Hacking of 6.9K Mobile Units with Encryption Unsuccessful, FBI Director Revealed

There are actually many shared stories and reports about people who experienced personal fear in life because of privacy invasion, which tend to become a widespread issue across the globe nowadays. As expected, the invention of the Internet played a huge role in helping those abusive individuals who are hacking information or making unlawful activities online.

Fortunately, there are government agencies and private organizations that make an effort to deal with these types of individuals to keep the online world safe.

According from the latest published news through rt.com, the Federal Bureau of Investigation (FBI) director admitted that their agencies did not successfully hacked close to 7,000 cell phone devices with encrypted security feature. He revealed this statement from the conference of the police chiefs, which is about privacy issue and the involvement of the government.

“To put it mildly, this is a huge, huge problem,” said Christopher Wray who is the current director of the FBI as quoted by the news. “It impacts investigations across the board — narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation,” he added.

The conference last Monday involved the International Association of Chiefs of Police and held in Philadelphia. The agency head said that they failed to retrieve the data of almost 6,900 devices due to the encryption of the mobile phones.

It actually took the FBI almost 11 months and still did not succeed.

From the shared information through infowars.com, most of the mobile and Smartphone units, feature default’s applications encrypt content. Because of this, it would be difficult to access the data of the users because this kind of feature is strict and not allowing any sort of interception about private information.

Search this phone directory of available public information about phone number owners.

According to the statement of the FBI director also, the issue about attempting to hack the encrypted devices is in line with the 2016 iPhone hacking controversy. Last year, the agency made a demand that Apple managed to hack a mobile phone utilized by Syed Rizwan Farook, who is the gunman in a crime in San Bernardino.

Apple that time stated that they did not hack the device because the encryption features of the iPhone devices does not allow such activity due to its strict protection.

In an effort to calm down the worries of many iPhone users and the controversy, FBI they already discussed with a third party that can break or unlock the device of the gunman. Unfortunately, things had slightly changed because early this 2017, the agency admitted that they do not have the information from the third party, which came from the ruling of the federal court, as detailed by ZDNet.

From the point of view of the FBI director, they might not execute their plans better unless the Congress begins to re-authorizing the current Foreign Intelligence Surveillance Act (FISA). He said that they have trouble completing their intelligence gathering due to the restrictions.

Based on the existing guidelines of FISA, it permits the secret services of America to wiretap both phone and online communications that involve US citizens and in overseas. However, the permission is only possible if the purpose has a significant value as part of an authorized investigation. On the other hand, many are not in favor of this kind of permission because it somehow affecting the privacy law and could trigger fear to the public.

As exposed by Edward Snowden few months ago, the NSA surveillance programs intend to retrieve users’ content when using the Internet through the mobile devices. This means that people who are using social media platforms, Microsoft, Google and Apple might not be aware that the NSA is trying to access their data.

Ransomeware Virus Worldwide Attack, Infected Over 75K Computers

From the latest shared information online, there is now a huge cyber attack that hits thousands of computer systems worldwide and they recognize the spreading malware as the Ransomware virus. It affected almost 99 countries and a total of 75,000 computer units, according to the recorded data of the investigation.

It infects the files on the computers and requiring the administrator to pay through bitcons to open them.

According from the news of rt.com, the Ransomware virus is also called WanaCryptor 2.0 or WannaCry and successfully infected 75,000 computer units in almost 99 countries. The problem manifested on Friday morning, said Avast and it quickly increased the spreading massively in just a few hours after they detected it.  The targeted countries include Taiwan, Russia, United States and Ukraine, among others.

Avast is one of the most reliable security software companies today.

Based on the investigation of the authorized experts, the WannaCry virus manages to penetrate Windows computers due to the security breach last March. On this matter, Microsoft may still need to deal with this problem as long as they do not update the systems of their computers as well as networks.

From the statement of Kaspersky Lab, the number of infected victims may continue to increase from the different targeted countries.

“Affected machines have six hours to pay up and every few hours the ransom goes up,” Kurt Baumgartner said. “Most folks that have paid up appear to have paid the initial $300 in the first few hours,” he added.

