fbpx
Connect with us

Cybersecurity

Thousands of Phone Numbers Compromised During Robinhood Hack

Published

 on

Popular investment and trading platform Robinhood stated that “limited information” had been stolen during a cyber-attack targeting the company last week but highlighted that among them were thousands of personal phone numbers.

Robinhood said on Tuesday, that the list obtained by the hackers, which contained email addresses for about five million people and full names for a different group of roughly two million people, included “several thousand entries” with phone numbers.

While the company failed to reveal how many phone numbers were on the list, Motherboard reported that it’s about 4,400.

Motherboard got a copy of the stolen phone numbers “from a source who presented themselves as a proxy for the hackers.” In a statement, Robinhood did not confirm whether the phone numbers Motherboard had obtained, were authentic but did acknowledge that the stolen information included thousands of phone numbers.

However, the blog added: “We continue to believe that the list did not contain Social Security numbers, bank account numbers, or debit card numbers and that there has been no financial loss to any customers as a result of the incident. We’ll continue making appropriate disclosures to affected people.”

The company added: “After we contained the intrusion, the unauthorized party demanded an extortion payment. We promptly informed law enforcement and are continuing to investigate the incident with the help of Mandiant, a leading outside security firm.”

On his side, Robinhood Chief Security Officer Caleb Sima said, “As a Safety-First company, we owe it to our customers to be transparent and act with integrity.”

“Following a diligent review, putting the entire Robinhood community on notice of this incident now is the right thing to do,” he noted.

Journalist for 8 years in print media, with a bachelor degree in Political Science and International Affairs. Masters in Media communications.

Cybersecurity

Australia to ‘fight back’ against hostile states in cyber – minister

Published

 on

Australia and Britain will “fight back” against cyber attacks from China, Russia, and Iran, defense minister Peter Dutton said ahead of consultations with Britain in Sydney.

Australia’s defense and foreign affairs ministers will meet with Britain’s defense secretary Ben Wallace and foreign secretary Liz Truss on Friday for the annual Australia-United Kingdom Ministerial Consultations (AUKMIN).

Australia and Britain would coordinate cyber sanction regimes to increase deterrence, raising the costs for hostile state activity in cyberspace, said foreign affairs minister Marise Payne, after signing an agreement on Thursday with Truss.

“Australia is committed to working with partners such as the UK to challenge malign actors who use technology to undermine freedom and democracy,” Payne said in a statement.

Dutton said Friday’s meeting would have a big focus on cyber.

“Both the UK and Australia get regular attacks from Russia and from China, Iran and other countries,” he said on radio, adding they would “fight back”.

Discussions will also identify areas where Australia and the Britain can work together in the Indo-Pacific region, and Australia’s nuclear submarine program.

The new Aukus defence alliance with Britain and the United States, which last year prompted Australia to cancel a contract for a conventional French submarine in favour of a nuclear submarine prpgram supported by the United States and Britain, was crucial for Australia, he said.

“They are big countries and they have big military machines and are important allies and friends for us as a smaller country of only 25 million people if we are going to deter countries from aggressive behaviour,” he said.


SYDNEY (Reuters)

Continue Reading

Cybersecurity

China drafts rules on security reviews for apps influencing public opinion

Published

 on

China’s cyber regulatory body issued on Wednesday draft rules governing mobile apps, including a requirement for security reviews of apps whose functions could influence public opinion.

The proposed regulations are part of a campaign run by the Cyberspace Administration of China (CAC) over the past year to increase oversight of the country’s tech companies.

The public has been invited to give feedback on the draft rules by Jan. 20.

The proposals will require application providers to carry out a security assessment before launching “new technologies, new applications, and new functions” capable of influencing opinion or mobilising the public.

The CAC did not specify any specific apps or outline the security assessment process other than to say it should be carried out in accordance with national regulations.

The proposed rules would apply to “text, picture, voice, video and other information production”, as well as instant messaging, news dissemination, forum communities, livestreaming, and e-commerce, the regulator said.

The regulator added that mobile app providers must not conduct activities that endanger national security, or force users to share non-essential personal information.

