Taiwan Semiconductor Manufacturing Co. reported on 5 August that it has found possible trade secret leaks as a result of “unauthorised activities”. The largest semiconductor maker in the world informed CNBC that it has initiated legal action and taken “strict” disciplinary action against the concerned staff.
Legal Action Taken as TSMC Enforces Zero-Tolerance Policy
According to the corporation, TSMC has a zero-tolerance policy for any behaviour that jeopardises trade secret protection or jeopardises the interests of the business.
It went on to say that such infractions are strictly dealt with and prosecuted to the maximum extent of the law. The company will continue to be dedicated to protecting both its fundamental competitiveness and the interests of all of its employees.
Semiconductor Espionage on the Rise Amid AI Boom
Since semiconductors are now the mainstay of the explosion in artificial intelligence models and applications, their strategic significance has increased recently. The competitive technology advantages of large semiconductor supply chain companies like TSMC and other leaders across the board have come into sharper focus due to rising geopolitical concerns.
Major computer companies like Apple and Nvidia are customers of Taiwan-based TSMC, which leads the market for producing the most cutting-edge processors in the world. The company stated that TSMC is unable to provide more details because the case is currently undergoing judicial review. According to the company, TSMC’s “comprehensive and robust monitoring mechanisms” allowed it to identify the problem early and conduct prompt internal investigations.
2nm Chip Development at the Heart of the Leak?
Numerous former TSMC employees are suspected of trying to get crucial private information on the development and production of 2-nanometre chips while they were still employed by the business, according to a report published by Nikkei Asia on 5 August, which cited numerous people with knowledge of the situation. One of the most advanced manufacturing techniques in the semiconductor industry at the moment is the creation of the 2-nanometre chip.
History of Trade Secret Breaches in the Chip Industry
Being the top chipmaker in the world, TSMC possesses a wealth of intellectual property. The business has claimed in the past that it had over 200,000 trade secrets stored in its internal system.
TSMC has been the victim of possible theft on previous occasions. A former employee was charged by a Taiwanese court in 2018 with copying trade secrets pertaining to the 28-nanometre fabrication process with the intention of transferring them to a mainland Chinese semiconductor company.
ASML, a manufacturer of the equipment needed to produce the most sophisticated chips, reported in 2023 that it had found evidence of data theft involving their unique information by a former employee in China.
The online and offline media headlines are screaming about the global ride-hailing platform Uber and its unethical practices over the years to emerge as a global leader.
On Sunday morning, the world woke up to shocking news of ‘The Uber Files’. Originally leaked to ‘The Guardian’ and ‘The Internal Consortium of Investigative Journalists’, it was a treasure trove of almost 124,000 documents. These documents showed just how the tech giant was able to expand with rapidity and the illegal and often violent techniques it resorted to achieve.
On Monday, the shockwaves continued as Mark MacGann, Uber’s former chief lobbyist for Europe, the Middle East and Africa, identified himself as the source of the leaked data. Seeking higher ground, he said – “It is my duty to speak up and help governments and parliamentarians right some fundamental wrongs. Morally I had no choice in the matter.”
Founded as Ubercabs in San Francisco in 2009, by Garret Camp and Travis Kalanick, it came to be known as Uber Technologies, Inc. It is an American mobility service provider, allowing users to book taxis for transport via the Uber App.
Over the years, it has added various services like food delivery, package delivery, couriers, freight transportation, electric bicycle and motorized scooter through partnerships with various local operators.
Since 2013, Uber saw unprecedented growth across countries and emerged as the most popular ride-hailing company. In the fourth quarter of 2021 Uber had 118 million monthly active users globally and generated approximately 19 million rides a day.
Uber has received criticism for its treatment of taxi drivers, disruption of the taxicab businesses and an increase in traffic congestion. It has also been questioned about the low rates and heavy discounts it offers on its ride-share app, thus undercutting taxi drivers and forcing its partners to take lesser pay.
Unsurprisingly, Uber has reported losses of millions of dollars since 2014. In 2018, it exited markets in Russia, China and Southeast Asia in exchange for stakes in rival businesses.
Global Net Revenue of Uber
Business Model of Uber
Uber acts as the intermediary between cabs and riders. It does not own any vehicles, but partners with taxi owners and receives a commission for each booking. The dynamic pricing model of Uber is based on the local supply and demand at the time of the booking. This fare is quoted to the customer in advance.
What Do the Uber Documents Leak Reveal?
Uber has courted controversy since 2009, when it was founded, from violent conflicts among drivers to the use of secret software to evade law enforcement.
‘The Uber Files’ span a period of 5 years, from 2013 to 2017, when it was run by its controversial co-founder Travis Kalanick. Kalanick was forced out of Uber in 2017 following constant controversies including allegations of data breach and sexual harassment scandals.
Travis Kalanick, co-founder of Uber
The period of his reign at Uber is controversial and shows how he utilised that chaos to speed expansion. He spearheaded Uber’s expansion globally, albeit with illegal practices and lobbying with government heads to push through favourable laws.
