Key developments
Pentagon confirms commercial location data threat
WIRED reported that US Central Command has confirmed receiving multiple threat reports about adversaries exploiting commercial location data to target or surveil US personnel in theater. The disclosure follows years of warnings that brokered phone-location data could expose where troops sleep, work, and store sensitive assets, and Centcom said the ability to switch off location sharing on government smartphones only rolled out this month.
Why it matters
It is the clearest official acknowledgment yet that commercial location data can directly endanger deployed forces and that mitigation has lagged for years.
Sources & driving stories
WIRED
WIRED coverageCities cover Flock cameras with trash bags
404 Media reported that Dayton, Ohio covered its Flock license-plate cameras with black trash bags while officials reviewed whether the devices were still active and whether the city could remove them. CNET also reported similar trash-bag coverage in Evanston, Illinois, underscoring how cities are physically blocking cameras as contract disputes and privacy backlash escalate.
Why it matters
Local governments are moving from debate to physical shutdowns, showing how fast resistance to automated plate-reader surveillance is escalating.
Sources & driving stories
404 MEDIA · Jason Koebler
404 Media coverageCNET · Tyler Lacoma
CNET coverageCalifornia sues 23andMe over breach
California Attorney General Rob Bonta sued Chrome Holding Co., formerly 23andMe, over the 2023 breach that affected about 7 million people in the United States, including 855,541 Californians. Engadget and CNET reported that the complaint alleges credential stuffing and exploitation of a DNA Relatives flaw, exposing sensitive genetic and ancestry data while the company allegedly downplayed the breach and failed to stop reused-credential attacks.
Why it matters
The suit adds state enforcement pressure to one of the most sensitive consumer data breaches in the market.
Sources & driving stories
ENGADGET
Engadget coverageCNET · Steven Musil
CNET coverageWorth noting
WORTH NOTING
Boulder residents sue over Flock
The class action adds a direct legal challenge to Flocks ALPR network and could test warrantless-surveillance claims in Colorado.
WORTH NOTING
Charter breach affects 4.9 million
BleepingComputer reported leaked data tied to a ShinyHunters extortion campaign, with Have I Been Pwned flagging millions of affected accounts.
WORTH NOTING
Elder data seller gets 10-year sentence
The case shows how brokered personal data can be monetized for fraud against older Americans, not just stolen in hacks.
Still unclear
OPEN QUESTION
Can the Pentagon roll out privacy controls faster?
Centcoms late location-sharing fix raises the question of whether the broader device and browser changes lawmakers want will be adopted now.
OPEN QUESTION
How much control do cities have over Flock?
Dayton and Evanston resorted to trash bags because removal and deactivation terms were unclear, suggesting contract language may limit local shutdown options.