But confirming the source of the alleged data theft has proven inconclusive, such is the nature of the data broker industry, which gobbles up individuals’ personal data from disparate sources with little to no quality control.
But this alleged breach of a data broker appears to be an outlier, in part because some of the data appears genuine and some already verified.
The proliferation and commoditization of personal data across the data broker industry also makes it more challenging to identify the source of data leaks.
And even if this particular data breach remains unsolved, it shows once more that the data broker industry is out of control and poses real privacy issues to ordinary people.
We couldn’t definitively solve the mystery of this data breach, but there was enough there to detail our verification efforts.
AT&T has begun notifying U.S. state authorities and regulators of a security incident after confirming that millions of customer records posted online last month were authentic.
According to AT&T the records contained valid data on more than 7.9 million current AT&T customers.
AT&T took action some three years after a subset of the leaked data first appeared online, which prevented any meaningful analysis of the data.
The full cache of 73 million leaked customer records was dumped online last month, allowing customers to verify that their data was genuine.
AT&T eventually acknowledged that the leaked data belongs to its customers, including about 65 million former customers.
Heya, folks, welcome to Week in Review (WiR), TechCrunch’s newsletter recapping the noteworthy happenings in tech over the past several days (and change).
Famed startup accelerator Y Combinator had its Demo Days, and the venture desk took it all in with an appropriately skeptical eye.
Also this week, Microsoft and Quantinuum, a quantum computing startup, made a scientific breakthrough — or so they claim.
NewsCanoo paid for its CEO’s jet: Kirsten reports that EV startup Canoo paid the rent for the CEO’s private jet — $1.7 million— in 2023.
Bonus roundNSFW on X: The social media company has confirmed that authorized users on the platform can create NSFW communities, ahead of a change that’ll see all NSFW content on X filtered by default.
AT&T resets account passcodes after millions of customer records leak online US telco giant takes action after 2019 data breachPhone giant AT&T is reseting customer account passcodes after a huge cache of data containing millions of customer records was dumped online earlier this month, TechCrunch has exclusively learned.
A security researcher who analyzed the leaked data told TechCrunch that the encrypted account passcodes are easy to decipher.
TechCrunch held the publication of this story until AT&T could begin reseting customer account passcodes.
The leaked data includes AT&T customer names, home addresses, phone numbers, dates of birth and Social Security numbers.
The researcher double-checked their findings by looking up records in the leaked data against AT&T account passcodes known only to them.
So they launched Metaview, an AI-powered note-taking app for recruiters and hiring managers that records, analyzes and summarizes job interviews.
“Metaview is an AI note-taker built specifically for the hiring process,” Magos said.
“It helps recruiters and hiring managers focus more on getting to know candidates and less on extracting data from the conversations.
“Zoom, Microsoft Teams and Google Meet all have transcription built in, which is a possible alternative to Metaview,” Magos said.
I’m skeptical and a bit wary, too, of Metaview’s approach to how it handles speech data.
A bug in an Irish government website that exposed COVID-19 vaccination records took two years to publicly discloseThe Irish government fixed a vulnerability two years ago in its national COVID-19 vaccination portal that exposed the vaccination records of around a million residents.
But details of the vulnerability weren’t revealed until this week after attempts to coordinate public disclosure with the government agency stalled and ended.
Security researcher Aaron Costello said he discovered the vulnerability in the COVID-19 vaccination portal run by the Irish Health Service Executive (HSE) in December 2021, a year after mass vaccinations against COVID-19 began in Ireland.
Costello’s public disclosure marks more than two years since first reporting the vulnerability.
His blog post included a multi-year timeline revealing a back and forth between various government departments that were unwilling to take claim to public disclosure.
Meta has dropped its lawsuit against an Israeli web scraping company Bright Data, after losing a key claim in its case a few weeks ago.
Beyond being just another case of web scraping, what made this case particularly interesting was that Meta was a Bright Data customer at one time.
However, when Bright Data scraped Meta’s own data, the company sued.
“This concession by Meta is a pivotal moment for Bright Data and the web scraping community.
“Bright Data remains committed to keeping public web data freely accessible to everyone.
Where it is differentiating itself is through its Simetrik Building Blocks, or SBBs, which are scalable and adaptable concepts based on no-code development and generative AI technologies.
In the past two years, the company grew to have clients in more than 35 countries, up from 10, and is monitoring over 200 million records every day.
Previously that was 70 million records daily.
The use of the new funds will go into further developing the Simetrik Building Blocks, enhancing AI capabilities and continuing to expand Simetrik’s international reach.
They need a new approach, and that is where our building blocks have a strong product market piece.”
The U.S. National Security Agency is buying vast amounts of commercially available web browsing data on Americans without a warrant, according to the agency’s outgoing director.
The NSA did not say from which providers it buys commercially available internet records.
Previous reporting shows the Defense Intelligence Agency bought access to a commercial database containing Americans’ location data in 2021 without a warrant.
A week later, the FTC brought similar action against InMarket, another data broker, saying the company did not obtain users’ explicit consent before collecting their location data, and banned the data broker from selling consumers’ precise location data.
When reached by email, NSA spokesperson Eddie Bennett confirmed the NSA collects commercially available internet netflow data, but declined to clarify or comment on Nakasone’s remarks.
Tesla’s disastrous decision to keep all of its bitcoin seems to have paid off in the short term, as the automaker recorded a $64 million profit from BTC trading in…
