Hillicon Valley: Capital One faces investigation over massive breach | DHS warns of cyber vulnerability in small aircraft | Senate bill would ban 'addictive' social media features

Hillicon Valley: Capital One faces investigation over massive breach | DHS warns of cyber vulnerability in small aircraft | Senate bill would ban 'addictive' social media features
© iStock

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Maggie Miller (@magmill95), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).

 

ADVERTISEMENT

SPOTLIGHT ON CAPITAL ONE: New York Attorney General Letitia James announced Tuesday that her office is opening an investigation into the Capital One data breach that resulted in the personal information of about 100 million American customers being illegally accessed.

"My office will begin an immediate investigation into Capital One's breach, and will work to ensure that New Yorkers who were victims of this breach are provided relief," James said in a statement. "We cannot allow hacks of this nature to become every day occurrences."

Also on Tuesday, Capital One was hit with its first civil lawsuit in conjunction with the breach. According to The National Law Journal, one Connecticut resident filed suit against the company on behalf of all those impacted, claiming it failed to properly secure customer data. 

The beginning of the investigation comes one day after the Department of Justice announced that former Seattle-based software engineer Paige Thompson had been arrested in connection with the theft of personal information from servers storing Capital One data. 

Thompson posted on GitHub about her theft of the data earlier this month and another user who saw the post subsequently alerted Capital One of the issue, with Capital One then reaching out to the FBI, authorities said. Thompson was able to access the data due to a "misconfigured web application firewall," according to the Justice Department. According to Capital One she accessed the data over two days in March. 

The breach allowed Thompson to access information including consumers' names, some Social Security numbers, addresses, phone numbers, email addresses, and other personal data. Capital One estimated that, in addition to American customers, Thompson was also able to access the data of around six million Canadians. 

Specifically, Capital One noted that around 14,000 Social Security numbers of credit card customers were accessed, and about 80,000 linked bank account numbers of secured credit card customers were compromised. For Canadian customers, around one million Social Security numbers were compromised. 

ADVERTISEMENT

Read more here.

 

 

NOTHING IS SAFE: The Department of Homeland Security's (DHS) cybersecurity agency issued a security alert on Tuesday warning of a cyber vulnerability in small aircraft that could enable malicious actors to change key readings on the planes.

The alert was issued after cybersecurity group Rapid7 reported to DHS's Cybersecurity and Infrastructure Security Agency (CISA) that an aircraft's Controller Area Network (CAN) bus system can be exploited by a cyber attacker if the hacker has physical access to the plane.

CISA warned that the hacker could attach a device to the aircraft's CAN bus system that could "inject false data," leading to incorrect readings.

Attackers could manipulate the plane's altitude, airspeed and angle of attack data, CISA noted, adding that pilots would not be able to "distinguish between false and legitimate readings" and could lose control of the airplane.

Read more here.

 

OPEN FOR BUSINESS: Although Chinese telecommunications firm Huawei has been put on a trade blacklist by the U.S., its sales have been increasing.

Huawei's half-year revenue increased 23 percent due to domestic smartphone sales, Reuters reported Tuesday. 

"Revenue grew fast up through May," Huawei Chairman Liang Hua told reporters at a briefing before warning of possible difficulties ahead. 

"Given the foundation we laid in the first half of the year, we continue to see growth even after we were added to the entity list. That's not to say we don't have difficulties ahead. We do, and they may affect the pace of our growth in the short term," Liang said.

ADVERTISEMENT

The U.S. in May placed Huawei on its "Entity List" and officials have said the company's ties to the Chinese Communist Party could allow it to spy in places where its hardware is present. Huawei has denied spying allegations. 

Read more here.

 

SOCIAL MEDIA ADDICTION NO MORE?: Sen. Josh HawleyJoshua (Josh) David HawleyThe dangers of tech company ethics There's no election law about social media disclosures — but there oughta be Agencies play catch-up over security concerns with TikTok MORE (R-Mo.), a freshman who has emerged as a top Republican critic of major technology companies in Congress, on Tuesday will introduce a bill banning social media companies from building "addictive" features into their products.

Hawley's Social Media Addiction Reduction Technology Act would make it illegal for social media platforms to hook users by offering them more content than they requested in order to get them to continue on their respective platforms.

The bill takes aim at practices specifically employed by the country's top social networking sites -- YouTube, Facebook, Twitter and Snapchat.

For example, it would ban YouTube's "autoplay" feature, which loads up new videos for users automatically; Facebook and Twitter's "infinite scroll," which allows users to continue scrolling through their homepages without limit; and Snapchat's "streaks," which reward users for continuing to send photos to their friends.

ADVERTISEMENT

It would also require the companies to build "user-friendly" interfaces, with features allowing users to limit the amount of time they spend on the platform and offering reminders how much time they've spent perusing the site.

"Big tech has embraced a business model of addiction," Hawley said in a statement. "Too much of the 'innovation' in this space is designed not to create better products, but to capture more attention by using psychological tricks that make it difficult to look away."

