Ir al contenido principal

Security Friday: 🧬 23andMe Sold, 😬 Data Brokers Unleashed, and more

Hi Readers, Cullen here. A few weeks ago, we reported that the genetics company 23andMe (and all its customers' data) was going up for sale, and we got a lot of emails from subscribers worried about it.
This Newsletter Is Brought to You By:
Incogni Logo
IN THIS NEWSLETTER

  • 🗒️✅ Your Security Checklist
  • 🏆🎖️ Test Your Security Skills
  • 📰 Your Weekly Security Update
  • 🤨 This Should Be on Your Radar 📡
  • 🙈 Security Fail of the Week 👎
  • 🍎📱 Security Updates from Apple 🍎
 
🗒️✅ Your Security Checklist

If you take nothing else from this newsletter, do these three things to protect yourself:

  1. Stay alert when it comes to phishing scams. When you receive emails claiming that you purchased something you don't remember purchasing, verify the email is legitimate before taking any action.
  2. Take some time to check your App Privacy Report. You can go into your iPhone's settings and check which apps have been accessing your data and what data they have access to.
  3. Remove your location from photos before sharing. If you have location services enabled when taking photos, your location could be attached to the photo's metadata. You can easily remove your location when sharing photos.

In case you missed it, be sure to check out our free class on cybersecurity for Apple enthusiasts.

 
🏆🎖️ Test Your Security Skills

What should you do in the following scenario?

Your email provider (i.e., Outlook or Gmail) is ending the use of passwords and asking you to replace your password with a passkey. What should you do? 🤔

  1. Keep using your password.
  2. Remove your password and set up a passkey on your iPhone.
  3. Remove your password and set up a passkey in your password manager of choice.

Scroll to the bottom to see how you did!

The Top Tool to Block Annoying Ads

When's the last time you read an article or watched a video online that didn't have ads? We recommend CleanWeb to block ads, trackers, and malware. Get it right now for as low as $1.99 per month (87% off) plus an extra 3 months free! It only takes a few minutes to get set up, and you'll start seeing the benefits right away.

 
Data Brokers Once Again Free to Profile You without Your Consent

The US Consumer Financial Protection Bureau (CFPB) has scrapped a rule that prevented data brokers from selling US citizens' data without their consent. The rule was instituted only last year and was intended to force information brokers to abide by the same standards that credit agencies already must follow. With a new administration determining different priorities, the CFPB has decided that the rule was a little bit too creative in its interpretation of the law and scrapped it. Wired has the story.

The data broker industry, which buys and sells detailed information about individuals, has grown to a multi-billion-dollar marketplace. Web-browsing habits, purchase history, and public records are combined to reveal portraits of nearly every individual, portraits that can be extremely intimate. These are sold to advertisers and businesses to help them understand their target demographics, but they are also used by scammers to tailor a scam to a specific victim, and by law enforcement to investigate suspects.

The Bottom Line: With no comprehensive consumer privacy law in place to regulate the data broker industry, we should expect to see data brokers continue to operate with impunity. What that means is we should expect to find our personal data in the databanks of many companies we've never heard of, and whose security practices may leave the details of our private lives vulnerable to theft. As a result, we recommend that all US citizens freeze their credit scores, monitor their bank statements, and practice simple information hygiene as we describe in our Security & Privacy for Apple Enthusiasts Course.

 
🤨 This Should Be on Your Radar 📡

Traffic Camera Company Wants to Sell Your Movements and Location

Flock is a company that makes license plate readers to monitor traffic. Law enforcement use its systems to track and record the movements of vehicles. While that may seem innocuous at first glance, a database of all vehicle movements can reveal extremely detailed information about you, from where you live, to who your friends are, to how you shop. According to an internal leak obtained by 404 Media, the company hopes to build a product to link individuals to licence plate numbers, then enrich that with data gleaned from other sources, including data breaches, allowing for the tracking of social networks, connections, and much more. Read more at 404 Media (paid article).

The Bottom Line: Flock's database does not exist yet, but the leak reveals what perhaps should not be surprising: companies that sell surveillance want to expand surveillance. Note that by definition, this surveillance is intruding on everyone's privacy, not just those accused of a crime.

