By Agencies | Updated: 15 July 2022
Executives from Alibaba Group Holdings’ cloud division have been summoned by Shanghai authorities in connection with a theft of police data on Chinese citizens, the Wall Street Journal reported on Thursday.
Based on scans of the police database, cybersecurity researchers concluded that the stolen data of nearly 1 billion Chinese citizens was hosted on Alibaba’s cloud platform, according to the report.
Alibaba did not immediately respond to a Reuters request for comment.
Since the theft was discovered, Alibaba has temporarily disabled all access to the breached database and launched an inspection, the report said.
Earlier this month, it was reported that a hacker claiming to have stolen personal data from hundreds of millions of Chinese citizens is now selling the information online.
A sample of 750,000 entries posted online by the hacker showed citizens’ names, mobile phone numbers, national ID numbers, addresses, birthdays, and police reports they had filed.
AFP and cybersecurity experts have verified some of the citizen data in the sample as authentic, but the scope of the entire database is hard to determine.
Advertised on a forum late last month but only picked up by cybersecurity experts this week, the 23TB database — which the hacker claims contains the records of a billion Chinese citizens — is being sold for 10 Bitcoins (approximately Rs. 16,00,000). the 23TB database — which the hacker claims contains the records of a billion Chinese citizens — is being sold for 10 Bitcoins (approximately Rs. 16,00,000).
At least four people out of over a dozen contacted by AFP confirmed their personal details, such as names and addresses, as listed in the database.
In replies to the original post, users speculated that the data may have been hacked from an Alibaba Cloud server where it was apparently being stored by the Shanghai police.
Potter, the cybersecurity analyst, confirmed that the files were hacked from Alibaba Cloud, which did not respond to an AFP request for comment.
If confirmed, the breach would be one of the largest in history and a major violation of the recently approved Chinese data protection laws.
Amazon Suspends at Least 50 Workers After Employees Protested Against Fire Incident
By Associated Press | Updated: 5 October 2022
Amazon has suspended at least 50 warehouse employees who refused to work their shifts following a trash compactor fire at one of its New York facilities, according to union organisers.
The company suspended the workers, with pay, on Tuesday, a day after the fire disrupted operations at the Staten Island warehouse that voted to unionise earlier this year.
Derrick Palmer, the Vice President of the Amazon Labor Union, said day-shift workers were sent home with pay due to the fire, which began late afternoon Monday. But night-shift employees, who were just coming in for their shift, were told to remain in a break area until management figured out the situation, he said.
Dozens of workers began to raise concerns about safety. Some were worried the air in the facility would be unsafe to breathe because of smoke from the fire. Eventually, roughly 100 workers held a sit-down protest at the facility’s main office, demanding to be sent home with pay.
“They were saying ‘we don’t feel safe, we don’t feel safe to work’,” Palmer said.
Amazon spokesperson Paul Flaningan said in a prepared statement that the company had asked all night shift employees to report to their shifts on Monday after the New York Fire Department certified the building as safe.
“While the vast majority of employees reported to their workstations, a small group refused to return to work and remained in the building without permission,” Flaningan said. Some workers had also walked out, while others continued with the protest, according to organisers.
The suspended workers were notified by email and phone that their security badges would be inactive during the duration of the probe, Palmer said. The suspensions are in effect indefinitely as the company investigates. The number of suspended workers could rise. Seth Goldstein, an attorney for the union, said the workers intend to file unfair labour practice charges against Amazon with the National Labor Relations Board.
Amazon has filed over two dozen objections with the agency seeking to toss out the union’s April win. Meanwhile, warehouse workers at a separate facility near Albany, New York will be voting in their own union election next week.
RuPay Credit Card UPI Usage: No Charge for Transactions Up to Rs. 2,000, NPCI Says
By Press Trust of India | Updated: 5 October 2022
There will be no charge for RuPay credit card use on Unified Payments Interface (UPI) for transactions up to Rs. 2,000 in line with the RBI direction, a recent NPCI circular said.
