datalekkasje

https://www.theverge.com/2024/12/30/24332181/volkswagen-data-leak-exposed-location-evs

The leak also included the emails, addresses, and phone numbers of drivers in some cases, Der Spiegel reports.

[…]

If anything, this leak serves as yet another reminder of the immense amount of data collected by modern-day vehicles, which Mozilla has called a “privacy nightmare.”

https://www.wired.com/story/phone-data-us-soldiers-spies-nuclear-germany/

More than 3 billion phone coordinates collected by a US data broker expose the detailed movements of US military and intelligence workers in Germany—and the Pentagon is powerless to stop it.

https://arstechnica.com/security/2024/01/hackers-can-id-unique-apple-airdrop-users-chinese-authorities-claim-to-do-just-that/

Chinese authorities recently said they’re using an advanced encryption attack to de-anonymize users of AirDrop in an effort to crack down on citizens who use the Apple file-sharing feature to mass-distribute content that’s outlawed in that country.

https://techcrunch.com/2023/12/04/23andme-confirms-hackers-stole-ancestry-data-on-6-9-million-users/

On Friday, genetic testing company 23andMe announced that hackers accessed the personal data of 0.1% of customers, or about 14,000 individuals. The company also said that by accessing those accounts, hackers were also able to access “a significant number of files containing profile information about other users’ ancestry.” But 23andMe would not say how many “other users” were impacted by the breach that the company initially disclosed in early October.

As it turns out, there were a lot of “other users” who were victims of this data breach: 6.9 million affected individuals in total.

In an email sent to TechCrunch late on Saturday, 23andMe spokesperson Katie Watson confirmed that hackers accessed the personal information of about 5.5 million people who opted-in to 23andMe’s DNA Relatives feature, which allows customers to automatically share some of their data with others. The stolen data included the person’s name, birth year, relationship labels, the percentage of DNA shared with relatives, ancestry reports and self-reported location.

The initial data leak was limited, with the threat actor releasing 1 million lines of data for Ashkenazi people. However, on October 4, the threat actor offered to sell data profiles in bulk for $1-$10 per 23andMe account, depending on how many were purchased.

A 23andMe spokesperson confirmed the data is legitimate and told BleepingComputer that the threat actors used exposed credentials from other breaches to access 23andMe accounts and steal the sensitive data.

[…]

The information that has been exposed from this incident includes full names, usernames, profile photos, sex, date of birth, genetic ancestry results, and geographical location.

https://www.bleepingcomputer.com/news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/

While there are benefits to storing genetic information online so people can trace their heritage and track down relatives, there are clear privacy threats. Even if a user chooses a strong password and uses two-factor authentication as 23andMe has long urged, their data can still be swept up in scraping incidents like the one recently confirmed. The only sure way to protect it from online theft is to not store it there in the first place.

https://arstechnica.com/security/2023/10/private-23andme-user-data-is-up-for-sale-after-online-scraping-spree/

https://www.theguardian.com/society/2023/may/27/nhs-data-breach-trusts-shared-patient-details-with-facebook-meta-without-consent

Observer investigation reveals Meta Pixel tool passed on private details of web browsing on medical sites

https://www.theguardian.com/technology/2023/may/26/tesla-data-leak-customers-employees-safety-complaints

Tesla has failed to adequately protect data from customers, employees and business partners and has received thousands of customer complaints regarding the carmaker’s driver assistance system, Germany’s Handelsblatt has reported, citing 100 gigabytes of confidential data leaked by a whistleblower.

The Handelsblatt report said customer data could be found “in abundance” in a data set labelled “Tesla Files”.

https://www.nrk.no/norge/advarer-mot-skreddersydd-svindel-etter-datalekkasje-1.15963551

Personopplysningene som er på avveie etter det store datainnbruddet mot Norkart, kan åpne for mer utspekulerte former for svindel, tror ekspert.

[…]

De neste månedene anbefaler han å være ekstra varsom for spesielle brev, e-poster og telefoner.

– Bruk god dømmekraft, og være skeptisk – hver eneste gang du får en henvendelse, hvor du ikke enkelt kan identifisere hvem som står bak, påpeker Jøsang.

https://www.nrk.no/norge/dataangrep-mot-norkart_-3_3-millioner-kan-vaere-berort-1.15962268

Selskapet Norkart, som leverer IT-systemer for kart- og eiendomsinformasjon, er utsatt for et dataangrep. Persondata for opp mot 3,3 millioner innbyggere er på avveier.

Selskapet varslet om dataangrepet tirsdag. Alle som eier eiendom i Norge kan være berørt.

[…]

– Det vi ønsker nå er at alle som er eiere eller festere er ekstra årvåkne når det gjelder forsøk på svindel. Et godt råd er å sperre seg for sjekk av kredittopplysninger og følge med på hva som skjer i postkassen din.

https://www.nrk.no/sport/helseopplysninger-om-norske-utovere-pa-avveie-i-ol_-_-helt-texas-1.15839426

Olympiatoppens sjef, Tore Øvrebø, er kraftig oppgitt over OL-arrangørens håndtering av norske helseopplysninger. Direktøren på et av hotellene som huser norsk støttepersonell visste om smitte før den norske leiren.

– Han er en grei kar, men han skulle ikke hatt disse opplysningene før oss, sier Tore Øvrebø da han møter pressen i Zhangjikou – et par timer unna Beijing.

– Det er helt Texas, konkluderer Øvrebø.

Hotelldirektøren på Eagle Nest, der flere medlemmer av det norske støtteapparatet bor, er stadig i forkant når det kommer til koronastatus på utøverne.