Month: December 2020

What Happened? Texas Breach

Huge Coordinated Ransomware Attack Hits 22 Texas Towns Last Year

By Najmeh Tima

“What Happened?” is an occasional feature by Digital Privacy News that looks back on some of the tech industry’s biggest data breaches last year.

More than a year later, Texas officials still are not saying who was behind a massive ransomware that paralyzed the digital operations of 22 communities for a week in August 2019, though one expert told Digital Privacy News that the culprit most likely was a hacker-for-hire with ties outside of the United States.

“The identity or organization of one single threat actor has not been clarified yet,” said Allan Liska, an intelligence analyst with Recorded Future, a Boston corporate-security research firm. “It’s almost impossible to determine who the attacker was due to Ransomware-as-a-Service (RaaS).”

Liska defined RaaS as when a person or group develops ransomware and then rents it out to others for execution. “The person who developed the ransomware may be in Estonia, but people carrying out the attacks could be anywhere,” he said.

“The attack was carried out by the REvil/Sodinokibi team,” Liska added, “but we didn’t know which of their affiliates it was.”

Continue reading “What Happened? Texas Breach”

Apps Spreading Holiday Cheer Also Send Data to Advertisers

By Joanne Cleaver

Santa’s the worst, at least when it comes to privacy. 

He knows when you’ve been sleeping. 

He knows when you’re awake. 

So, it shouldn’t come as a surprise that many of his digital elves take their cues from their boss: If you use popular gift-giving apps, chances are good that your wish list will draw eager attention from retailers hoping to reap “add-to-cart” clicks. 

Shelby Fiegel didn’t think much about privacy issues when she took a co-worker’s recommendation to use an app for managing the secret Santa gift exchange for her team at the University of Central Arkansas, where she is director of outreach and community engagement for the Center for Community and Economic Development.  

Continue reading “Apps Spreading Holiday Cheer Also Send Data to Advertisers”

Maryland Program on Sharing Driver’s License Data With ICE Is Most Invasive, Critics Say

By Madison Vialpando

Maryland is among four states that allow the U.S. Immigration and Customs Enforcement (ICE) to comb through its database of registered drivers for undocumented immigrants without state or court approval — but the program is by far the most invasive, experts told Digital Privacy News. 

“We’ve gotten to this place because of an overzealous federal agency that’s been using basically all the tools at its disposal, even when it’s contrary to state policy to use that information for immigration enforcement purposes,” said Saira Hussain, staff attorney for the Electronic Frontier Foundation (EFF).

Maryland law enforcement has access to millions of facial images, including the images of undocumented immigrants who have obtained “federally non-compliant” state driver’s licenses and identification cards. 

The facial-recognition system has no universal policy, has not been audited since 2011 — and it allows access to any federal or state law-enforcement officer with credentials from the FBI’s National Crime and Information Center, making the repository one of the most invasive in the country, critics said. 

Continue reading “Maryland Program on Sharing Driver’s License Data With ICE Is Most Invasive, Critics Say”

Facebook Content Moderators Want Better Working Conditions

By Robert Bateman

Facebook content moderators have published an open letter to CEO Mark Zuckerberg and other executives, accusing the company of risking their lives to “maintain Facebook’s profits during the pandemic.”

The Nov. 18 letter, signed by more than 200 content moderators worldwide and coordinated by U.K. legal nonprofit Foxglove, argued that moderators had been “forced” back into the office without hazard pay to perform work that is “psychologically toxic.”

Facebook’s moderators manually examine and remove “masses” of harmful content every day, including images of “violence, hate, terrorism, child abuse, and other horrors,” and “bear the brunt of the mental health trauma associated with Facebook’s toxic content,” the letter said.

The moderators called on Facebook to provide them with hazard pay, “real” health care and psychiatric care, and the opportunity to work from home whenever feasible, among other demands.

Facebook did not respond to a request for comment from Digital Privacy News.

Continue reading “Facebook Content Moderators Want Better Working Conditions”

Google’s Privacy Moves: Who Benefits?

By Matthew Scott

If you’ve noticed changes to Google’s products over the last year and thought they were made for your benefit, think again.

Experts who’ve tracked changes Google has made to its products told Digital Privacy News that the adjustments “fit a pattern” that in some ways contributed to the U.S. Justice Department and 11 state attorneys general filing antitrust litigation against the online behemoth in October.

While the company generally presents the changes as privacy-related enhancements to benefit users, experts argued that the moves also allowed Google to strengthen its dominance in certain markets and to shield itself from anticipated regulatory compliance action. 

Continue reading “Google’s Privacy Moves: Who Benefits?”