FireEye says North Korea is devoting attention to Latin American financial institutions, "hacking the hell" [sic] out of them.
Adidas disclosed that "an unauthorized party claims to have acquired limited data associated with certain adidas consumers" who bought from its US website. The athletic apparel manufacturer says it became aware of the incident on June 26th, and says the data affected include "contact information, usernames and encrypted passwords" but no credit cards. Affected customers are being notified. It's unclear what Adidas' GDPR regulatory exposure may be.
The long document Facebook delivered to the US Congress Friday (seven-hundred-forty-two pages) includes disclosures that Facebook continued to share user information with sixty-one app developers for some six months after its announcement in 2015 that it would stop the practice. Data shared covered users' friends (in the Facebook term-of-art meaning of the word), and included friends' name, gender, date of birth, city or hometown, photographs, and page likes. The disclosure suggests the high value of such data, and the difficulty companies like Facebook have containing it.
Facebook has adopted a bounty system (the "Data Abuse Bounty Program") to reward people who find abuse of data Facebook handles. It awarded $4 thousand to a bounty hunter last week; other companies are thought likely to follow suit.
ZTE, future still in doubt, replaced its board to allay US official displeasure. Observers see the change as largely cosmetic. The US House included a ban on ZTE and Huawei in its draft of the 2019 Defense appropriations bill.