×
Music

Spotify Criticized For Letting Fake Albums Appear On Real Artist Pages (arstechnica.com) 6

An anonymous reader quotes a report from Ars Technica: This fall, thousands of fake albums were added to Spotify, with some appearing on real artist pages, where they're positioned to lure unsuspecting listeners into streaming by posing as new releases from favorite bands. An Ars reader flagged the issue after finding a fake album on the Spotify page of an UK psych rock band called Gong. The Gong fan knew that the band had begun touring again after a surprise new release last year, but the "latest release" listed by Spotify wasn't that album. Instead, at the top of Gong's page was a fake self-titled album supposedly released in 2024.

The real fan detected the fake instantly, and not just because the generic electronic music sounded nothing like Gong's experimental sounds. The album's cover also gave the scheme away, using a generic font and neon stock image that invoked none of the trippy imagery that characterized Gong's typical album covers. Ars confirmed with Gong member Dave Sturt that the self-titled item was an obvious fake on Monday. At that time, Sturt said the band was working to get the junk album removed from its page, but as of Tuesday morning, that album remained online, along with hundreds of other albums uploaded by a fake label that former Spotify data "alchemist" Glenn McDonald flagged in a social media post that Spotify seemingly ignored.

On his site, McDonald gathered the junk album data by label, noting that Beat Street Music, which has no web presence but released the fake Gong album, uploaded 240 junk albums on Friday alone. Similarly, Ancient Lake Records uploaded 471 albums on Friday. And Gupta Music added 483 just a few days prior, along with 600 junk albums from Future Jazz Records uploaded between September 30 and October 8. These junk albums don't appear to be specifically targeting popular artists, McDonald told Ars. Rather, generic music is uploaded under a wide range of one-word artist names. However, by using that tactic, some of these fake albums appeared on real artist pages, such as Gong, experimental rock band Swans, and English rock bands Asia and Yes. And that oversight is on Spotify, McDonald suggested.
"We are aware of the issue, have relocated the content in question, and are considering our further options against the providing licensor," a Spotify spokesperson said. "When we identify or are alerted to attempts by bad actors to game the system, we take action that may include removing stream counts and withholding royalties. Spotify invests heavily in automated and manual reviews to prevent, detect, and mitigate the impact of bad actors attempting to collect unearned royalties."
The Internet

FCC Launches Formal Inquiry Into Why Broadband Data Caps Are Terrible (engadget.com) 33

The Federal Communications Commission announced that it will open a renewed investigation into broadband data caps and how they impact both consumer experience and company competition. From a report: The FCC is soliciting stories from consumers about their experiences with capped broadband service. The agency also opened a formal Notice of Inquiry to collect public comment that will further inform its actions around broadband data caps. "Restricting consumers' data can cut off small businesses from their customers, slap fees on low-income families and prevent people with disabilities from using the tools they rely on to communicate," FCC Chairwoman Jessica Rosenworcel said. "As the nation's leading agency on communications, it's our duty to dig deeper into these practices and make sure that consumers are put first."
AI

National Archives Pushes Google Gemini AI on Employees 15

An anonymous reader shares a report: In June, the U.S. National Archives and Records Administration (NARA) gave employees a presentation and tech demo called "AI-mazing Tech-venture" in which Google's Gemini AI was presented as a tool archives employees could use to "enhance productivity." During a demo, the AI was queried with questions about the John F. Kennedy assassination, according to a copy of the presentation obtained by 404 Media using a public records request.

In December, NARA plans to launch a public-facing AI-powered chatbot called "Archie AI," 404 Media has learned. "The National Archives has big plans for AI," a NARA spokesperson told 404 Media. "It's going to be essential to how we conduct our work, how we scale our services for Americans who want to be able to access our records from anywhere, anytime, and how we ensure that we are ready to care for the records being created today and in the future."

