New research released this week shows that over the past few years the US Department of Homeland Security has collected DNA data of nearly 2,000 US citizens. The activity raises questions about legality and oversight given that DHS has been putting the information into an FBI crime database. Some of the genetic data is from US citizens as young as 14.
The US Secret Service said on Tuesday that it had discovered facilities across the âNew York tristate areaâ running so-called SIM serversâdevices that manage and coordinate 100,000 SIM cards at a time for illicit operations. The Secret Service warned, though, that in addition to being used by cybercriminals for scamming, the apparatuses could also be used to launch critical infrastructure attacks that could disrupt mobile networks.
A cyberattack on the UK-based automaker Jaguar Land Rover has been causing a supply chain meltdown, halting vehicle production, costing JLR tens of millions of dollars, and forcing its parts suppliers to lay off workers. The beleaguered company will have to shoulder the full cost of the attack because of inadequate insurance coverage, prompting talks of possible UK government assistance.
If youâre worried about phone searches while traveling or doing specific activities, the password manager known as 1Password has a Travel Mode feature that can help you manage sensitive data and temporarily remove it from your device. Weâve got advice on how to use the tool most effectively.
And thereâs more. Each week, we round up the security and privacy news we didnât cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.
An app used to out those who spoke ill of the murdered right-wing activist Charlie Kirk was found to be leaking its usersâ personal information, doxing the very people it had invited to dox its targets.
The app Cancel the Hate, founded in the wake of Kirkâs September 10 assassination, suspended its services this week after it was revealed that security flaws in the website where the app was hosted exposed usersâ email addresses and phone numbers. That site had asked its users to collect and share employment and other personal information of critics of Kirk and others âsupporting political violence.â But a security researcher who identified themselves only as BobDaHacker demonstrated to news outlet Straight Arrow News that privacy settings on the site didnât work as advertised, publicly leaking usersâ information even when it was set to private. The hacker also reportedly had the ability to delete usersâ accounts at will.
Cancel the Hate, which displayed a photo of Kirk on its homepage and was founded by a Kirk supporter who cited his death as the motivation for creating the site, has since taken down its reporting features. It now displays a message on its homepage that itâs moving to a ânew service provider.â The page that allows visitors to buy a $23 T-shirt remains online.
Ransomware groups continued to plumb the depths of abject immorality this week with a new tactic: extorting preschools by stealing toddlersâ personal information and threatening their parents. The BBC reports that a hacker group says it has stolen the names, addresses, and photos of around 8,000 children from the preschool chain Kido, which has sites largely around London but also in the US and India. The hackers are threatening to leak the data if a ransom isnât paid, going so far as to contact some of the childrenâs parents to reinforce their threat. The group has also posted sample information and photos of 10 children on their dark-web site.
In August, The Guardian, Israeli-Palestinian publication +972 Magazine, and Hebrew-language publication Local Call revealed how Israeli signals intelligence agency Unit 8200 had built a comprehensive surveillance system to intercept and store Palestinian phone calls. More than âa million calls an hourâ could be collected by the system, which reportedly amassed around 8,000 terabytes of call data and stored it in Microsoftâs Azure cloud service in the Netherlands, the publications reported.
This week, following an external investigation commissioned by Microsoft, the company pulled some of the Israeli militaryâs access to its technology. In a statement, Microsoft president Brad Smith said the firm has taken the decision to âcease and disableâ some âspecific cloud storage and AI services and technologiesâ that it was providing to Israeli forces. Microsoftâs actionâits investigation is still ongoingâfollows a wave of staff protests at its ties to Israel and its ongoing war in Gaza. âWe do not provide technology to facilitate mass surveillance of civilians. We have applied this principle in every country around the world, and we have insisted on it repeatedly for more than two decades,â Smith wrote in a statement.
