Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: E-Records

10 billion passwords leaked in the largest compilation of all time

“The Cybernews research team believes the leak poses severe dangers to users prone to reusing passwords. The king is dead. Long live the king. Cybernews researchers discovered what appears to be the largest password compilation with a staggering 9,948,575,739 unique plaintext passwords. The file with the data, titled rockyou2024.txt, was posted on July 4th by forum user ObamaCare. While the user registered in late May 2024, they have previously shared an employee database from the law firm Simmons & Simmons, a lead from an online casino AskGamblers, and student applications for Rowan College at Burlington County. The team cross-referenced the passwords included in the RockYou2024 leak with data from Cybernews’ Leaked Password Checker, which revealed that these passwords came from a mix of old and new data breaches. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” researchers said. Credential stuffing attacks can be severely damaging for users and businesses. For example, a recent wave of attacks targeting Santander, Ticketmaster, Advance Auto Parts, QuoteWizard, and others was a direct result of credential stuffing attacks against the victims’ cloud service provider, Snowflake. “Threat actors could exploit the RockYou2024 password compilation to conduct brute-force attacks and gain unauthorized access to various online accounts used by individuals who employ passwords included in the dataset,” the team explained…”

FTC – Who’s who in scams: a spring roundup

FTC: “Scammers are all about spinning lies, but they still operate in the real world. Many scammers pretend to be well-known businesses to gain trust and make their stories seem more believable. And scammers use real-world methods to contact people and to get paid. Reports to the FTC’s Consumer Sentinel Network point to some of… Continue Reading

AI trains on kids’ photos even when parents use strict privacy settings

Ars Technica: “Human Rights Watch (HRW) continues to reveal how photos of real children casually posted online years ago are being used to train AI models powering image generators—even when platforms prohibit scraping and families use strict privacy settings. Last month, HRW researcher Hye Jung Han found 170 photos of Brazilian kids that were linked… Continue Reading

Microsoft tells yet more customers their emails have been stolen

The Register: “It took a while, but Microsoft has told customers that the Russian criminals who compromised its systems earlier this year made off with even more emails than it first admitted.  We’ve been aware for some time that the digital Russian break-in at the Windows maker saw Kremlin spies make off with source code,… Continue Reading

How to manage deleted files on iOS, iPadOS, and macOS

The Verge: “If you want to get rid of files permanently, make sure you’re deleting them across your iCloud sync….By default, all of the Apple devices you’re signed in to with your Apple ID should be syncing files through iCloud, but it’s worth double-checking — otherwise, you can be leaving files you thought you’d deleted…” Continue Reading

Pete Recommends – Weekly highlights on cyber security issues, June 29, 2024

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues, June 29, 2024 – Privacy and cybersecurity issues impact every aspect of our lives – home, work, travel, education, finance, health and medical records – to name but a few. On a weekly basis  Pete Weiss highlights articles and information that focus on the… Continue Reading

How to Delete Pictures of Your House From Real Estate Sites

Lifehacker: “There’s no shortage of realty sites out there, and there’s not a huge amount to differentiate them—in the end, they’re all built to facilitate property deals. One of the things they have in common is that they all keep details of properties—including listing photos—online, even years after they are sold, rented, or otherwise taken… Continue Reading

Here’s how machine learning can violate your privacy

Via LLRX – Here’s how machine learning can violate your privacy – Jordan Awan, Assistant Professor of Statistics, Purdue University explains how machine learning has pushed the boundaries in several fields, including personalized medicine, self-driving cars and customized advertisements. Research has shown, however, that these systems memorize aspects of the data they were trained with in order… Continue Reading

Energy releases generative AI guidance for employees, contractors

Fedscoop: “Employees and contractors at the Department of Energy now have a new reference guide to help them navigate use of generative AI tools at the agency, including best practices and a note that ChatGPT is available for use by request. That 61-page document was published and distributed on DOE’s internal network on June 14,… Continue Reading

Cars & Consumer Data: On Unlawful Collection & Use

FTC: “Some say the car a person drives can say a lot about them. As cars get “connected,” this turns out to be truer than many people might have realized. While connectivity can let drivers do things like play their favorite internet radio stations or unlock their car with an app, connected cars can also… Continue Reading

When the Terms of Service Change to Make Way for A.I. Training

The New York Times [no paywall]: “Last July, Google made an eight-word change to its privacy policy that represented a significant step in its race to build the next generation of artificial intelligence. Buried thousands of words into its document, Google tweaked the phrasing for how it used data for its products, adding that public… Continue Reading

11 steps to keep Meta from stealing your data to train AI

Deborah Copaken: “You only have until June 26, 2024 to say no to Meta taking your personal photos and words and using them to train their generative AI. Here are step-by-step directions for opting out…Facebook has led to all sorts of horrors, including an orange-haired, coup-instigating felon in the White House; Russian interference in our… Continue Reading