Regulation enforcement authorities in the US have for years circumvented the US Constitution’s Fourth Amendment by purchasing data on US residents that will in any other case must be obtained by a warrant. Immediately, Immigration and Customs Enforcement apparently thinks it will possibly ignore long-standing constitutional safety by warrantlessly breaking down doorways to arrest folks, in line with a current whistleblower criticism—despite recent federal rulings that doing so violates the Fourth Amendment.
Such is the information coming out of Minneapolis this week, the place protesters and the federal authorities continued their standoff—at the same time as ICE plans to build out a deportation network spanning Minnesota and four other states. And regardless of the Division of Homeland Safety’s claims that merely naming an ICE agent publicly is akin to “doxing,” a WIRED overview of LinkedIn discovered that brokers are frequently doxing themselves. In fact, getting access to somebody’s private info can have penalties: A report this week discovered that persons are less likely to seek medical care as a consequence of ad-tech surveillance and ICE enforcement actions.
Immigration authorities aren’t simply raiding folks’s houses and not using a judge-signed warrant—they’re additionally in search of medicine. Customs and Border Safety this week put out feelers for a “quantum sensor” that’s capable of detecting fentanyl that ties into an “AI database.”
In non-immigration information, a researcher just lately found an unsecured database containing 149 million login credentials. The usernames and passwords seem linked to accounts for every little thing from Gmail, Fb, and Apple to authorities techniques all over the world. The researcher who discovered the database, Jeremiah Fowler, believes the stolen logins have been collected by infostealing malware. The database, which was accessible to anybody on the web, has since been taken offline.
TikTok, in the meantime, has begun collecting even more data on its users—together with exact location information—after the social video app was offered to US buyers.
However that’s not all. Every week, we spherical up the safety and privateness information we didn’t cowl in depth ourselves. Click on the headlines to learn the total tales. And keep secure on the market.
The Trump administration this week admitted in court docket paperwork that operatives with the so-called Division of Authorities Effectivity (DOGE) might have shared information from the Social Safety Administration (SSA) with an outdoor group that seeks to “overturn election leads to sure states,” in line with a January 16 Department of Justice court filing. Nevertheless, it’s not clear to the DOJ whether or not the unnamed “DOGE Group members” really shared the info with the group, which was unidentified within the court docket information.
The submitting, which seeks to “right” earlier testimony, additionally says DOGE operatives “have been utilizing hyperlinks to share information via the third-party server ‘Cloudflare,’” which is “not authorized for storing SSA information and when used on this method is outdoors SSA’s safety protocols.” The submitting additional says that Steve Davis, a high-ranking adviser to Elon Musk, was copied on a March 3, 2025, e mail that included an connected password-protected file containing the names and addresses of round 1,000 folks, which was taken from SSA techniques of file. The SSA was not in a position to decide, nonetheless, whether or not Davis accessed the file, which remained inaccessible to present SSA employees as of the date of the court docket submitting.
The Federal Aviation Administration has taken the bizarre step of together with “Division of Homeland Safety amenities in cellular belongings” in a “no-fly zone” announcement, 404 Media studies. The discover restricts “unmanned plane,” which would come with industrial drones used to seize aerial footage, from getting used inside 3,000 ft horizontally and as much as 1,000 ft of altitude above DHS belongings. Based on 404 Media, folks caught violating the restrictions might face prison fees, civil penalties, and even lose their authority to fly drones sooner or later.
Should you’re breaking out your thermals in preparation for this weekend’s giant winter storm, you may wish to verify to see in case you purchased it from Beneath Armour. TechCrunch studies that the clothes and health app firm is investigating a possible information breach after a hacker posted hundreds of thousands of buyer information on-line. The info breach notification website Have I Been Pwned knowledgeable 72 million people by e mail concerning the leak and says that the dataset included names, e mail handle, genders, dates of start, approximate location, and data associated to purchases. An Beneath Armour spokesperson advised TechCrunch that the corporate was conscious of claims concerning the breach, had engaged “exterior cybersecurity specialists” for assist, and didn’t have proof that the problem affected techniques to course of funds or retailer buyer passwords.
If you encrypt your laptop computer’s exhausting drive, you seemingly anticipate meaning solely you, the pc’s proprietor, will be capable of decrypt it at will and entry your information. Should you comply with Microsoft’s advice of storing your decryption key within the cloud for simpler restoration of your information in case you lose the important thing or overlook your password to unlock it, then you definitely you’ll have to replace your safety expectations: Microsoft has confirmed that it typically arms out these decryption keys to legislation enforcement at an company’s request, giving them full entry to the machine’s secrets and techniques. Forbes discovered an occasion when Microsoft complied with an FBI request for decryption keys for a pc in Guam that was a part of a fraud investigation. Microsoft went on to verify to Forbes that it receives about 20 requests for Bitlocker keys a yr from legislation enforcement and infrequently complies. The corporate added that it can’t comply, nonetheless, when the bottom line is saved solely domestically by the consumer—an instructive word for cypherpunks all over the place.
The Iranian authorities has shut off the nation’s web for weeks amid protests which have swept the nation. However anti-regime voices this week discovered one other technique to attain the nation’s populace: an obvious hacking operation hijacked the nation’s state TV satellite tv for pc to air a message in help of protesters, hundreds of whom have died amid the current rebellion. The clip, which featured the son of the previous ruler of Iran, Reza Pahlavi, referred to as on navy and safety forces to affix protesters and combat the regime. “Don’t level your weapons on the folks,” one graphic within the broadcast learn. “Be part of the nation for the liberty of Iran.” Based on some studies, the unauthorized message lasted so long as 10 minutes earlier than the state TV channel resumed its regular programming.
