Following the discovery of the database that contained millions of user transaction data from Alipay, the cybersecurity expert who exposed the vulnerable database confirmed, Alipay themselves did not leak the data.
This statement confirms his earlier theory that a third party, possibly a small scale loan company, have sold data they gathered from customers who submitted their Alipay login credentials for review to another data aggregator.
In a recent tweet, Victor Gevers said that the server where the database came from does not belong to Alipay because the China-based mobile money processing company uses OceanBase to store their data. He also noted that Alipay’s data structure is completely different from that of the discovered database confirming that the data was not shared or leaked by the financial company.
Read more: CYBERSECURITY RESEARCHER SAYS MOBILE PAYMENT PLATFORMS ARE SELLING YOUR DATA TO THIRD-PARTIES
A few days ago, Gevers accused Alipay of selling their users’ financial transaction data to third-party companies for “marketing and advertising purposes.” He said that many of these third parties cannot handle sensitive information and store them in unsecured databases.
He also accused that payment providers “will always SELL you out.”
The database was eventually locked down within an hour after Gevers shared his discovery.
Alipay pushed back and shut down the allegations made by Gevers in an email they sent to Z6mag.
According to Andy Duberstein, a spokesperson from the company, “the protection of user privacy and data security is at the core of our business and the utmost importance to Alipay.”
He assured their users that the company and its affiliates do not sell user data to third parties.
Conversely, the Duberstein offered an explanation for how data of Alipay users ended up in the database that Gevers discovered. He said that after their thorough investigation, they understand that some Alipay customers submitted their Alipay account names and passwords to a certain online lending platform. Such information was obtained by crawler companies that work with these online lending companies and was then stolen by hackers.
This theory provided by Alipay coincided with the initial theory offered by Gevers and another Twitter user who called out the lack of proof of Gever’s claims that the company sells data to the third party.
“Alipay always strictly enforces its data security and privacy protection policies. We only collect limited and necessary information that will be used to better serve our users with their prior consent,” Alipay Spokesperson Andy Duberstein added.
DATA WAS TOO BIG FOR A THIRD PARTY TO GENERATE ON ITS OWN
Meanwhile, Gevers raised concerns over the amount of data that was exposed. He said that the dataset was so humongous considering the time frame. For the last three months, the database contains 1.2 billion records. He questions how many lending platforms can generate such an amount of data in just three months. He noted that even Paypal, one of the biggest online money processing company, does not even come close to that number.
“The data was not anonymized. The datasets are way too big for a third party. Someone handed the data over to a third party – voluntarily, or they were hacked. We have seen third parties handling transaction data from financial institutions poorly before. That is why [I] shared all the information immediately after the database was secured,” Gevers told Z6Mag in a private chat.
DATA IS GOLD
The discovery of the said database has raised concerns of China’s Fintech industry, according to Gevers. He noted that most financial data leaks happen because sources trust third parties with their data. Most of the time in Fintech, experts see third parties doing machine learning and analytics to generate insight.
And these insights have a “pretty good value” according to Gevers.
“Knowing what the Chinese people are spending their money on based on one of the biggest financial institutions has a very high market value in and outside China,” he said.
That is why he could not blame Alipay if in case they indeed sold the data (which in this case, they did not). While he believes that the dataset did not directly come from Alipay, he said that the dataset as big as what he uncovered is a sign that it was exchanged with consent.
“That is why I made the statement that financial institutions will sell us out. Data is the new gold. And these financial institutions are not charities. They want to make money, and they have a lot of data. It’s like telling a kid not to take a cookie from the huge glass cookie jar that is right in from of them on the table,” he added.
CRYPTO-CURRENCY IS THE GREATEST LEAP FORWARD AGAINST BREACH BY FINTECHS
When asked about what could have been done to prevent financial companies from selling transaction data, he said that strict regulation could do it, but financial institutions will still not resist the temptation.
“Maybe one day, cryptocurrency and Blockchain technology will make us independent from these financial institutions. That would be the greatest leap forward we could make,” Gevers added. /apr
Wave Spell Music Festival Returning to Belden, California
The small town of Belden, in Northern California, will host the Wave Spell music and arts festival later this month for the second year in a row. The annual festival is held and curated by the veteran electro-jam group, Sound Tribe Sector 9, or STS9 to those familiar. The festival begins on August 15th.
Sound Tribe, originally known as simply “Sector 9”, began their career around Atlanta in 1999 and is now based out of Santa Cruz, California, although they spend a significant amount of time on the road as one of the top touring acts in the game.
