Security News

A class action complaint [PDF], filed Tuesday in federal court for the District of Northern California, claims that "Over nearly a decade, Google has knowingly kept millions of dollars in stolen money from victims of gift card scams who purchased Google Play gift cards." Filed on behalf of Indiana resident Judy May, the suit alleges Google keeps funds from stolen Google Play gift cards - either by taking its 15-30 percent commission from payments to Google Play app developers made with fraudulently obtained gift cards, or by withholding all funds paid via scammed gift cards for its own benefit.

Consumer groups are filing legal complaints in the EU in a coordinated attempt to use data protection law to stop Meta from giving local users a "Fake choice" between paying up and consenting to data collection. Privacy rights folks weren't happy about it from the get-go, with privacy advocacy group noyb, for example, sarcastically noting Meta was basically proposing you pay it in order to enjoy your fundamental rights under EU law.

In a motion to dismiss [PDF] the SEC's lawsuit, the embattled developer described the fraud charges leveled against it, and its CISO Tim Brown, "As unfounded as they are unprecedented." In a statement to The Register, Serrin Turner, an attorney at Latham and Watkins, which is representing SolarWinds, railed against the SEC's charges.

A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software. Apple sued NSO, developer of the notorious Pegasus spyware, back in November 2021 and asked the court to permanently ban NSO from using any Apple software, services, or devices.

Google has agreed to settle a lawsuit filed in June 2020 that alleged that the company misled users by tracking their surfing activity who thought that their internet use remained private when...

In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million Ashkenazi Jews and 4.1 million people living in the United Kingdom. 23andMe told BleepingComputer that the data was obtained through credential stuffing attacks to breach customer accounts.

Intel has been sued by a handful of PC buyers who claim the x86 goliath failed to act when informed five years ago about faulty chip instructions that allowed the recent Downfall vulnerability, and during that period sold billions of insecure chips. The lawsuit [PDF], filed on behalf of five plaintiffs in a US federal court in San Jose, California, claims Intel knew about the susceptibility of its AVX instruction set to side-channel attacks since 2018, but didn't fix the defect until the disclosure of the Downfall hole this year, leaving affected computer buyers with no other option than to apply a patch that slows performance by as much as 50 percent.

Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed to have impacted millions of its customers.Late last month, a threat actor leaked 23andMe customer data in a CSV file named 'Ashkenazi DNA Data of Celebrities.

Half a percent of last quarter's net income? That'll teach 'em Google has been hit with another lawsuit alleging it deceived users about its collection, storage, and use of their location data,...

California's Attorney General announced today that Google will pay $93 million to settle a privacy lawsuit alleging it violated the U.S. state's consumer protection laws. An investigation by the California Department of Justice found that Google had engaged in deceptive practices related to collecting, retaining, and utilizing Android users' location data for purposes such as consumer profiling and advertising, all without obtaining their proper informed consent.