Tech Companies, Individuals and Lawmakers Tackle Data Privacy Issues After Roe's Overturn

Thieves stole $100 million from blockchain company Harmony, XCarnival retrieves half its stolen Ether, Vodafone warns of wide telecom sector impact from supplier cyber incident, much more

Don’t miss my latest CSO column on the lessons learned on the fifth anniversary of the NotPetya attack.

Photo by Gayatri Malhotra on Unsplash

In the wake of the Supreme Court’s reversal of its landmark abortion decision, Roe v. Wade, tech companies and individuals must now scramble to protect sensitive personal data from the prying eyes of police and prosecutors in nearly thirty states that have already outlawed or will soon outlaw abortions.

Some tech companies, however, are leery of wading too far into the issue, going only so far as to offer travel expenses for employees who live in states where abortion is illegal, an imperfect option that forces workers to bring their employers into a healthcare decision.

One step that EFF recommends companies take is to minimize the data they collect from users to reduce that data from becoming subject to investigation. Search engine providers should also fight against improper demands, such as asking a search engine for information for a search term like “abortion” or geofence warrants that order data on every device in an area, such as an abortion clinic. If forced to comply with legal demands for search data, companies should inform users about them if they’re not prohibited from doing so.

EFF says that individuals should consider using a search engine or browser like DuckDuckGo, Firefox, or Brave that minimizes data collection or retention by default and consider using a private browsing window that won’t save the search history. They should also only communicate sensitive information over encrypted messaging services, like Signal.

Moreover, users should consider setting up secondary email addresses and phone numbers for communications they don’t want to be too closely connected to. EFF points to Protonmail and Tutanota as two email service providers with robust privacy offerings, and Google Voice as an option for creating a secondary phone number. Finally, VPNs can help mask a computer user’s IP address.

Lawmakers can help too by passing comprehensive privacy legislation, although prospects for a bill’s passage appear dim. But, lawmakers have called on Google and the Federal Trade Commission to ensure data for online consumers seeking care would be protected. Senator Elizabeth Warren has introduced legislation to ban the sale of location and health data altogether. (Lauren Feiner / CNBC)

Related: Washington Post, Android Central, CTech, Consumer Reports, MSNBC, Wired, Business Insider, Ars Technica, The Next Web, The Register. Seattle Times, Bloomberg, Motherboard

Katie🌻Moussouris (she/her) @k8em0

I gave everyone (including contractors) at my company a paid week off to fight as soon as the leak of Roe. I also drew ire of Internet dudes by stating that I wouldn’t knowingly hire white supremacists or people who would rather I die than get an abortion. Companies can do more. https://t.co/3RGKxNiXxv

Dare Obasanjo @Carnage4Life

It's quite telling that major companies aren't criticizing the Supreme Court ruling but instead offering workarounds to abortion bans as a company perk. This is quite Dystopian because it's already assumed to be a new normal and makes people even more dependent on their employers

3:42 PM ∙ Jun 26, 2022

---

Blockchain company Harmony said $100 million in cryptocurrency was stolen from the platform with the FBI and cybersecurity firms now investigating.

The thieves exploited private keys for a cross-chain bridge, also known as a blockchain bridge, that contains a lot of liquidity and allows people to transfer tokens, assets, smart contract instructions, and data between blockchains. Harmony notified other exchanges and stopped its Horizon bridge to prevent further transactions. (Jonathan Greig / The Record)

Related: CNN.com, Wall Street Journal, Business Insider, USA Today, PYMNTS.com, Benzinga, CryptoSlate, The Block, CNET News, CNBC, Security News | Tech Times, Decrypt, The Financial Express, The Crypto Basic, Fortune, PYMNTS.com, Reuters: Reuters: World News, Mercury News, DealStreetAsia, CNET News, PCMag.com, Slashdot, Washington Post, USA Today, Technology - CBSNews.com, The Crypto Basic, The Block, Benzinga, The Crypto Basic, the deep dive, Bitcoinist, Bitcoin News, Decrypt, The Block, CyberNews, DataBreachToday.com, Decrypt, Cointelegraph.com, Bitcoin News, Security Affairs, Teiss

Harmony 💙 @harmonyprotocol

1/ The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100MM. We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds. More 🧵

11:13 PM ∙ Jun 23, 2022

---

XCarnival, a liquidity provider for the Ethereum ecosystem, recovered 1,467 Ether (ETH) just a day after suffering an exploit that drained 3,087 ETH, worth roughly $3.8 million, from the protocol.