Employee chat logs given during the presentation show that National Archives employees are concerned about the idea that AI tools will be used in archiving, a practice that is inherently concerned with accurately recording history. One worker who attended the presentation told 404 Media "I suspect they're going to introduce it to the workplace. I'm just a person who works there and hates AI bullshit." The presentation was given about a month after the National Archives banned employees from using ChatGPT because it said it posted an "unacceptable risk to NARA data security," and cautioned employees that they should "not rely on LLMs for factual information."
Businesses

Why OpenAI Is at War With an Obscure Idea Man (bloomberg.com) 28

In a David vs. Goliath legal battle, AI powerhouse OpenAI is squaring off against a little-known entrepreneur who claims he conceived the company's name and mission months before its star-studded launch. Guy Ravine, a self-taught programmer with a history of near-misses in tech, registered the domain open.ai in March 2015. He envisioned a collaborative platform to develop artificial general intelligence (AGI) for the benefit of humanity. By year's end, Ravine had pitched his "Open AI" concept to industry luminaries and filed for a trademark. Then, in December 2015, Sam Altman and Greg Brockman announced the creation of OpenAI, backed by a promised billion dollars from Elon Musk and others.

The similarity was uncanny -- a non-profit aimed at developing AGI for the public good. "What the f---?" Ravine recalls thinking. He claims his idea was stolen, while OpenAI dismisses him as an opportunistic "troll" and a "fraud." The ensuing legal battle has consumed Ravine's life, Bloomberg Businessweek covers in great detail, and has raised thorny questions about idea ownership in Silicon Valley. It also casts a shadow over OpenAI's origin story as the company, now valued at $157 billion, shifts from its non-profit roots to a for-profit juggernaut. "It's humanity's asset," Ravine insists. "It's not his [Altman's] asset." For now, a judge has barred Ravine from using "Open AI" while the suit proceeds, but the inventor has vowed to fight on against what he calls "the most feared law firm in the world." An amusing excerpt from the story: But Ravine had poked the bear, and as he packed up his house on Aug. 11, 2023, he opened an email from a lawyer at the firm Quinn Emanuel Urquhart & Sullivan LLP, informing him that OpenAI was suing him in federal court over the domain and trademark. "I'm like, what the f---?" Ravine recalls. Altman, he says, "could have had it for free" -- or at least for the cost of a donation. "Instead, he decided to donate millions of dollars to literally the most feared law firm in the world, to sue me."

Again and again in our conversations, he returns to that phrase: "the most feared law firm in the world." Finally, I ask him how he knows this. He turns his laptop toward me and pulls up the email. The signature reads "Quinn Emanuel Urquhart & Sullivan LLP: Most Feared Law Firm in the World."

Crime

Murder Trial Begins For US Tech Consultant Accused In Death of Cash App Founder (www.cbc.ca) 26

An anonymous reader quotes a report from CBC News: The murder trial of a tech consultant in the stabbing death of Cash App founder Bob Lee begins Monday, a year and a half after the widely admired entrepreneur was found staggering on a deserted downtown San Francisco street seeking help. Lee's death at age 43 stunned the tech community, and fellow executives and engineers penned tributes to his generosity and brilliance. Lee was chief product officer of cryptocurrency platform MobileCoin when he died. He was a father to two children.

Prosecutors say Nima Momeni, 40, planned the April 4 attack after a dispute over his younger sister, Khazar, with whom Lee was friends. They say Momeni took a knife from his sister's condo, drove Lee to a secluded area and stabbed him three times, then fled. Defence lawyers disagree, and they say that Lee, high on drugs, attacked Momeni. "Our theory is that Bob had the knife, and that Nima acted in self defence," attorney Saam Zangeneh said.

He said his client is eager to tell his side of the story, but they haven't decided whether Momeni will testify in his defence. Momeni, who lives in nearby Emeryville, Calif., has been in custody since his arrest days after Lee died at a San Francisco hospital. Momeni's mother has been a steadfast presence at court hearings, and he is close to his sister. [...] Momeni, who has pleaded not guilty, faces 26 years to life if convicted. San Francisco Superior Court Judge Alexandra Gordon has told jurors the trial could last until mid-December.

The Internet

Ward Christensen, BBS Inventor and Architect of Our Online Age, Dies At Age 78 (arstechnica.com) 39

An anonymous reader quotes a report from Ars Technica: On Friday, Ward Christensen, co-inventor of the computer bulletin board system (BBS), died at age 78 in Rolling Meadows, Illinois. Christensen, along with Randy Suess, created the first BBS in Chicago in 1978, leading to an important cultural era of digital community-building that presaged much of our online world today. Friends and associates remember Christensen as humble and unassuming, a quiet innovator who never sought the spotlight for his groundbreaking work. Despite creating one of the foundational technologies of the digital age, Christensen maintained a low profile throughout his life, content with his long-standing career at IBM and showing no bitterness or sense of missed opportunity as the Internet age dawned.

