UnitedHealth Group said a ransomware attack in February resulted in more than 100 million individuals having their private health information stolen. The U.S. Department of Health and Human Services first reported the figure on Thursday. TechCrunch reports: The ransomware attack and data breach at Change Healthcare stands as the largest known digital theft of U.S. medical records, and one of the biggest data breaches in living history. The ramifications for the millions of Americans whose private medical information was irretrievably stolen are likely to be life lasting. UHG began notifying affected individuals in late July, which continued through October. The stolen data varies by individual, but Change previously confirmed that it includes personal information, such as names and addresses, dates of birth, phone numbers and email addresses, and government identity documents, including Social Security numbers, driver's license numbers, and passport numbers. The stolen health data includes diagnoses, medications, test results, imaging and care and treatment plans, and health insurance information -- as well as financial and banking information found in claims and payment data taken by the criminals. The cyberattack became public on February 21 when Change Healthcare pulled much of its network offline to contain the intruders, causing immediate outages across the U.S. healthcare sector that relied on Change for handling patient insurance and billing. UHG attributed the cyberattack to ALPHV/BlackCat, a Russian-speaking ransomware and extortion gang, which later took credit for the cyberattack. The ransomware gang's leaders later vanished after absconding with a $22 million ransom paid by the health insurance giant, stiffing the group's contractors who carried out the hacking of Change Healthcare out of their new financial windfall. The contractors took the data they stole from Change Healthcare and formed a new group, which extorted a second ransom from UHG, while publishing a portion of the stolen files online in the process to prove their threat. There is no evidence that the cybercriminals subsequently deleted the data. Other extortion gangs, including LockBit, have been shown to hoard stolen data, even after the victim pays and the criminals claim to have deleted the data. In paying the ransom, Change obtained a copy of the stolen dataset, allowing the company to identify and notify the affected individuals whose information was found in the data. Efforts by the U.S. government to catch the hackers behind ALPHV/BlackCat, one of the most prolific ransomware gangs today, have so far failed. The gang bounced back following a takedown operation in 2023 to seize the gang's dark web leak site. Months after the Change Healthcare breach, the U.S. State Department upped its reward for information on the whereabouts of the ALPHV/BlackCat cybercriminals to $10 million.

Read more of this story at Slashdot.

No obvious pattern fell out of last week's submissions for Error'd, but I did especially like Caleb Su's example.

Michael R. , apparently still job hunting, reports "I have signed up to outlier.ai to make some $$$ on the side. No instructions necessary."

 

Peter G. repeats a recurring theme of lost packages, saying "(Insert obligatory snark about Americans and geography. No, New Zealand isn't located in Washington DC)." A very odd coincidence, since neither the lat/long nor the zip code are particularly interesting.

 

"The Past Is Mutable," declares Caleb Su , explaining "In the race to compete with Gmail feature scheduling emails to send in the *future*, Outlook now lets you send emails in the past! Clearly, someone at Microsoft deserves a Nobel Prize for defying the basic laws of unidirectional time." That's thinking different.

 

Explorer xOneca explains this snapshot: "Was going to watch a Youtube video in DuckDuckGo, and while diagnosing why it wasn't playing I found this. It seems that youtube-nocookie.com actually *sets* cookies..?"

 

Morgan either found or made a funny. But it is a funny. "Now when I think about it I do like Option 3 more…" I rate this question a 👎

 

[Advertisement] ProGet’s got you covered with security and access controls on your NuGet feeds. Learn more.

An anonymous reader quotes a report from New Scientist: As the world emerged from the lockdowns of the covid-19 pandemic, many countries promised to rebuild their economies in a climate-friendly fashion, amid hopes the recovery effort could accelerate the global journey to net-zero emissions. In reality, the opposite has happened. Instead of a "green recovery," global greenhouse gas emissions are rising much faster now than they did in the decade preceding the global pandemic. Emissions rose 1.3 percent to 57.1 gigatons of carbon dioxide equivalent in 2023. That is a far faster annual rate of growth than during the decade 2010-2019, when emissions grew on average 0.8 percent per year. In fact, global greenhouse gas emissions are now just below the 59.1 gigatons peak recorded in 2019. All sources of greenhouse gas emissions except land use are rising, according to a report from the United Nations Global Environment Program (UNEP), as economies continued to rebound from covid-19. Emissions from road transport, leaks from oil and gas infrastructure such as pipelines and industrial emissions all grew rapidly in 2023, UNEP said, while aviation emissions grew 19.5 percent. Rising emissions means the world's opportunity to avert catastrophic climate change is shrinking, Inger Anderson at UNEP said in a statement. "Climate crunch time is here," she said. "I urge every nation: no more hot air, please."

