Sign up to save your podcasts
Or
Share EP 226.5 Deep Dive. Shame on you. The IT Privacy and Security Weekly Update for the Week Ending January 21st. 2025
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
EP 226.5 Deep Dive. Shame on you. The IT Privacy and Security Weekly Update for the Week Ending January 21st. 2025
Data Privacy, Security, and Tech Trends in Early 2025
1. What was the scale of healthcare data breaches in the U.S. during 2024?
In 2024, the U.S. healthcare sector experienced a massive surge in cyberattacks, with approximately 720 reported breaches compromising an estimated 186 million user records. This exposed a vast amount of sensitive information, including names, contact details, Social Security numbers, and medical histories. This is approximately 56% of the US population.
2. How did UnitedHealth handle its data breach notification, and what are the implications for affected individuals?
UnitedHealth, specifically its subsidiary Change Healthcare, attempted to obscure its data breach notification webpage from search engines, making it difficult for the over 100 million affected individuals to learn about the incident. They used a “noindex” tag to keep it out of Google, burying the story of their breach. This led to widespread confusion and further distrust of the company. It also highlights how companies can use search engine optimization to hide breaches by burying the real stories.
3. What is GeoSpy, and what privacy concerns does it raise?
GeoSpy is an AI tool that can accurately predict the location of photos based on features within the images, such as vegetation, architecture, and spatial relationships. Originally available to the public, it’s now marketed to law enforcement and government agencies. This technology raises serious privacy concerns, as it can be used by stalkers or other malicious actors to geolocate individuals from publicly available photos. The tool is now available to law enforcement and enterprise users, and some versions of it are more powerful than what was offered to the public.
4. What restrictions were placed on General Motors (GM) regarding the sale of driving data?
The Federal Trade Commission (FTC) banned GM and its subsidiary OnStar from selling customer geolocation and driving behavior data for five years. This action followed an investigation that revealed GM had been collecting and selling detailed driving information to insurance companies without obtaining explicit consent from vehicle owners.
5. What is the UK's new digital wallet app, and what types of documents will it support?
The UK is launching a digital wallet app called GOV.UK Wallet, allowing citizens to store government-issued documents on their smartphones. Initially supporting veteran cards, it will expand to include driver's licenses in late 2025, with plans to add passports, marriage certificates, and benefit documents by 2027.
6. What security risks are associated with failed startups and "Sign in with Google" features?
Former employees of failed startups using "Sign in with Google" features are vulnerable to data breaches. Hackers can exploit abandoned company domains and the associated Google login systems to access sensitive information stored in business software like Slack, Notion, and HR systems, including social security numbers. This vulnerability is particularly relevant to startups that used the ""Sign in with Google"" function.
7. What challenges did Amazon employees face following the mandatory return-to-office policy?
Amazon's mandate for a full return to the office resulted in significant challenges for employees, including a shortage of desks and meeting rooms, overcrowded parking facilities, and an increase in workplace thefts. The policy has also been criticized for forcing employees into video calls that could have been easily conducted remotely, and some employees reported that there is a lack of trust amongst colleagues.
8. What are the $TRUMP and $MELANIA coins, and what controversies are surrounding them?
Donald and Melania Trump introduced meme coins named $TRUMP and $MELANIA on the Solana blockchain. These coins quickly gained significant value, raising concerns about potential conflicts of interest and market manipulation.
View all episodes
By R. Prescott Stearns Jr.
4.5
44 ratings
Data Privacy, Security, and Tech Trends in Early 2025
1. What was the scale of healthcare data breaches in the U.S. during 2024?
In 2024, the U.S. healthcare sector experienced a massive surge in cyberattacks, with approximately 720 reported breaches compromising an estimated 186 million user records. This exposed a vast amount of sensitive information, including names, contact details, Social Security numbers, and medical histories. This is approximately 56% of the US population.
2. How did UnitedHealth handle its data breach notification, and what are the implications for affected individuals?
UnitedHealth, specifically its subsidiary Change Healthcare, attempted to obscure its data breach notification webpage from search engines, making it difficult for the over 100 million affected individuals to learn about the incident. They used a “noindex” tag to keep it out of Google, burying the story of their breach. This led to widespread confusion and further distrust of the company. It also highlights how companies can use search engine optimization to hide breaches by burying the real stories.
3. What is GeoSpy, and what privacy concerns does it raise?
GeoSpy is an AI tool that can accurately predict the location of photos based on features within the images, such as vegetation, architecture, and spatial relationships. Originally available to the public, it’s now marketed to law enforcement and government agencies. This technology raises serious privacy concerns, as it can be used by stalkers or other malicious actors to geolocate individuals from publicly available photos. The tool is now available to law enforcement and enterprise users, and some versions of it are more powerful than what was offered to the public.
4. What restrictions were placed on General Motors (GM) regarding the sale of driving data?
The Federal Trade Commission (FTC) banned GM and its subsidiary OnStar from selling customer geolocation and driving behavior data for five years. This action followed an investigation that revealed GM had been collecting and selling detailed driving information to insurance companies without obtaining explicit consent from vehicle owners.
5. What is the UK's new digital wallet app, and what types of documents will it support?
The UK is launching a digital wallet app called GOV.UK Wallet, allowing citizens to store government-issued documents on their smartphones. Initially supporting veteran cards, it will expand to include driver's licenses in late 2025, with plans to add passports, marriage certificates, and benefit documents by 2027.
6. What security risks are associated with failed startups and "Sign in with Google" features?
Former employees of failed startups using "Sign in with Google" features are vulnerable to data breaches. Hackers can exploit abandoned company domains and the associated Google login systems to access sensitive information stored in business software like Slack, Notion, and HR systems, including social security numbers. This vulnerability is particularly relevant to startups that used the ""Sign in with Google"" function.
7. What challenges did Amazon employees face following the mandatory return-to-office policy?
Amazon's mandate for a full return to the office resulted in significant challenges for employees, including a shortage of desks and meeting rooms, overcrowded parking facilities, and an increase in workplace thefts. The policy has also been criticized for forcing employees into video calls that could have been easily conducted remotely, and some employees reported that there is a lack of trust amongst colleagues.
8. What are the $TRUMP and $MELANIA coins, and what controversies are surrounding them?
Donald and Melania Trump introduced meme coins named $TRUMP and $MELANIA on the Solana blockchain. These coins quickly gained significant value, raising concerns about potential conflicts of interest and market manipulation.