According to a highly critical article recently published by TechCrunch, the Department of Government Efficiency (DOGE), President Trump’s advisory board headed by Elon Musk, has “taken control of top federal departments and datasets” and has access to “sensitive data of millions of Americans and the nation’s closest allies.” The author calls this “the biggest breach
Data Privacy + Security Insider
Blog Authors
Latest from Data Privacy + Security Insider
Thomson Reuters Wins Copyright Case Against Former AI Competitor
Thomson Reuters scored a major victory in one of the first cases dealing with the legality of using copyrighted data to train artificial intelligence (AI) models. In 2020, Thomson Reuters sued the now-defunct AI start-up Ross Intelligence for alleged improper use of Thomson Reuters materials, including case headnotes in its Westlaw search engine, to train…
Three States Ban DeepSeek Use on State Devices and Networks
New York, Texas, and Virginia are the first states to ban DeepSeek, the Chinese-owned generative artificial intelligence (AI) application, on state-owned devices and networks.
Texas was first to tackle the problem when it banned state employees from using both DeepSeek and RedNote on January 31, 2025. The Texas ban includes other apps affiliated with the…
Criminal Charges Lodged Against Alleged Phobos Ransomware Affiliates
Unfortunately, I’ve had unpleasant dealings with the Phobos ransomware group. My interactions with Phobos have been fodder for a good story when I educate client employees on recent cyber-attacks to prevent them from becoming victims. The story highlights how these ransomware groups, including Phobos, are sophisticated criminal organizations with managerial hierarchy. They use common slang…
Privacy Tip #430 – GrubHub Confirms Security Incident Through Third Party Vendor
If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer names, email addresses, telephone numbers, and partial payment information for a subset of campus diners.
GrubHub’s response states, “The unauthorized party also…
With Enough Human Contribution, AI-Generated Outputs May Be Copyright Protectable
After several months of delays, the U.S. Copyright Office has published part two of its three-part report on the copyright issues raised by artificial intelligence (AI). This part, entitled “Copyrightability,” focuses on whether AI-generated content is eligible for copyright protection in the U.S.
An output generated with the assistance of AI is eligible for…
Colorado’s AI Task Force Proposes Updates to State’s AI Law
Stemming from Colorado’s Concerning Consumer Protections in Interactions with Artificial Intelligence Systems Act (the Act), which will impose obligations on developers and deployers of artificial intelligence (AI), the Colorado Artificial Intelligence Impact Task Force recently issued a report outlining potential areas where the Act can be “clarified, refined[,] and otherwise improved.”
The Task Force’s mission…
Nation State Backed Groups Using AI for Malicious Purposes
The Google Threat Intelligence Group (GTIG) recently published a new report “Adversarial Misuse of Generative AI,” which is well worth the read. The report shares findings on how government-backed threat actors use and misuse the Gemini web application. Although the GTIG is committed to countering threats across Google’s platforms, it is also committed to sharing…
DeepSeek AI’s Security Woes + Impersonations: What You Need to Know
Soon after the Chinese generative artificial intelligence (AI) company DeepSeek emerged to compete with ChatGPT and Gemini, it was forced offline when “large-scale malicious attacks” targeted its servers. Speculation points to a distributed denial-of-service (DDoS) attack.
Security researchers reported that DeepSeek “left one of its databases exposed on the internet, which could have allowed malicious…
Privacy Tip #429 – Threat Actors Continue to Use QR Codes For Fraudulent Purposes
We have repeatedly warned our readers about malicious QR codes and their use by threat actors.
Threat actors are now using these codes to disguise packages as gifts. Upon opening the package, recipients find a note with instructions to scan a QR code to identify the sender. The code launches a website that asks for…