An absolutely devastating flaw was discovered in Intel computer chips this past week. All Intel chips made within the past 5 years are vulnerable to potentially disastrous data leaking. Read on for this week’s data privacy recap.
Unfixable Flaw in Intel Chipsets Opens Encrypted Data to Hackers
In perhaps one of the biggest data breaches of 2020 so far, a flaw in Intel computer chips was discovered this week. A team of security researchers at Positive Technologies released a blog post this past Thursday, stressing the severity of the issue. “The scenario that Intel system architects, engineers, and security specialists perhaps feared most is now a reality . . . This vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,” wrote Mark Ermolov, lead specialist of OS and hardware security. The issue, without getting too technical, allows hackers to access your computer’s encryption process. Once that access is granted, data can easily be leaked and used for nefarious purposes. Nearly all Intel chips from the last five years have this defect, and it’s nearly undetectable since it’s built into the hardware. Intel quickly released a patch that mitigates the issue, but doesn’t fix it completely. Their website also has detailed instructions about its recommendations on how to proceed.
Pay $3 a Month For a ‘Robot Lawyer’ to Delete Your Data
Courtesy of a startup called DoNotPay, consumers can now purchase a tool that helps them delete their data from various websites. It’s called Digital Health, and it costs $3 per month. Once activated, the service will contact more than 100 data brokers and insist they delete both your personal data and that of your family. The app will also display which types of data each of the brokers have collected over time. If the firms fail to comply with your request, the company will even begin the necessary legal process for the user. Interestingly enough, DoNotPay actually has a full suite of products related to the legal action component. Through the platform, users can also appeal parking tickets, claim compensation for poor in-flight Wi-Fi, and sue robocallers. Joshua Browder, the creator of the service, emphasizes that DoNotPay will never sell consumer data itself. Baked into the terms of service is a clause that allows the company to be sued if they are ever found to be selling data.
T-Mobile Reveals Data Breach, Customer Account Info Accessed
In other news, cellular provider T-Mobile revealed today that they’ve been hit with a data breach as well. The company explained on their website that they fell victim to a “sophisticated attack,” leading to a breach of T-mobile employee email accounts, which led to breaches of customer account information. That data reportedly may have included customer names, email addresses, phone numbers, billing information, account numbers, and more. In spite of that wide swath of potentially leaked information, the company claims that no actual credit card or social security numbers were leaked in that process. For those affected, T-Mobile will offer two years of free credit monitoring and identity theft services. To be eligible for these conciliatory offers, users must sign up by May 31, 2020. And user who haven’t yet received a text but want to find if they were affected, they can contact customer support by dialing 611 from their T-Mobile phone or by calling 1-800-937-8997.
FCC Fines Wireless Companies for Selling Location Data
In 2018, stories began to break that major cellular providers were selling customer location data law enforcement through a company called Securus. As it turns out, various companies were guilty of serving as middlemen in this transaction, buying data from AT&T, Sprint, T-Mobile, and Verizon. These providers quickly vowed to stop this practice, but they were caught red-handed once again several months later. Now, the Federal Communications Commission (FCC) is taking action. They have proposed potential fines adding up to more than $200 million: $91 million for T-Mobile, $57 million for AT&T, $48 million for Verizon, and $12 million for Sprint. Each respective fine pertains to the amount of time that the provider sold access to customer data, and how many different providers to which they sold that data. The carriers will be able to dispute the fines, and T-Mobile actually plans to do just that. They claim to “take the privacy and security of [their] customers’ data very seriously.”