From: Forbes | The Wiretap - Tuesday Apr 06, 2021 05:00 pm
Forbes The Wiretap Newsletter

In a recurring feature in this newsletter, I publish stories and court documents that you won't have seen anywhere else, ones that provide a mix of strange true crime and real world surveillance. I call it The Wire IRL.

How much does your car know about you? For anyone that has any kind of onboard connectivity (read: most cars made in the last decade, at the very least), it knows a lot about where you've been and how you've been driving.

Police and the feds know that too. That's why when they investigate a crime, they sometimes try to raid the data held by car manufacturers and those companies that make the connected systems, as I reported in
an exclusive on Forbes last week.

Various search warrants show that
GM OnStar, Geotab and Spireon have all been called upon to provide location data to the Homeland Security Investigations team of Immigration and Customs Enforcement (ICE). Collectively, those companies track tens of millions of vehicles, so they have a substantial amount of information the feds can try to get with a valid warrant.

This comes with some
privacy concerns. As one source told me: "As more and more devices collect extensive data on our behaviors, often for purposes that improve our everyday lives, we need to make sure that law enforcement agencies do not see the mere availability of data as a free pass to access it as they see fit."

It's also apparent that
GM is happy to sell user data too and admits as much in its own privacy policy. But it doesn't say to whom that data is being sold. Just how much of its customers' privacy is it giving away?

You can read all the search warrants
here, here and here for the government's side of the story.

If you have any tips on government surveillance or cybercrime, drop me an email on or message me on Signal at +447782376697.

Thomas Brewster

Thomas Brewster

Associate Editor, Cybersecurity

The Big Story

Personal Data Of 533 Million Facebook Users Leaks Online
Personal Data Of 533 Million Facebook Users Leaks Online

A huge trove of 533 million Facebook users' names, phone numbers and other personal data has been leaked online. Though the data was pilfered back in 2019, after which Facebook closed off the flaw that allowed someone to grab all that information, the social media giant is being criticized for not telling users when it happened.

Read The Full Story →

The Stories You Have To Read Today

A Google Drive link that contains a leak of adult content from subscription site OnlyFans has been made available online, Bleeping Computer reports. The breach could be costly for content producers who make money by selling their videos and images on the site.

The Markup has done some investigating of the data broker industry where people's personal information, often without their knowledge about where it goes. It found 25 companies that had spent $29 million in 2020 on federal lobbying. That rivals some big tech firms.

Google has discovered more activity of a North Korean crew of hackers that was previously seen targeting security researchers. They've now set up a website for what appears to be a fake "offensive security company" - i.e. hackers for hire - located in Turkey. It's not clear exactly what they're up to, though, as no further attacks have been witnessed.

U.S. Cyber Command and the Department of Homeland Security are preparing to release a “malware analysis report” from the huge SolarWinds attacks allegedly carried out by Russian spies, reports CyberScoop. It looks at 18 different tools used in the hacks.

The FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) are warning about active attacks on Fortinet FortiOS vulnerabilities. The hackers are
trying to break into government and commercial entities, ZDNet reports.

Winner Of The Week

Investigative website OpenDemocracy has claimed victory in a case trying to stop the U.K. government giving more money to Peter Thiel-backed Palantir for Covid-19 contracts. The U.K. had given Palantir, a company that's been criticized for working with U.S. authorities to chase down illegal immigrants, a $30 million deal to help the NHS track the pandemic's spread. I'd previously broken stories about similar deals in the U.S. But OpenDemocracy says that as a result of its lawsuit, the government is "committing not to extend Palantir’s contract beyond Covid without consulting the public. There will be no more mission creep without assessing our rights."

Loser Of The Week

Ubiquiti, the router and networking manufacturer, disclosed a leak of customer account credentials in January. It didn't seem too bad, but a whistleblower with inside knowledge of the breach told KrebsOnSecurity that Ubiquiti had downplayed what was actually a “catastrophic” incident and had even allegedly invented a claim that a third-party cloud provider was to blame. The company, in response, said there was “no evidence that customer information was accessed, or even targeted.”

Across Forbes

2021 Forbes CIO Summit Series – Episode 2


2021 Forbes CIO Summit Series – Episode 2

Don’t miss Episode 2 of Forbes’ biggest series of the year for technology executives, where top CIOs from Adobe, CVS Health, Northwestern Mutual, Tableau and more will share how they are building future-fit software development strategies while also taking smart steps to defend systems against cyberattacks on Thursday, April 22 from 1 – 2:45 p.m. ET.

Register To Attend →

You’ve received this email because you’ve opted in to receive Forbes newsletters.

Unsubscribe from The Wiretap.

Manage Email Preferences | Privacy

Forbes Media | 499 Washington Blvd.

Jersey City, NJ 07130