Toyota, Mercedes, BMW API flaws exposed owners’ personal info

Almost twenty car manufacturers and services contained API security vulnerabilities that could have allowed hackers to perform malicious activity, ranging from unlocking, starting, and tracking cars to exposing customers’ personal information. The security flaws impacted well-known brands, including BMW, Roll Read More …

Ireland fines Meta $414m for using personal data without asking

A legal saga between Meta, Ireland and the European Union has reached a conclusion – at least for now – that forces the social media giant to remove data consent requirements from its terms of service in favor of explicit Read More …

200 million Twitter users’ email addresses allegedly leaked online

A data leak described as containing email addresses for over 200 million Twitter users has been published on a popular hacker forum for about $2. BleepingComputer has confirmed the validity of many of the email addresses listed in the leak. Read More …

Google Home speakers allowed hackers to snoop on conversations

A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed. While experimenting with his own Google Home Read More …

Hackers stole data from multiple electric utilities in recent ransomware attack

Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. Federal officials have closely Read More …

Louisiana: Lake Charles Memorial Health has possible cybersecurity incident

Some Lake Charles health care system patients may have had their information involved in a cybersecurity incident. The Lake Charles Memorial Health System on Friday mailed letters to some of its “patients whose information may have been involved in a Read More …

LastPass admits attackers have a copy of customers’ password vaults

Password locker LastPass has warned customers that the August 2022 attack on its systems saw unknown parties copy encrypted files that contains the passwords to their accounts. In a December 22nd update to its advice about the incident, LastPass brings Read More …

Twitter Probed in EU for Pre-Musk Data Leak of 5.4 Million Users

Ireland’s Data Protection Commission said Friday it decided to start a probe over reports that one or more datasets of users’ personal information “had been made available on the internet.” “These datasets were reported to contain personal data relating to Read More …