Read more of this story at Slashdot.

Starting next week, Google Photos will label when an image was edited with AI. The Verge reports: "Photos edited with tools like Magic Editor, Magic Eraser and Zoom Enhance already include metadata based on technical standards from The International Press Telecommunications Council (IPTC) to indicate that they've been edited using generative AI," John Fisher, engineering director of Google Photos, wrote in a blog post. "Now we're taking it a step further, making this information visible alongside information like the file name, location and backup status in the Photos app." The "AI info" section will be found in the image details view of Google Photos both on the web and in the app. These labels won't be limited strictly to generative AI, either. Google says it'll also specify when a "photo" contains elements from several different images -- such as when people use the Pixel's Best Take and Add Me features. [...] "This work is not done, and we'll continue gathering feedback and evaluating additional solutions to add more transparency around AI edits," Fisher wrote.

Read more of this story at Slashdot.

The EU Court of Justice ruled in favor of Intel, dismissing the European Commission's appeal and ending a nearly two-decade-long case over allegations that Intel's rebates to computer makers were anticompetitive. Reuters reports: The European Commission had fined Intel for giving rebates to computer makers Dell, Hewlett-Packard and Lenovo for buying most of their chips from Intel, which regulators said was an attempt to block Advanced Micro Devices. Regulators generally oppose rebates offered by dominant companies because they fear they may be anticompetitive, while companies say enforcers must prove discounts have anticompetitive effects before companies are sanctioned. EU regulators had initially fined Intel 1.06 billion euros ($1.14 billion) but a lower tribunal scrapped that. Intel's case was boosted earlier this year when an adviser to the court said regulators had not properly performed an economic analysis.

Read more of this story at Slashdot.

MojoKid writes: Intel has lifted the embargo on independent reviews of its new Core Ultra 200S series Arrow Lake-S processors, which mark a shift in its desktop CPU strategy with symmetrical core/thread counts (no Hyperthreading) and a dedicated 13 TOPS NPU. This series features a disaggregated tiled design for the first time in Intel's desktop chips, focusing on efficiency and power reduction. The Core Ultra 5 245, priced around $300, and the Ultra 9 285K at $589 deliver strong performance, particularly in creator workloads, competing well with AMD's Ryzen CPUs, while the Ultra 9 285K's price undercuts AMD's Ryzen 9 9950X significantly. While gaming performance shows slight regression in spots, the new chips are much more power-efficient than their predecessors. Overall, the platform offers leading-edge features, competitive pricing, and solid performance for creators, gamers and workstation pros.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Smashing, a new app curating the best of the web from Goodreads co-founder Otis Chandler, is now available to the public. Like Goodreads, the app aims to create a community around content. But this time, instead of books, the focus is on web content -- like news articles, blog posts, social media posts, podcasts, and more. In addition, Smashing is introducing an AI Questions feature that allows you to engage with the content being shared in different ways, including by viewing a news story from different perspectives or asking the AI to poke holes in the story, among other things. By viewing different angles of a story, you can see how both the political left and right view the subject. Or, in the case of a company's stock, you might be presented with both the bull and bear case. There are a good handful of AI prompts available at launch, notes Chandler, and not all will make sense to use on every news story or piece of content. For instance, there's a silly "make it funny" prompt, and others that can simplify the story, display a timeline, or introduce "unconventional" takes that may involve thinking outside the box, helping you weigh ideas you hadn't considered yet. You can also ask your own questions, if you prefer. On the app, users are able to create multiple interest feeds to stay informed about the topics that matter to them, like politics, investing, parenting, health and wellness, and more, or even narrower interests like specific companies, sports teams, crypto, climate change, or other subtopics. The app also leverages AI to surface content from around the web and then match it to an individual reader based on what articles they tend to read, what subtopics they like, and what's already popular in the community, as determined by upvotes and downvotes. Combined, the signals tune Smashing to a user's particular interests. As part of the AI Questions feature, Smashing is also introducing AI-powered Story Overview pages, which offer grouped articles, blog posts, and social media posts all about the same story.