The Wave Spell festival is now in its second year, both being held in Belden-a small town on California’s Feather River with a population of only 22 people (as of 2010). With the inaugural year being a success by consensus of fans and insiders alike, there was much anticipation and delight among STS9 constituents with the announcement of another year in Belden. Fans especially found great excitement at the idea of returning to the banks of the Feather River for Wave Spell.
In hosting the event, Sound Tribe Sector 9 will offer their own unique sound as the headlining entertainment and backbone of the weekend. Just as they did last year, the band will play 9 sets of original music over three nights in Belden. Among these performances, three sets will consist of completely improvised music by STS9, dubbed the “Wave Spell Sets”. This format mimics the first year and is the festival’s namesake.
Last year, Sound Tribe introduced the concept of their Wave Spell Sets and eventually brought them to the stage, getting an extremely enthusiastic response from their devoted fan base. The band has presented only a handful of these improvisational performances, both at the festival and on the road, adding to the allure for their followers.
While STS9 is the main attraction in Belden, Wave Spell also boasts a heady lineup of other musical acts, as well as visual artists for festival attendees to enjoy. Live music is promised until at least 5 A.M. every morning of the event, and early morning performances are known as “sunrise sets” suggest that music will go deep into the day. As it did last year, the festival will also feature installations from painters as well as live painting during musical performances. A new addition to the festival this year even offers a display of geological specimens billed as “Crystals by Isometrica”.
The very small town of Belden, California plays host to several festivals a year. These events take up the entirety of the town, which consists of only a few homes, a hotel/lodge, a few cabins, and a beach along the river. The scenic grounds offer camping space for the 1,200 or so festival-goers as well as limited space for RV’s. For a VIP experience, and at a VIP price, fans can also rent one of the cabins for the weekend or get one of the few rooms in the lodge. The lodge is also home to a diner-style restaurant and a small convenience store where attendees can purchase supplies.
The beach in Belden offers not only a beautiful space to relax on the river, but during the Wave Spell festival, it also provides the Beach Stage, where fans can enjoy live music throughout the day. The beach stage is also the site for the fan-favorite “Sunrise Sets”, starting shortly before dawn and going on through the sunrise and into early morning daylight.
Last year, in the festivals first year, the Beach Stage quickly became a favorite spot for STS9 fans, who loaded up the area of the Feather River directly in front of the stage with giant inflatable lounge apparatuses shaped like unicorns, ducks, and even a slice of pizza. The river quickly became a large cluster of floaties, all of which were responsibly retrieved at the end of the weekend by the environmentally conscious crowd.
The lineup for the second year of Wave Spell is almost entirely fresh. Aside from STS9, only a few of the groups performing are returning from last year. Among the veterans of the festival coming back is the Portland, Oregon electronic trio, Yak Attack, who were standouts at the first Wave Spell. For the most part, however, festival-goers will experience a brand new roster of acts.
For electronic music fans, Wave Spell submits an exciting schedule of artists and groups. Amid the lineup of live electronic performers, a legend of the genre promises to be one of the most anticipated sets of the weekend. DJ Mark Farina will take the stage in Belden to provide the crowd with his now iconic style of sound, dubbed by Farina as “Mushroom Jazz”. Farina and his Mushroom Jazz have become synonymous and his sound has held the attention of the electronic music world for nearly three decades, dating back to his first Mushroom Jazz compilation in 1992.
Over on the Beach Stage, early morning sunrise sets have become a popular fixture in the electronic music festival scene. Often specially assembled to go along with the experience of watching the sun come up in the morning, these sunrise sets have become a favorite among fans.
A new addition to the Wave Spell lineup this year almost seems to specialize in this type of first thing in the morning/end of the night performances. Hailing from the San Francisco underground, Random Rab has seemingly perfected the art of the sunrise set. A Burning Man legend in his own right, Rab seems to fully understand the important mix of laid back and beautiful along with intense and spiritual that makes for a fantastic sunrise set. His early morning performances have become one of the most sought after in the game.
Also returning to Wave Spell this year, diehard STS9 fans are particularly excited for solo performances from members of the headlining band. On the festival schedule for the weekend are special solo sets from David Phipps (Keyboard/Piano) and Zach Velmer (Drums), of Sound Tribe Sector 9. Along with Phipps and Velmer, STS9 bassist, Alana Rocklin also has something special in store for fans. Rocklin’s previous band, Sub ID, will be reuniting for a set at Wave Spell. This will be only the second Sub ID performance since Rocklin joined STS9 in 2014.