RuPay credit card has been operational for the last four years, and all major banks are enabled and are issuing incremental cards for both commercial and retail segments.
“During credit card on-boarding on the apps, the device binding and UPI PIN setting process shall include and be construed as customer consent for credit card enablement for all types of transactions,” the circular dated October 4 said.
For international transaction enablement, the existing process from the app will apply to credit cards too, the National Payments Corporation of India (NPCI) said in the circular.
Nil Merchant Discount Rate (MDR) would apply for this category up to the transaction amount less than and equal to Rs. 2,000, it noted.
MDR is the cost paid by a merchant to a bank for accepting payment from their customers via credit or debit cards every time a card is used for payments in their stores. The merchant discount rate is expressed in the percentage of the transaction amount.
“This circular is applicable from the issuance date and members are requested to take note and bring the contents of this circular to the notice of the relevant stakeholders,” it said.
“The basic objective of linking credit cards to UPI is to provide a customer with a wider choice of payments. Currently, UPI is linked through debit cards to savings accounts or current accounts,” Reserve Bank Deputy Governor T Rabi Sankar had earlier said.
As per the circular, UPI apps would ensure complete transparency on transactions made by a customer using a credit card, by means of easily accessible transaction history and clearly visible user interface while making the payment.
Credit card issuers and apps will send appropriate notifications or communications to the customer during each event of the credit card lifecycle for such transactions, as per the circular.
The step will promote the homegrown payment gateway and encourage wider acceptance of RuPay cards.
It further said there is a need to maintain a separate mobile number attached to an add-on card.
Amazon, Five Publishers Win Dismissal of Lawsuits Alleging Conspiracy to Fix Book Prices: Details
By Reuters | Updated: 30 September 2022
A federal judge on Thursday dismissed two antitrust lawsuits accusing Amazon.com Inc and five large publishers of illegally conspiring to fix US prices of electronic and traditional books, causing consumers and bookstores to pay more.
US District Judge Gregory Woods in Manhattan accepted a magistrate judge’s recommendations to end both cases against Amazon, Hachette Book Group, HarperCollins Publishers, Macmillan Publishing Group, Penguin Random House and Simon & Schuster.
Consumers accused the defendants of signing agreements that let the publishers inflate e-book prices by locking in a 30 percent “agency” fee for Amazon on each sale, and guaranteeing that Amazon’s prices would not be undercut.
Retail booksellers, meanwhile, alleged that Amazon had been awarded a “discriminatory discount” on hardbacks, paperbacks and mass-produced books, forcing them to pay higher wholesale prices to the publishers and depressing book sales.
According to the plaintiffs, Amazon commands 90 percent of retail e-book sales and 50 percent of print trade book sales, while the publishers account for 80 percent of both kinds of books.
But in two opinions totaling 113 pages, US Magistrate Judge Valerie Figueredo recommended last month that both lawsuits be dismissed, citing a lack of evidence of collusion.
She found it “telling” in the e-book case that the consumers offered “no plausible explanation for why the publishers would have been motivated to participate in a conspiracy that further entrenched Amazon’s dominance as an e-book retailer.”
Woods adopted Figueredo’s reasoning in full. The lawsuits were dismissed without prejudice, meaning the plaintiffs can try amending their complaints.
Lawyers for the plaintiffs did not immediately respond to requests for comment. Amazon had no immediate comment.
The trade book case was led by Bookends & Beginnings, a bookseller in Evanston, Illinois.
The cases are In re Amazon.com Inc e-Book Antitrust Litigation, US District Court, Southern District of New York, No. 21-00351; and Bookends & Beginnings LLC v Amazon.com Inc et al in the same court, No. 21-02584.
© Thomson Reuters 2022
RBI Unlikely to Extend Card Tokenisation Deadline Despite Payment Failures, Revenue Losses, Bankers Say
By Reuters | Updated: 29 September 2022
India’s central bank is unlikely to extend a Friday deadline for businesses to set up an additional layer of security for consumers’ credit card data even after some concerns remain over payments failing and revenue losses, say bankers and merchants.