Read more of this story at Slashdot.

Ahead of Georgia's parliamentary elections, Georgian authorities raided the homes of disinformation researchers Eto Buziashvili and Sopo Gelava, seizing personal devices. The Record: Eto Buziashvili and Sopo Gelava, both employees of the Atlantic Council think tank, had their homes searched and their own and their family members' personal devices seized by investigators working for the country's Ministry of Finance, according to friends of the pair who spoke to Recorded Future News. Both women are said to be safe, although there are concerns about the security of their devices and online accounts. The searches come a day after Buziashvili published an article detailing how the Kremlin was influencing Georgian politics by supporting the incumbent government and interfering in the upcoming elections. Local media reported that the offices of outsourcing company Concentrix and other Georgian citizens were also subject to searches. The Ministry of Finance claimed on Facebook it launched searches of "specific facilities" related to "call centers" alleged to be engaged in illegal activity. The investigations come ahead of an election that is being seen as a bellwether of the country's future direction, either pursuing closer ties to Russia under the current prime minister Irakli Kobakhidze or moving towards the West through opposition figures. Graham Brookie, the Atlantic Council's vice president for technology programs and strategy, said the organization "is deeply concerned about this development and its impact on our staff's work shortly before Georgian elections. [Gelava and Buziashvili] are engaged in independent, non-partisan work aimed at defending and strengthening democracy from those who would undermine it in online spaces, including research related to foreign influence efforts, the targeting of marginalized communities, and other online harms." "We trust that Georgian authorities will provide more clarity on their actions, ensure the safety and security of our staff, return their property, and allow them to continue their contributions to Georgian democracy."

Read more of this story at Slashdot.

Amazon is shutting down its Amazon Today service, which provided same-day delivery from mall and brick-and-mortar retailers. The program will mostly wind down by December 2, 2024, with select partners fulfilling orders until January 2025. CNBC reports: A small amount of employees will be laid off and provided with severance, while others will be transitioned to other positions within Amazon, the company said. Employees who work on Amazon Today learned the news in a meeting on Monday, where some staffers were informed they would be laid off, the people said. Roughly 300 employees were working on Amazon Today, the people said. Amazon disputed the figure, saying there were approximately 175 employees in the unit. The closure of Amazon Today is the latest example of the company's broader cost-cutting efforts.

Read more of this story at Slashdot.

Google is introducing a dark mode to the web version of Google Calendar and rolling out a "refreshed user interface." From a report: The new UI will include buttons, dialog boxes, and sidebars that are "more modern and accessible" with improved typefaces. The update started rolling out this week and soon it will be available to everyone, whether they're using a personal Gmail login or any sort of paid Google Workspace account. [...] Google says the updated calendar UI will also feature "iconography that is legible and crisp, with a fresh feel," using its "custom-designed and highly-legible typefaces" that bring it line with Google's Material Design 3 standards. The updates, including dark mode, will also apply to "the entire calendar web experience," including the task list view.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Back in May, Google augmented its Gemini AI model with SynthID, a toolkit that embeds AI-generated content with watermarks it says are "imperceptible to humans" but can be easily and reliably detected via an algorithm. Today, Google took that SynthID system open source, offering the same basic watermarking toolkit for free to developers and businesses. The move gives the entire AI industry an easy, seemingly robust way to silently mark content as artificially generated, which could be useful for detecting deepfakes and other damaging AI content before it goes out in the wild. But there are still some important limitations that may prevent AI watermarking from becoming a de facto standard across the AI industry any time soon. Google uses a version of SynthID to watermark audio, video, and images generated by its multimodal AI systems, with differing techniques that are explained briefly in this video. But in a new paper published in Nature, Google researchers go into detail on how the SynthID process embeds an unseen watermark in the text-based output of its Gemini model. The core of the text watermarking process is a sampling algorithm inserted into an LLM's usual token-generation loop (the loop picks the next word in a sequence based on the model's complex set of weighted links to the words that came before it). Using a random seed generated from a key provided by Google, that sampling algorithm increases the correlational likelihood that certain tokens will be chosen in the generative process. A scoring function can then measure that average correlation across any text to determine the likelihood that the text was generated by the watermarked LLM (a threshold value can be used to give a binary yes/no answer).

