In one look.
- Lending Tree says the leaked data is not theirs.
- A year after Project Pegasus, the spyware is still on the loose.
- Updates to U.S. Children’s Privacy Laws.
LendingTree says the leaked data is not theirs.
Researchers have discovered 200,000 loan applications allegedly belonging to financial services firm LendingTree for sale on the dark web, but the financial services giant denies any connection to the data. The disc by Recorded Future Remarks that the company sent breach notification letters last month, but Megan Greuling, director of communications at LendingTree, says the notifications are related to an unrelated “code vulnerability” that exposed the data of some 70,000 customers in February. Referring to the newly found loan applications, Greuling said, “Our investigation determined that this data leak did not originate from LendingTree. In fact, we got the full data set and found no matches against our consumer database. She went on to say that the hacker selling the data might have intentionally mislabeled it to increase its value on the black market.
A year after Project Pegasus, the spyware is still on the loose.
Israeli spyware maker NSO Group is again under fire, this time for allegedly covering up information about the surveillance of an employee of human rights group Human Rights Watch. The non-governmental organization wrote to NSO in January with evidence that NSO’s controversial Pegasus spyware had been used to target Human Rights Watch’s Middle East and North Africa director Lama Fakih. NSO promised to investigate, but came up dry. NSO’s Vice President for Compliance, Chaim Gelfand, responded that there was no evidence of oversight from their current customers and that the issue “has been investigated to the best of our abilities based on the information provided to us”. Based on Gelfand’s careful formulation, Human Rights Watch feels NSO’s investigation was inadequate and that a former client may have targeted Fakih.
The Guardian Remarks that this month marks a year since Project Pegasus revealed spyware was being used to spy on journalists, activists, political leaders and lawyers around the world, but in the years since, little has changed were observed. Although there have been several official investigations in countries including France, India, Mexico, Poland and Spain, as well as a number of lawsuits (including a high-profile case from the Apple technology), governments still have access to spyware and, as Human Rights Watch can attest, activists still live in fear of surveillance. Amnesty International, which helped coordinate Project Pegasus, accepted There is still a lot to do. “A year after the Pegasus spyware revelations shocked the world, it is alarming that surveillance companies are still profiting from human rights abuses on a global scale,” said Amnesty Tech Deputy Director, Danna Ingleton.
Indeed, today AP News reports that at least thirty Thai activists involved in the country’s pro-democracy protests were allegedly targeted from October 2020 to November 2021 by an unnamed government entity. iLaw, a Thai human rights group that was recruited to help with the investigation, found that two of its own participants were among the targets. Legal representative Yingcheep Atchanont Told The Washington Post, “I was surprised later when I found out that I had been infected so many times in late 2020 and early 2021. This time I was just a protest watcher, my role is simply to campaign on the constitutional amendment.”
Updates to U.S. Children’s Privacy Laws.
Cooley’s Cyber/Data/Privacy Information offers an overview of US lawmakers’ efforts to protect the privacy of minors on the web. In his State of the Union address in March, President Joe Biden urged lawmakers to “strengthen privacy protections, ban advertising targeted at children, [and] Demand that tech companies stop collecting personal data about our children. And in May, the Federal Trade Commission released a policy statement outlining its commitment to children’s privacy, warning that the FTC would begin prioritizing enforcement of the Children’s Online Privacy and Protection Act of 1998 (COPPA). , the primary US law protecting the privacy of children. Also in May, the California Assembly passed the California Age-Appropriate Design Code Act, which will require companies to “consider the best interests of children” and “maintain the highest possible level of privacy for children.” by default” when designing products and services. . At the federal level, the House of Representatives introduced the Preventing Real Online Threats That Endanger Children Today Act which, among other things, would amend COPPA to increase the age of “child” to 16. and extending COPPA to mobile application operators.