

Source link

Leave a Comment