Security

OpenAI says it may store deleted Operator data for up to 90 days

OpenAI says that it might store chats and associated screenshots from customers who use Operator, the company’s AI “agent” tool, for up to 90 days — even after a user manually deletes them. OpenAI has a similar deleted data retention policy for ChatGPT, its AI-powered chatbot platform. However, the retention period for ChatGPT is only […]

OpenAI says it may store deleted Operator data for up to 90 days Read More »

Hidden Waymo feature let researcher customize robotaxi’s display

A security researcher found a hidden unreleased feature in the Waymo app that allowed her to display whatever characters she wanted on the robotaxi’s top display.  Jane Manchun Wong, a well-known security researcher, posted an image on X on Saturday showing the top display of a Waymo car — officially called “dome” — that included

Hidden Waymo feature let researcher customize robotaxi’s display Read More »

Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision

On Tuesday, a day after Donald Trump’s inauguration as the new U.S. president, the Department of Homeland Security told members of several advisory committees that they were effectively fired.  Among the committees impacted is the Cyber Security Review Board, or CSRB, according to sources familiar with the board who spoke to TechCrunch, as well as

Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision Read More »

Conduent confirms outage was due to a cybersecurity incident

U.S. government contractor Conduent, which provides technology to support services such as child support and food assistance, has confirmed that a recent outage was caused by a cybersecurity incident.  Conduent confirmed the disruption, which left some U.S. residents without access to support payments, to TechCrunch on Tuesday but declined to say whether the outage was

Conduent confirms outage was due to a cybersecurity incident Read More »

What PowerSchool isn’t saying about its ‘massive’ student data breach

It’s only January, but the recent hack of U.S. edtech giant PowerSchool has the potential to be one of the biggest breaches of the year.  PowerSchool, which provides K-12 software to more than 18,000 schools to support some 60 million students in the United States, confirmed the breach in early January. The California-based company, which

What PowerSchool isn’t saying about its ‘massive’ student data breach Read More »

Govtech giant Conduent won’t rule out cyberattack as outage drags on

An ongoing “service interruption” at government contractor giant Conduent sparked outages across several U.S. states, leaving residents without access to some benefits and support payments. A person familiar with the incident told TechCrunch the outage was caused by a cyberattack. Conduent spokesperson Sean Collins acknowledged the company’s outage was ongoing, but declined to answer questions

Govtech giant Conduent won’t rule out cyberattack as outage drags on Read More »

Toronto school district says 40 years of student data stolen in PowerSchool breach

Canada’s largest school board says hackers may have accessed some 40 years’ worth of student data during the recent PowerSchool breach.  In a letter sent to parents this week, the Toronto District School Board (TDSB) said that the data breach affected all students enrolled in the district between September 1985 and December 2024.  The school

Toronto school district says 40 years of student data stolen in PowerSchool breach Read More »

How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack

On January 7, at 11:10 p.m. in Dubai, Romy Backus received an email from education technology giant PowerSchool notifying her that the school she works at was one of the victims of a data breach that the company discovered on December 28. PowerSchool said hackers had accessed a cloud system that housed a trove of

How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack Read More »

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms

The U.S. government has announced sanctions against a Chinese organization with links to Salt Typhoon, the hacking group responsible for the largest telecoms hack in U.S. history.  The Treasury Department’s Office of Foreign Assets Control (OFAC) announced on Friday that it had sanctioned a China-based cybersecurity company, known as Sichuan Juxinhe Network Technology, which it

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms Read More »

Malware stole internal PowerSchool passwords from engineer’s hacked computer

A cyberattack and data breach at U.S. edtech giant PowerSchool that was discovered December 28 threatens to expose the private data of tens of millions of school children and teachers.  PowerSchool told customers the breach was linked to the compromise of a subcontractor’s account. TechCrunch learned this week of a separate security incident, involving a

Malware stole internal PowerSchool passwords from engineer’s hacked computer Read More »