Solar Panel Components Manufactured with Secret Wireless Communicators Built In

Solar and wind power generation requires the use of a component called a power inverter, and most of those are currently manufactured in China. Recently, energy officials in the UK discovered that a number of Chinese-manufactured power inverters contained wireless communications devices that were not described in the device's documentation. In common parlance, that might be called a bug. The exact nature of the devices has not been announced, but it's fair to speculate that you probably don't want there to be an extra set of remote controls secretly installed in your solar farm that the manufacturer never told you about. Reuters has the story.

The Bottom Line: When you're installing solar or wind power generation, there aren't a lot of alternative sources available to you for power inverters, but you can ask the technicians if they're aware of these reports and what steps they've taken to check the hardware.

Double Check Your Facebook Settings to Opt Out of Training AI on Your Posts (Even If You've Already Done It)

Facebook's parent company, Meta, has warned EU citizens that they have until May 27 to opt out of letting Meta train its AI on their posts, because once the data is fed into the AI, it cannot be removed. A European privacy watchdog organization called noyb is threatening a class action lawsuit against Meta, claiming that this violates the General Data Protection Regulation (GDPR), Europe's comprehensive consumer privacy law. Read more at Ars Technica.

The Bottom Line: If you live in the EU, you may visit your settings area on Facebook to opt out of using your posts and messages in Meta's AI training. If you live in the US, we have no similar law to the GDPR, and you cannot opt out: all posts will be used to train the AI.

Stop Spam at the Source: Get 55% Off with Code IPHONELIFE

The reason you get so many spam calls, emails, and texts is that your name is being bought and sold by data brokers every single day. Incogni gets you off these lists, reclaiming your privacy and stopping spam right at the source. Sign up today and get 55% off with code IPHONELIFE.

Scammers Impersonating Senior Officials

The FBI sent out an announcement through the Internet Crime Complaint Center (IC3), warning that there has been an uptick in malicious actors impersonating US officials. According to the PSA on the IC3 website, scammers will send text messages or use AI-powered voice messages to convince the recipient that they are communicating with a high-ranking US official. The PSA contains information on how to spot these scams and protect yourself.

The Bottom Line: The PSA says many of the targets for these scams are other current and former government officials, so it's unlikely an ordinary citizen will be sent these types of messages. However, if you find yourself being contacted by someone claiming to be a US official, verify the person's identity and avoid giving out personal information.

Related: Protect Yourself from USPS Text Scams

Old Devices on Your Network Are a Gift to Hackers

Google is pulling support for its original Nest thermostats. Those "smart" thermostats now linger in hundreds of thousands of homes, and without security updates, they provide an access point for hackers. But what do hackers want with a smart thermostat? The answer is, they don't care about taking control of your furnace. Nest is a tiny computer with an internet connection, so hackers can use that computer as a proxy to hide their traffic while they do other more interesting things, or as an entry point to explore your home network looking for computers to ransomware or cryptocurrency to steal. The same would be true of any "smart" device that has aged out of receiving updates—an old smart refrigerator would be just as vulnerable. The Times covers the threat of old devices lingering on your network.

The Bottom Line: If you have an original Nest thermostat, consider upgrading to a supported model. When running smart devices on your network, remember to keep them up to date and to remove the ones that are no longer supported.

23andMe Data Has Been Sold to Regeneron

You might remember reading a while back that 23andMe had filed for bankruptcy and would be shutting down. Well, it now looks like biotech company Regeneron Pharmaceuticals will be buying 23andMe, including its customers' DNA data, which totals more than 15 million. According to a press release, Regeneron intends to "prioritize the privacy, security and ethical use" of the data. It also says that "23andMe will be operated as a wholly owned direct or indirect subsidiary" of the company.

The Bottom Line: If you have used 23andMe in the past and don't want Regeneron to have access to your DNA data, there's still time to delete your genetic data. California's attorney general has information on how to do that. Simply click the link and follow the instructions!

More Fake Chrome Extensions

The Hacker News is reporting that over 100 malicious Chrome extensions have been uploaded to the Chrome web store since February of last year. The extensions appear at first to operate as advertised, but unbeknownst to the user, they can also execute arbitrary code, redirect the user to malicious websites, steal credentials, and more.

The Bottom Line: Thankfully, Google has been diligent about removing these extensions. However, it's still good practice to exercise caution when it comes to browser add-ons. For this reason, we generally recommend avoiding extensions at all, outside of reputable ad blockers and password managers.

It's Time to Secure Your Web Traffic

Have you ever used Wi-Fi outside of your home? Any time you are connected to the internet, your information is at risk of being tracked or hacked. A VPN helps keep your surfing anonymous. Right now, NordVPN is offering 76% off plus free eSIM data from Saily. Sign up today and start protecting your data!