"Ward was the quietest, pleasantest, gentlest dude," said BBS: The Documentary creator Jason Scott in a conversation with Ars Technica. Scott documented Christensen's work extensively in a 2002 interview for that project. "He was exactly like he looks in his pictures," he said, "like a groundskeeper who quietly tends the yard." Tech veteran Lauren Weinstein initially announced news of Christensen's passing on Sunday, and a close friend of Christensen's confirmed to Ars that Christensen died peacefully in his home. The cause of death has not yet been announced.

Pior to creating the first BBS, Christensen invented XMODEM, a 1977 file transfer protocol that made much of the later BBS world possible by breaking binary files into packets and ensuring that each packet was safely delivered over sometimes unstable and noisy analog telephone lines. It inspired other file transfer protocols that allowed ad-hoc online file sharing to flourish.

Power

Google Inks Deal With Nuclear Company As Data Center Power Demand Surges (cnbc.com) 44

Google announced it will purchase power from Kairos Power's small modular reactors (SMRs) to support its clean energy goals and data center demands. The company did not disclose the financial terms of the deal. CNBC reports: There are only three SMRs that are operating in the world, and none in the U.S. The hope is that SMRs are a more cost-effective way to scale up nuclear power. In the past, large, commercial-scale nuclear reactor projects have run over budget and behind schedule, and many hope SMRs won't suffer that same fate. But it is uncharted territory to some extent. Kairos Power, which is backed by the Department of Energy, was founded in 2016. In July, the company began construction on its Hermes Low-Power Demonstration Reactor in Oak Ridge, Tennessee. Rather than use water as the reactor coolant -- as is used in traditional nuclear reactors -- Kairos Power uses molten fluoride salt.

Google said the first reactor will be online by 2030, with more reactors going live through 2035. In total, 500 megawatts will be added to the grid. That's much smaller than commercial reactors -- Unit 4 at Plant Vogtle, which came online this year, is 1.1 gigawatts, for example -- but there's a lot of momentum behind SMRs. Advocates point to lower costs, faster completion times, as well as location flexibility as reasons. Monday's announcement is another example of the growing partnership between tech companies and nuclear power. Data centers need 24/7 reliable power, and right now nuclear is the only source of emissions-free baseload power. Many hyperscalers have ambitious emissions-reduction targets, which is why they're turning to nuclear power.

Open Source

'Open Source Royalty and Mad Kings' (hey.com) 82

WordPress.org has seized control of WP Engine's Advanced Custom Fields plugin, renaming it "Secure Custom Fields" and removing commercial elements, according to WordPress co-founder Matt Mullenweg. The move, justified by alleged security concerns and linked to ongoing litigation between WP Engine and Automattic, marks an unprecedented forcible takeover in the WordPress ecosystem.

David Heinemeier Hansson, creator of Ruby on Rails and co-founder and chief technology officer of Basecamp-maker 37signals, opines on the situation: For a dispute that started with a claim of "trademark confusion", there's an incredible irony in the fact that Automattic is now hijacking users looking for ACF onto their own plugin. And providing as rational for this unprecedented breach of open source norms that ACF needs maintenance, and since WPE is no longer able to provide that (given that they were blocked!), Automattic has to step in to do so. I mean, what?!

Imagine this happening on npm? Imagine Meta getting into a legal dispute with Microsoft (the owners of GitHub, who in turn own npm), and Microsoft responding by directing GitHub to ban all Meta employees from accessing their repositories. And then Microsoft just takes over the official React repository, pointing it to their own Super React fork. This is the kind of crazy we're talking about.

Weaponizing open source code registries is something we simply cannot allow to form precedence. They must remain neutral territory. Little Switzerlands in a world of constant commercial skirmishes.