Wave Spell Live music festival will be held August 15-18, 2019 in Belden, California. Tickets can be purchased at:
AMCA Breach: 20 Million Victims, 19 Class Actions
[bctt tweet=”AMCA previously reported that there were only 200,000 victims in the recent breach, but their partner labs said there were more than 20 million.” username=”Z6Mag”]
More than 20 million and not 200,000 have fallen victim to a massive data breach that has seen medical clients using the services of healthcare billing company, American Medical Collection Agency (AMCA), to pay for their laboratory tests in different blood testing labs across the U.S. were confirmed by the SEC filings of affected medical institutions amidst the earlier claims of AMCA that there were fewer victims.
The data breach was a result of a cyber attack that aims to phish for financial information from the website of the AMCA. The exposed data belongs to Americans who paid laboratory services at several clinical and blood testing labs and institutions and used the AMCA billing portal.
What happened in the AMCA breach?
Data that were stolen from the victims include their names, phone numbers, dates of birth, home addresses, social security numbers, credit card numbers, and other bank details. The said information was auctioned off by the hacker in several financial hacking forums.
According to DataBreaches.net, the organization who first reported about the incident, AMCA officials, following the notification of the breach confirmed that their system has been compromised and has remained undetected for more than eight months. AMCA corroborated that the breach took place between August 1, 2018, and March 30, 2019.
Notifications have been sent by several of AMCA’s corporate partners and clients to their customers following the disclosure of the security breach that has seen information from millions of Americans compromised.
The list of impacted testing laboratories includes Quest Diagnostics (11.9 million patients), LabCorp (7.7 million patients), BioReference Laboratories (Opko Health subsidiary, 422,600 patients), Carecentrix (500,000 patients), and Sunrise Laboratories (undisclosed number of patients).
However, neither the AMCA nor its five clients have yet to notify ALL impacted citizens by the breach making them vulnerable to a lot of cyber crimes and their financial data could be used by anyone who gets hold of the information against the persons of those who still don’t know that their financial information is floating around the internet.
The companies involved in the breach are facing several lawsuits
Appropriately, the lawsuit came into the direction of AMCA, Quest, and LabCorp regarding the incident. More than 11 class-suite actions have been filed against the three companies for their inability to protect consumer data. The 11 lawsuits were recorded at The United States Judicial Panel on Multidistrict Litigation (JPML) on June 3. Since then, eight more lawsuits were filed against the companies in federal courts from New Jersey, New York, and California.
According to litigation experts, “If many cases are filed in federal court, any of the lawyers on any of those cases can file a motion with the JPML [..] to centralize the various federal cases that have been filed by sending all of them to a single judge for coordinated pre-trial proceedings.”
“Healthcare companies are especially susceptible to data breaches not only because they aggregate a tremendous amount of important and sensitive data, but also because they tend to be less focused on cybersecurity protection than other industries,” said John Yanchunis of Morgan and Morgan, one of the firms who filed lawsuits against Quest Diagnostics.
“These companies, like Quest Diagnostics, know they are at an increased risk and yet have not taken the proper steps to protect their patients’ data. We will fight for justice on behalf of those impacted by this breach,” added Yanchunis.
Lawmakers are demanding an explanation
The U.S. government, led by attorneys general from Connecticut and Illinois has also opened an investigation on the matter. Furthermore, lawmakers and other politicians have sent letters to the responding companies to ask for an explanation of why an eight-month data breach remained undetected and to demand accountability from them.
In Washington, US Sen. Mark Warner (D-VA) also sent a letter to Quest Laboratories demanding the company explain its vetting process for selecting AMCA as a billing vendor, and what requirements a third-party vendor has to pass. Democratic New Jersey Sens. Cory Booker and Bob Menendez also sent letters to AMCA, Quest, and LabCorp, seeking official answers on how a breach of this severity went undetected for eight months.
“The months-long leak leaves sensitive personal and financial information vulnerable in the hands of criminal enterprises. Moreover, such breaches force victims to contend with identity theft that may lead to irreparable harm to their credit reports and financial future,” said the letter sent by the NJ senators.
‘The Hunger Games’ Is Launching A Prequel And A Possible Movie
[bctt tweet=”Suzanne Collins is releasing a prequel to The Hunger Games storyline and Lionsgate is already looking forward in turning it into a blockbuster movie” username=”Z6Mag”]
Almost fours years after the last The Hunger Games movie (The Hunger Games: Mockingjay Part II) and almost nine years after the first book from the trilogy was released, Suzanne Collins is returning with the famed trilogy — but this time in a form of a prequel.
Scholastic, the publishing company that distributed Collins’ The Hunger Games trilogy, announced today that it is publishing a prequel novel to the series, currently untitled, which will hit shelves on May 19, 2020.
“Suzanne Collins is a master at combining brilliant storytelling, superb world-building, breathtaking suspense, and social commentary,” Scholastic Trade Publishing President Ellie Berger said in a statement. “We are absolutely thrilled — as both readers and publishers — to introduce the devoted fans of the series and a new audience to an entirely new perspective on this modern classic.”
Collins’ original Hunger Games trilogy—The Hunger Games, Catching Fire, and Mockingjay—altogether, sold more than 100 million copies and has been translated into more than 50 languages. Moreover, The Hunger Games books appeared on the New York Times bestseller list for more than 260 consecutive weeks (more than five straight years).
After writing the last installment in 2010, Collins teased in 2013 that she was working on a new series, but did not say whether it was related to The Hunger Games.
This time, the novel will be set in the world of Panem, 64 years before the events of the original Hunger Games trilogy—the morning where Katniss Everdeen volunteered as a tribute on the 74th Hunger Games. Presumably, Katniss Everdeen played by Jeniffer Lawrence will not be involved in the upcoming novel.
Based on the previous novels in the series, 74 years before the main novels, the 13 Districts of Panem already tried to initiate a rebellion against the Capital. In the aftermath of the failed attempt, 12 Districts remained to leave District 13 to rubbles. The Hunger Games was a result and served as a reminder that all the other Districts should obediently comply with the Capital’s rule.
The novel will take place 10 years after the first rebellion and will tell the story of Panem during the “Dark Days following a failed rebellion in Panem “With this book, I wanted to explore the state of nature, who we are, and what we perceive is required for our survival,” Collins told the Associated Press in the announcement. “The reconstruction period 10 years after the war, commonly referred to as the Dark Days — as the country of Panem struggles back to its feet — provides fertile ground for characters to grapple with these questions and thereby define their views of humanity.”
On other news, the Lionsgate film studio, who adapted The Hunger Games trilogy into movies, is already looking forward to the next addition to Collins’ franchise given that it received praise and public attention for producing them.
“As the proud home of the Hunger Games movies, we can hardly wait for Suzanne’s next book to be published,” said Joe Drake, chairman of the Lionsgate Motion Picture Group, in a recent statement to the Associated Press. “We’ve been communicating with her during the writing process and we look forward to continuing to work closely with her on the movie.”S
Lionsgate turned Collins’ Hunger Games novels into a series of four films, dividing the last novel, Hunger Games: Mockingjay, into a two-part finale. Over the course of the four movies, it earned almost $3 billion dollars an the worldwide box office with the last movie earning $653.4 million.
Collins helped with the movies as an executive producer and a co-screenwriter on the first 2012 movie but distanced herself after she finalized Mockingjay in 2010.
Lionsgate is also known to have produced Twilight, which is one of their platinum franchises along with Collins’ trilogy. The studio earlier licensed The Hunger Games to theme parks and live concert tours being built around the movie franchise.
Additionally, it starred Jenniffer Lawrence who played the main character as Katniss Everdeen in all of the four movies, which helped catapult her acting career in 2012.
Scholastic acquired world English rights to the prequel novel and it will publish in print, digital and audio formats in the US, Canada, the UK and Ireland, Australia, and New Zealand next year. The deal was negotiated by Rosemary Stimola of the Stimola Literary Studio for Suzanne Collins and David Levithan, VP, Publisher, and Editorial Director, for Scholastic.
Check What’s New:
- SmallStats will help humans understand the Sun’s behavior
- An iOS jailbreak is publicly available after Apple accidentally unpatched a vulnerability
- Luscious leaked database with supposedly anonymous user data
- Wireless Networks are throttling video streaming 24/7
- NASA calls for aid from commercial space companies for Gateway deliveries
- SpaceX and NASA conduct extraction rehearsals for the upcoming crewed flight of Crew Dragon
- Tardigrades spilled in the moon survived
- Apple iPhone 11 rumored to unveil on September 10
- Kaspersky Antivirus zero-day could ironically allow hackers to track users
- Huawei warns Trump of disrupting the dominance of Apple, Google
Arts & Entertainment2 months ago
‘Criminal Minds’ Season 15: A Tear-Jerking Finale Is Coming
Science2 months ago
Summer Penis Is Giving Men Big Dick Energy
Politics4 weeks ago
New Restrictions On SNAP Food Stamps Will Cut Off Millions Of Americans
Technology2 months ago
‘Uncall’ Promises To Remove Your Number From Generic Robocall Lists And Dark Web Databases
Technology1 month ago
Google Stops Trends Alerts In New Zealand Following Criticisms From NZ Government
Business1 month ago
Political Stand-Off: Chinese-Canadian Goods
Technology1 month ago
Bug Bounty Hunter Paid $30k For Discovering Instagram Vulnerability
Technology2 months ago
Cloud Service Provider, ‘PCM’ Fell Victim To A Data Breach Aimed To Collect Gift Cards