Baumgartner is the principal security researcher at Kaspersky Lab, which is a multinational cybersecurity and anti-virus provider in Russia.

This involved ransomware virus might infected at least 16 National Health Services (NHS) hospitals in the United Kingdom and Telefonica, the largest national telecommunications company in Spain, added by the reported news online. On the other hand, the computer attacks only affected the internal network and not affecting the customers such as the incident with Telefonica.

From the statement of the Spanish authorities who are investigating the issue, they advised the responsible people to fix the problem and found out the spreading is due to “EternalBlue” vulnerability.

In line with this kind of cyber attack, the healthcreitnews.com reported the news last month about ransomware virus that infected personal information of almost 55,000 hospital patients in ABCD Children’s Pediatrics in San Antonio, Texas. According to the shared information, the affected documents include the names, insurance bills, birthdates, Social Security numbers and results of laboratory tests, medical info, home addresses, phone numbers and technology codes procedures.

Based on the results of the investigation, the virus that breached the information is known as the “Dharma virus” and considered as one of the elements of the ransonware. The investigators likewise revealed that the hackers made us of unknown user accounts to access the system of the ABCD. Fortunately, the pediatric hospital and the expert IT team successfully cleared the virus and utilized the backups to restore all the affected information properly, the reported news added.

The issue about this latest cyber attack is serious because the involved hackers can immediately threaten the victims if they fail to send the required $300 payment using the cryptocurrency of bitcoin within 3 days.

For British Prime Minister Theresa May, she stated that this latest concern is not just attacking the hospitals in the UK, but it is part of wider attack worldwide.

Hackers Successfully Stole $530 Million Cryptocurrency, Biggest Hacking in History

When talking about crypto-currency or cryptocurrency, many people believe that this is perhaps a cryptic idea and might not be favorable at all. Even though some investors did not gain much in this kind of venture, there are countless of individuals out there who found their luck to become millionaire because of investing to cryptocurrency.

Today, this is becoming a new trend of investment attracting people worldwide.

This type of currency is not similar to ordinary money because it is an electronic-based currency. This is the reason why many people these days are still hesitate to invest because they do not know on how it will become valuable to spend.

According to the explanation of Merriam Webster Dictionary about cryptocurrency, it deals about computerized encoding and decoding of information. It usually involves different online transactions such as computer banking, debit card deals and various eCommerce systems, among others.

Unfortunately, governments and banking institutions do not support this kind of monetary deal online and so many are still doubtful about putting up their hard-earned cash from it. In addition, there are existing issues about hacking that had been damaging the good reputation of those companies offering crypto-currency over the Internet.

Just like the recent reported news online, nearly $530 million cryptocurrency heist occurred a couple of days ago and this triggered huge concern after the massive hacking online. As detailed by the news through Reuters, the hackers made an attempt to sell close to 500 NEM tokens, which they stole from their targeted victims.

Jeff McDonald revealed that the NEM Foundation already tracked down the missing coins and originated from an unknown account. Based on the explanation of McDonald, the unknown account owner is making an effort to sell the stolen coins after moving them to at least 6 different exchanges.

“[The hackers are] trying to spend them on multiple exchanges. We are contacting those exchanges,” said McDonald as quoted by the reported news.

Jeff McDonald is the current Vice President of NEM Foundation, which created the crypto-currency known as XEM.

In line with this issue, Alexandra Tinsman who is the current representative of NEM Foundation likewise revealed that they had traced “XEM” coins being sent by the hackers to nearly 100 XEM batches amounting to $83 each and this certainly alarmed them.

One of the involved companies is the Coincheck Inc and as detailed through cnn.com, this Tokyo-based crypto-currency already gave an assurance to its affected investors that it is willing to refund the partial amount of 260,000 currencies stolen by the hackers.

Coincheck is actually leading bitcoin cryptocurrency exchange in the Asian region and said that this particular hacking issue amounting to $530 million is now the biggest crypto-currency hacking from unknown thieves. Back in 2014, the same incident happened when hackers penetrated Mt. Gox and stole about $400 million of bitcoins.

Lon Wong who is the President of NEM Foundation however is putting blame on Coincheck because of its sloppy security measure, which caused the massive heist.

