The school holidays are coming to an end, and we’re well and truly on the home straight of 2021. And in keeping with tradition, we’ve got your latest bumper round up of all the top tech news stories.
T-Mobile data breach could be much worse than previously thought
The recent T-Mobile data breach in which a hacker claims to have stolen the personally identifiable information (PII) of roughly 100m of the mobile carrier's customers may actually be much worse as the company has revealed new details from its investigation into the matter.
Earlier this week, a hacker posted on an underground forum in an attempt to sell a pool of data on the company's customers which reportedly included their social security numbers (SSN), phone numbers, names, addresses, unique IMEI numbers and driver's license information.
Now though, T-Mobile has confirmed in a new post on its site that 7.8m of its current postpaid or on contract customers did have all of the data mentioned above stolen as a result of the breach. However, the hacker was also able to acquire their IMEI (International Mobile Equipment Identity) that is assigned to every mobile device as well as their IMSI (International Mobile Subscriber Identity) that is used to identify their SIM card.
Windows 10 Warning For Millions As New Hack Goes Viral
A security researcher was so fed up with being ignored when reporting a shockingly simple hack that could give any user admin rights on a Windows 10 computer that he tweeted the zero-day exploit. A tweet that quickly went viral.
All it took for anyone to exploit this vulnerability was to plug in a Razer mouse, or the dongle it uses, and then shift-right from the Explorer window opened by Windows Update to choose a driver location and open a PowerShell with complete SYSTEM, or admin if you prefer, rights. And it got worse as an attacker would also be able to use the hack and save a service binary that could be "hijacked for persistence" and executed before the user even logs on during the boot process.
A cyber expert warned that there are "tons of devices" that may be vulnerable and thus lead to the same potential Windows 10 hacking outcome. How many are tons? "We have a list of around 2,500 possible devices," he has confirmed and suggests these can be tested using an OMG cable or trusted USB device emulator and penetration testing tool BashBunny.
Unfortunately, there isn't much mitigation for consumers beyond making sure you have the latest installers for any peripherals on the assumption that vendors will be looking to close this security hole. Well, that, and being careful in who you trust with physical access to your Windows 10 devices.
UK to overhaul privacy rules in post-Brexit departure from GDPR
Britain will attempt to move away from European data protection regulations as it overhauls its privacy rules after Brexit, the government has announced.
The freedom to chart its own course could lead to an end to irritating cookie popups and consent requests online, said the culture secretary, Oliver Dowden, as he called for rules based on “common sense, not box-ticking”.
But any changes will be constrained by the need to offer a new regime that the EU deems adequate, otherwise data transfers between the UK and EU could be frozen.
A new information commissioner will be put in charge of overseeing the transformation. John Edwards, currently the privacy commissioner of New Zealand, has been named as the government’s preferred candidate to replace Elizabeth Denham, whose term in office will end on 31 October after a three-month extension.
Dowden said: “Now that we have left the EU I’m determined to seize the opportunity by developing a world-leading data policy that will deliver a Brexit dividend for individuals and businesses across the UK.
Flight evacuated after passenger's Samsung Galaxy A21 phone catches fire
A flight from New Orleans to Seattle was evacuated after a passenger's mobile phone caught fire inside the cabin.
Fortunately the phone did not catch fire while the plane was in the air and all 129 passengers and six crew members were safely transported to the terminal, with no serious injuries although two people received treatment at hospital.
The phone was a Samsung Galaxy A21, according to a spokesperson for the Port of Seattle, although they added the device was "burned beyond recognition".
Details of the model were provided by the passenger who owned it.
The fire was extinguished with a battery containment bag, however the smoke from the electrical fire caused "hazy conditions" which forced the plane to deploy its emergency evacuation slides.
Sensors and AI to monitor Dorset social care patients
One hundred people in Dorset who need social care are to be monitored by artificial intelligence (AI) as part of a three-month pilot.
Sensors installed in homes will track behaviour and electricity usage which the AI will analyse to spot potential health problems.
Lilli, the UK-based firm behind the technology, says it could cut costs and the number of care visits required.
But one expert said the scheme might feel invasive to some patients.
People discharged from hospital often require care and support during their recovery, particularly those with joint replacements or conditions such as diabetes, dementia, long Covid and chronic fatigue syndrome, also known as ME.
In the Dorset pilot, each participant will have an average of between six and nine sensors installed in their homes, said Nick Weston, chief commercial officer at Lilli.