Overnight Cybersecurity

Hillicon Valley — Hacking group Lapsus$ blamed for Uber breach

An Uber sign is displayed at the company's headquarters in San Francisco, Monday, Sept. 12, 2022. (AP Photo/Jeff Chiu)

Uber is holding hacking group Laspus$ responsible for last week’s data breach where a teenager claimed to have gained access to the company’s internal systems. 

Meanwhile, American Airlines on Tuesday confirmed a data breach that affected a “small number” of customers and employees. 

This is Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Send tips to The Hill’s Rebecca Klar and Ines Kagubare. Someone forward you this newsletter? Subscribe here.

Uber condemns Lapsus$

Uber has blamed Lapsus$, a South American hacking group, for being behind last week’s data breach that compromised its internal system. 

The ride-share giant said in a statement that it is still investigating the breach and is also coordinating with the FBI, the Department of Justice and several leading digital forensics firms. 

Lapsus$ has been linked to several data breaches this year targeting tech companies including Microsoft, Samsung, Cisco and Okta. 

Read more here

CAMPAIGNS TO BYPASS GMAIL SPAM 

Political campaigns can register to allow emails to bypass Gmail spam filters as part of a Google pilot program, the tech company said Tuesday.  

Google is starting with a “small number of campaigns” from both parties as part of the initial test, company spokesperson José Castañeda said in a statement.  

During the pilot, users will also have access to a “more prominent unsubscribe button” on the campaign emails, he said.  

“We will continue to listen and respond to feedback as the pilot progresses,” he added.  

Read more here.  

Hacker targets American Airlines 

American Airlines on Tuesday confirmed a data breach that affected a “small number” of customers and employees. 

template notification to affected customers dated Sept. 16 and sent to Montana state officials indicated the company learned in July 2022 that an unauthorized actor compromised a limited number of employees’ email accounts that contained personal information. 

The company said it hired a cybersecurity firm to investigate the incident and found the information may have included customers’s names, dates of birth, mailing addresses, phone numbers, emails, driver’s license numbers, passport numbers and medical information provided to the airline. 

Read more here

DISLIKE BUTTON HAS LITTLE IMPACT 

YouTube’s dislike button has little impact on the videos that the platform recommends to users, according to a study released Tuesday.  

Researchers from the Mozilla Foundation, an international nonprofit that works to make the internet as accessible as possible, conducted an independent audit of YouTube’s user controls based on data that more than 20,000 users provided. It concluded that people generally do not feel that YouTube’s user controls change their recommendations and that users are largely correct that the mechanisms are “inadequate” in preventing unwanted recommendations.  

Read more here.  

MUSIC TO EARS

The U.S. Space Force, the newest branch of the nation’s military, now has an official song hailing the “guardians beyond the blue.” 

The brand-new song, “Semper Supra,” is named after the Space Force motto, which is Latin for “Always Above.” 

It was created by two former U.S. military service members who wanted to capture the spirit of the Space Force’s Guardians. 

The service branch unveiled “Semper Supra” as its official song at the Air and Space Forces Association Air, Space and Cyber Conference in National Harbor, Md., on Tuesday. 

Every branch of the military has its own song, from the U.S. Army’s “The Army Goes Rolling Along” to “The Marines’ Hymn” for the U.S. Marines. 

Read more here

BITS & PIECES

An op-ed to chew on: Keep government money out of journalism industry 

Notable links from around the web: 

Trump’s ‘big lie’ fueled a new generation of social media influencers (The Washington Post / Elizabeth Dwoskin and Jeremy B. Merrill)  

‘How Many Women Were Abused to Make That Tesla?’ (Rolling Stone / Stephen Rodrick) 

Commerce lacks intelligence resources to keep U.S. tech from fueling Chinese cyberthreat, experts warn (CyberScoop / Suzanne Smalley) 

🍦 Lighter click: A balanced diet

One more thing: Pentagon to review info warfare

The Pentagon will review how it conducts secret information warfare after Meta and Twitter found and dismantled fake accounts likely tied to the U.S. military, The Washington Post reported Monday.  

Undersecretary of Defense for policy Colin Kahl last week asked the military commands that participate in online psychological operations to give a complete rundown of their activities by next month, according to the outlet. 

The order came after the White House, State Department and some in the Defense Department voiced issues with tactics the Pentagon used in attempts to manipulate overseas audiences, several defense and administration officials told the Post. 

Read more here

That’s it for today, thanks for reading. Check out The Hill’s Technology and Cybersecurity pages for the latest news and coverage. We’ll see you tomorrow.

VIEW FULL VERSION HERE