Blockchain investigator Peckshield said the hack was made possible by allowing a withdrawn pledged NFT to be still used as the collateral, which the hacker then exploits to drain assets from the pool. XCarnival announced plans to reveal details about the situation in the future. (Arijit Sarkar / Cointelegraph)

Related: Cryptonews

XCarnival @XCarnival_Lab

XCarnival was attacked on June 26, 2022 and suspended part of the protocol. XCarnival officials will give 0xb7CBB4d43F1e08327A90B32A8417688C9D0B800a owner 1500 ETH bounty. At the same time, XCarnival officals explicitly exempt the person from legal action. By XCarnival team

1:05 AM ∙ Jun 27, 2022

---

Ukraine’s CERT warned telecom providers about the distribution of dangerous emails with the subject line “Free Primary Legal Aid” that come attached with a document that leads to the download and execution of the DarkCrystal RAT malware.

Given the email addresses of email recipients, experts suggest that the attack is aimed at operators and telecommunications providers in Ukraine. Ukraine’s CERT said that the same group targeted media organizations in May. (Ukraine is Open for Business)

Related: CIP.gov.ua

British telecom giant Vodafone warned that a cyber incident at one of its critical suppliers had the“potential scope to impact the entire telecommunications industry.”

The unidentified supplier in question “manages the netting of roaming charges between operators and reported a cyber incident in September 2021″, the company said in its latest annual report, although the Stack assesses the supplier is Syniverse, which in September 2021 reported a breach that had gone undetected for five years. Syniverse says investigating and responding to the incident has cost it $4.7 million, with its cyber insurance covering $3.7 million. (Ed Targett / The Stack)

漁師の敵 @FishermansEnemy

This seems like it could be bad thestack.technology/vodafone-suppl… My first thought is that anyone doing SMS MFA while roaming was put at quite a risk.

10:04 AM ∙ Jun 27, 2022

Nichirin-Flex U.S.A, a subsidiary of the Japanese car and motorcycle hose maker Nichirin, was hit by a ransomware attack on June 14, causing the company to take the network offline and forcing customers to face delays.

In a separate notice, Nichirin is warning clients and employees of the possibility of receiving emails that impersonate the firm, suggesting that the ransomware attack was possible through phishing. (Bill Toulas / Bleeping Computer)

Related: Reuters, The Record

The U.S. Federal Trade Commission (FTC) ordered Residual Pumpkin Entity, the former CafePress t-shirt and merchandise site owner, to pay a $500,000 fine for covering up a data breach impacting more than 23 million customers and failing to protect their data.

The FTC claimed that Residual Pumpkin Entity stored its customers' Social Security numbers and password reset answers in plain text and longer than necessary. On top of paying the fine, Residual Pumpkin and PlanetArt (CAfePress' new owner) have to implement multi-factor authentication, minimize the amount of collected and retained data, and encrypt all stored Social Security numbers. (Sergiu Gatlan / Bleeping Computer)

Related: Federal Trade Commission, Infosecurity Magazine

Analysts at AhnLab say that LockBit ransomware affiliates are trying to trick people into infecting their devices by disguising their malware as copyright claims.

The malicious actors send victims a warning about a fake copyright violation and demand that the recipient remove the infringing content from their websites, or they will face legal action. They attach a password-protected ZIP archive containing a compressed file, which in turn has an executable disguised as a PDF document, but in reality, it is an NSIS installer that will install the LockBit ransomware.

Related: AhnLab, iTechPost

Cybercrime rings still tracked as ransomware operators are turning toward primarily data theft and extortion and skipping the encryption step altogether, according to Mandiant Intelligence VP Sandra Joyce.

Rather than scramble files and demand payment for the decryption keys, the threat actors have decided that simply exfiltrating the data and demanding a fee not to leak it all is just as effective. Some of these thieves offer discounted ransoms to corporations to encourage them to pay sooner, with the demanded payment getting larger the longer it takes to cough up the cryptocurrency. (Jessica Lyons Hardcastle / The Register)

Related: Databreaches.net

XM Cyber, the Israeli cybersecurity company acquired by Schwarz Group for $700 million less than a year ago, announced on Monday that it is acquiring Israeli startup Cyber Observer. The deal's cost wasn't revealed by the companies but is estimated to be in the region of $30 million.

XM Cyber, founded by Noam Erez, Boaz Gorodissky, and former Mossad Director Tamir Pardo, will expand its cyber risk management platform with Cyber Observer’s continuous controls monitoring. (CTech)

Related: PR Newswire, Help Net Security