Data Privacy Week 2023

Every January, we celebrate privacy with Data Privacy Week. It has rightly expanded from Data Privacy Day. And of course every day should be data privacy day.

In the news: The FBI shuts down a major ransomware group; new Windows malware steals passwords and other data; new Android malware can completely take over your device; a dangerous “malvertising” campaign mimics popular software to steal info; the previously-secret “no fly” list was leaked online; tens of thousands of PayPal accounts hacked via credential stuffing; T-Mobile admits to over 37M customer records stolen; and Twitter GodMode is back (or rather never really went away). I’ll answer a Dear Carey question about Plain, the service that allows financial tech aggregators to access your account information and my Tip of the Week will explain Apple’s new Advanced Data Protection feature.

Article Links

  1. [NPR] FBI says it ‘hacked the hackers’ to shut down major ransomware group
  2. [Tom’s Guide] This Windows malware is stealing passwords and other data — how to stay safe
  3. [TechSpot] New malware dubbed “Hook” allows hijacking and real-time spying on Android devices
  4. [TechRadar] This dangerous malvertising campaign mimicks popular software to steal victim info
  5. [BleepingComputer] Secret terrorist watchlist with 2 million records exposed online
  6. [BleepingComputer] PayPal accounts breached in large-scale credential stuffing attack
  7. [Naked Security] T-Mobile admits to 37,000,000 customer records stolen by “bad actor”
  8. [] Twitter GodMode still available to all engineers, following hack of Apple and other accounts
  9. Dear Carey: Is Plaid Safe? 
  10. Apple’s Advanced Data Protection: 
  11. Apple recovery contact: 

Further Info

Table of Contents

Use these timestamps to jump to a particular section of the show.

  • 0:02:04: News rundown
  • 0:03:19: FBI shuts down Hive ransomware group
  • 0:07:34: New Windows malware steals data
  • 0:12:07: New Android malware that completely takes over device
  • 0:15:43: Malvertising campaign mimicks popular software apps
  • 0:19:44: Secret “no fly list” leaked online
  • 0:24:26: PayPal accounts accessed via credential stuffing attack
  • 0:28:06: T-Mobile admits 37M customer records stolen
  • 0:31:31: Twitter’s GodMode tool is still available to engineers
  • 0:34:59: Dear Carey: Is Plaid safe?
  • 0:45:41: Tip of the Week: Apple’s Advanced Data Protection
  • 0:53:54: 5th edition update and cool resources
  • 0:56:56: How you can help