 
🙈 Security Fail of the Week 👎

Video Game Distributor Steam Did Not Have a Breach

Last week, reports began popping up that digital gaming storefront Steam had been the victim of a data breach, affecting over 89 million users. Turns out, the fail here is on how the media took this story and blew it out of proportion before Steam developer Valve could respond. Valve put out a statement over the weekend, clarifying that there was not a hack; rather, there had been a leak of older two-factor authentication texts that had been sent to users in the past. The leak only contained 2FA codes (which are only valid for 15 minutes at a time) and the phone numbers to which they had been sent. The leak did not contain any data that could be used to access anyone's Steam account or any data connecting the leaked phone numbers to user accounts.

The Bottom Line: If you use Steam, you don't have to do anything. According to Valve, since the leak did not contain any actual user data, there is no need to change your password or phone number. The company does recommend using Steam's mobile authenticator, though, since it is more secure than receiving 2FA codes over text.

 
🍎📱 Security Updates from Apple 🍎

Everything you need to know about Apple's latest software updates.

  • The most recent iOS and iPadOS is 18.5
  • The most recent macOS is 15.5
  • The most recent tvOS is 18.5
  • The most recent watchOS is 11.5
  • The most recent visionOS is 2.5
 
Security Skills Answer

Both B: Remove your password and set up a passkey on your iPhone, and C: Remove your password and set up a passkey in your password manager of choice are valid answers. Passkeys are more secure than passwords, regardless of where you save them, whether it's to your iPhone with iCloud Keychain and the Passwords app, or to your password manager of choice.

Related: How Do Passkeys Work & How to Use Them on iPhone

 
Mission Statement

There is far too much security and privacy news to cover it all. When building this newsletter, we look for scams, hacks, trouble, and news to illustrate the kinds of problems Apple enthusiasts may encounter in our private lives, and the self defense we can practice to keep our devices, accounts, and lives secure. Our commentary focuses on practical advice for everyday people. This newsletter was written by Cullen Thomas and Rhett Intriago and edited by Sarah Kingsbury.

 
Next Steps

In case you missed it, be sure to check out our free class on cybersecurity for Apple enthusiasts.

Interested in using password managers on your iPhone? Check out:

 
Premium Content

If you enjoyed this newsletter, you'll love all the security content available on iPhone Life Insider!

This premium subscription includes:

  • The complete iPhone Life Privacy & Security Course for Apple Enthusiasts and other free online courses taught by expert instructors
  • In-depth guides on everything from security to iPhone photography to other Apple devices
  • Daily, bite-sized video tips on topics ranging from iCloud security to password management
  • A digital subscription to iPhone Life Magazine, where you'll find articles covering the best security gear, apps, and in-depth how-tos
  • The monthly premium iPhone Life Security Newsletter covering everything you need to know to keep your digital life secure
  • Access to the ad-free version of the iPhone Life Podcast and exclusive bonus content
  • Expert help with all your most pressing Apple Watch questions in our private Ask an Expert Facebook Group

Join the Insider community today and save 30 percent!

 

Follow iPhone Life

iPhoneLife Logo
Copyright © 2025 Mango Life Media LLC. All Rights Reserved.
Mac, iPad, iPhone, Apple TV, Apple Watch, AirPods, macOS, iPadOS, iOS, watchOS, and Apple are all trademarks of Apple, Inc.
You have opted in to receive this email from iPhone Life magazine
To stop receiving these emails, you may:
Mango Life Media LLC | 402 North B Street | Fairfield, IA 52556

Comentarios

Entradas populares de este blog

The Baroque Bob Is the Lavish New Haircut You Need to Try

Big, bouncy, and oh-so-chic.  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌...

Japan has big plans for a U.S. summit. But Trump just wants to talk cars and military costs

Administration officials say he was not interested in other topics | Email not displaying correctly? View it in your browser. Subscribe to TIME magazine WHAT TO KNOW NOW LISTEN ...

You Can Score Up to 40% Off at Nordstrom Right Now

View on the Web Dear RealSimple Member: We're always searching for special offers to benefit RealSimple members. Here's an offer from one of our partners that we thought might interest you. Nordstrom Discounted Over 25,000 Items for Its Spring Sale Shop clothing, home decor, kitchenware, and more ...