PM under pressure to follow EU and US in taking step over fears Chinese-owned app poses cybersecurity risk
Rishi Sunak has been urged to ban government officials from using TikTok in line with moves by the EU and US, amid growing cybersecurity fears over China.
Officials in Europe and the US have been told to limit the use of the Chinese-owned social video app over concerns that data can be accessed by Beijing.
Continue reading...Former Australian prime minister Scott Morrison among politicians and celebrities whose details were in sample of allegedly hacked data published online
The former Australian prime minister Scott Morrison appears to have been caught up in a leak of partial data on 400 million Twitter users, along with celebrities including the model Cara Delevingne, US politician Alexandria Ocasio-Cortez and pop singer Shawn Mendes.
Morrison’s Twitter account was included in a sample of data released by an alleged cybercriminal last week.
Continue reading...Company says its security system prevented the hacker accessing customer data or encrypted passwords
Password manager LastPass has told customers that some of their information has been accessed in a cybersecurity breach, but says passwords remain safe.
LastPass is one of several password managers in the market that aims to reduce the reuse of passwords online, by storing themin a single app. It also makes it easier for users to generate strong passwords as required.
Continue reading...The size of the data file suggests it may be the full trove of hundreds of thousands of customers’ private records that were stolen from the health insurer
The cybercriminals behind the Medibank cyber-attack have posted on the dark web what appears to be the remainder of what customer data they took from the health insurer, stating it is “case closed” for the hack.
On Thursday morning, the blog – which returned online after several days of being offline last week – posted “Happy Cyber Security Day!!! Added folder full. Case closed.” and included a file that has several compressed files amounting to over 5GB.
Continue reading...European parliament is investigating powerful surveillance tool used by governments around the world
Victims of spyware and a group of security experts have privately warned that a European parliament investigatory committee risks being thrown off course by an alleged “disinformation campaign”.
The warning, contained in a letter to MEPs signed by the victims, academics and some of the world’s most renowned surveillance experts, followed news last week that two individuals accused of trying to discredit widely accepted evidence in spyware cases in Spain had been invited to appear before the committee investigating abuse of hacking software.
Continue reading...Fraud, online shopping and banking among most commonly reported crimes, but ransomware ‘most destructive’, ASD says
The number of reports of cybercrime in Australia had shot up by 13% to 76,000 in a year, or one every seven minutes, even before a series of high-profile privacy breaches hit the headlines.
These threats are imposing an increasingly heavy cost on businesses, with the average loss per cybercrime rising by 14% to $39,000 for a small business and $62,000 for a large business.
Continue reading...Privacy policy update confirms data of continent’s users available to range of TikTok bases including in Brazil, Israel and US
TikTok is spelling out to its European users that their data can be accessed by employees outside the continent, including in China, amid political and regulatory concerns about Chinese access to user information on the platform.
The Chinese-owned social video app is updating its privacy policy to confirm that staff in countries, including China, are allowed to access user data to ensure their experience of the platform is “consistent, enjoyable and safe”.
Continue reading...As the government develops online safety guidelines, digital rights groups says any approach requiring the use of ID is ‘invasive and risky’
In the wake of the Optus and Medibank data breaches, digital rights groups are urging the federal government to rule out requiring identification documents as part of any online age-verification system, warning it could create a honeypot of people’s personal information and pornography-viewing habits.
The eSafety commissioner, Julie Inman Grant, is developing an online safety “roadmap”, outlining a way to prevent minors from accessing adult content online by ensuring host sites have verified the ages of users.
Continue reading...Watchdog says phishing email enabled hackers to steal personal information of 113,000 employees
Britain’s data watchdog has fined the construction group Interserve £4.4m after a cyber-attack that enabled hackers to steal the personal and financial information of up to 113,000 employees.
The attack occurred when Interserve ran an outsourcing business and was designated a “strategic supplier to the government with clients including the Ministry of Defence”. Bank account details, national insurance numbers, ethnic origin, sexual orientation and religion were among the personal information compromised.
Continue reading...Electricity company says attack accessed information on 323 customers but ‘no evidence’ data was transferred elsewhere
EnergyAustralia has become the latest company to be targeted by a cyber-attack, with hundreds of customers’ details exposed.
In a statement released late on Friday, the electricity company said 323 residential and small business customers were affected by unauthorised access to their online platform, My Account.
Sign up for our free morning newsletter and afternoon email to get your daily news roundup
Continue reading...Attorney general Mark Dreyfus has announced the appointment of justice Jayne Jagot to the high court. Follow the day’s news live
Queensland seeking partnerships from the federal government in renewable plan
The Queensland premier, Annastacia Palaszczuk, was asked to clarify how long the state will keep exporting coal for:
There’s still going to be countries that need our coal and, of course, the metallurgical coal [that] is needed for steel production. Let’s be clear about that. Until there’s alternative to manufacturing steel, the world will still need metallurgical coal.
