A number of observers were struck by apparent similarities between the British Airways breach and the earlier incident at Ticketmaster. This morning RiskIQ offered an explanation for the similarity: the company says that the two hacks were conducted by the same criminal group, "Magecart." The company has been tracking Magecart since 2015. The researchers also say the gang remains active on an unusually large scale, conducting "digital skimming" attacks against a range of enterprises: they scan for websites that don't secure payment card data entry forms, and then take whatever's available. This time their attack seems to have been more tailored than usual. British Airways hasn't commented on the attribution.
Trend Micro has responded to accusations that surfaced over the weekend and resulted in the ejection of some of its security apps from the Apple Store. They don't, the company says, report anything to Chinese servers. And the data collection on user systems they do perform is a one-time thing at the time of installation, not an ongoing scraping of information. Furthermore, it was fully disclosed in the end-user license agreement. Trend Micro says it's now discontinued that particular feature in its apps.
An important case goes before the European Court of Justice this week. Google will be challenging aspects of the EU's "right to be forgotten." In this case Google seems to be on the side of the free-speech angels: many observers see broad application of the right to be forgotten as the entering wedge of more intrusive censorship.