Read more here. 

 

MORE ELECTION SECURITY: House Democrats introduced legislation Tuesday that would require campaigns to report any foreign contacts to federal authorities, the latest push for election security following last week's warnings from former special counsel Robert MuellerRobert (Bob) Swan MuellerCNN's Toobin warns McCabe is in 'perilous condition' with emboldened Trump CNN anchor rips Trump over Stone while evoking Clinton-Lynch tarmac meeting The Hill's 12:30 Report: New Hampshire fallout MORE.

The measure -- sponsored by Democratic Reps. Elissa SlotkinElissa SlotkinM ad buy praises swing-district Democrats' environmental work The Hill's Campaign Report: Buttigieg, Sanders ahead in Iowa debacle Vulnerable House Democrats benefit from fundraising surge amid impeachment MORE (Mich.), Lauren UnderwoodLauren UnderwoodBill banning menthol in cigarettes divides Democrats, with some seeing racial bias Giffords gun reform group backs eight 'strong women' in House reelection bids Ayanna Pressley's 'squad' of congresswomen offers support after she opens up about alopecia MORE (Ill.), and Jason CrowJason CrowTrump set to confront his impeachment foes Democratic impeachment manager shares quote from "Harry Potter's" Dumbledore during trial Impeachment manager dismisses concerns Schiff alienated key Republican votes: 'This isn't about any one person' MORE (Colo.) -- would mandate federal campaigns to inform the FBI and Federal Election Commission about any foreign contacts who attempt to donate funds or assist a candidate. Campaigns would also be required to implement a "compliance system" to monitor communication with those foreign contacts.

"Guarding our country against another attack on our political system should not be a partisan issue -- it is a national security issue and it's an American issue," Slotkin said in a statement.

ADVERTISEMENT

The bill will be referred to the House Administration Committee.

Election security is back in the spotlight after Mueller's testimony before the House Judiciary and Intelligence committees, during which he warned that Russia is working to interfere in the 2020 elections "as we sit here."

Read more here. 

 

CUTS AT UBER: Uber will lay off 400 staffers from its marketing unit, about one-third of the department, The New York Times reported on Monday.

"We are not making these changes because Marketing has become less important to Uber," CEO Dara Khosrowshahi said in an email to staff provided to CNN Business. "The exact opposite is true: we are making these changes because presenting a powerful, unified, and dynamic vision to the world has never been more important."

The ride-hailing company has been under increased financial pressure since a disappointing initial public offering in May. In the first three months of 2019, the company lost over $1 billion, according to earnings reports.

"There's a general sense that while we've grown fast, we've slowed down," Khosrowshahi said in the email.

Read more here.

 

 

ICYMI: SCHUMER CLAPS BACK: Senate Minority Leader Charles SchumerCharles (Chuck) Ellis SchumerBiden win in South Carolina could turn tide, say strategists Sanders blasts Trump for picking 'completely unqualified' Pence for coronavirus response Trump passes Pence a dangerous buck MORE (D-N.Y.) urged Majority Leader Mitch McConnellAddison (Mitch) Mitchell McConnellThe Hill's Morning Report — Presented by Facebook — Washington, Wall Street on edge about coronavirus Overnight Energy: Murkowski, Manchin unveil major energy bill | Lawmakers grill EPA chief over push to slash agency's budget | GOP lawmaker accuses Trump officials of 'playing politics' over Yucca Mountain Lawmakers race to pass emergency coronavirus funding MORE (R-Ky.) to bring up election security legislation after the GOP leader lashed out at critics who targeted him for blocking two bills last week. 

"There's an easy way for Leader McConnell to silence the critics who accuse him of blocking election security: stop blocking it. Leader McConnell doesn't have to put the bills that we have proposed ... or the bill the House has passed, there are bipartisan bills--and we can debate the issue," Schumer said Monday from the Senate floor.

Schumer's comments came after McConnell hit back at high-profile critics, accusing them of "lying" and "modern-day McCarthyism" after they targeted the GOP leader late last week when he blocked two election security bills that are largely supported by Democrats. 

Schumer asked for consent to pass a House bill, supported by one Republican, that would require paper ballots, while Sen. Richard Blumenthal (D-Conn.) wanted to pass legislation that would require candidates, campaign officials and their family members to notify the FBI of assistance offers. McConnell blocked both of the bills. 

"These pundits are lying, lying when they dismiss the work that has been done. They're lying when they insist I have personally blocked actions which, in fact, I have championed and the Senate has passed. They are lying when they suggest that either party is against defending our democracy," McConnell said from the floor. 

Read more here.

 

A LIGHTER CLICK: The Fabbed Five.

 

NOTABLE LINKS FROM AROUND THE WEB: 

For Facebook and Alphabet, big-ticket fines cause limited pain. (The Wall Street Journal)

TikTok is exhibit A in Facebook's "we're no monopoly" case. (Axios)

Door Dash tip-skimming scheme prompts class action lawsuit seeking all those tips that didn't go to drivers. (Gizmodo)