Privacy

Security experts say breaking into an unencrypted smartphone is easier than you think -- and they've spied on a US Congressman's phone calls to prove it.

German computer engineer Karsten Nohl told "60 Minutes" in America that all a hacker needs is a phone number.

From there, Nohl says hackers can "track [the owner's] whereabouts, know where they go for work...spy on whom they call and what they say over the phone. And you can read their texts."

A data breach in the U.K. has compromised personal information of over 15,000 new and expecting parents. According to reports, hackers targeted the National Childbirth Trust (NCT) last week, exposing email addresses, usernames, and encrypted versions of member passwords. Luckily, no sensitive data nor financial information was accessed by attackers, and the organization has already contacted all affected parties.

I am in Brussels. And I am scared. Very scared... of the probable security backlash following last month’s terrorist attacks.

I don’t want to live in a city where everyone is viewed with suspicion by the authorities, because it won’t stop there. Suspicion is infectious. When misappropriated and misdirected, suspicion becomes racism and prejudice—two of the key ingredients that led the attacks on the morning of Tuesday, March 22.

The popularity of personal health information (PHI) is increasing among hackers, and its value continues to escalate on the black market. Medical information is especially enticing for hackers because it includes personal details such as height and eye colour that can be used to create fake identities. According to a recent FBI presentation, stolen health insurance information fetched a price of $60-70 (£42-49) on the black market, as opposed to less than a dollar for a Social Security Number.

A New York IT contractor "swelled its profits" by outsourcing government work offshore that should not have left the state. A major part of the work was sent to India in violation of state security rules, New York investigators said.

The contractor, Focused Technologies Imaging Services in Albany County, was working under a $3.45 million contract to scan and index 22 million fingerprint cards maintained by the New York State Division of Criminal Justice Services. Focused Technologies, in turn, hired an India-based company that performed about 37% of the work and was paid $82,000.

On the eve of his company’s court date with the FBI, where it will defend its right to not weaken the security of its own devices, Apple CEO Tim Cook took the stage at a small theater in Cupertino to introduce a few new devices. The message of the event’s opening, though? Encryption matters. And soon, on iOS, it will matter even more.

While Cook’s remarks were brief, they were determined.

Tom Wheeler, the chairman of the Federal Communications Commission, has proposed what could become the largest and most stringent set of privacy regulations on the US technology industry to date.

The wall separating “foreign” intelligence operations from domestic criminal investigations has finally, fully collapsed. The FBI now plans to act on a rule change initiated by the Bush administration and finally massaged into actionable policy by Obama: Soon, domestic law enforcement agencies like the FBI will be able to search through communications collected under the mysterious authority of executive order 12333. Now, FBI agents can query the NSA’s database of Americans’ international communications, collected without warrants pursuant to Section 702 of the 2008 FISA Amendments Act.

Independent security researcher Jose Carlos Norte has discovered a set of new methods of fingerprinting Tor users, which can be used to deanonymize them later on during abusive law enforcement investigations or cyber-surveillance campaigns.

The process of "user fingerprinting" refers to ways of tracking non-standard operations and details about a user's behavior. While analytics services track a bunch of such details, the Tor Browser provides protection against some of these actions in order to keep the user's identity a secret.

Cancer treatment provider 21st Century Oncology Holdings has warned 2.2 million patients and employees that their sensitive data may have been stolen in a cyberattack.

The breach was revealed on March 4, but the Florida-based cancer clinic chain was informed of the cyberattack and information theft on November 13, 2015, by the FBI. The US law enforcement agency knew about the attack but asked 21st Century Oncology to keep quiet until an investigation into the incident was complete.