Home News Gun Database Breach Leaks Details on Thousands of Owners

Gun Database Breach Leaks Details on Thousands of Owners


your car is A data goldmine. Every trip you take generates a huge amount of data — from your location to your use of the infotainment system — and automakers are getting better at using that information. A 2019 analysis found that cars can generate up to 25 GB of data per hour. As companies improve their ability to mine this data, your car could become the next national security threat. This week, the Chinese town of Beidaihe banned Teslas from its streets as Chinese Communist Party leaders gathered in the area. One possible reason for the ban is that the cars could reveal sensitive details about China’s most senior figures.

Elsewhere, German mobile providers are testing “digital tokens” as a way to deliver personalized ads on people’s phones. Vodafone and Deutsche Telekom’s trial of TrustPid generates pseudo-anonymous tokens based on people’s IP addresses and uses them to display personalized product recommendations. The move has been likened to “super cookies” that have previously been used to track people without permission. While Vodafone denies the system resembles super cookies, privacy advocates say it goes too far. “Companies operating communication networks should neither track their customers nor help others track them,” privacy researcher Wolfie Christl told WIRED.

In other stories this week, we’ve rounded up important June updates from Android, Chrome, Microsoft, and others—and you should get them now. We also examined how the new ZuoRAT router malware infects at least 80 targets worldwide. We detail how to use Microsoft Defender on all Apple, Android, and Windows devices.

But that’s not all. We have a rundown of major security news we couldn’t cover this week. Click on the title to read the full text. And stay safe outside.

Called the Firearms Dashboard Portal, California’s firearms database aims to increase transparency in weapons sales. Instead, when new data was added to it on June 27, the update proved to be a disaster. In planning to release the new information, the California Department of Justice created a spreadsheet publicly accessible online and exposed more than 10 years of gun owner information. The data breach included the names, dates of birth, gender, race, driver’s license numbers, addresses and criminal histories of people who were granted or denied permission to conceal and carry weapons between 2011 and 2021. Over 40,000 CCW licenses leaked. Released in 2021; however, the California Department of Justice said financial information and Social Security numbers were not included in the data breach.

While the spreadsheet has been online for less than 24 hours, initial investigations appear to indicate that the breach was more widespread than initially thought. In a June 29 press release, the California Department of Justice said other parts of its firearms database were also “affected.” Information contained in assault weapons registries, certified handguns for sale, dealer sales records, gun safety certificates and gun violence restraining order dashboards may have been exposed in breaches, the department said, adding it was investigating which Information may have been leaked. disclose. In response to the data breach, the Fresno County Sheriff’s Office said it was “worse than previously expected” and that some of the information that might have been affected “took us by surprise.”

A Reuters investigation this week showed that Indian hacker-for-hire groups have been targeting lawyers and their clients around the world for much of the past decade. Hacking groups have used phishing attacks to obtain confidential legal documents in more than 35 cases and target at least 75 U.S. and European companies since 2013, the report said, based in part on 80,000 emails sent by Indian hackers in the past. seven years. The investigation details how the hack-for-hire group works and how private investigators exploit their ruthless nature. When Reuters published its findings, Google’s threat analysis team exposed dozens of domains belonging to so-called hacker-for-hire groups in India, Russia and the United Arab Emirates.

Since 2009, the Chinese hacker group APT40 has targeted companies, government agencies and universities around the world. According to security firm Mandiant, APT40 has already hit the US, UK, Germany, Cambodia, Malaysia, Norway and other countries.this week, a Financial Times The investigation found that Chinese college students were tricked into working for front companies linked to APT40 and participating in research on its hacking targets. The paper identified 140 potential translators who had applied for job advertisements at Hainan Xiandun, a company allegedly linked to APT40 and named in the DOJ indictment in July 2021. Those applying for jobs at Hainan Xiandun, who were asked to translate sensitive U.S. government documents, appear to be “unwittingly drawn into a life of espionage,” according to the story.

North Korean hackers have stolen about $400 million in cryptocurrency in 2021 as part of the country’s efforts to evade international sanctions and support its nuclear weapons program. This week, investigators began linking about $100 million in cryptocurrency stolen from Horizon Bridge on June 23 to North Korean actors. Blockchain analytics firm Elliptic says it has found “strong indications” that North Korea’s Lazarus Group may be linked to the Horizon Bridge hack — and Elliptic isn’t the only group to have a connection. The attack is the latest against blockchain bridges, which have become an increasingly common target in recent years. However, investigators say the ongoing cryptocurrency crash has wiped out millions of dollars in value from North Korean cryptocurrency heists.

Source link

Previous articleHow the Comedian Won Over Fans
Next articleWhat, Exactly, Is the Metaverse Standards Forum Creating?


Please enter your comment!
Please enter your name here