Hillicon Valley: Capital One faces investigation over massive breach | DHS warns of cyber vulnerability in small aircraft | Senate bill would ban 'addictive' social media features

Hillicon Valley: Capital One faces investigation over massive breach | DHS warns of cyber vulnerability in small aircraft | Senate bill would ban 'addictive' social media features
© iStock

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Maggie Miller (@magmill95), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).

 

ADVERTISEMENT

SPOTLIGHT ON CAPITAL ONE: New York Attorney General Letitia James announced Tuesday that her office is opening an investigation into the Capital One data breach that resulted in the personal information of about 100 million American customers being illegally accessed.

"My office will begin an immediate investigation into Capital One's breach, and will work to ensure that New Yorkers who were victims of this breach are provided relief," James said in a statement. "We cannot allow hacks of this nature to become every day occurrences."

Also on Tuesday, Capital One was hit with its first civil lawsuit in conjunction with the breach. According to The National Law Journal, one Connecticut resident filed suit against the company on behalf of all those impacted, claiming it failed to properly secure customer data. 

The beginning of the investigation comes one day after the Department of Justice announced that former Seattle-based software engineer Paige Thompson had been arrested in connection with the theft of personal information from servers storing Capital One data. 

Thompson posted on GitHub about her theft of the data earlier this month and another user who saw the post subsequently alerted Capital One of the issue, with Capital One then reaching out to the FBI, authorities said. Thompson was able to access the data due to a "misconfigured web application firewall," according to the Justice Department. According to Capital One she accessed the data over two days in March. 

The breach allowed Thompson to access information including consumers' names, some Social Security numbers, addresses, phone numbers, email addresses, and other personal data. Capital One estimated that, in addition to American customers, Thompson was also able to access the data of around six million Canadians. 

Specifically, Capital One noted that around 14,000 Social Security numbers of credit card customers were accessed, and about 80,000 linked bank account numbers of secured credit card customers were compromised. For Canadian customers, around one million Social Security numbers were compromised. 

ADVERTISEMENT

Read more here.

 

 

NOTHING IS SAFE: The Department of Homeland Security's (DHS) cybersecurity agency issued a security alert on Tuesday warning of a cyber vulnerability in small aircraft that could enable malicious actors to change key readings on the planes.

The alert was issued after cybersecurity group Rapid7 reported to DHS's Cybersecurity and Infrastructure Security Agency (CISA) that an aircraft's Controller Area Network (CAN) bus system can be exploited by a cyber attacker if the hacker has physical access to the plane.

CISA warned that the hacker could attach a device to the aircraft's CAN bus system that could "inject false data," leading to incorrect readings.

Attackers could manipulate the plane's altitude, airspeed and angle of attack data, CISA noted, adding that pilots would not be able to "distinguish between false and legitimate readings" and could lose control of the airplane.

Read more here.

 

OPEN FOR BUSINESS: Although Chinese telecommunications firm Huawei has been put on a trade blacklist by the U.S., its sales have been increasing.

Huawei's half-year revenue increased 23 percent due to domestic smartphone sales, Reuters reported Tuesday. 

"Revenue grew fast up through May," Huawei Chairman Liang Hua told reporters at a briefing before warning of possible difficulties ahead. 

"Given the foundation we laid in the first half of the year, we continue to see growth even after we were added to the entity list. That's not to say we don't have difficulties ahead. We do, and they may affect the pace of our growth in the short term," Liang said.

The U.S. in May placed Huawei on its "Entity List" and officials have said the company's ties to the Chinese Communist Party could allow it to spy in places where its hardware is present. Huawei has denied spying allegations. 

Read more here.

 

SOCIAL MEDIA ADDICTION NO MORE?: Sen. Josh HawleyJoshua (Josh) David HawleyHillicon Valley: Commerce extends Huawei waiver | Senate Dems unveil privacy bill priorities | House funding measure extends surveillance program | Trump to tour Apple factory | GOP bill would restrict US data going to China On The Money: Supreme Court temporarily blocks House subpoena of Trump financial records | Trump touts 'cordial' meeting with Fed chief | Stopgap funding measure includes census money, military pay raise GOP senator introduces bill to limit flow of US data to China MORE (R-Mo.), a freshman who has emerged as a top Republican critic of major technology companies in Congress, on Tuesday will introduce a bill banning social media companies from building "addictive" features into their products.

Hawley's Social Media Addiction Reduction Technology Act would make it illegal for social media platforms to hook users by offering them more content than they requested in order to get them to continue on their respective platforms.

The bill takes aim at practices specifically employed by the country's top social networking sites -- YouTube, Facebook, Twitter and Snapchat.

For example, it would ban YouTube's "autoplay" feature, which loads up new videos for users automatically; Facebook and Twitter's "infinite scroll," which allows users to continue scrolling through their homepages without limit; and Snapchat's "streaks," which reward users for continuing to send photos to their friends.

ADVERTISEMENT

It would also require the companies to build "user-friendly" interfaces, with features allowing users to limit the amount of time they spend on the platform and offering reminders how much time they've spent perusing the site.

"Big tech has embraced a business model of addiction," Hawley said in a statement. "Too much of the 'innovation' in this space is designed not to create better products, but to capture more attention by using psychological tricks that make it difficult to look away."