And that's really the main reason I care to comment on this whole sordid ordeal. If this fight was just one between two billion-dollar companies, as Automattic and WPE both are, I would not have cared to wade in. But the principles at stake extend far beyond the two of them.

Using an open source project like WordPress as leverage in this contract dispute, and weaponizing its plugin registry, is an endangerment of an open source peace that has reigned decades, with peace-time dividends for all. Not since the SCO-Linux nonsense of the early 2000s have we faced such a potential explosion in fear, doubt, and uncertainty in the open source realm on basic matters everyone thought they could take for granted.

Privacy

Privacy Advocates Urge 23andMe Customers to Delete Their Data. But Can They? (sfgate.com) 45

"Some prominent privacy advocates are encouraging customers to pull their data" from 23andMe, reports SFGate.

But can you actually do that? 23andMe makes it easy to feel like you've protected your genetic footprint. In their account settings, customers can download versions of their data to a computer and choose to delete the data attached to their 23andMe profile. An email then arrives with a big pink button: "Permanently Delete All Records." Doing so, it promises, will "terminate your relationship with 23andMe and irreversibly delete your account and Personal Information."

But there's another clause in the email that conflicts with that "terminate" promise. It says 23andMe and whichever contracted genotyping laboratory worked on a customer's samples will still hold on to the customer's sex, date of birth and genetic information, even after they're "deleted." The reason? The company cites "legal obligations," including federal laboratory regulations and California lab rules. The federal program, which sets quality standards for laboratories, requires that labs hold on to patient test records for at least two years; the California rule, part of the state's Business and Professions Code, requires three. When SFGATE asked 23andMe vice president of communications Katie Watson about the retention mandates, she said 23andMe does delete the genetic data after the three-year period, where applicable...

Before it's finally deleted, the data remains 23andMe property and is held under the same rules as the company's privacy policy, Watson added. If that policy changes, customers are supposed to be informed and asked for their consent. In the meantime, a hack is unfortunately always possible. Another 23andMe spokesperson, Andy Kill, told SFGATE that [CEO Anne] Wojcicki is "committed to customers' privacy and pledges to retain the current privacy policy in force for the foreseeable future, including after the acquisition she is currently pursuing."

An Electronic Frontier Foundation privacy lawyer tells SFGate there's no information more personal than your DNA. "It is like a Social Security number, it can't be changed. But it's not just a piece of paper, it's kind of you."

He urged 23andMe to leave customers' data out of any acquisition deals, and promise customers they'd avoid takeover attempts from companies with bad security — or with ties to law enforcement.
EU

Meta 'Supreme Court' Expands with European Center to Handle TikTok, YouTube Cases (msn.com) 19

Meta's Oversight Board "is spinning off a new appeals center," reports the Washington Post, "to handle content disputes from European social media users on multiple platforms".

It will operate under Europe's Digital Services Act, "which requires tech companies to allow users to appeal restrictions on their accounts before an independent group of experts." "I think this is really a game changer," Appeals Centre Europe CEO Thomas Hughes said in an interview. "It could really drive platform accountability and transparency."

The expansion arrives as the Oversight Board, an independent collection of academics, experts and lawyers funded by Meta, has been seeking to expand its influence beyond the social media giant... [The Board] has tried for years to court other major internet companies, offering to help them referee debates about content, The Post has reported...

Oversight Board members and Oversight Board Trust Chairman Stephen Neal said in statements that both the Appeals Centre Europe and the Oversight Board will play critical but complimentary roles in holding tech companies accountable for their decisions on content. "Both entities are committed to improving user redress, transparency and upholding users' rights online," Neal said...

Hughes, who used to be the Oversight Board's administration director, said that he was "proud" of what the Oversight Board is accomplishing but that it is different from what the Appeals Centre Europe will offer. When Facebook, YouTube or TikTok removes a post, European social media users will be able to appeal the decision to the center. Users also will also be able to flag the center with posts they think violate the rules but were not removed. While the Appeals Centre Europe's decisions will be nonbinding, the group will generate data that could power decisions by regulators, civil society groups and the general public, Hughes said. By contrast, the Oversight Board's decisions on Meta content are binding.

Last year the original Oversight Board completed more than 50 cases, "and is on track to exceed that number in 2024," according to the article. But this board is different, CEO Hughes told the Post. They'll have about two dozen staffers, with expertise in human rights and tech policy — or fluency in various languages.