Despite a demand by smaller merchants to delay the compliance date, there has been no indication so far by the central bank that there is likely to be an extension in deadline, three banking and merchant sources with knowledge of the matter told Reuters.
The Reserve Bank of India (RBI) did not respond to an email request for comment.
“The general sense is that banks, card networks and (bigger) merchants are better prepared and so the push from the ecosystem side for an extension has also not been massive and we haven’t received any indication to suggest an extension either,” said a banker with a large state-owned bank.
“If it happens, it will be a surprise,” he added.
Three years ago, India embarked on a mammoth exercise to secure card data by requiring businesses to tokenise cards by September 30.
Tokenisation is a process by which card details are replaced by a unique code or token, generated by an algorithm, allowing online purchases without exposing card details, in a bid to improve data security.
The RBI first introduced the norms in 2019 and after several extensions has ordered all companies in India to purge saved credit and debit card data from their systems by October 1, 2022.
While banks, card companies, and large retailers are prepared, smaller merchants may face trouble which they say could lead to revenue losses for them in the short-term.
Merchant associations have also reached out to the central bank to see if they can be given more time.
Some merchants and bankers also fear card-related transactions may drop in the short-term after tokenisation norms are introduced.
“The moment an additional layer or friction is introduced, payments seem to drop. And there are concerns that initially we may see recurring drop by similar levels to what we had seen,” said Rohit Kumar, Founding Partner of TQH Consulting, a public policy consulting firm.
When the previous tokenisation deadline was nearing, recurring payments were failing by 10-15 percent, according to merchants.
Apart from payments, other things that need to be stress tested include what happens when a product is returned and other post-transaction flows as card data will not be stored on the merchant servers, said Rajaram Suresh of Boston Consulting Group.
Unlike India where it has been made mandatory, European stakeholders have been encouraged to tokenise cards for security benefits, Suresh added.
However, analysts argue that at a time when digital payments are expected to reach the $10 trillion (roughly Rs. 8,17,37,500 crore) mark by 2026, tokenisation is imperative. Fraud concerning card or internet transactions have been on a rise and made up 34.6 percent of total number of fraud cases in FY21, according to central bank data.
“People are used to one-click checkout so adoption may take more time and some people may shift to cash but considering that this makes online transactions more secure, customers will adopt this faster without much chaos this time around,” said Jagdish Kumar Senior Vice President of Worldline India.
© Thomson Reuters 2022
Fast Company Shuts Down Website After Hackers Compromise Apple News Feed
By Reuters | Updated: 28 September 2022
US business and media publication Fast Company said it shut down its website on Tuesday evening after the site was hacked and sent “obscene and racist” notifications to Apple users via the iPhone maker’s Apple News service.
News publishers using the Apple News aggregation app can connect their digital publishing tools to Apple News to send push notifications to Apple customers who subscribe to the publisher’s channel. Fast Company said hackers broke into those publishing tools.
Hackers sent two “obscene and racist push notifications” about a minute apart, Fast Company said in a tweet, adding it had suspended the Apple News feed until the situation was resolved.
“We are investigating the situation and have suspended the feed & shut down FastCompany.com until we are certain the situation has been resolved,” the publication added.
Fast Company’s website was down and the page displayed a 404 error when viewed by Reuters on Tuesday evening.
In a subsequent tweet after the shutdown, Fast Company said that its content management system – software used by news outlets to publish and manage their stories – had been hacked to send the notifications.
Apple News said in a tweet that it had disabled Fast Company’s channel.
Fast Company said it had earlier suffered an “apparently related” hack of its website on Sunday afternoon, when similar language appeared on its home page, causing it to shut the site down for about two hours.
Fast Company is owned by publishing firm Mansueto Ventures LLC.