Because of this recent hacking issue, there are now increasing concerns and questions regarding the kind of protection and regulation of all involved crypto-currency companies worldwide.

In line with this, giant social media network Facebook had made a decision to ban those advertisements that promote bitcoins as well as other crypto-currencies, as detailed from the reported news through buzzfeed.com. This kind of move is about giving the right protection to its valued users due to “financial products and services frequently associated with misleading or deceptive promotional practices,” as quoted by the news also.

The giant social media network believe that there are now existing doubtful advertisements relating to crypto-currencies, which they appear tricky in promoting “get-rich-quick” to many targeted users. Likewise, this activity is a clear fraud and deceiving to many people.

Starbucks WIFI in Argentina Hacked, Customer Revealed Malicious Code

In another very surprising hacking incident, a customer who visited a Starbucks coffee outlet in Buenos Aires, had encountered a malicious code after connecting to the available WIFI connection.

The popular coffee manufacturer and outlet confirmed the incident in Argentina.

From the published information through cnbc.com, the hacking incident at the Starbucks outlet in Buenos Aires happened last December 2, which immediately infected the laptop of the customer who connected to the free WIFI inside the popular coffee shop in Argentina.

The hacking code had generated the Monero crypto-currency from his laptop.

Based on the shared information also, they recognized the person as Noah Dinkin (hisTwitter username) and to prove the hacking incident, he managed to post a screenshot he took about the intriguing code caused by the hacker to show the public.

He revealed that it really happened to him at the Starbucks outlet in Argentina. According to his explanation, the first time he tried to connect to the free WIFI the code attempted to delay his connection. Because of this, it permitted the transaction to mine bitcoin illegally by utilizing the processing power of his device.

They also recognize Dinkin as an executive of Stensul, a tech-company based in New York who immediately noticed the sneaky mining code.

Based on the observation of those who learned about the hacking from Starbucks during the first week of December, the malicious or illegal code might be an issue to mine bitcoins. However, some users of Twitter believed that the involved website that hosted the script might originate from Monero (a different type of crypto-currency).

From the published news report through RT.com, Starbucks confirmed the hacking issue last Monday (December 11) and investigated the incident. As detailed online, the company made an immediate action so that their Internet provider will handle the problem and execute the necessary changes for the protection of their valued customers who are using their free WIFI connection.

Starbucks posted their explanation through their official Twitter account and assuring that they had resolved the problem already. It likewise confirmed that this particular incident, which occurred in the coffee outlet in Buenos Aires, is not a widespread concern.

“Last week, we were alerted to the issue and we reached out to our internet service provider—the Wi-Fi is not run by Starbucks, it’s not something we own or control,” said the representative of Starbucks as detailed through the Motherboard. “We don’t have any concern that this is widespread across any of our stores,” it added.

According to the news report also, they consider the Monero token as a popular “crypto-jackers” and capable of perform mining to different personal computers even without a special platform or hardware.

In line with this issue, RT.com revealed that a suspicious mining code likewise infected other known video websites like OnlineVideoConverter, Openload, Rapidvideo and Streamango.

As for cyber security expert Don Smith who learned about this issue, he explained that users of public WIFI ought to make sure that the software they utilize is up-to-date and must be aware of potential malicious activity.

 “Always be wary when connecting to untrusted networks, public wi-fi hotspots are untrusted to you even if they are provided by a trusted brand,” said Don Smith during an interview by the BBC.

Smith is an expert of cyber security and working for Secureworks.

It is true that this kind of crypto-currency mining incident is becoming prevalent today and many Internet users are experiencing different problems about it. Professional hackers are capable of determining on when to execute their plans and the victims they want to target.

The many unknown web intruders or hacking groups now are continuously increasing in numbers worldwide.

Thousand Oaks Police Authority Issues Warning about Offered Job Scams

Due to the revealed job scams that continue to victimize ordinary people who want a home-based occupation, the police authority from Thousand Oaks already warned their residents about this latest fraud.

The scammers can easily steal valuable things and money from their victims.

From the latest shared news information online, the police authority from Thousand Oaks warned their residents about the latest job scams that targets people who want to work from home. According from the issued warning statement, the fraudsters send text or email messages to their targets and offering them jobs even without undergoing personal interview.