Read more here. 

 

MORE ELECTION SECURITY: House Democrats introduced legislation Tuesday that would require campaigns to report any foreign contacts to federal authorities, the latest push for election security following last week's warnings from former special counsel Robert MuellerRobert (Bob) Swan MuellerSpeier says impeachment inquiry shows 'very strong case of bribery' by Trump Gowdy: I '100 percent' still believe public congressional hearings are 'a circus' Comey: Mueller 'didn't succeed in his mission because there was inadequate transparency' MORE.

The measure -- sponsored by Democratic Reps. Elissa SlotkinElissa SlotkinOvernight Health Care: Democratic group to only endorse AG candidates who back abortion rights | Protect Our Care launches seven-figure ad buy to boost vulnerable Dems | California sues Juul Group launches seven-figure ad buy boosting vulnerable Democrats on drug prices Overnight Health Care: Walden won't seek reelection | Senate Dems to vote this week to overturn Trump ObamaCare moves | Largest children's migrant shelter to close | Vulnerable Republicans balk at drug pricing bill MORE (Mich.), Lauren UnderwoodLauren UnderwoodRep. Veronica Escobar elected to represent freshman class in House leadership Brindisi, Lamb recommended for Armed Services, Transportation Committees Club for Growth extends advertising against House Dems over impeachment MORE (Ill.), and Jason CrowJason CrowBill introduced to give special immigrant visas to Kurds who helped US in Syria Congress set for showdown with Trump over Kurds Bipartisan lawmakers who visited Syrian border slam Trump's 'rash decision' MORE (Colo.) -- would mandate federal campaigns to inform the FBI and Federal Election Commission about any foreign contacts who attempt to donate funds or assist a candidate. Campaigns would also be required to implement a "compliance system" to monitor communication with those foreign contacts.

"Guarding our country against another attack on our political system should not be a partisan issue -- it is a national security issue and it's an American issue," Slotkin said in a statement.

ADVERTISEMENT

The bill will be referred to the House Administration Committee.

Election security is back in the spotlight after Mueller's testimony before the House Judiciary and Intelligence committees, during which he warned that Russia is working to interfere in the 2020 elections "as we sit here."

Read more here. 

 

CUTS AT UBER: Uber will lay off 400 staffers from its marketing unit, about one-third of the department, The New York Times reported on Monday.

"We are not making these changes because Marketing has become less important to Uber," CEO Dara Khosrowshahi said in an email to staff provided to CNN Business. "The exact opposite is true: we are making these changes because presenting a powerful, unified, and dynamic vision to the world has never been more important."

The ride-hailing company has been under increased financial pressure since a disappointing initial public offering in May. In the first three months of 2019, the company lost over $1 billion, according to earnings reports.

"There's a general sense that while we've grown fast, we've slowed down," Khosrowshahi said in the email.

Read more here.

 

 

ICYMI: SCHUMER CLAPS BACK: Senate Minority Leader Charles SchumerCharles (Chuck) Ellis SchumerSenate Democrats unveil priorities for federal privacy bill Overnight Health Care: Trump officials making changes to drug pricing proposal | House panel advances flavored e-cig ban | Senators press FDA tobacco chief on vaping ban Chad Wolf becomes acting DHS secretary MORE (D-N.Y.) urged Majority Leader Mitch McConnellAddison (Mitch) Mitchell McConnellFeehery: Pivoting to infrastructure could help heal post-impeachment wounds McConnell urges Trump to voice support for Hong Kong protesters Key GOP senator: 'We need a breakthrough' on spending talks MORE (R-Ky.) to bring up election security legislation after the GOP leader lashed out at critics who targeted him for blocking two bills last week. 

"There's an easy way for Leader McConnell to silence the critics who accuse him of blocking election security: stop blocking it. Leader McConnell doesn't have to put the bills that we have proposed ... or the bill the House has passed, there are bipartisan bills--and we can debate the issue," Schumer said Monday from the Senate floor.

Schumer's comments came after McConnell hit back at high-profile critics, accusing them of "lying" and "modern-day McCarthyism" after they targeted the GOP leader late last week when he blocked two election security bills that are largely supported by Democrats. 

Schumer asked for consent to pass a House bill, supported by one Republican, that would require paper ballots, while Sen. Richard Blumenthal (D-Conn.) wanted to pass legislation that would require candidates, campaign officials and their family members to notify the FBI of assistance offers. McConnell blocked both of the bills. 

"These pundits are lying, lying when they dismiss the work that has been done. They're lying when they insist I have personally blocked actions which, in fact, I have championed and the Senate has passed. They are lying when they suggest that either party is against defending our democracy," McConnell said from the floor. 

Read more here.

 

A LIGHTER CLICK: The Fabbed Five.

 

NOTABLE LINKS FROM AROUND THE WEB: 

For Facebook and Alphabet, big-ticket fines cause limited pain. (The Wall Street Journal)

TikTok is exhibit A in Facebook's "we're no monopoly" case. (Axios)

Door Dash tip-skimming scheme prompts class action lawsuit seeking all those tips that didn't go to drivers. (Gizmodo)