News apps must obtain licenses granting permission to publish news, it said.

Over the past year, Chinese authorities have tightened regulations across a number of industries, ranging from gaming to real estate to education.

The CAC has led a number of initiatives targeting the country’s tech sector.

On Tuesday, CAC announced it would implement two new rules. One rule requires platform companies with over 1 million users to undergo security assessments before listing overseas, which would take effect in February. The other rule governs companies’ use of recommendation algorithms, which would take effect in March.


SHANGHAI (Reuters)

Continue Reading

Cybersecurity

China to order cybersecurity reviews for some firms seeking overseas listings

Published

 on

China said on Tuesday it would put in force new rules that will boost oversight over how its platform companies make plans to list abroad or use recommendation algorithms, in moves set to tighten Beijing’s grip over its sprawling technology sector.

The Cyberspace Administration of China (CAC) said it would from Feb. 15 implement new rules that require platform companies with data for more than 1 million users to undergo a security review before listing their shares overseas.

In a separate statement, the CAC also said it would implement new rules governing the use of algorithm recommendation technology from March 1, requiring companies to give users the right to switch off the service and increasing oversight of news providers that use such technology to disseminate information.

Both sets of rules were proposed last year and are expected to potentially impact a large swathe of companies, such as TikTok owner ByteDance, e-commerce giant Alibaba Group and many more smaller players.

ByteDance and Alibaba did not immediately respond to Reuters’ request for a comment.

The CAC move comes amid a slew of regulatory changes in China over the past year that have dampened the appetite of firms to list overseas but bankers hope the new rules will provide more clarity in 2022.

The CAC did not specify whether the rules will apply to companies seeking listings in Hong Kong. But lawyers and bankers said based on its wording it appeared that Chinese companies with more than 1 million users seeking to list in the city would not be required to seek the cybersecurity review.

“Hong Kong is being treated as part of China, offshore though not foreign market, and this paves the way for more deals to return to Hong Kong,” one investment banker at a Western institution told Reuters, asking not be named as he was not permitted to speak to the media.

In Hong Kong, the Hang Seng Index fell 0.36% and the city’s tech index lost 1.44%.

Shares in Hong Kong Exchanges and Clearing Ltd, the operator of the Hong Kong stock exchange, were last down 1.9%. They fell as much as 2.4% following the announcement.

“If this is not retrospective then it would only affect listing aspirants and not companies already listed. Having said that, companies in the latter camp already have a lot on their minds,” said Justin Tang, head of Asian research at investment adviser United First Partners in Singapore.

The rules published on Tuesday did not specify whether the planned changes would be retrospective.

NARROWED SCOPE

The CAC first proposed the cybersecurity reviews in July https://www.reuters.com/world/china/china-widens-clampdown-overseas-listings-with-pre-ipo-review-firms-with-large-2021-07-10, saying they would put a focus on the risks of data being affected, controlled or manipulated by foreign governments after overseas listings.

Alex Roberts, who tracks data policy at law firm Linklaters in Shanghai, said the new rules appeared to have shrunk the scope of the companies likely to be affected by the changes, as compared to the proposal made in July.

“The most significant change in these cybersecurity review measures seems to be the narrowing of the review’s application to only critical information providers, data processors that may impact national security, or platform operators holding over 1 million individuals’ personal data,” said Roberts, but he added the rules still do not provide ample specificity as to what types of companies will be affected.

“This ambiguity will be a real concern for successful multi-channel businesses in China’s digital economy given the current uncertainty of the review process.”

The CAC changes come after a slew of recent moves by Chinese authorities to boost oversight over Chinese companies’ offshore listings.

China’s state planner said last week it would demand regulatory clearance https://www.reuters.com/world/china/china-tightens-scrutiny-offshore-listings-sectors-off-limits-foreign-investment-2021-12-27 for overseas Chinese listings in sensitive sectors such as internet news and publishing.

Separately, the China Securities Regulatory Commission (CSRC) said on Dec. 24 it would require companies wishing to list overseas to submit filings to the agency first for registration, under a system that also involves close coordination among various regulatory bodies.


SHANGHAI (Reuters)

Continue Reading

Trending