Airline frequent fliers targeted by hack
Some members of the American Airlines AAdvantage and United Airlines MileagePlus frequent-flier programs saw their accounts get hacked this week.
Neither airline’s website was actually hacked. Rather, a small number of usernames and passwords were stolen from elsewhere and used at the MileagePlus and AAdvantage sites.
The hackers succeeded in booking award travel on a few of the accounts they accessed. Those accounts will be credited for the miles that were used, the AP reports.
US military social-media accounts said to be hijacked by ISIS
Hackers claiming to be associated with the Islamic State group took over the US Central Command’s YouTube and Twitter accounts this week, posting pro-ISIS messages and US military officers’ personal information.
Twitter assisted the US Central Command in taking back control of the affected accounts.
No classified information was stolen, the military says. Notably, the Wall Street Journal adds, a weak password was likely to blame for the incident – the hackers merely guessed at passwords until they gained access.
Britain’s proposed privacy bill is criticized
British prime minister David Cameron has renewed his support for a bill that would prevent internet companies from operating in the UK if they encrypt user communications.
The proposal drew sharp criticism from privacy experts. It was called “absurd and dangerous” by Mike Rispoli of Privacy International. And Nick Clegg, the leader of Britain’s Liberal Democrat party, dubbed it an “unworkable proposition” because it would effectively require encrypted communications providers like WhatsApp to provide British security services with ‘back door’ access to user data.
While Cameron’s government is likely to introduce the proposed bill later in the year, it almost certainly won’t gain support from the Liberal Democrats. Clegg stated in 2013 that he would not back the legislation.
Obama administration to propose new corporate privacy rules
President Obama is expected to propose new corporate data privacy regulations in next week’s State of the Union address.
The proposed bill, called the Personal Data Protection and Notification Act, would require businesses to notify customers of data breaches within 30 days, among other requirements.
Currently, CNET notes, companies must comply with a patchwork of state privacy rules. The president’s proposed bill would supersede those, greatly streamlining the regulatory environment around privacy.
NSA to welcome privacy interns
The National Security Agency will soon begin accepting interns into its newly created civil liberties and privacy office, FedScoop reports.
The first intern class will join the NSA in the summer of 2016. The application period for the internship program – to which, NSA privacy director Rebecca Richards says, college students from a variety of academic backgrounds are welcome to apply – opens this September.
Privacy is a new imperative for the agency, the intelligence-gathering activities of which have been scrutinized closely since Edward Snowden revealed in 2013 that it was collecting metadata about American citizens’ communications habits.