Proton, the company behind Proton Mail, launched an end-to-end encrypted alternative to Google Docs, seeking to compete with the cloud giant on privacy. We broke down how Apple is taking a similar approach with its implementation of AI, using a system it calls Private Cloud Compute in its new Apple Intelligence features.
In other news, we dug into how the US bans on TikTok and Kaspersky software, despite their national security justifications, pose a threat to internet freedom. We went inside a crash course for US diplomats on cybersecurity, privacy, surveillance, and other digital threats. And we published an in-depth investigation into the origins of the world’s most popular 3D-printed gun, which revealed that its creator was a self-described “incel” with fantasies of right-wing terror.
But that’s not all. Each week, we round up the security news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.
Hackers Leaking Taylor Swift Tickets? Don’t Get Your Hopes Up
The giant hack against Ticketmaster may have taken another twist. In June, criminal hackers claimed they had stolen 560 million people’s information from the ticketing company owned by Live Nation. The company has since confirmed a breach, saying its information was taken from its Snowflake account. (More than 165 Snowflake customers were impacted by attacks on the cloud storage company that exploited a lack of multi-factor authentication and stolen login details).
Now in a post on cybercrime marketplace BreachForums, a hacker going by the name of Sp1d3rHunters is threatening to publish more data from Ticketmaster. The account claims to be sharing 170,000 ticket barcodes for upcoming Taylor Swift gigs in the US during October and November. The hacker demanded Ticketmaster “pay us $2million USD” or it will leak “680 million” users’ information and publish millions more event barcodes, including for concerts by artists such as Pink and Sting, and sporting events such as NFL games and F1 races.
The claims appear to be dubious, however, as Ticketmaster's barcodes aren't static, according to the company. “Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied,” a Ticketmaster spokesperson tells WIRED in a statement. The spokesperson adds that the company has not paid any ransom or engaged with the hackers’ demands.
Hacker groups are known to lie, exaggerate, and overinflate their claims as they try to get victims to pay. The 680 million customers that Sp1d3rHunters claimed to have data on is higher than the original figure provided when the Ticketmaster breach was first claimed, and neither number has been confirmed. Even if victims do decide to pay, hackers can still keep the data and try to extort companies for a second time.
Despite the breach at Ticketmaster originally being publicized in June, the company has only recently begun emailing customers alerting them to the incident, which happened between April 2 and May 18 this year. The company says the database accessed may include emails, phone numbers, encrypted credit card information, and other personal information.
Stolen Login Details Can Unmask Child Abuse Viewers, Researchers Say
In recent years, there’s been a sharp uptick in cybercriminals deploying infostealers. This malware can grab all of the login and financial details that someone enters on their machine, which hackers then sell to others who want to exploit the information.
Cybersecurity researchers at Recorded Future have now published proof-of-concept findings showing these stolen login details can be used to potentially track down people visiting dark-web child sexual abuse material (CSAM) sites. Within infostealer logs, the researchers say they were able to find thousands of login details for known CSAM websites, which they could then cross-reference with other details and identify the potential real-world names connected to the abusive website logins. The researchers reported details of individuals to law enforcement.
The research is a novel use of stolen data from infostealers. and Recorded Future says it believes the technique can help to identify patterns in behavior on CSAM websites as well as identifying individuals using them. “Ultimately, we believe that utilization of this dataset will facilitate prosecution and takedown efforts and debunk the veneer of anonymity assumed by individuals seeking to harm children,” the researchers say.
OpenAI Was Hacked in 2023—but Didn’t Disclose Any Details
At the end of November 2022, OpenAI released ChatGPT, kickstarting a colossal wave of AI development and funding. However, according to a New York Times report, just five months later, OpenAI’s bosses told staff that the company had been hacked—with an individual allegedly stealing details from internal staff discussions systems. The systems where it builds its AI systems were not impacted, the report says.
OpenAI did not report the incident to any law enforcement agencies or make details about the hack public. OpenAI insiders told the Times of their fears that Chinese-linked hackers could potentially target the company in the future, looking to steal trade secrets. For years, China's state-backed hackers have targeted companies to obtain intellectual property, including successfully compromising at least one AI company and recently targeting another startup with phishing attempts.
Hackers Already Stole Nearly $1.4 Billion in Crypto This Year
Blockchain analysis firm TRM Labs found that thieves have already stolen $1.38 billion in cryptocurrency in the first half of this year, more than double the amount stolen in the same period last year. That disturbing number was boosted by a small number of very large thefts—just five incidents accounted for 70 percent of the stolen money, such as the theft of $300 million from the Japanese crypto exchange DMM. Yet the median theft in 2024 so far has also been 150 percent larger than last year, according to TRM, likely due to the historically high value of cryptocurrency. Even so, the thefts still don’t quite match the record set by crypto hackers in 2022, a year in which they stole nearly $4 billion.
Twilio Confirms That Hackers Stole 33 Million Users’ Phone Numbers
Last week, the cybercriminal group known as ShinyHunters posted to a hacker forum that they had breached Twilio and stolen 33 million users’ phone numbers from the company’s two-factor authentication system known as Authy. This week, Twilio confirmed the breach to TechCrunch, writing that the hackers had accessed the data through an “unauthenticated endpoint” but hadn’t been able to access the company’s wider network. The stolen phone numbers pose a potential threat to Twilio’s users, given that hackers may try to use them to spoof phishing text messages from Authy sent to potential victims.
