The Daily Swig: GHunt OSINT tool sniffs out Google users’ account information using just their email address

The Daily Swig: GHunt OSINT tool sniffs out Google users’ account information using just their email address . “GHunt lets individuals, or security experts, analyze a target’s Google ‘footprint’ based just on an email. The open source intelligence, or OSINT, tool can extract the account owner’s name and Google ID, YouTube channel, and active Google services, including Photos and Maps. GHunt can also reveal public photos, phone model, make, firmware and installed software, and potentially, the user’s physical location.”

Washington Post: A Google employee is suing for discrimination. He wants to know if Google can use his data against him.

Washington Post: A Google employee is suing for discrimination. He wants to know if Google can use his data against him.. “Attorneys representing a Google employee suing the company want to know whether the search engine giant thinks it is allowed to view his digital communication, a case that has renewed questions about the extent of Google’s power to surveil.”

Kim Komando: How to delete yourself from people search sites

Kim Komando: How to delete yourself from people search sites. “People search sites build profiles based on public info scraped from across the internet. These profiles often contain sensitive data like phone numbers and addresses — and scam callers and mail spammers rely on these websites to scout prospects. You might be thinking, ‘Is this legal?’ Data brokers get away with it by giving people a chance to opt-out. Unfortunately, this is usually easier said than done. Prepare to jump through some hoops.”

Sydney Morning Herald: Why you shouldn’t post a picture of a boarding pass on social media

Sydney Morning Herald: Why you shouldn’t post a picture of a boarding pass on social media. “Security experts are repeating warnings to keep pictures of documents with personal information and barcodes — such as boarding passes and tickets — off social media, after the latest instance of such information being misused. Earlier this week, self-described ‘hacker’ Alex Hope detailed in a long blog post how he used an Instagram post from former Australian prime minister Tony Abbott, showing a boarding pass, to discern his passport number and other personal details.”

Daily Dot: Don’t click that USPS text you just got—it’s a scam

Daily Dot: Don’t click that USPS text you just got—it’s a scam. “Receiving USPS text messages about an unclaimed package? Don’t click the link. Text messages purporting to be from the United States Postal Service (USPS) have been hitting phones all across the country this week, asking recipients to claim a package. But the texts are not from the USPS and are part of a wide-scale phishing scam, designed to steal users’ personal information.”

Washington Post: Chinese firm harvests social media posts, data of prominent Americans and military

Washington Post: Chinese firm harvests social media posts, data of prominent Americans and military. “Biographies and service records of aircraft carrier captains and up-and-coming officers in the U.S. Navy. Real-time tweets originating from overseas U.S. military installations. Profiles and family maps of foreign leaders, including their relatives and children. Records of social media chatter among China watchers in Washington. Those digital crumbs, along with millions of other scraps of social media and online data, have been systematically collected since 2017 by a small Chinese company called Shenzhen Zhenhua Data Technology for the stated purpose of providing intelligence to Chinese military, government and commercial clients, according to a copy of the database that was left unsecured on the Internet and retrieved by an Australian cybersecurity consultancy.”

U.S. Department of Veterans Affairs: VA notifies Veterans of compromised personal information

U.S. Department of Veterans Affairs: VA notifies Veterans of compromised personal information. “The U.S. Department of Veterans Affairs (VA) Office of Management today announced a data breach involving the personal information of approximately 46,000 Veterans and actions taken by the department to prevent and mitigate any potential harm to those individuals.”

Techdirt: If We’re So Worried About TikTok, Why Aren’t We Just As Worried About AdTech And Location Data Sales?

Techdirt: If We’re So Worried About TikTok, Why Aren’t We Just As Worried About AdTech And Location Data Sales?. “…most of the ‘experts’ and politicians who think banning TikTok is a good idea don’t seem to realize it’s not going to genuinely accomplish much in full context. Chinese intelligence can still glean this (and much more data) from a wide variety of sources thanks to our wholesale privacy and security failures on countless other fronts. It’s kind of like banning sugary soda to put out a forest fire, or spitting at a thunderstorm to slow its advance over the horizon.”

ZDNet: Privacy concerns prompt Irish regulators to ask Facebook to stop sending EU user data to the US

ZDNet: Privacy concerns prompt Irish regulators to ask Facebook to stop sending EU user data to the US. “Facebook says that Irish regulators believe current user data exchange methods between the US and EU ‘cannot in practice be used,’ leading to an inquiry into the data transfer practices employed by the company. “

CNET: How your personal data is exploited to win elections and influence policy

CNET: How your personal data is exploited to win elections and influence policy. “Politicians are exploiting intimate details about your life to win elections and influence policy. Your voter history and party registration are public records that are easy to access. Your phone number, home address, salary and debt history, and how you feel about controversial issues like gun control, can be purchased cheaply. Everything you post on social media is easy to scrape and collect. And mobile apps built by the Trump and Biden presidential campaigns give them unprecedented access to your device’s location history, and a whole lot more.”

CNN: Marketers are gathering data on your kids from the apps they use, study finds

CNN: Marketers are gathering data on your kids from the apps they use, study finds. “Your preschooler’s privacy is likely being violated by the child-centered games or educational apps he or she is playing — perhaps on your very own smartphone or tablet — in direct violation of the Children’s Online Privacy Protection Act. That’s the shocking finding of a new study analyzing how developers collect and share personal digital information while children are using many of the tens of thousands of digital apps created for kids — a trend that is on the rise during the coronavirus pandemic as more and more children shelter and study at home.”

Reuters: Colombia orders Google to comply with data protection rules

Reuters: Colombia orders Google to comply with data protection rules. “Colombian regulators on Friday ordered Alphabet Inc’s Google to clearly ask each user whether the world’s largest search engine can use their personal data which is being captured without authorization. Non-compliance could lead to investigations, sanctions and fines equivalent to 1.76 billion pesos ($480,500), the Superintendency of Industry and Commerce said in a statement.”

Health IT Security: Search Engines May Expose Patient Health Information, ACR warns

Health IT Security: Search Engines May Expose Patient Health Information, ACR warns. “New search engine capabilities may inadvertently expose patient identifiers and other protected health information, according to a warning from the American College of Radiology (ACR), Radiological Society of North America (RSNA), and Society for Imaging Informatics in Medicine (SIIM) to radiologists and other medical professionals.”

Lifehacker: You Should (Probably) Delete Your Google Data — Here’s How

Lifehacker: You Should (Probably) Delete Your Google Data — Here’s How. “We’ve talked about this practice a lot, but to Google’s credit, the company has given users greater control over the ultimate fate of the data it collects. This includes the ability to automatically delete this data at regular, repeating intervals. We’ve covered some of this in the past, but in light of some updates to its privacy options in late 2019, we’re going to show you how to automatically delete your data across as many of Google’s services as possible.”

CyberScoop: The FBI’s digital security guide for local police actually has good OPSEC advice

CyberScoop: The FBI’s digital security guide for local police actually has good OPSEC advice. “The instructions include a range of advisories for smaller police agencies, ranging from ways to avoid harassment on Facebook to the best methods for removing personal information from publicly available databases. The 354-page document, titled ‘Digital Exhaust Opt Out Guide,’ was released publicly in June as part of the BlueLeaks data dump, a trove of law enforcement materials made public by transparency activists calling themselves Distributed Denial of Secrets. Federal authorities have distributed the guidelines to local police”