And while it feels like forever ago that Jack Dorsey's Twitter account got hacked, it's worth revisiting exactly how it happened . (Twitter this week closed the texting loophole at the heart of it.) We also took a look at Jeremy Renner's content moderation woes . Bet you weren't expecting to see that sentence in your lifetime.
From that foothold, it appeared, the hackers had spread through the power companies’ networks and eventually compromised a VPN the companies had used for remote access to their network—including the highly specialized industrial control software that gives operators remote command over equipment like circuit breakers.
And there's more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in-depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.
North American Electric Reliability Corporation document described it in more detail, including the type of vulnerabilities that let hackers compromise the web portals in question. No need to panic about this incident specifically, but given the extent to which Russia and others continue to probe the power grid, it's an unsettling reminder that weaknesses are out there.
TechCrunch that the data set is "old," which isn't especially useful, for the obvious reason that most people don't change their phone numbers very often.
Through public records requests, Motherboard has determined that when you give your name and address to the DMV, some of those agencies will sell it to private investigators. Several DMVs told Motherboard that at least they don't also sell user photos and Social Security numbers, which, thanks? But they do sell records for as little as a penny. And all of this is somehow legal! Something else to fume about the next time you're in line for a registration renewal.
According to court documents uncovered at Forbes, federal investigators have requested that Apple and Google turn over information about people who downloaded a gun scope app Obsidian 4. That's at least 10,000 on the Google Play Store alone. It's part of a broader look into potential breaches of weapons export regulations, but privacy advocates have raised understandable concerns over the many thousands of totally innocent people who would be caught up in such a sweeping request.
Beloved internet comic XKCD had its fan forums breached recently; 560,000 usernames, email addresses, and IP addresses were taken. That makes it a relatively small hack in the grand scheme of things, but still disappointing that someone chose that as a target. XKCD is great, leave it alone!
- Nobody's watching the best giant monster movies
- How to get the most out of your smartphone battery
- You're racing toward a wall . Should you brake hard—or swerve?
- A history of plans to nuke hurricanes (and other stuff too)
- For these sword-wielding warriors , medieval battles live on
- 👁 Facial recognition is suddenly everywhere . Should you worry? Plus, read the latest news on artificial intelligence
- ✨ Optimize your home life with our Gear team’s best picks, from robot vacuums to affordable mattresses to smart speakers .