Read more of this story at Slashdot.

The White House is directing the Pentagon and intelligence agencies to increase their adoption of AI, expanding the Biden administration's efforts to curb technological competition from China and other adversaries. From a report: The edict is part of a landmark national security memorandum published Thursday. It aims to make government agencies step up experiments and deployments of AI. The memo also bans agencies from using the technology in ways that "do not align with democratic values," according to a White House news release. "This is our nation's first ever strategy for harnessing the power and managing the risks of AI to advance our national security," national security adviser Jake Sullivan said in a speech Thursday. Sullivan called the speed of change in AI "breathtaking" and said it had the potential to affect fields ranging from nuclear physics to rocketry and stealth technology. The White House believes that providing clear rules for using AI will make it easier for government agencies to use the technology, according to a briefing with senior administration officials who spoke on the condition of anonymity to discuss details of the report before its publication.

Read more of this story at Slashdot.

Cable companies, advertising firms, and newspapers are asking courts to block a federal "click-to-cancel" rule that would force businesses to make it easier for consumers to cancel services. From a report: Lawsuits were filed yesterday, about a week after the Federal Trade Commission approved a rule that "requires sellers to provide consumers with simple cancellation mechanisms to immediately halt all recurring charges." Cable lobby group NCTA-The Internet & Television Association and the Interactive Advertising Bureau trade group sued the FTC in the conservative US Court of Appeals for the 5th Circuit. The lawsuit claims the 5th Circuit is a proper venue because a third plaintiff, the Electronic Security Association, has its principal offices in Dallas. That group represents security companies such as ADT.

Read more of this story at Slashdot.

whitroth writes: People here and elsewhere have been yelling for more nuclear power, and that renewables can't meet demand. Surprise -- the corporations are betting on them, and massive numbers of batteries can be produced a lot faster than nuclear plants can be built. The Guardian adds: Faced with worsening climate-driven disasters and an electricity grid increasingly supplied by intermittent renewables, the US is rapidly installing huge batteries that are already starting to help prevent power blackouts. From barely anything just a few years ago, the US is now adding utility-scale batteries at a dizzying pace, having installed more than 20 gigawatts of battery capacity to the electric grid, with 5GW of this occurring just in the first seven months of this year, according to the federal Energy Information Administration (EIA). This means that battery storage equivalent to the output of 20 nuclear reactors has been bolted on to America's electric grids in barely four years, with the EIA predicting this capacity could double again to 40GW by 2025 if further planned expansions occur. California and Texas, which both saw all-time highs in battery-discharged grid power this month, are leading the way in this growth, with hulking batteries helping manage the large amount of clean yet intermittent solar and wind energy these states have added in recent years.

Read more of this story at Slashdot.

theodp writes: "Computer science education is a necessity for all students," argues tech-backed nonprofit Code.org in its newly-published 2024 State of Computer Science Education (Understanding Our National Imperative) report. "Students of all identities and chosen career paths need quality computer science education to become informed citizens and confident creators of content and digital tools." In the 200-page report, Code.org pays special attention to participation in "foundational computer science courses" in high school. "Across the country, 60% of public high schools offer at least one foundational computer science course," laments Code.org (curiously promoting a metric that ignores school size which nonetheless was embraced by Education Week and others). "A course that teaches foundational computer science includes a minimum amount of time applying learned concepts through programming (at least 20 hours of programming/coding for grades 9-12 high schools)," Code.org explains in a separate 13-page Defining Foundational Computer Science document. Interestingly, Code.org argues that Data and Informatics courses -- in which "students may use Oracle WebDB, SQL, PL/SQL, SPSS, and SAS" to learn "the K-12 CS Framework concepts about data and analytics" -- do not count, because "the course content focuses on querying using a scripting language rather than creating programs [the IEEE's Top Programming Languages 2024 begs to differ]." Code.org similarly dissed the use of the Wolfram Language for broad educational use back in 2016. With its insistence on the importance of kids taking Code.org-defined 'programming' courses in K-12 to promote computational thinking, it's probably no surprise to see that the data behind the 2024 State of Computer Science Education report was prepared using Python (the IEEE's top programming language) and presented to the public in a Jupyter notebook. Just kidding. Ironically, the data behind the 2024 State of Computer Science Education analysis is prepared and presented by Code.org in a no-code Tableau workbook.

