Privacy News Online: Weekly Review | March 26, 2021
Featured: Privacy News Online – Week of March 26th, 2021
Countries in the European Union attempt to water down privacy protections
With the European Union’s ePrivacy Regulation in the final stretch, seemingly minor changes can lead to massive privacy implications. Current legislation allows for personal data collection by intelligence services, but not for companies acting on their behalf. Some governments were upset that they would be unable to force internet service providers to conduct mass surveillance of their users, so they are pushing to roll back that limitation.
Teen who hacked the Twitter accounts of Biden, Obama, Bezos and more is sentenced to 3 years in prison
18-year-old Graham Ivan Clark was sentenced to 3 years in prison plus 3 years of probation after pleading guilty to hacking into high-profile Twitter accounts. Clark posed as an employee of Twitter to trick another employee into giving him access to the customer service portal which he used that to gain access to the accounts of Joe Biden, Barack Obama, Bill Gates, Elon Musk, Jeff Bezos, Kanye West, Floyd Mayweather, Kim Kardashian, Uber, Apple and more. He then used the hacked accounts for a cryptocurrency-related scheme which netted over $100,000.
DMV’s are making a fortune selling your personal data
According to an investigation by Vice, the Department of Motor Vehicles (DMV) in several states is supplementing its income by selling the personal information of drivers in their state to third parties. This information includes their names, addresses, dates of birth and which cars they own. In 2017, Florida raked in over $77 million by using this method, and California pulled in a cool $52 million. Other states using this practice include Delaware, Indiana, New Jersey, Rhode Island, Vermont and Wisconsin.
More Privacy News This Week:
China cracks down on the use of Tesla vehicles, citing privacy concerns
China is banning the use of Tesla vehicles by employees of state-owned companies, military and government staff over fears that the data the vehicles gather could potentially leak national secrets. Chinese officials raised concerns that Tesla vehicles include cameras that can record constantly in addition to having access to contact lists of any mobile phones synced with them. Whether you’re guarding national secrets or not, the amount of data that modern vehicles have access to is somewhat alarming.
Firefox 87 trims HTTP Referrers by default to protect user privacy
Firefox will now trim path and query string information from referrer headers to prevent sites from accidentally leaking sensitive user data. Browsers send the HTTP Referrer header to signal to a website which location “referred” the user to that website’s server. The problem is, the HTTP referrer header often holds private user data, such as user account information on a website or which articles you read. Starting with Firefox 87, Firefox will trim user sensitive information from the URL, thus offering a more private browsing solution.
More Cybersecurity News This Week:
Fake Android Clubhouse app infects Android devices with Trojan
A new Android Trojan horse is masquerading as Clubhouse, an audio-chat social network, that only has an official app for iOS. The fake Android Clubhouse app is actually designed to infect Android devices with the BlackRock banking Trojan, which can intercept and modify SMS text messages, deactivate Android antivirus software, and more.
XcodeSpy: new macOS malware that targets iOS app developers
New macOS malware dubbed XcodeSpy has been discovered. The malware targets iOS app developers, and was distributed through a Trojanized Xcode project. XcodeSpy installs a LaunchAgent to keep itself running after an infected Mac is rebooted, and it downloads a backdoor named EggShell, which can log keystrokes and access the camera and microphone on an infected Mac.
Privacy News Online is brought to you by Private Internet Access VPN
Privacy News Online is brought to you by Private Internet Access, the world’s most trusted VPN service.
Special thanks to Intego
Thank you to Josh Long, our cybersecurity correspondent from Intego, makers of award-winning security software.