Based on the investigation of the police authority, the offered job needs to do tasks such as envelop stuffing, home shipper, babysitter or as a personal assistant. An employee starts to complete a job to receive a package and afterwards repackaging it before sending it to a given foreign address, which includes a postage they paid.

Thousand Oaks made the warning about this kind of occupation because the package may contain stolen items and the scammer will not pay the employee, despite completing the task.

“These jobs are part of an elaborate plan to have you assist the criminal enterprise with laundering stolen money or shipping stolen goods,” as stated by the police authority in a news release as quoted by the news online.

It also warns that even the victim can become liable to the criminal activity.

As stated above, the sender or employee does not receive any compensation from the scammer, whether the person works as a home shipper, personal assistant or a babysitter. Moreover, he or she will just involve in an unlawful activity because the scammer use a stolen credit card to purchase the items sent to the foreign address.

From the information shared by CSO Online, the targeted applicants victimize by these kinds of fraud transactions are those coming from websites that recruit people such as the ZipRecruiter. This website allows interested job applicants to send resume A to a particular job offer using the available push button.

Because of this, it is easier for anybody to access the information of the resume A.

In line with, the scammers are also targeting people from different dating sites online and send photos, emails and flowers to grab the interest of their targets, as detailed by the United States Postal Inspection Service.

If a target accepted the offer, he or she has no idea that the package contained stolen items or counterfeit money from overseas.

In line with this issue, the Thousand Oaks Police Department presented some preventive measures on how to avoid dealing with these job scams. These are important to avoid any lawsuit for accepting a criminal job without full knowledge about it.

  1. Be aware about receiving a paycheck (for advance payment) from a job offer and asking you to deposit the check to your personal bank account.
  2. Be mindful about job opportunities from a company in other country.
  3. Never provide personal information to an unknown person
  4. Visit the website of the Federal Trade Commission (FTC), Better Business Bureau or State Attorney General to verify the involved company
  5. Never compensate up-front charges

These are all important preventive measures to consider as shared online.

Uber Paid Hackers $100,000 or £75,000, To Delete 57M Stolen Data

Back in 2016, taxi service provider Uber experienced a massive hacking issue that affected nearly 50 million passengers and 7 million taxi drivers’ personal information, as confirmed by the company.

However, there are reports that it settled an amount of $100,000 to the hacking group to delete the millions of data they stole during that time.

According to the latest reported news through RT.com, Uber had paid the hacking group in order to request for deletion of the stolen information from its millions of drivers and passengers. The popular alternative taxi service provider spent almost $100,000 to settle the hackers last year.

Uber had reportedly requested the hackers to keep the data breach in secret.

To make sure that the company does lose the trust of its passengers and drivers, Dara Khosrowshani confirmed the issue about hacking in 2016 on Tuesday. They want to show transparency and honesty to the people about the data breach.

“I recently learned that in late 2016 we became aware that two individuals outside the company had inappropriately accessed user data stored on a third-party cloud-based service that we use,” said Dara as quoted by the reported news.

Khosrowshani is the new Chief Executive Officer (CEO) of Uber Technologies Inc.

From the published information through Bloomberg, the company spent about $100,000 to settle the two hackers and the agreement is that they will delete the stolen personal data such as email addresses, names mobile phone numbers and an estimated 600,000 numbers of driver’s licenses.

In line with this issue, the company made a decision to fire Joe Sullivan this week because he got involved to the massive data breach last year, which occurred last October in 2016, the report from Bloomberg added.

Joe Sullivan is the former Chief Security Officer of the company and such incident really affected his reputation.

To make sure the affected passengers and drivers are aware of the situation, Uber provided them with individual resource pages wherein they will have free credit monitoring as well as protection against identity theft, as detailed on the news online. The alternative taxi-provider however revealed that the history of locations, dates of births, credit card numbers, bank accounts and Social Security numbers of the affected individuals are not part of the data breach.

“The incident did not breach our corporate systems or infrastructure,” said the new CEO of the company.

“Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded,” he continued.