The plan is $62bn. We have a $6bn down payment on that … we’ve already got $11bn worth of private investment coming in.
But there will be even more coming in as well. So roughly, it will be around, over $30bn, between $30bn and $40bn we’re providing, but we’re seeking partnerships from the federal government.
Well, in Europe, of course, there’s a lot of reliance on gas coming in from the Ukraine and parts of Russia, is my understanding.
But what we’re doing here very clearly is [ensuring] that the hydro dams get built. And then, as the hydro dams come online, that’s when you start phasing down the reliance on coal-fired power stations.
We’re building sea walls as we speak. People are having to build their houses on 7-to-12-foot stilts above the ground because of the water coming underneath. Ancestral graves that the ABC has reported on are being washed away. This is happening in Queensland. It’s not just an island on the Pacific ocean. It is happening to Queenslanders. To Australians. And we all have a duty to look after one another.
Continue reading...Mark Dreyfus indicates potential reforms to laws regarding data breaches including higher penalties, mandatory precautions and customer notifications
Privacy law changes, including tougher penalties for data breaches, could be legislated as early as this year, the attorney general has said in the wake of the Optus breach.
Mark Dreyfus revealed on Thursday that in addition to completing a review of Australia’s privacy laws the Albanese government will look to legislate “even more urgent reforms” late this year or in early 2023.
Continue reading...CEO Shalev Hulio is stepping down as part of NSO reorganisation that will see it focus on sales in Nato member countries
Israel’s NSO Group, which makes the globally controversial Pegasus spyware said on Sunday its CEO Shalev Hulio would step down as part of a reorganisation.
The indebted, privately owned company also said it would focus sales on countries belonging to the Nato alliance.
Continue reading...Cybersecurity expert Ron Deibert to testify to Canadian MPs about troubling spread of invasive surveillance tools
The mercenary spyware industry represents “one of the greatest contemporary threats to civil society, human rights and democracy”, a leading cybersecurity expert warns, as countries grapple with the unregulated spread of powerful and invasive surveillance tools.
Ron Deibert, a political science professor at the university of Toronto and head of Citizen Lab, will testify in front of a Canadian parliamentary committee on Tuesday afternoon about the growing threat he and others believe the technology poses to citizens and democracies.
Continue reading...Personal information allegedly taken from Shanghai police database would be one of biggest data breaches in history
A hacker has claimed to have stolen the personal information of 1 billion Chinese citizens from a Shanghai police database, in what would amount to one of the biggest data breaches in history if found to be true.
The anonymous hacker, identified only as “ChinaDan”, posted on hacker forum Breach Forums last week offering to sell the more than 23 terabytes (TB) of data for 10 bitcoin, equivalent to about $200,000 (£165,000).
Continue reading...Police have been accused of spying on at least 26 individuals who are not criminal suspects
An inquiry into allegations that Israel’s police force systematically hacked into the mobile phones of Israeli citizens has found that while the police did use NSO Group’s controversial Pegasus malware, there is no evidence suggesting illegality.
In a series of explosive reports over the last two months, the local financial daily newspaper Calcalist accused the police of spying on at least 26 individuals who were not criminal suspects. Those named included politicians, protesters, and members of the former prime minister Benjamin Netanyahu’s inner circle – claims Netanyahu used to delay proceedings in his corruption trial.
Continue reading...Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs
A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.
Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.
Continue reading...Opposition leader Donald Tusk calls for inquiry after watchdog says government’s rivals were targeted by Pegasus spyware
Polish opposition leader Donald Tusk said on Tuesday reports that the government spied on its opponents represented the country’s biggest “crisis for democracy” since the end of communism.
A cybersecurity watchdog last week said the Pegasus spyware had been used to target prominent opposition figures, with Polish media dubbing the scandal a “Polish Watergate”.
Continue reading...Exclusive: Analysis of Kamel Jendoubi’s mobile phone reveals he was targeted in August 2019
The mobile phone of a UN-backed investigator who was examining possible war crimes in Yemen was targeted with spyware made by Israel’s NSO Group, a new forensic analysis of the device has revealed.
Kamel Jendoubi, a Tunisian who served as the chairman of the now defunct Group of Eminent Experts in Yemen (GEE)– a panel mandated by the UN to investigate possible war crimes – was targeted in August 2019, according to an analysis of his mobile phone by experts at Amnesty International and the Citizen Lab at the University of Toronto.
Continue reading...Israeli spyware firm goes from bad to worse as scathing Apple lawsuit follows US blacklisting
Shalev Hulio, the co-founder of Israel’s NSO Group, was in Washington DC on a mission to try to resuscitate the surveillance company’s battered reputation on Capitol Hill shortly before the news broke that he had probably arrived too late to make a difference.
With little advance warning to its allies in Israel, the Biden administration announced on 3 November that it was putting the spyware maker – one of the most sophisticated cyber-weapons companies in the world – on a US blacklist, citing use of the company’s software by regimes around the world for “transnational repression”.
Continue reading...