At a glance.
- Twitter: no passwords exposed in Wednesday's hack.
- French telco Orange hit with Nefilim ransomware.
- Persistent concerns about TikTok data harvesting.
- Privacy issues surrounding COVID-19 research hacking.
Twitter says no passwords were lost in Wednesday's hack.
It's early to be sure, but so far Twitter is confident enough that no passwords were compromised in Wednesday's account hijacking and Bitcoin scam incident that the social network doesn't plan to force a password reset. ZDNet reports that the incident still looks like the social engineering attack it was initially taken to be.
Orange SA hit with Nefilim ransomware.
Criminals using Nefilim ransomware have hit French telecom company Orange SA, ITWire reports. BleepingComputer confirmed with Orange that indeed the company, specifically Orange Business Services had been attacked. Data from some twenty enterprise customers were affected. Much of the information at risk represents intellectual property and business-sensitive data, but the possibility that personal data were lost can't be discounted.
Concerns about TikTok's data harvesting persist.
Social networks and search engines that depend upon advertising for their revenue all collect a great deal of data on their users. In this respect TikTok is little different from its peers. But the Economic Times argues that the platform has drawn more wary scrutiny than the others because of its Chinese ownership, and because of concerns that Chinese security and intelligence agencies can at least in principle gain access to whatever data TikTok has harvested.
Espionage and the privacy penalty it extracts.
Bloomberg interviewed a Darktrace co-founder who says that Cozy Bear's hack of COVID-19 biomedical research put patient data as well as intellectual property at risk. The research inevitably involves underlying patient data. Darktrace thinks that collecting such data can drive AI modelling that would accelerate vaccine development. A problem they see is the risk of patients losing confidence that their health data would be protected, and that this might even discourage people from, for example, going to get tested.