Apple may owe you $20 in Siri privacy lawsuit settlement

2 days agoLast Updated: January 4, 2025

0 72

Apple may owe you $20 in Siri privacy lawsuit settlement

It may be a new year, but hack, CheatAnd dangerous person lurking online isn’t going anywhere.

Just one day before the ball dropped, The US Treasury Department said it had been hacked. Officials believe the attackers are an unidentified Advanced Persistent Threat group linked to the Chinese government. The group exploited a vulnerability in remote technology support software produced by BeyondTrust to commit what the Treasury Department described as a “major” breach. The company reported to the Treasury Department on December 8 that attackers had stolen authentication keys, ultimately allowing them to access the department’s computers. While the Treasury Department said the attackers were only able to steal “some unclassified documents,” new details have begun to emerge, which we will learn more about below.

Before the murder of UnitedHealthcare CEO Brian Thompson last monthGun silencers are mostly something you encounter in Hollywood movies—or in Facebook and Instagram ads, if you look closely. WIRED spotted someone running thousands of ads for “fuel filters” are actually used as silencers for gunsstrictly governed by US law. Meta, the company that owns Facebook and Instagram, has removed many ads but new ones continue to appear. So if you see one, keep scrolling—possession of an unregistered muffler can result in a felony charge.

When the Amber Alert push notification pops up on your phone, getting all the information you need to help find a kidnapped child can literally be a matter of life or death. That’s the lesson the California Highway Patrol learned this week when it sent an Amber Alert linking to a post on X that people cannot access unless they are logged in. Although CHP said it had linked to social media posts from 2018 without issue until this week, a spokesperson told WIRED they are currently “looking into that matter.” .

If you’ve added better security and privacy measures to your 2025 goals list, An easy place to start is your old chat history. You might be surprised at how much sensitive information is out there, perhaps forgotten but certainly not gone.

That’s not all. Each week, we round up security and privacy news that we haven’t covered in depth. Click on the title to read the full story. And stay safe out there.

This week, Apple agreed to pay $95 million to settle a class action lawsuit over alleged eavesdropping on its voice assistant Siri. lawsuit, Lopez et al. sued Apple Inc.accuses Apple of recording people’s conversations without their knowledge and sharing that data with third parties to serve ads. The problem stems from Siri’s voice-activated function—“Hey, Siri”—which the two plaintiffs say surreptitiously recorded conversations leading up to ads for Nike and Olive Garden shoes. One plaintiff claimed to have been presented with an advertisement for a medical treatment after chatting with his doctor. Eligible people in the class covered by the settlement, which is subject to approval by a federal judge in California, could receive up to $20 per device, for up to five devices. As Reuters points out, the payout is equivalent to about nine hours of profit for Apple, which earned nearly $94 billion in the last fiscal year. The company will not admit any wrongdoing as part of the settlement.

Newly unsealed court documents reveal that the FBI allegedly discovered during its search for an illegal gun, “the largest seizure of homemade explosives in FBI history.” An arsenal of explosives was found at Brad Spafford’s home in Virginia, where investigators allegedly found more than 150 pipe bombs and other explosive devices, according to court records. Prosecutors said the FBI found a backpack containing a pipe bomb and emblazoned with a grenade-shaped patch with the hashtag #NoLivesMatter — a possible reference to a far-right extremist. “accelerator” group, The New York Times reported. While prosecutors claim that Spafford – who allegedly used a photo of US president Joe Biden for target practice – aimed to “cause political assassinations”, his lawyers We believe he is a harmless “family man” and should be released.

Following revelations earlier this week that Chinese state-backed hackers breached the US Treasury in early December, the Washington Post reported on Wednesday that hackers specifically targeted Office of Foreign Assets Control. The attackers may have been seeking information about possible plans by the Office to punish Chinese entities. Additionally, Bloomberg reported on Thursday that attackers targeted the computers of senior Treasury Department officials, where they were able to access unclassified documents. So far, investigators have identified about 100 computers compromised by hackers. However, sources told Bloomberg that the attack appeared to be a crime of opportunity rather than a covert, long-planned operation like China’s recent hack of US telecommunications companies.

As the Chinese Treasury hack makes headlines, the impact of the country’s intrusion into US telecommunications companies continues to expand. Two days after Christmas, Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technology, held a briefing with reporters in which she raised the number of telecommunications equipment was breached by a Chinese hacker named Salt Typhoon from 8 to 9 and suggested that at least some of the cause of those breaches lay in the company’s own inadequate security levels. “The reality is, from what we’re seeing in terms of the level of cybersecurity deployed across the telecommunications sector, those networks are not as defensive as they need to be against a cyberattacker. has as good capabilities and resources as China,” Neuberger said. She added that the hackers targeted the communications histories of fewer than 100 people—primarily in Washington, DC, reportedly including president-elect Donald Trump and vice president-elect JD Vance. Neuberger said that the espionage case required new cybersecurity regulations from the Federal Communications Commission, which she said could have limited the scope of the breach had they been in place.

Cars collect and transmit as much sensitive location data as any modern digital device, and the privacy pitfalls of all that tracking are becoming all too clear. Case in point: A whistleblower warned Germany’s Chaos Computer Club and the country’s Der Spiegel news agency that Cariad, a subsidiary of Volkswagen, had exposed a trove of location data online. 800,000 electric vehicles. The leak includes cars sold not only by Volkswagen but also by other brands, including Seats, Audi and Skoda. For Audi and Skoda, that location data is only accurate to about six miles, but Volkswagens and Seats can be located to within about four inches. The exposed data was kept confidential, but the incident nonetheless shows just how far automakers can go when it comes to reining in their data collection.