Americans' SSNs may be Compromised while the UK Threatens Extradition for Online Posts (Issue 37, 2024)
Slack AI is also leaking private channel data and Worldcoin orbs will soon be scanning Malaysian citizens.
We’re delivering you the hottest internet news that affects all of us. Scroll down to read our full reporting below and if you love what we’re doing, please consider contributing $5 per month so that we can continue providing you with this vital, unique reporting.
Talk Liberation is committed to providing equal access for individuals with disabilities. To view an accessible version of this article, click here.
In this edition:
UK May Extradite and Prosecute Americans Posting Misinformation
US Federal Court Finds Geofence Warrants Illegal
Americans Can Opt-Out of Facial Recognition in US Airports For Now
Sam Altman’s Worldcoin to Provide ID Verification in Malaysia
Slack AI Leaks Data from Private Channels
A Data Breach May Contain Every American’s Social Security Number
New BRICS Pay System to Rival SWIFT
2024 Sees Billions of Records Stolen in Data Breaches
UK May Extradite and Prosecute Americans Posting Misinformation
Massive riots recently rocked the United Kingdom and it appears the situation was caused, or at least made much worse, due to a proliferation of false information. The catalyst for the civil unrest was a mass stabbing that took the lives of 3 children and immediate rumours claimed the perpetrator was a Muslim asylum seeker.
After investigation by UK authorities it was determined that the attacker was actually a UK citizen, born to parents who legally immigrated from the African country of Rwanda. Additionally, during the riotous period there were online posts from U.S. based accounts that allegedly encouraged the violence and supported the false narrative that the offender was a Muslim asylum seeker.
Based on the investigative information, a reaction from the head of police stated, “We will throw the full force of the law at people and whether you’re in this country committing crimes on the streets or committing crimes from further afield online we will come after you”.
US Federal Court Finds Geofence Warrants Illegal
Geofence warrants are a particularly invasive method of identifying all users’ devices in a geographic area and were recently found to violate the Fourth Amendment by a US Federal Appeals Court.
The data comprising geofence warrants is almost always provided by Google, and the number of requests for these warrants has been steadily climbing. Fortunately, Google is in the process of rolling out changes that would keep location data on the user’s device, making it impossible for the tech giant to service these warrants in the future.
The Electronic Frontier Foundation (EFF) applauded the court’s ruling, stating, “Closely following arguments EFF has made in a number of cases, the court found that geofence warrants constitute the sort of 'general, exploratory rummaging' that the drafters of the Fourth Amendment intended to outlaw.”
Americans Can Opt-Out of Facial Recognition in US Airports for Now
Airports in the United States are going all-in on facial recognition with over 200 currently using the technology and many more prepared to roll it out in the near future. For those without American citizenship there is no opt-out and the facial scans could be held for decades in government databases.
US citizens or permanent residents (aka Green Card holders) are currently allowed to request “alternative processing” by a border agent who manually reviews your documents.
While the issues of reliablity and poorer performance on non-white faces is likely the basis for providing the current opt-out, as these problems are addressed US Customs may make facial scanning mandatory regardless of citizenship.
Sam Altman’s Worldcoin to Provide ID Verification in Malaysia
Following the signing of a memorandum of understanding, Worldcoin, founded by Sam Altman of OpenAI, will now be using their iris scanning technology to provide personal verification for the country of Malaysia. The impetus for the MoU is based on digital credentials requiring a reliable method to provide “proof of humanness”, which means that Worldcoin’s dystopian chrome orbs will soon be scanning Malaysian citizens’ biometric data to verify individual identities.
Included in the partnership is the joint manufacturing of the orbs, tying Altman’s World Chain to Malaysia’s National Blockchain Infrastructure and providing open-source availability of the Worldcoin technology.
While the partnership has made headlines it should be noted that Worldcoin is not beyond controversy, being investigated by Kenyan authorities in 2023 following allegations of token manipulation and more recently in Hong Kong for data privacy violations.
Slack AI Leaks Data from Private Channels
The security firm PromptArmor has published research detailing how the Slack AI is vulnerable to prompt injection, a form of manipulation where AI chat software discloses information that they would otherwise not have access to.
At the root of the vulnerability is the fact that Slack AI permits users to fetch data from both public and private channels, which includes public channels the user has not joined and private channels the user does not have access to.
Compounding the issue is the fact that a recent Slack update has now added files from channels and direct messages between users to the data their AI has access to, making user files a target for hackers and allowing malicious actors to exfiltrate sensitive data via the prompt injection vulnerability.
PromptArmor has advised administrators overseeing Slack workspaces to limit the AI’s access to files and documents until the issue is fixed.
A Data Breach May Contain Every American’s Social Security Number
National Public Data (NPD) is a company that supports background checks by providing personal data to employers, private investigators, staffing agencies and others. In August a class-action lawsuit filed in Florida accused National Public Data of having been breached and exposing incredibly sensitive data on 2.7 billion people.
The response from National Public Data was to admit that a breach occurred, but that only 1.3 million records were compromised. Following this NPD has mostly gone silent, refusing to respond to requests for comments or formally notify those who may have been affected by the potential breach.
Meanwhile, a representative from the hacking group USDoD has begun offering “the full NPD database” for sale on a hacking forum that includes full name, address, date of birth, Social Security number (or equivalent) and phone number on over 2.7 billion people.
News outlets focusing on cybersecurity have reviewed the portions of data offered by USDoD on the forum and stated that they appear to be real people’s actual information. While the allegations against NPD having their full database breached are still just accusatory at this time, it appears increasingly likely the breach is real and, if true, could lead to increased identity theft crimes against anyone (re: most Americans, Canadians, Britons and many others) unlucky enough to be in the NPD system.
New BRICS Pay System to Rival SWIFT
The intergovernmental organization BRICS, whose member countries contain about 45% of the global population, is set to roll out a new system for cross-border transactions called BRICS Pay. The system will be independent of the US dollar and integrate local currencies for the exchange of trade.
This system is aligned with the official BRICS de-dollarization policy that aims to cut out use of the US dollar completely. The initiative will likely implement blockchain technology and is being touted as an alternative to the SWIFT network that is relied on by a majority of the global banking system.
Providing validation for the project are more than 50 countries, primarily from Asia, Africa, South America, and Eastern Europe, that have expressed interest in using the BRICS Pay system. These countries showcase a growing desire among emerging economies to free themselves from the domination of the US dollar and may weaken the United State’s influence on global trade.
2024 Sees Billions of Records Stolen in Data Breaches
With nearly a month left until the 4th quarter of 2024 there has already been more than one billion records of sensitive personal information hacked, breached or otherwise compromised. And to make matters worse, if the National Public Database breach is as severe as it appears, the number of breached records could top 4 billion before the New Year.
The primary victims (so far) are UnitedHealth, Snowflake and AT&T who respectively lost medical data covering most people in the United States, over half-a-billion records from client Ticketmaster, and phone numbers and call records for “nearly all” customers totalling about 110 million people.
That concludes this edition of Your Worldwide INTERNET REPORT!
Remember to SUBSCRIBE and spread the word about this unique news service.
This issue of Your Worldwide INTERNET REPORT was produced by the Talk Liberation Digital Media Team.
Talk Liberation - Your Worldwide INTERNET REPORT was brought to you by Panquake.com. We Don’t Hope, We Build!
© Talk Liberation Limited. The original content of this article is licensed under a Creative Commons Attribution-ShareAlike 4.0 International license. Please attribute copies of this work to “Talk Liberation” or talkliberation.com. Some of the work(s) that this program incorporates may be separately licensed. For further information or additional permissions, contact licensing@talkliberation.com