© Thomson Reuters 2022
Elon Musk Fake Accounts Claim Not Backed Up by Data Scientists’ Findings, Twitter Lawyer Tells Court
By Agence France-Presse | Updated: 28 September 2022
Twitter and Elon Musk sparred in court on Tuesday, each digging for evidence to prevail in a high-stakes trial next month over the billionaire’s bid to break his buyout deal.
Musk has been keen to find evidence to back his accusation that Twitter misled regulators and investors about what portion of accounts are actually spam or software “bots,” as well as its key measures regarding growth.
Twitter, which has sued Musk to force him to complete the $44 billion (roughly Rs. 3,60,140 crore) buyout deal, seeks material or testimony to prove he is contriving excuses to walk away because he changed his mind.
A Twitter attorney told the judge it was a struggle to get documents from data scientists Musk used to estimate the portion of fake accounts on the social network, and that what they finally got did not back his accusation about it being much higher than five percent.
Attorney Brad Wilson contended that Twitter has encountered a “pattern of delay and obfuscation” when it comes to what Musk learned from data scientists he had study Twitter data.
Musk attorneys, in turn, pressed the judge to make Twitter hand over more messages or other material, particularly regarding “monetisable daily active users” and “user active minutes.”
The hearing came during a discovery phase in which rival sides seek documents, emails, depositions, and more to back their positions.
The long list of those called on to provide documents or to answer questions in the case includes Twitter co-founder and former chief Jack Dorsey.
Tesla chief Musk will be deposed under oath over the course of two days next week in sessions that are to be recorded by “stenographic, sound and visual means,” according to a filing.
Musk’s deposition is set to take place privately in law offices ahead of a five-day trial scheduled to begin October 17 in the Court of Chancery in the state of Delaware.
Musk, the world’s richest man, said in a letter in April that he was canceling the deal because he was misled by Twitter concerning the number of bot accounts on its platform, allegations rejected by the company.
He later added accusations made in a whistleblower complaint by a former head of security at Twitter to his reasons for walking away from the deal.
Twitter has stood by its assessment of user numbers, and portrayed the whistleblower as a “disgruntled former employee” whose allegations are without merit.
“There are a range of possibilities that can come from the Delaware court including settlement, breakup fee paid, deal enforced, and a myriad of other outcomes,” Wedbush analyst Dan Ives said of the trial.
“We also continue to believe there is a possibility behind the scenes both parties look to attempt negotiations before stepping into court in a few weeks.”
SpaceX Rocket With Next International Space Station Crew Enters Orbit, Including Russian Cosmonaut: All Details
Roblox Faces Lawsuit for Enabling Minor’s Sexual, Financial Exploitation; Meta, Snap, Discord Also Targeted
Spotify Acquires Content Moderation Firm Kinzen to Detect Harmful Content on the Platform
India Is Planning to Roll Out 6G Telecom Network by Decade End, 5G to Launch in Few Months: Prime Minister Modi
Hyundai Partners With Tata Power to Set Up Electric Vehicle Charging Infrastructure
India’s 5G Testbed Successfully Tested in IIT Madras, Union Minister Ashwini Vaishnaw Made First 5G Call
Internet2 weeks ago
Meesho Records Nearly 87.6 Lakh Orders on Day 1 of 5-Day Festive Sale
Games3 weeks ago
Take-Two’s Grand Theft Auto VI gameplay leaked online – Bloomberg News
Social Networking3 weeks ago
Dutch town takes Twitter to court to remove conspiracy theories
Science3 weeks ago
Australian fish fossils get to the heart of vertebrate evolution
Cryptocurrency3 weeks ago
Bitcoin falls below $19,000 as cryptos creak under rate hike risk
Entertainment3 weeks ago
Steven Spielberg’s The Fabelmans wins Toronto audience award
Technology2 weeks ago
Uber says Lapsus$-linked hacker responsible for breach
Apps2 weeks ago
TikTok to Require Verification for Political Accounts, Bans Campaign Fundraising Ahead of US Midterm Elections