And he added that though the center is funded by an initial grant, future operating costs will be covered by the fees social media companies pay the appeal center — roughly 90 euros ($100) per case.
United States

North Carolina Maker of High-Purity Quartz Back Operating After Hurricane (apnews.com) 25

Thursday the Associated Press reported: One of the two companies that manufacture high-purity quartz used for making semiconductors and other high-tech products from mines in a western North Carolina community severely damaged by Hurricane Helene is operating again. Sibelco announced on Thursday that production has restarted at its mining and processing operations in Spruce Pine, located 50 miles (80 kilometers) northeast of Asheville. [Per Wikipedia, its pre-hurricane population was 2,175.] Production and shipments are progressively ramping up to full capacity, the company said in a news release.

"While the road to full recovery for our communities will be long, restarting our operations and resuming shipments to customers are important contributors to rebuilding the local economy," Sibelco CEO Hilmar Rode said... A Spruce Pine council member said recently that an estimated three-quarters of the town has a direct connection to the mines, whether through a job, a job that relies on the mines or a family member who works at the facilities.

An announcement last week from Sibelco attributed its resilience to their long-standing commitment to sustainability, "which includes measures to mitigate the impact of extreme weather events such as Hurricane Helene." Initial assessments indicated their operating facilities sustained only minor damage.

And "the company previously announced that all its employees are safe," Sibelco reaffirmed in its announcement Thursday: Sibelco, with support from its contractors, has been contributing to the local recovery efforts by clearing debris, repairing roads, providing road building materials to the North Carolina Department of Transportation, installing temporary power generators for emergency shelters and local businesses, and working with the town of Spruce Pine to restart water supply to residents.

Additionally, Sibelco has incorporated the Sibelco Spruce Pine Foundation to further support the community's recovery. The company previously announced that it is making an immediate $1 million donation as seed money for the foundation. Anyone interested in learning more or contributing to this initiative should contact the foundation by email or by visiting our website for additional information and donation opportunities.

Microsoft

Microsoft's Take On Kernel Access and Safe Deployment After CrowdStrike Incident (securityweek.com) 44

wiredmikey writes: As the dust settles following the massive Windows BSOD tech outages caused by CrowdStrike in July 2024, the question is now, how do we prevent this happening again? While there was no current way Microsoft could have prevented this incident, the OS firm is obviously keen to prevent anything similar happening in the future. SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices (or SDP).
Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, reports MIT's Technology Review. But radio communications are crucial for drones, so... About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

And given the mounting evidence that both militaries and militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.

He's also written guides on building cheap anti-drone equipment...
China

Who's Winning America's 'Tech War' With China? (wired.com) 78

In mid-2021 Ameria's National Security Advisor set up a new directorate focused on "advanced chips, quantum computing, and other cutting-edge tech," reports Wired. And the next year as Congress was working on boosting America's semiconductor sector, he was "closing in on a plan to cripple China's... In October 2022, the Commerce Department forged ahead with its new export controls."

So what happened next? In a phone call with President Biden this past spring, Xi Jinping warned that if the US continued trying to stall China's technological development, he would not "sit back and watch." And he hasn't. Already, China has answered the US export controls — and its corresponding deals with other countries — by imposing its own restrictions on critical minerals used to make semiconductors and by hoovering up older chips and manufacturing equipment it is still allowed to buy. For the past several quarters, in fact, China was the top customer for ASML and a number of Japanese chip companies. A robust black market for banned chips has also emerged in China. According to a recent New York Times investigation, some of the Chinese companies that have been barred from accessing American chips through US export controls have set up new corporations to evade those bans. (These companies have claimed no connection to the ones who've been banned.) This has reportedly enabled Chinese entities with ties to the military to obtain small amounts of Nvidia's high-powered chips.

Nvidia, meanwhile, has responded to the US actions by developing new China-specific chips that don't run afoul of the US controls but don't exactly thrill the Biden administration either. For the White House and Commerce Department, keeping pace with all of these workarounds has been a constant game of cat and mouse. In 2023, the US introduced the first round of updates to its export controls. This September, it released another — an announcement that was quickly followed by a similar expansion of controls by the Dutch. Some observers have speculated that the Biden administration's actions have only made China more determined to invest in its advanced tech sector.

