Previous Episode: Protecting Kids Online
Next Episode: The Rise of CBDC

You've heard people like me recommend this for years. It's time to just do it: freeze your credit report. There are really no downsides at this point. For example, it's now free everywhere in the US, by law. It's also free to temporarily "thaw" your credit. And it's gotten a lot easier to do, too. Freezing your credit is your main defense against financial identity theft. And with the sheer number of data breaches (like the recent massive AT&T leak), the personal information needed to commit identity theft is out there already.

In other news: AT&T now says 51 million past and current customers' data were leaked; beware of a new password reset 'bomb' campaign; Microsoft is using Outlook to harvest and share your data; a new email scam alters their content after forwarding; a devious and devastating supply chain attack was thwarted in the nick of time; AI organizations are using sneaky techniques to train their models on your data; Meta is lacing its apps with AI, and there's not much you can do about it; LG TVs are hacked; Roku is breached again, this time affecting over 500,000 accounts; Twitter/X looking to charge new users a small fee to try to curb bot accounts; DuckDuckGo unveils trio of new for-pay privacy services; Google launches their own Find My network; and various US government agencies, lacking a real privacy law, attempt to curb privacy abuses using existing powers.

Article Links

[BleepingComputer] AT&T now says data breach impacted 51 million customers

[AppleInsider] If you're getting dozens of password reset notifications, you're being attacked

[] Outlook is Microsoft’s new data collection service

[Lutra Security] Kobold letters

[Schneier Blog] Backdoor in XZ Utils That Almost Happened

[Engadget] OpenAI and Google reportedly used transcriptions of YouTube videos to train their AI models

[Lifehacker] How to Turn Off Meta AI on Facebook, Instagram, Messenger, and WhatsApp

[] Vulnerabilities Identified in LG WebOS

[Lifehacker] Roku Says More Than 500,000 Accounts Were Compromised in a Cyberattack

[MacRumors] X May Charge New Users a 'Small Fee' to Post, Like and Reply

[WIRED] DuckDuckGo Is Taking Its Privacy Fight to Data Brokers

[MacRumors] Google Launches Android Find My Device Network

[] Proposed FTC Order will Prohibit Telehealth Firm from Using or Disclosing Sensitive Data for Advertising Purposes

[The Verge] The CFPB wants to rein in data brokers

[] Automakers and FCC square off over potential regulations for connected cars

Tip of the Week: https://firewallsdontstopdragons.