Key developments
Congress races to renew Section 702 authority
The Verge reported that FISA Section 702 is set to expire on April 20, leaving House Speaker Mike Johnson trying to move a clean extension on a tight timeline. Washington Times separately reported that lawmakers are returning with only days left while reformers push the Government Surveillance Reform Act, which would require warrants before the government can access Americans' communications collected under Section 702 and would extend warrant rules to purchased browsing, location, search, chatbot, and car data. The 2024 reauthorization added limits on FBI U.S.-person queries, but critics say those safeguards have eroded and no bill has cleared the Rules Committee.
Why it matters
The outcome will determine whether broad intelligence collection continues without new warrant protections for Americans' data.
Sources & driving stories
THE VERGE
The Verge coverageWASHINGTON TIMES · Susan Ferrechio
Washington Times coverageEurail breach exposed passport and travel records
DigitalShield reported that Eurail confirmed a security breach discovered in January involving customers who booked Interrail or Eurail passes directly or through distributors. The exposed data may include names, dates of birth, gender, passport numbers, email addresses, phone numbers, physical addresses, and countries of residence, and Eurail warned users to watch for phishing attempts while it notified regulators and affected customers. Cybersecurity Insiders said the incident may involve more than 300,000 travelers and that about 1.3 terabytes of data were exfiltrated, including support tickets, source code, and backups.
Why it matters
Passport and travel identity data are high-value targets for fraud, impersonation, and follow-on phishing.
Sources & driving stories
DIGITALSHIELD · Alberto Payo
DigitalShield coverageCYBERSECURITY INSIDERS · Naveen Goud
Cybersecurity Insiders coverageLAPD document leak triggers city fallout
The Los Angeles Times reported that Los Angeles officials are investigating a leak of tens of thousands of sensitive records, including LAPD personnel files and Internal Affairs documents. Sources said the ransomware group WorldLeaks claimed responsibility and may have accessed nearly 340,000 files through a document-sharing platform used for discovery materials tied to LAPD officer litigation and protest cases. City Councilmember Ysabel Jurado is pressing for a timeline, scope, notification, vendor, and remediation report.
Why it matters
The case shows how litigation and discovery systems can become large-scale exposure points for law-enforcement personnel data.
Sources & driving stories
LOS ANGELES TIMES
Los Angeles Times coverageWorth noting
WORTH NOTING
OneDigital warns 28,414 clients of Salesforce breach
The filing says unauthorized access may have copied names and Social Security numbers from Salesforce, including 73 Maine residents.
WORTH NOTING
DermCare direct notices lagged by a year
The company says the 2025 intrusion was only translated into direct notice letters in March 2026, underscoring how long breach identification can take.
Still unclear
OPEN QUESTION
Can Johnson pass a clean Section 702 extension?
Current reporting suggests the House still needs Democratic votes, which would force leadership to choose between a clean renewal and warrant reforms.
OPEN QUESTION
How many Eurail records were actually exfiltrated?
The reporting varies on scale and on whether passport copies, source code, or backups were taken, which will shape fraud risk and notification obligations.