And there's clearly some truth to that. But it's also true that China has been trying to become self-sufficient since long before Biden entered office. Since 2014, it has plowed nearly $100 billion into its domestic chip sector. "That was the world we walked into," [NSA Advisor Jake] Sullivan said. "Not the world we created through our export controls." The United States' actions, he argues, have only made accomplishing that mission that much tougher and costlier for Beijing. Intel CEO Pat Gelsinger estimated earlier this year that there's a "10-year gap" between the most powerful chips being made by Chinese chipmakers like SMIC and the ones Intel and Nvidia are working on, thanks in part to the export controls.

If the measure of Sullivan's success is how effectively the United States has constrained China's advancement, it's hard to argue with the evidence. "It's probably one of the biggest achievements of the entire Biden administration," said Martijn Rasser, managing director of Datenna, a leading intelligence firm focused on China. Rasser said the impact of the US export controls alone "will endure for decades." But if you're judging Sullivan's success by his more idealistic promises regarding the future of technology — the idea that the US can usher in an era of progress dominated by democratic values — well, that's a far tougher test. In many ways, the world, and the way advanced technologies are poised to shape it, feels more unsettled than ever.

Four years was always going to be too short for Sullivan to deliver on that promise. The question is whether whoever's sitting in Sullivan's seat next will pick up where he left off.

Businesses

Amazon Expands Same-Day Prescription Delivery to Nearly Half the US Next Year (cnbc.com) 25

Amazon is "embedding pharmacies in same-day delivery facilities often clustered around major metro areas," reports CNBC.

This will enable "a coming expansion of its same-day prescription delivery service," according to Engadget, "with 20 more cities and affiliated metro areas entering the program next year. This expansion will open up the feature to nearly half of US residents."

"In most cases, that means a customer can order medication by 4 p.m. and receive it at home by 10 p.m.," Amazon said in their announcement — making the case that their service (and its 24/7 pharmacists) "ensures customers can get care within hours, bridging health care accessibility divides..." A recent study found nearly half of U.S. counties have communities over 10 miles from the nearest pharmacy, limiting their access to medications and pharmacist care. Traditional mail-order prescriptions can take up to 10 days to arrive, leaving many underserved... As of 2019, seven in 10 hospitals relied on fax machines and phone lines to transfer and retrieve patient records or order prescriptions. Nearly a third of physicians have said they spend 20 hours or more a week on paperwork and administrative tasks...

The new, smaller pharmacies complement Amazon Pharmacy's existing, highly automated pharmacy fulfillment sites that feature robotic arms and other automation, overseen by a team of highly trained, licensed pharmacists and pharmacy technicians.

CNBC adds that in the last year Amazon has also tested prescription deliveries by drone in one Texas city.
Privacy

Casio Confirms Customer Data Stolen In Ransomware Attack (bleepingcomputer.com) 11

Casio confirmed it suffered a ransomware attack earlier this month, resulting in the theft of personal and confidential data from employees, job candidates, business partners, and some customers. Although customer payment data was not compromised, Casio warns the impact may broaden as the investigation continues. BleepingComputer reports: The attack was disclosed Monday when Casio warned that it was facing system disruption and service outages due to unauthorized access to its networks during the weekend. Yesterday, the Underground ransomware group claimed responsibility for the attack, leaking various documents allegedly stolen from the Japanese tech giant's systems. Today, after the data was leaked, Casio published a new statement that admits that sensitive data was stolen during the attack on its network.

As to the current results of its ongoing investigation, Casio says the following information has been confirmed as likely compromised:

- Personal data of both permanent and temporary/contract employees of Casio and its affiliated companies.
- Personal details related to business partners of Casio and certain affiliates.
- Personal information of individuals who have interviewed for employment with Casio in the past.
- Personal information related to customers using services provided by Casio and its affiliated companies.
- Details related to contracts with current and past business partners.
- Financial data regarding invoices and sales transactions.
- Documents that include legal, financial, human resources planning, audit, sales, and technical information from within Casio and its affiliates.

Slashdot Top Deals