Topics discussed include the importance of backing up cloud data, 23andMe data breach investigation, misuse of surveillance data, hacking incident at a location tracking company, privacy concerns in insurance rates, Microsoft Windows Recall security concerns, lack of transparency in a popular Mac app ownership change, and new privacy features by Apple.
Backup cloud data to prevent loss from outages or service changes.
Data breaches highlight the need for strong privacy protections.
User distrust in Microsoft grows due to privacy concerns and negligence.
Deep dives
Privacy Concerns with 23andMe Data Breach
The British and Canadian privacy authorities are investigating the 23andMe data breach where cybercriminals accessed accounts through credential stuffing, potentially compromising health-related genetic information. The investigation aims to assess the scope of exposed information, safeguards by 23andMe, and notification compliance under privacy laws.
Data Security Concerns with Potential Data Dump
A criminal gang is alleged to possess and intend to dump 2.9 billion personal records online, including sensitive details such as social security numbers and family information. The likelihood of such data breaches raises concerns over data privacy and security, emphasizing the importance of vigilant protection against potential threats.
Windows Recall Feature and Trust Issues with Microsoft
Microsoft's Windows Recall feature faced backlash due to privacy concerns, contributing to existing user distrust. The tool's AI capabilities for memory retrieval raise privacy alarms amidst a history of user-unfriendly practices by Microsoft, impacting user perception and trust in the platform's data handling and security practices.
Security Flaw in Microsoft Application Raises National Security Concerns
A security researcher discovered a critical flaw in a Microsoft application that could allow attackers to gain unauthorized access to sensitive information, posing a significant risk to national security. Despite efforts to alert Microsoft and address the flaw, the company prioritized business interests over security concerns, leaving millions of users vulnerable. This negligence led to a major cyber attack by Russian hackers utilizing the same vulnerability, compromising federal agencies' data, including national security and COVID-19 research.
Importance of Backing Up Cloud Data for Data Protection
Storing data in the cloud poses various risks, including service outages, data loss through sync errors, or changes in ownership leading to potential data loss. It is crucial for individuals to periodically back up their cloud data by exporting archives in open formats to ensure accessibility and preservation. Maintaining backups of critical cloud data on local external drives and other backup services helps safeguard against potential data loss or service disruptions.
Until recently, most of our important data lived primarily on our devices. Backing up that data often meant choosing a cloud backup service. But today, many of our most important photos and files are actually stored in the cloud. While cloud servers are supposed to be more robust than home computers with flaky hard drives and smartphones that get lost or stolen, it also means that someone else is in control of that data. Cloud services go offline, get bought out or even shut down. We now need to be sure to back up our cloud data, too.
In other news: 23andMe breach under investigation by US and Canada; cops release personal location info to FOIA request; hacker gains access to Tile customer data; more car privacy updates; Microsoft Recall backlash highlights our distrust; report shows Microsoft favoring profits over security; Mac Bartender app shadily changes ownership; new Apple privacy features coming.
Article Links
[malwarebytes.com] 23andMe data breach under joint investigation in two countries https://www.malwarebytes.com/blog/news/2024/06/23andme-data-breach-under-joint-investigation-in-two-countries
[theregister.com] Crooks threaten to leak 3B personal records 'stolen from background check firm' https://www.theregister.com/2024/06/03/usdod_data_dump/
[404media.co] Cops Released a Car’s Travel History to a Total Stranger https://www.404media.co/cops-released-a-cars-travel-history-to-a-total-stranger/
[404media.co] Hacker Accesses Internal ‘Tile’ Tool That Provides Location Data to Cops https://www.404media.co/hacker-accesses-internal-tile-tool-that-provides-location-data-to-cops/
[The New York Times] Is Your Driving Being Secretly Scored? https://www.nytimes.com/2024/06/09/technology/driver-scores-insurance-data-apps.html
[Windows Central] A PR disaster: Microsoft has lost trust with its users, and Windows Recall is the straw that broke the camel's back https://www.windowscentral.com/software-apps/windows-11/microsoft-has-lost-trust-with-its-users-windows-recall-is-the-last-straw
[ProPublica] Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers
[AppleInsider] Adobe's new terms of service unacceptably gives them access to all of your projects, for free https://appleinsider.com/articles/24/06/06/adobes-new-terms-of-service-unacceptably-gives-them-access-to-all-of-your-projects-for-free
[MacRumors] PSA: Bartender Mac App Under New Ownership, But Lack of Transparency Raises Concerns https://www.macrumors.com/2024/06/04/bartender-mac-app-new-owner/
[9to5Mac] iOS 18 includes these new privacy features: Lock and hide apps, improved contact permissions, more https://9to5mac.com/2024/06/10/ios-18-includes-these-new-privacy-features-lock-and-hide-apps-improved-contact-permissions-more/
Tip of the Week: Backup Your Cloud Data: https://firewallsdontstopdragons.com/how-to-backup-cloud-data/
Further Info
Under New Management plugin: https://github.com/classvsoftware/under-new-management
Send me your questions! https://fdsd.me/qna
Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book
Subscribe to the newsletter: https://fdsd.me/newsletter
Become a patron! https://www.patreon.com/FirewallsDontStopDragons
Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch
Give the gift of privacy and security: https://fdsd.me/coupons
Support our mission! https://fdsd.me/support
Generate secure passphrases! https://d20key.com/#/
Table of Contents
Use these timestamps to jump to a particular section of the show.
0:00:52: News preview
0:03:11: 23andMe data breach under joint investigation in two countries
0:07:01: Crooks threaten to leak 3B personal records 'stolen from background check firm'
0:09:52: Cops Released a Car’s Travel History to a Total Stranger
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