Uber likewise stated through Khosrowshani that at least two persons became responsible for the massive hacking of the personal data. They already terminated them and one of them is the former Chief Security Officer Joe Sullivan as detailed above. The other involved person is a deputy officer of Sullivan.

According to the news published by express.co.uk, the former security officer of Uber made a decision to hide the issue as an effort to cover up the possible security and privacy scrutiny that might affect the company. This incident occurred during the discussions with the United States regulators that investigated the mishandling of the personal data of the affected passengers and riders.

The investigation started last October to determine the faults of Sullivan’s team, which caused the breach. Again, the new CEO wants a transparency to its valued drivers and passengers for the ongoing investigation.

Based on the investigation as reported online, the hacking groups made use of a code repository (GitHub) and this is similar what the engineering department of the company is using.

They successfully hacked the personal information through an Amazon cloud server.

EU to Impose New Privacy Law on 2018, E-Commerce Businesses Must Prepare

From a decent point of view, an online business with a privacy policy has the exact management of the available information. This kind of policy is necessary in assuring both the owner of the website and the users the right agreement on how to gather, use, share and protect the users’ data during the actual visit from the website.

In the past years even when they introduced the Internet, majority of the web-based businesses do not have this privacy policy. However, the different issues that bother many ecommerce businesses online somehow triggered the decision to setup this type of policy and almost all business owners who run their websites imposed this guideline.

This is besides having a page for About Us, Terms of Use and Disclaimer.

Lately, there had been different reports online particularly in the United States about the implemented privacy policies of many businesses. As published through ecommercetimes.com, businesses in the U.S. have a privacy policy and regulated by the Federal Trade Commission (FTC). Under the rules of this commission, there is actually not necessary for a website to have such policy and if it has an existing one, the business must adhere to it and avoid any violation.

 

FTC actually can impose penalties and file lawsuits for businesses that do not adhere to their own privacy policy just like what happened to LifeLock, which the commission sued for its negligence before.

 

According to the news published by E-Commerce Times, there is a huge change next year regarding the privacy rights online of which the European Union (EU) will implement by May 2018. They are going to change the existing “EU Data Directive” or “EU Data Protection Directive 95/46/EC into “EU GDPR.” As detailed from the information about this new regulation, it will assure the data privacy rights of the citizens of EU and normalize the data privacy laws in the European region.

 

The basis of the regulations is that a person has a fundamental right to privacy and businesses or corporations have no right to sell or purchase such individual privacy.

 

As for those organizations in the United States, the reported news said that they might not learned about the upcoming policy of EU or think that they will only implement the GDPR in organization based in the European Union. On the other hand, it appears that this new policy next year will cover all the businesses or organizations that provide services or sell products, or that checks data coming from EU, and this is irrespective of the origin.

 

Any business or organization that provides service or sells products, or need to monitor information from the citizens of EU, the new regulations will cover them and subjected.

 

The published news information likewise revealed that businesses in America are now worrying about two important matters, which is enforcement and applicability. It may be possible that large-scale businesses can easily adjust to the new guidelines, but perhaps not for those small businesses. One reason is that they still need to determine if their clients are really origination from the European region.

 

The EU GDPR does not also exempt Cloud services because they usually store users’ data worldwide and not only in a particular region. This is the reason why they also need to learn about the upcoming regulations and determine of what effects they need to anticipate.

 

The current regulation mainly focuses on monitoring large-scale or multinational businesses and not those small-scales.  However, the new guidelines on May 2018 directly change this conventional approach. This is the exact reason why businesses in the U.S. and other parts of the world must start reviewing the available information about the EU GDPR ahead of time.

 

Surely, the penalties or charges for those who will not comply can hurt their finances and so awareness is very important.

Reaper Malware Attacks Infected Millions of Internet Connected Devices

Professional malware software developers do not only target laptops and personal computers because even tablets, mobile and Smartphone users are experiencing unwanted attacks from these types of intruders. Almost all types of electronic devices that access over the Internet. Due to the increasing numbers of reports about cyber attacks that steal personal information from the targeted victims, it is definitely important for us to become aware of this widespread issue and the exact solutions to counter them.

