Today at a glance.
- London's Metropolitan Police move forward with facial recognition.
- SuperCasino hit with theft of customer data.
- The case of Jeff Bezos and his iPhone remains unsettled.
- A hospital worker accesses patient information on behalf of a personal injury lawyer.
Automated BOLOs.
The BBC reports that the Metropolitan Police intend to go forward with plans to operate live automated facial recognition cameras in London. After some four years of trials, and earlier pilots in other British jurisdictions, the Metropolitan Police say they plan to use the cameras for five to six hours at a time, and that they will do so with “bespoke watchlists” of suspects wanted in violent and other serious crimes. Critics continue to raise concerns about accuracy and about civil liberties.
Online gambling shop suffers cyberattack.
SuperCasino reported an “incident” in which attackers took sensitive customer data. Computing says that the breach was reported January 17th, when a member of an online forum (“Casinomeister”) devoted to online gambling said he or she had received an email from SuperCasino warning of the breach. The “meister” who took the email public (nom de chance “JGslots”) said the email read, in part, “We regret to inform you that SuperCasino has suffered a security incident and some of your personal data has been revealed to an unauthorized person. We took various mitigating measures and the unauthorised person is no longer able to access your data. Rest assured that our investigations show that your credit card, payment information, password and copies of any documents sent to SuperCasino have not been accessed and remain secure.” The attackers did succeed in getting access to names, user names, telephone numbers, email addresses, residential addresses, and date of registration. The risk, then, isn’t so much direct theft as it is phishing or identity theft.
The curious case of Mr. Bezos’ iPhone X.
It’s still unclear what exactly happened to Jeff Bezos and his iPhone, and how much the incident should be regarded as a warning of massive intrusions into personal privacy committed by state security and intelligence services using increasingly effective and widely available spyware. World Politics Review has a representative account of what many fear is happening, especially as autocrats and authoritarians come into possession of lawful intercept tools. The FTI Consulting report that so exercised the United Nations’ Special Rapporteurs last week, inducing them to call for a comprehensive investigation of the incident, rests its conclusions on circumstantial evidence--plausible enough, but still circumstantial. The report’s suggestion that the spyware most probably used was NSO Group’s Pegasus is, again, plausible, but in this case based largely on circumstance and a priori probability. Ha’aretz, no journalistic friend of NSO Group, says that, tempting as it might be to point the finger at NSO Group, there’s no conclusive evidence that the phone was hacked at all.
Ambulance chasing as an inside job.
More than eleven-hundred patients at Dearborn, Michigan’s Beaumont Health were affected by a data breach. A now-fired employee who worked in hospital admissions, Detroit Local 4 reported, accessed the information without authorization. Why? Apparently, Local 4 said in a follow-up, to share it with a personal injury attorney.