As states grapple with the far-reaching implications of the United States Supreme Court decision in June to overturn the constitutional right to abortion, WIRED examined the privacy risks of widespread automated license plate readers as well as the risks of being prosecuted for seeking an abortion. . through the land. And researchers underlined the digital self-defense value of end-to-end encryption anywhere in the world as civil rights protection and law enforcement powers evolve.
Apple this week announced a new protection known as “Lockdown Mode” for iOS 16, which allows users to choose to use their phone in a more restricted but more secure mode if they are at risk of being attacked by invasive spyware. And researchers say new encryption algorithms announced by the National Institute of Standards and Technology that are designed to withstand quantum computers will be difficult to test in a practical sense in the coming years.
We examined how users can protect themselves from the worst Instagram scams and looked back at the worst hacks and data breaches of 2022 so far, with many more to come.
But that is not everything. Each week we round up the news that we have not broken or expanded. Click on the headlines to read the full stories. And stay safe out there!
In one of the most extensive and impactful personal data breaches of all time, attackers took data on nearly 1 billion Chinese citizens from a police database in Shanghai and attempted to extort about $200,000 from the department. The wealth of data includes names, phone numbers, government ID numbers, and police reports. Researchers found that the database itself was secure, but a management dashboard was publicly accessible from the open internet, allowing anyone with basic technical skills to grab the information without needing a password. The scale of the breach is immense and it is the first of this magnitude to affect the Chinese government, which is notorious for hoarding vast amounts of data not just about its own citizens, but about people around the world. China was memorably responsible for the breach of the US Office of Personnel Management and the breach of the credit bureau Equifax, among many others worldwide.
FBI Director Christopher Wray and the head of British intelligence MI5, Ken McCallum, jointly warned this week that China is, as Wray put it, the “greatest long-term threat to our economic and national security.” The pair noted that China has carried out extensive espionage around the world and has meddled in elections and other political procedures. Wray noted that if China makes an effort to take Taiwan, it would be “one of the most horrific business disruptions the world has ever seen”. McCallum said MI5 has more than doubled its focus on China since 2019 and is now conducting seven times as many investigations related to the Chinese Community Party as it did in 2018. China’s Foreign Ministry spokesman Zhao Lijian described British officials as attempts. to the Chinese threat theory.” He added that MI5 “must drive out imagined demons”.
HackerOne bug bounty program, which manages vulnerability submissions and corporate reward programs, fired an employee this week for stealing disclosures of vulnerabilities submitted through the platform and submitting them to the affected companies to claim the reward for personally to recover profit. HackerOne discovered the scheme when a client company spotted a vulnerability disclosure that looked suspiciously like one it had received from another researcher in June. The rogue employee, who was new to the company, had access to HackerOne’s platform from April 4 to June 23 and disclosed seven vulnerabilities using stolen research. “This is a clear violation of our values, culture, policies and employment contracts,” HackerOne wrote in an incident report. “Since then, we have fired the employee and further strengthened our defenses to avoid similar situations in the future.”
The United States Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation and Treasury Department said in a joint warning this week that North Korean hackers have targeted healthcare and public health with the little-known Maui ransomware strain. They warned that paying such ransom could violate US sanctions. “North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for health services, including electronic health records, diagnostic services, imaging services and intranet services,” the warning warns. “In some cases, these incidents have disrupted the service of targeted HPH Sector organizations for extended periods of time.”
This post Chinese Police Reveal Data from 1 Billion People in Unprecedented Leak
was original published at “https://www.wired.com/story/chinese-police-exposed-1-billion-peoples-data/”