With the development of the Android and IOS operating system units, malware attackers are becoming more interested in threatening the users. One reason is that millions of people from all parts of the world choose to invest for advanced Smartphone devices, than those ordinary items on the market. This is very similar to those who are investing for high-end laptops, PCs and tablets because they want something that feature the newest technological elements.

From the latest reported news online about cyber attacks, there are experts in cyber-security who gave a warning about the possible upcoming cyber hurricane caused by the recent Reaper malware, which infected millions of the devices that connects to the Internet.

The widespread of the infected devices can affect the Internet worldwide.

“Our research suggests we are now experiencing the calm before an even more powerful storm,” said Check Point Software. It added that it has no idea on how the code be employed or the damage extent caused by the attack, as detailed through RT.com on Wednesday.

Reaper malware is also popular as lo Trooper and this is a huge robotic network zombie (also known as Botnet) and it immediately infected millions of Internet Things devices, the reported news added. To mention of these affected devices include video recorders, web-cameras and security surveillance cameras.

From the observation Netlab 360, the malware is expanding or spreading actively and possible queuing millions of IPs from the infected devices through injecting the malicious code from the system.

According from the recorded data of those involved cyber-security experts, the found out about the zombie robotic network in the middle of September this year and originated from the Mirai Botnet source code, which infected websites by using the denial-of-distribution (DDoS) attacks October 2016. As explained by the cyber experts last year, the attacks became the biggest online security invasion in history and successfully took down the Internet within the United States.

The main victim of the Mirai Botnet is the Dyn Company, which has the capacity to control most of the domain name system (DNS) infrastructure of the Internet. The exact date of the attack last year is on October 21, 2016 and became dominant within that day.

It infected websites such as Reddit, the Guardian, Twitter, CNN, Spotify as well as other US and Europe-based online sites. Almost 164 nations worldwide had affected with the Mirai Botnet.

According to Maya Horowitz, Reaper already made an effort to improve the Mirai Botnet and the code is capable of functioning into almost 100 different activities. Unfortunately, the code source is still unidentifiable and can possible continuously infecting more and more electronic devices.

Horowitz is from the Check Point Software and they continue the investigation.

The exact function of Reaper is to exploit the current vulnerabilities in many Internet devices and then inject unknown malicious code. When it succeeded, it will then begin the attack based on the exploited vulnerabilities or weaknesses of the targeted devices.

As expected, the users will not have any idea about the malicious attacks.

In line with this issue, cyber experts from Check Point likewise reported few months ago that about 14 million Android units were infected the CopyCat malware. This particular attack helped the hackers to earn almost $1.5 million within just 60 days through bogus advertisement revenues, as reported through checkpoint.com last July.

DOJ Files Motion to US Supreme Court, Questions Decision Favoring Microsoft

The latest news reports online talk about the reaction of the Supreme Court of America after learning the decision of the Second Circuit Court of Appeals ruling, which favor giant software company, Microsoft.

The US Supreme Court is set to review the request from the Department of Justice (DOJ) to reverse the handed decision by the Second Circuit.

The DOJ continue to battle against Microsoft, regarding the issue that stored data from their servers in Ireland, which the federal investigators had discovered. According to the report through rt.com, the law enforcement of America is having trouble reaching the stored data from abroad due to the protection of Microsoft and does not permit access.

From the submitted appeal on Friday as quoted by the news online, the DOJ is arguing that the Court of Appeals Second ruling “has created a regime where electronic communication service providers… can thwart legitimate and important criminal and national security investigations.”

The argument between the DOJ and Microsoft started back in 2013 when the American government issued a warrant against the giant software maker, which has then linked to the ongoing investigation of the criminal narcotics because the government wanted to seize the stored data of a specific customer who has an active Microsoft email.

 

Unfortunately, the popular software company refused to submit the needed data with connection to the investigated email account of the customer. Since then, both parties had gone through legal dispute in the courthouse about the stored data from the company’s Ireland-based servers.

Last June, the DOJ made a decision to file a motion to bring the lawsuit to the US Supreme Court already.

 

In a statement presented by the DOJ as quoted through thehill.com, it explained that, “The panel reached that unprecedented holding by reasoning that such a disclosure would be an extraterritorial application of the Act — even though the warrant requires disclosure in the United States of information that the provider can access domestically with the click of a computer mouse.”

