CyberWire Daily

Hacked in plain sight.

Feb 26, 2025

A massive data breach has impacted over 3.3 million people, raising serious cybersecurity concerns. Signal is contemplating leaving Sweden due to a law allowing police access to encrypted messages. Apple’s decision to retract iCloud’s end-to-end encryption has sparked debate over user privacy. Critical vulnerabilities in popular software platforms highlight the urgent need for security updates. Meanwhile, a cautionary tale from a Disney employee illustrates the rising risks individuals face in today's digital landscape.

30:56

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The data breach at DISA Global Solutions exposing 3.3 million individuals underscores the persistent vulnerabilities in handling sensitive information.

Signal's consideration of exiting Sweden due to proposed encryption laws highlights the ongoing global struggle between user privacy and law enforcement access.

Deep dives

Data Breach at DISA Global Solutions

A significant data breach at DISA Global Solutions has exposed sensitive information of over 3.3 million individuals, including names, social security numbers, and financial data. The security incident occurred between February and April 2024, and the company is offering a year of complimentary credit monitoring to affected individuals. Although DISA undertook a comprehensive review of the breach, it has not confirmed if ransomware was involved, nor has any cybercriminal group claimed responsibility for the attack. The implications of this breach highlight the ongoing vulnerabilities faced by organizations handling sensitive employee data.

Intro

3min

Cybersecurity Crisis in Government

6min

Urgent Cybersecurity Updates and Innovative Solutions

6min

Apple's Privacy Dilemma in the UK

5min

Navigating Cybersecurity Risks

7min

A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vulnerabilities in Rsync allow attackers to execute remote code. A class action lawsuit claims Amazon violates Washington State’s privacy laws. CISA warns that attackers are exploiting Microsoft’s Partner Center platform. A researcher discovers a critical remote code execution vulnerability in MITRE’s Caldera security training platform. An analysis of CISA’s JCDC AI Cybersecurity Collaboration Playbook. Ben Yelin explains Apple pulling iCloud end-to-end encryption in response to the UK Government. A Disney employee’s cautionary tale.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

We are joined by Caveat podcast co-host Ben Yelin to discuss Apple pulling iCloud end-to-end encryption in response to the UK Government. You can read the article from Bleeping Computer here. Ben is the Program Director for Public Policy & External Affairs at University of Maryland Center for Health and Homeland Security. You can catch Caveat every Thursday here on the N2K CyberWire network and on your favorite podcast app.

Selected Reading

3.3 Million People Impacted by DISA Data Breach (SecurityWeek)

DOGE must halt all ‘negligent cybersecurity practices,’ House Democrats tell Trump (The Record)

Signal May Exit Sweden If Government Imposes Encryption Backdoor (Infosecurity Magazine)

Rsync Vulnerabilities Let Hackers Gain Full Control of Servers - PoC Released (Cyber Security News)

Lawsuit: Amazon Violates Washington State Health Data Law (BankInfo Security)

CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild (Cyber Security News)

MITRE Caldera security suite scores perfect 10 for insecurity (The Register)

CISA’s AI cybersecurity playbook calls for greater collaboration, but trust is key to successful execution (CyberScoop)

A Disney Worker Downloaded an AI Tool. It Led to a Hack That Ruined His Life. (Wall Street Journal)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

Hacked in plain sight.

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Data Breach at DISA Global Solutions

Signal's Encryption Controversy in Sweden

AI-Driven Cyber Threats and Apple’s Privacy Stance

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts