Hillicon Valley: Marriott cuts breach estimates, but says millions of passports exposed | Los Angeles sues Weather Channel app over data collection | Bill would create office to fight Chinese threats to US tech | German politicians hit by major breach

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig). And CLICK HERE to subscribe to our newsletter.


WE'VE GOT SOME GOOD NEWS, WE'VE GOT SOME BAD NEWS: Marriott International announced Friday that fewer guests were impacted by a breach of its Starwood reservations database than originally announced, but that millions of unencrypted passport numbers were accessed.


The chain said in a release that it now believes as many as 383 million records were accessed in the hack but noted that some of those records were repeats impacting the same guests. That's down from the 500 million guests originally believed to be impacted by the hack.

However, Marriott said that roughly 5.25 million unencrypted passport numbers were obtained by hackers, as well as 20.3 million encrypted passport numbers.

And about 8.6 million encrypted debit and credit cards were accessed by a third party, with about 354,000 of those cards not having expired by September of last year.

Marriott noted that there is no evidence that the hackers were able to decrypt the encrypted passport and payment card numbers.

Organizations will often lower the number of the parties impacted in a breach after investigating the hack further.

Read more here.


DELETE ALL THE APPS: The city of Los Angeles is accusing The Weather Channel app of improperly mining detailed data from users about their daily habits and handing the information over to advertisers and hedge funds.

In a lawsuit filed Friday, L.A. City Attorney Mike Feuer accused the company that operates the app -- TWC Product and Technology, a subsidiary of IBM -- of misleading users about what it does with their precise geolocation data.

"For years, TWC has deceptively used its Weather Channel App to amass its users' private, personal geolocation data -- tracking minute details about its users' locations throughout the day and night, all the while leading users to believe that their data will only be used to provide them with 'personalized local weather data, alerts and forecasts,'" Feuer writes in the lawsuit.

"TWC has then profited from that data, using it and monetizing it for purposes entirely unrelated to weather or the Weather Channel App," the complaint continues.

The lawsuit was first reported by The New York Times.

"The Weather Company has always been transparent with use of location data; the disclosures are fully appropriate, and we will defend them vigorously," an IBM spokesperson said in a statement to The Hill.

Read more here, and revisit The New York Times investigation into location tracking.


NEW YEAR, NEW BILLS: A pair of senators on Friday introduced bipartisan legislation that would establish a new federal office focused on combating Chinese and other foreign threats to U.S. technology, including supply chain risks and technology theft.  

Sen. Mark WarnerMark Robert WarnerHillicon Valley: 'Fortnite' owner sues Apple after game is removed from App Store | Federal agencies seize, dismantle cryptocurrency campaigns of major terrorist organizations Election security advocates see strong ally in Harris Democrats ramp up warnings on Russian election meddling MORE (D-Va.), vice chairman of the Senate Intelligence Committee, and Sen. Marco RubioMarco Antonio RubioThe Memo: Trump attacks on Harris risk backfiring Pentagon forming task force to investigate military UFO sightings How Congress could diminish the risks with Electoral College count MORE (R-Fla.), also a member of the panel, said that creating the Office of Critical Technology and Security at the White House would help coordinate efforts to protect technology across the federal government.

The office would also coordinate with the private sector, federal and state tech and telecom regulators, international partners and allies, and other relevant organizations.

"It is clear that China is determined to use every tool in its arsenal to surpass the United States technologically and dominate us economically," Warner, a former telecommunications executive, said in a statement. "We need a whole-of-government technology strategy to protect U.S. competitiveness in emerging and dual-use technologies and address the Chinese threat by combating technology transfer from the United States."

More on their proposal here.


MAYBE THIS TIME: House Democrats on Friday unveiled several election security measures as part of their first sweeping bill of the session.

The legislation, H.R. 1, or the For the People Act, mandates that states use paper ballots in elections, which must also be hand-counted, or by "optical character recognition device," the bill states.

Rep. John SarbanesJohn Peter Spyros SarbanesCongress must enact a plan to keep government workers safe The Hill's Morning Report - Presented by the Air Line Pilots Association - Progress slow on coronavirus bill The Hill's Morning Report - Presented by the Air Line Pilots Association - Biden VP possible next week; Meadows says relief talks 'miles apart' MORE (D-Md.) introduced the legislation, which he and other Democrats have described as a comprehensive anti-corruption package that will set the tone for their time in control of the House.

The bill will also allow the Election Assistance Commission (EAC) -- the small federal agency tasked with helping officials carry out elections -- to hand out funding to states for the improvement of their elections systems.

The Department of Homeland Security would also be required to conduct a threat assessment ahead of elections and that voting systems be tested nine months before any national election.

More on that here.


MERKEL, GERMAN LAWMAKERS BREACHED: German authorities are reportedly investigating the leak of personal data belonging to hundreds of German politicians including German Chancellor Angela Merkel.

The leak impacted individuals tied to left and centrist political parties, but not Germany's populist right-wing party, the AfD, according to multiple German news outlets.

While the hack affected Merkel, a government spokesperson told multiple news outlets that no sensitive data tied to Merkel or the government was leaked.

The cybercriminals uploaded the personal details of these politicians -- including names, home addresses, phone numbers, photo IDs, chat histories, personal photos, and others -- and then pushed the leaked information out on Twitter. The social media giant later removed the posts.

Read more here.


A SECOND SHOT: A bipartisan duo of lawmakers on Friday reintroduced legislation that would elevate the post of the federal government's chief information officer, as well as establish a new line for reporting about information technology across the administration.

Reps. Robin KellyRobin Lynne KellyLawmakers set for tearful goodbye to John Lewis Intelligence community rolls out guidelines for ethical use of artificial intelligence Black Caucus unveils next steps to combat racism MORE (D-Ill.) and Will HurdWilliam Ballard HurdHillicon Valley: 'Fortnite' owner sues Apple after game is removed from App Store | Federal agencies seize, dismantle cryptocurrency campaigns of major terrorist organizations Lawmakers introduce bill designating billion to secure state and local IT systems Democrats go big on diversity with new House recruits MORE (R-Texas), the chair and ranking member, respectively, of the House Committee on Oversight and Reform's subcommittee on information technology, reintroduced the bill after it failed to pass Congress during the last legislative session.

The House passed the legislation in November, but it did not advance out of Senate committee in time for it to be taken up by the end of the 115th Congress.


Under the measure, the federal chief information office (CIO), who oversees all IT for the federal government and currently reports to the Office of Management and Budget's (OMB) deputy director, would start reporting directly to the head of OMB. Read more here.


A LIGHTER CLICK: I too have discovered early 2000s memes.



Will 5G end up leaving some people behind? (NBC News)

Corsi's lawsuit against Mueller hits hurdle in first hearing. (The Hill)

Facebook is mad at The New York Times for its investigative reporting on the company. (NBC News)

Amazon debuts 'Showroom' to help users visualize which furniture to buy for their space. (TechCrunch)