NEWS WRAP-UP: Google resists Europe’s privacy rules; Ashley Madison pays $11 million to settle privacy breach suit; hacker grabs control of Segway scooter

By Byron V. Acohido

Week ending July 22. Europe’s “right to be forgotten” ruling, which allows private citizens in the region to make requests that search engines delist incorrect, irrelevant or out of date information returned by an online search for their full name, is set to return to the region’s top court to settle an ongoing dispute between Google and the French data protection agency, CNIL. The latter has pushed for Google to make these delistings apply globally, across all web domains, rather than geo-limiting delistings to the person’s home territory (as Google prefers to)—arguing that for Google not to do this offers a trivial workaround to a rule that’s intended to preserve European’s privacy rights. Google filed an appeal against the CNIL’s order for global delisting in May last year, following a fine of €100,000 ($115,000) handed to it by the regulator for noncompliance. Source: Tech Crunch

Atlanta clinic discovers data breach while looking into ransomware case

Peachtree Neurological Clinic in Atlanta discovered a 15-month breach in the process of investigating a recent ransomware incident. Its electronic health record system was encrypted by the virus. Instead of paying the ransomware, officials were able to restore the files and functionality from backup records. Source: Healthcare IT News

Ashley Madison parent to pay $11.2 million to settle suits in U.S.

The owner of the Ashley Madison website will pay $11.2 million to settle U.S. litigation brought on behalf of roughly 37 million users whose personal details were exposed in a July 2015 data breach. Ruby Corp, formerly known as Avid Life Media, denied wrongdoing in agreeing to the preliminary class-action settlement, which requires approval by a federal judge. Source: CNBC

U.S. cybersecurity coordination office could soon close

Secretary of State Rex Tillerson plans to close an office that coordinates with other countries on cybersecurity and fold it into a bureau focused on economic issues. The move would shutter the Office of the Coordinator for Cyber Issues, which opened in 2011. Source: The Hill

Hacker takes control of Segway scooter

A researcher was able to hack into a Segway scooter and operate it. The Segway MiniPro app uses Bluetooth to connect to the scooter, allowing users to control the device from phones, turn it off, and update the scooter’s firmware. But researcher Thomas Kilbride found that the PIN meant to protect the Bluetooth communication from unauthorized access wasn’t being used for authentication at every level. This, Kilbride says, allows others to send commands to the scooter without the PIN. Source: The Consumerist

Democratic committee turns to encryption software to fight hacks

The Democratic Congressional Campaign Committee, the target of a cyber attack on House Democrats, has transitioned to Wickr, an end-to-end encrypted software, for all internal communication and for communication between the DCCC and the 20 most vulnerable House incumbent campaigns. The software serves as the primary chat and message function inside the DCCC. Source: BuzzFeed

Bad guys hack into Teslas, steal nine of high-end cars

Thieves have found a way to hack into and steal Teslas undetected by circumventing the vehicle’s GPS tracking system. They may have stolen as many as nine Teslas within a week. Last September, a Chinese security firm discovered multiple security vulnerabilities that allowed them to manipulate various components of the car. Tesla has since patched the flaw. Source: SC magazine

Internet of Things devices share a common vulnerability

Millions of net-connected devices around the world can be hacked due to a common flaw. Researchers have found that security cameras using an open-source code called gSOAP could be easily hacked and that attackers can send commands remotely. This allowed researchers at Senrio to take over a video feed, pause the recording and turn the camera off. Researchers named the zero-day exploit “Devil’s Ivy.” Source: CNet

Hacker claims to have State Department official’s email

A hacker going by the name of “Johnnie Walker” sent a group email to an unknown number of recipients claiming to have emails from the private account of a U.S. intelligence official. “The U.S. State Department officer’s email has been hacked,” the email announced, and included at least two years’ worth of personal emails from the private gmail account of a State Department official working in the intelligence arm of the State Department focusing on Russia. Source: Chicago Tribune

Hacker halts startup’s effort to go public

An initial coin offering (ICO) for startup CoinDash was abruptly halted when it was revealed the sale had been compromised shortly after it began. In total, the ICO was able to raise $7.53 million before the ethereum address it was using to solicit funds was altered to a fake one by an unidentified hacker, resulting in the ether going to another source. Source: CoinDesk

Actor’s Twitter account taken over; hacker ‘shares’ a personal secret

Supernatural actor Jared Padalecki’s Twitter account was hacked, sending a message, since deleted, saying: “I don’t mind having a small penis.” His Supernatural partners in crime were quick to jump on the tweet, with Jensen Ackles saying, “Sharing with your friends is one thing … sharing with the world is another. Lock it up, dude.” Source: TV Guide

This article originally appeared on

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone