Tag: user
Two alcohol recovery startups just got caught sharing private user data
Online alcohol recovery startups Monument and Tempest got caught sharing confidential user data with advertisers without their consent, as originally reported by TechCrunch. Everything came to light after an internal review revealed a data breach impacting 100,000 users, forcing the companies to issue a formal disclosure to the user base. The violations started in 2017 and were ongoing until last month’s review.
Monument and Tempest started as two entirely different platforms, but the former acquired the latter several months back. Parent company Monument confirmed not only the data breach but that the companies shared private information with advertisers via a notification filed with California’s attorney general. Data shared with advertisers, without user consent, includes patient names, dates of birth, email addresses, postal addresses, phone numbers, insurance information and more.
Unfortunately, that is just the beginning. In a cruel insult to those seeking recovery, the companies also shared data related to appointment information, assessment information and survey responses, which includes alcohol consumption data. Monument continues to tout its commitment to privacy on its website, saying that survey responses are “protected” despite the recent disclosure
The companies blame third-party tracking systems for the issue, stating that they have removed the offending tracking codes from their websites. The companies do not admit to sharing this information on purpose to increase profits, indicating that the tracking pixels provided by third parties did the deed all on their own.
Though this is an especially egregious example, it is important to remember that most companies have a less-than-pristine record regarding data privacy, even in the case of medical records. There is a near-endless list of similar violations, like the time a mental health startup shared patient information without consent and when Meta was caught with its own hand in the digital cookie jar. Be careful out there folks.
This article originally appeared on Engadget at https://www.engadget.com/two-alcohol-recovery-startups-just-got-caught-sharing-private-user-data-171504445.html?src=rss
I’m a wheelchair user with an ‘apron belly’ – I tried Skims’ adaptive underwear in 4XL, I’m ‘obsessed’ with the material
A FASHION influencer who uses a wheelchair has shared her thoughts on the Skims adaptive underwear.
The curvy creator tried on the different looks from Kim Kardashian’s brand.
TikTok user Ashton (@radiantlygolden) explained: “I am an ambulatory wheelchair user, meaning I can move my legs, I can walk certain days more than others.”
Ashton was inspired to try the Skims adaptive underwear after the Candace Owens controversy, which saw the author criticize the brand’s inclusive ad campaign.
“I saw that ad and I was like ‘Oh my God, I didn’t even know that Skims made an adaptive line,’” the TikToker explained in her video.
For her first look, Ashton tried on the $18 adaptive Fits Everybody brief in the color Clay.
Showing viewers the underwear before trying it on, she said: “You can already tell these are high leg so we will see what kind of coverage it has on the sides.”
Ashton pointed out the issue with I-shaped hooks on the sides of adaptive underwear.
“They’re like normal hooks on bras but I find sometimes that can be a little difficult if you have arthritis in your hands or issue with motor skills,” she explained.
The stylish influencer explained that she would show her followers the underwear while in her chair and also while standing.
“Obviously everyone’s needs are different, I’m going to stick one leg through. I am bringing it around and then we’re going to hook over here,” Ashton said as she put on the underwear.
“So the first thing I noticed that I am obsessed with is that the material is so thin and practically not there,” she told her followers.
The content creator explained that because of the high leg, “there’s not a tone of coverage.”
Ashton continued: “I have an apron belly. It’s very stretchy so in that respect, it’s easy to get on.”
The TikTok user then stood up to show viewers the coverage from different angles.
“There could stand to be more fabric in my opinion right here. I don’t have much of a butt but if you did have some junk in the trunk, I still think it’s very stretchy. I ordered in a 4X,” she said.
In a second video, Ashton tried on the $18 adaptive Fits Everybody thong in the color Cielo.
“I can already tell the coverage on this is going to be very limited. There is very little coverage up front,” the influencer said as she showed her followers the underwear.
“Here’s my apron belly, it’s not going to cover that. With the 4X sizing that I went up in I think the briefs obviously had better coverage,” she continued.
Ashton concluded: “Super super stretchy, do you see how stretchy this is? Incredibly stretchy.”
The content creator added: “I’m so thankful not only for the representation from Skims in their ad campaign but also for making some adaptive clothing in the first place.”
TikTok users took to the comments section to share their thoughts on the underwear.
“Thank goodness for inclusive items for you! I can’t imagine how hard it is! You are awesome for sharing!” wrote one viewer.
Another follower said: “I honestly love Skims for this!! It’s so crazy to see a big brand do this. It’s usually smaller brands.”
“Thanks for sharing!! I love Skims underwear and I love that they make these,” commented a third person.
The fashion influencer explained that she would prefer more coverage for her ‘aprong belly’[/caption]
OpenAI says a bug leaked sensitive ChatGPT user data
OpenAI was forced to take its wildly-popular ChatGPT bot offline for emergency maintenance on Tuesday after a user was able to exploit a bug in the system to recall the titles from other users’ chat histories. On Friday the company announced its initial findings from the incident.
In Tuesday’s incident, users posted screenshots on Reddit that their ChatGPT sidebars featured previous chat histories from other users. Only the title of the conversation, not the text itself, were visible. OpenAI, in response, took the bot offline for nearly 10 hours to investigate. The results of that investigation revealed a deeper security issue: the chat history bug may have also potentially revealed personal data from 1.2 percent of ChatGPT Plus subscribers (a $20/month enhanced access package).
“In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time,” the OpenAI team wrote Friday. The issue has since been patched for the faulty library which OpenAI identified as the Redis client open-source library, redis-py.
The company has downplayed the likelihood of such a breach occurring, arguing that either of the following criteria would have to be met to place a user at risk:
– Open a subscription confirmation email sent on Monday, March 20, between 1 a.m. and 10 a.m. Pacific time. Due to the bug, some subscription confirmation emails generated during that window were sent to the wrong users. These emails contained the last four digits of another user’s credit card number, but full credit card numbers did not appear. It’s possible that a small number of subscription confirmation emails might have been incorrectly addressed prior to March 20, although we have not confirmed any instances of this.
– In ChatGPT, click on “My account,” then “Manage my subscription” between 1 a.m. and 10 a.m. Pacific time on Monday, March 20. During this window, another active ChatGPT Plus user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date might have been visible. It’s possible that this also could have occurred prior to March 20, although we have not confirmed any instances of this.
The company has taken additional steps to prevent this from happening again in the future including adding redundant checks to library calls, “programatically examined our logs to make sure that all messages are only available to the correct user,” and “improved logging to identify when this is happening and fully confirm it has stopped.” The company says that it has also reached out to alert affected users of the issue.
This news follows a costly public faux pas committed by Google’s rival Bard AI in February when it incorrectly assured Twitter that the JWST was the first telescope to image an exoplanet, as well as revelations that CNET had surreptitiously used generative AI to write financial explainer posts (a week before laying off a sizable chunk of its editorial department). Whether OpenAI will suffer the same market-based repercussions as its competitors remains to be seen.
This article originally appeared on Engadget at https://www.engadget.com/openai-says-a-bug-leaked-sensitive-chatgpt-user-data-165439848.html?src=rss
What is Portainer and can it help the average computer user?
The right corporate structure is key to balancing risk and user experience
4Chan user arrested for posting “in Minecraft” death threat
Richard Golden posted his message to kill Mike Chitwood on 4Chan’s /pol board. The sheriff has been targeted by far-right groups since he called out neo-Nazis after a group distributed anti-Semitic flyers to residents in Daytona Beach, Florida, and hung up banners on pedestrian bridges during the Daytona 500 sporting…
Destiny 2: Lightfall breaks concurrent user record with over 316,000 on Steam alone
Destiny 2 has broken its concurrent user record on Steam, passing over 316,000 users on launch day of the Lightfall expansion. This comes five years following it’s original launch.
This figure, taken from SteamCharts is truly impressive, with the average rise and fall of weekly players shooting up over 200,000 players from the peak earlier in the week. As the climactic finish to the series’ overarching battle between light and darkness, it seems people are keen to see the end for themselves.
It’s clear that narrative is a good reason why the prior records have been broken. After all, there’s a huge portion of the Destiny 2 playerbase who just check out the expansion launch quest, play a few strikes and crucible matches, then dip out without grinding out the seasonal content. The concept of a conclusion to a years’long story is something that may have been sweet like honey to the more casual crowd. It’s somewhat reminiscent of a Halo 3 style situation.
Web3 access controls: How zero-knowledge encryption can secure user access
Is Windows 11 Spyware? Microsoft Defends Sending User Data to Third Parties
According to the PC Security Channel (via TechSpot), Microsoft’s Windows 11 sends data not only to the Redmond, Washington-based software giant, but also to multiple third parties. To analyze DNS traffic generated by a freshly installed copy of Windows 11 on a brand-new notebook, the PC Security Channel used the Wireshark network protocol analyzer that reveals precisely what is happening on a network. The results were astounding enough for the YouTube channel to call Microsoft’s Windows 11 “spyware.”
As it turned out, an all-new Windows 11 PC that was never used to browse the Internet contacted not only Windows Update, MSN and Bing servers, but also Steam, McAfee, geo.prod.do, and Comscore ScorecardResearch.com. Apparently, the latest operating system from Microsoft collected and sent telemetry data to various market research companies, advertising services, and the like.
When Tom’s Hardware contacted Microsoft, their spokesperson argued that flowing data is common in modern operating systems “to help them remain secure, up to date, and keep the system working as anticipated.”
“We are committed to transparency and regularly publish information about the data we collect to empower customers to be more informed about their privacy.”
Read more of this story at Slashdot.