Read more of this story at Slashdot.

penciling_in writes: Pat Kane, Senior VP at Verisign, reports that on October 20th, ICANN and Verisign renewed the agreement under which Verisign will continue to act as Root Zone Maintainer for the Domain Name System (DNS) for another 8-year term. "The Root Zone sits atop the hierarchical architecture of the DNS and is essential to virtually all internet navigation, acting as the dynamic, cryptographically secure, global directory of all top-level domains that exist in the DNS. The Root Zone Maintainer is a unique role that ensures the cryptographic signing and publication of the Root Zone no less than once a day, without which, navigation on the internet would be impossible," the story adds.

Read more of this story at Slashdot.

The chief scientist of the Asia Pacific Network Information Center has a theory about why the world hasn't moved to IPv6. From a report: In a lengthy post to the center's blog, Geoff Huston recounts that the main reason for the development of IPv6 was a fear the world would run out of IP addresses, hampering the growth of the internet. But IPv6 represented evolution -- not revolution. "The bottom line was that IPv6 did not offer any new functionality that was not already present in IPv4. It did not introduce any significant changes to the operation of IP. It was just IP, with larger addresses," Huston wrote. IPv6's designers assumed that the protocol would take off because demand for IPv4 was soaring. But in the years after IPv6 debuted, Huston observes, "There was no need to give the transition much thought." Internetworking wonks assumed applications, hosts, and networks would become dual stack and support IPv6 alongside IPv4, before phasing out the latter. But then mobile internet usage exploded, and network operators had to scale to meet unprecedented demand created by devices like the iPhone. "We could either concentrate our resources on meeting the incessant demands of scaling, or we could work on IPv6 deployment," Huston wrote.

Read more of this story at Slashdot.

Ireland's data-protection watchdog fined LinkedIn 310 million euros ($334.3 million), saying the Microsoft-owned career platform's personal-data processing breached strict European Union data-privacy and security legislation. From a report: The Irish Data Protection Commission in 2018 launched a probe into LinkedIn's processing of users' personal data for behavioral analysis and targeted advertising after its French equivalent flagged a complaint it received from a non-profit organization. Irish officials raised concerns on the lawfulness, fairness and transparency of the practice, saying Thursday that LinkedIn was in breach of the EU's General Data Protection Regulation. "The lawfulness of processing is a fundamental aspect of data protection law and the processing of personal data without an appropriate legal basis is a clear and serious violation of a data subjects' fundamental right to data protection," said Graham Doyle, deputy commissioner at the Irish Data Protection Commission. In their decision, Irish officials said LinkedIn wasn't sufficiently informing users when seeking their consent to process third-party data for behavioral analysis and targeted advertising and ordered the platform to bring its processing into compliance.

Read more of this story at Slashdot.

An anonymous reader shares a report: Members of Congress are raising the alarm about new technology at supermarkets: They say Kroger and other major grocery stores are implementing digital price tags that could allow for dynamic pricing, meaning the sticker price on items like eggs and milk could change regularly. They also claim data from facial recognition technology at Kroger could be considered in pricing decisions. Kroger denied the claims, saying it has no plans to implement dynamic pricing or use facial recognition software. Walmart also said it had no plans for dynamic pricing, and that facial recognition was not being used to affect pricing, but the company did not specify whether the tool was being used for other purposes. Both Walmart, which has 4,606 U.S. stores, and Kroger, which has nearly 2,800 U.S. stores, also suggested that the effects of digital price tags are being exaggerated, and economic experts say that most grocery bills won't be higher as a result of the tags. Still, data privacy experts have concerns about new technology being implemented at grocery stores broadly.

Read more of this story at Slashdot.

Notion, the maker of a popular eponymous note-taking app, appears to be getting ready to launch its own email product, called Notion Mail, TechCrunch reported Thursday, citing sources. From the report: Earlier this year, Notion acquired Skiff, a privacy-focused email service and app. At the time, Skiff said that it would provide a 12-month sunset window to users so that they have enough time to migrate to a different email service. For months, users on Reddit have shared hints of Notion working on its email product. Some folks found the development environment URL, others reportedly found the login page to the email product. At the time of writing, when TechCrunch entered mail.notion.so in a web browser, "Notion Mail" appeared briefly as the page title with a mail logo... But we were then redirected to Notion's main login page.

Read more of this story at Slashdot.