The Roku breach has 567,000 users
Change Healthcare, AlphV and RansomHub: Protecting Human Resources Against Harassment and Inappropriate Use
Change Healthcare’s ongoing ransomware nightmare appears to have gotten worse. The company was originally targeted by a ransomware gang known as AlphV in February. The hacking crew got a $22 million payment, but there was a problem between them and AlphV because they did not pay other groups who helped them carry out the attack. Now, another ransomware group, RansomHub, claims it has terabytes of Change Healthcare’s data and is attempting to extort the company. Hospitals in the US have been impacted by service disruptions caused by the attack.
After months of delays, the US House of Representatives voted on Friday to extend a controversial warrantless wiretap program for two years. Known as Section 702, the program authorizes the US government to collect the communications of foreigners overseas. The FBI has abused the program by accessing the reams of communications from US citizens, which is why this collection includes them. The amendment that would require investigators to obtain a warrant did not pass.
A group of US lawmakers on Sunday unveiled a proposal to create the country’s first nationwide privacy law. The American Privacy Rights Act would make it hard for companies to collect data on people in the US. Passage of such legislation remains far off, however: Congress has attempted to pass a national privacy law for years and has thus far failed to do so.
Absent a US privacy law, you’ll need to take matters into your own hands. DuckDuckGo, the privacy-focused company famous for its search engine, now offers a new product called Privacy Pro that includes a VPN, a tool for having your data removed from people-search websites, and a service for restoring your identity if you fall victim to identity theft. There are also steps you can take to wrench back some of the data used to train generative AI systems. Not all systems have the option to opt out of data collection, but we have a list of the ones that do, and how to prevent your data from being used in models.
Data collection isn’t the only risk. AI-generated scam calls are becoming more sophisticated, with cloned voices sounding eerily like the real thing. But there are precautions you can take to protect yourself from getting swindled by someone using AI to sound like a loved one.
The Good, the Bad, the Ugly: What Have We Don’t Know about the Internet? A Brief Overview of Violations in Roku, Apple, and APT29
That isn’t the end, there’s more. Each week, we round up the privacy and security news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.
The streaming video service Roku warned customers Friday that 576,000 accounts had been compromised, a breach it discovered in the midst of its investigation of a far smaller-scale intrusion that it dealt with in March. According to Roku, the hackers did not actually penetrate their own network through a vulnerability, but rather used it to attempt to break into accounts where people had previously used the same passwords. The company noted that in less than 400 cases, hackers had actually exploited their access to make purchases with the hijacked accounts. But the company nonetheless reset users’ passwords and is implementing two-factor authentication on all user accounts.
In 92 countries around the world, Apple sent notices to users this week telling them that their devices may be compromised and that they had been targeted by a piece of malicious software. The notice stressed that the company had “high confidence” in this warning and urged potential hacking victims to take it seriously. In a status page update, it suggested that anyone who receives the warning contact the Digital Security Helpline of the nonprofit Access Now and enable Lockdown Mode for future protection. Apple didn’t offer any information publicly about who the hacking victims are, where they’re located, or who the hackers behind the attacks might be, though in its blog post, it compared the malware to the sophisticated Pegasus spyware sold by the Israeli hacking firm NSO Group. In its support post, it stated that it had warned users about similar attacks in a total of 150 countries.
April continues to be the cruelest month for Microsoft—or perhaps Microsoft’s customers. The Cybersecurity and Infrastructure Security Agency published a report this week telling federal agencies that their communications with Microsoft could have been affected by the group known as theAPT29, which is comprised of Chinese state-sponsored hackers. The emergency directive stated that the compromise of Microsoft corporate email accounts and the exposure of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies. Microsoft said in March that it was working to expel thehackers from its network.
One group tried to intimidate the staff at the company they weretargeting by calling their desk and threatening them. Thanks to Beth, the tactic ended up sounding like a clip from an episode of The Office.
Beth asks the hacker why they did it as she picks up the phone. When he threatens to make the company’s stolen data available for “fraudulent activities and for terrorism by criminals,” Beth responds “Oh, ok,” in an altogether unimpressed tone. She then asks if the data will be posted to “Dragonforce.com.” She told the hacker that recording their call was against the law in Ohio, and he said that he was a hacker. I don’t care about the law.” Finally, Beth doesn’t give in to the hacker’s demand of “Well, good luck,” and the hacker says, “Thank you, take care.”
Ransomware group RansomHub has said it has terabytes of data from US healthcare provider Change Healthcare that it’s trying to extort from the company. “We’re doing everything we can to make sure the data is not posted online,” RansomHub stated. This comes after a government agency said theAPT29, a group of Chinese State-sponsored hackers, could have affected its communications with Microsoft.