This particular argument likewise caught the attention of some lawmakers in Washington, wherein they debated about the plan to update the existing laws in the country when it comes to data privacy as well as law enforcement procedure in accessing stored data from other nations, when necessary.

If ever the US Supreme Court will agree to review and hear the lawsuit, it is possible that any decision it hands will make a huge impact on how tech companies need to keep their data and on how they permit the law enforcement to access such data from them.

Should there is not firm decision from the higher court to reverse the lawsuit; the Congress may pursue its plan to modify the almost 3-decade privacy law.

In line with this issue, the giant software maker already responded to the request of the DOJ. As written by Brad Smith through a blog post and quoted by The Hill online, he said that, “We will continue to press our case in court that the Electronic Communications Privacy Act (ECPA) — a law enacted decades before there was such a thing as cloud computing — was never intended to reach within other countries’ borders.”

Smith added in his post that, “If U.S. law enforcement can obtain the emails of foreigners stored outside the United States, what’s to stop the government of another country from getting your emails even though they are located in the United States?” He continued saying, “We believe that people’s privacy rights should be protected by the laws of their own countries and we believe that information stored in the cloud should have the same protections as paper stored in your desk.”

The 1986 Electronics Communications Privacy Act states that a service provider need to disclose any electronic communication to the legitimate agency of the government when it needs to investigate potential criminals.

Yahoo Revealed 2013 Data Breach Affected its 3BN Email Users

From the latest shared news reports online, search engine company Yahoo revealed that it is possible that the stolen email accounts back in 2013 caused by the data breach might be 3 times than what it has reported before.

Yahoo revealed on Tuesday that the affected email account holders are approximately three billion accounts, which it announced before that the estimated stolen e-mails are two billion.

The recent announcement of the parent company of Yahoo revealed that the announced affected email accounts back in 2013 might increased in their latest estimation. According from the news through Reuters, the search engine company said it is possible that the compromised emails affected its 3 billion users.

This estimation came out after the investigation about the data breach in 2013.

The popular search engine company said last year that over one million email accounts had been part of the breach, which they considered the biggest data breach problem worldwide in history.

From the statement of the company last December, it said that “names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or encrypted security questions and answers.”

The investigation however failed to conclude if the hackers successfully acquired the payment card data, clear text or bank account passwords of the involved users.

On the other hand, Yahoo just recently announced that they already resolved the data breach problem last year after taking the necessary actions for them to provide the exact security to their valued users. Right after learning about the breach that time, they also required the users to immediately replace their password and use security questions to make sure nobody can access their registered accounts.

Verizon Communications is now the owner of Yahoo after its acquisition last June with the amount of $4.48 billion. It also revealed that they had been working with some forensic professionals in investigating the breach and likewise has “new intelligence” to make sure the same problem will not happen again, the news added.

Verizon had combined the popular search engine with AOL as a new company recognized as Oath.

Yahoo is continuously making an effort to notify the other two billion users about the problem, just like what it did from the initial one billion account holders.

 

From the statement of Chandra McMahon as detailed through Financial Times, said that Verizon the decision to invest in acquiring Yahoo means improving its security and so that they can provide better experience to all their valid users.

 

“We proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said McMahon in her statement as quoted by rt.com.

McMahon is Verizon Communication’s chief information security officer.

Yahoo released its latest statement about the affected billions of users after the Congress grilled the former boss of Equifax, which is a popular credit reporting company that experienced a huge data breach few months ago. Equifax admitted that about 142 million of people in the United States are part of the breach and possible compromised their credit card information, Social Security numbers and other important data.

Equifax had been investigation about the issue to determine the exact hackers.

Last March, there is conducted internal investigation proving that the senior executives of the company failed to investigate or comprehend properly.

According to the filed regulatory through the Securities and Exchange Commission, it stated that “The information security team understood that the attacker had exfiltrated copies of user database backup files containing the personal data of Yahoo users but it is unclear whether…exfiltration was effectively communicated and understood outside the information security team.”

It is very important for Yahoo to explain its side further and appropriately because there are affected users who are revealing their worries about the real issue.

1 2