Launch of Uber in Paris
In 2014, Uber launched in Paris – its first European launch. Kalanick established contact with Emmanuel Macron (President, France), who was then, the economy minister. Macron interceded on Uber’s behalf, even brokering secret deals with opponents in the cabinet, to help Uber operate undisturbed in Paris.
Entry into German Market
In 2014, the then mayor of Hamburg, Olaf Scholz (currently the German Chancellor), pushed against Uber lobbyists to ease the way for Uber to enter the German market.
Taking the help of Joe Biden
Kalanick had a meeting scheduled with the then, US Vice-President, Joe Biden at the World Economic Forum. The after effect of the meeting was an amended statement to his prepared speech at Davos when he referred to a CEO whose company would give millions of workers freedom to work as many hours as they wished and manage their lives the way they want to.
Kill Switch
Uber took extensive steps to save itself from authorities. In addition to lobbying with politicians and government officials, Uber had also installed a ‘kill switch’ which they activated to stop the authorities from accessing the company’s computers. The ‘kill switch’ was used in Amsterdam, Canada, Belgium, India, Romania, Hungary and France.
Endangering Drivers
Kalanick’s theory of embracing chaos included endangering drivers. Almost every market that Uber entered, triggered organised protests from taxi driver unions, that would sometimes turn violent. He mutely agreed to Uber drivers going to such protests. His ideology? “Violence guarantees success”.
The documents indicate Uber’s adeptness at finding unofficial routes to power. It shows a company that had a deliberate strategy of breaking or ignoring laws, and that it was very much aware of it.
The documents go on to reveal the role that lobbying and relationships with powerful politicians played in its global success. They also reveal that company executives were aware of the illegality of their entire operation.
Uber’s original idea of citizens driving citizens in their private cars without any permits or licenses mostly fell into a grey area legally.
Post 2017 – What Did and Did Not Change at Uber?
The chaos that Kalanick capitalized on has grown Uber to a USD 43 billion dollar company. However, soon after Kalanick was replaced by Dara Khosrowshahi accusations about the workplace culture and sexism seem to have stopped.
Dara Khosrowshahi, CEO of Uber
The company seems to have toned down its aggressive approach and now works with licensed drivers using specific permits. Despite all this, it faces multiple lawsuits regarding its employment strategies and its profitability remains in question.
Secondly, although it seems to now work in compliance, it does so only as little as necessary to get away from the attention of the authorities. They are not openly breaking rules anymore, but even its new business model remains close to its previous one. It continues to push for its preferred laws and regulations through courts or by finding legal loopholes.
The details of the expose will continue to grow in the coming days as more details will be made public. What is learned from all this is that apps like Uber and many others promised innovation.
Instead, they brought out barely disguised models of corruption and exploitation. One can only hope that there are severe penalties for tech entrepreneurs who blatantly break and bend laws. Maybe it will act as a deterrent for future cons.
FAQs
What is the Uber leak?
Uber leak is a trove of 124,000 documents that show how the ride-hailing giant expanded its operations using illegal tactics.
Who leaked the Uber Files?
Mark MacGann, Uber’s former chief lobbyist for Europe, the Middle East and Africa came forward to take responsibility for the leaks.
On 2 April 2021, around 533 million Facebook users data were leaked in a low level hacking forum. The published information includes Phone numbers and personal data. The data was leaked online and uploaded for free in low level hacking forums.
The data breach was found by the co-founder and the Chief Technical Officer of Hudson Bay, Alon Gal. Hudson Bay is a cybersecurity firm. He found the cache of the leaked data online on 3 April 2021.
According to Alon Gal, all your details on Facebook which include your name, occupation, gender, marital status, relationship status, the date of joining on Facebook, the place where you work, the date of joining your occupation, your Facebook bio, etc. He said in some cases even your Email ids and Phone numbers would have been leaked on the internet.
It is said that the exposed data includes the personal information of 533 million users across 106 countries. It is estimated that 36 million personal information has been leaked from the U.S, 11 million users personal information has been leaked from the U.K and around 6 million users personal information has been leaked from India, 8 million personal information from Brazil 3.8 million users personal information from Bangladesh, 1.2 million users personal information from Australia, etc.
These are some of the major countries whose users data have been released on the internet.
Previous Data Breach of Facebook
This is not the first time the data from Facebook has been leaked on the internet. In the year 2019 the same data, the data of 419 million users was leaked. It was being sold on telegram an instant messaging platform by charging a fee of $20 per search.
2019 Facebook Data Leak
Similarly, the data was leaked in the month of June 2020 as well. Now the data has been leaked again and this time anyone who requires the data can access it for free from low level hacking forums. It is easily accessible to any individual who can misuse it.
Alon Gal has said that he discovered the leaked data in the month of January 2021 for the first time. It was through an advertisement by a hacking forum of an automated bot. The automated bot could provide phone numbers for hundreds of millions of Facebook users in return for a particular amount of money.
The Motherboard had reported on that bot’s existence during that point of time and also verified that the data was legitimate. He added that if you have a Facebook account then it is extremely likely that the phone number you used for your account was leaked online. Cyber researcher Dave Walker confirmed that Mark Zuckerberg’s data was also leaked that revealed that he uses its competitors Signal messaging app.
Regarding the #FacebookLeak, of the 533M people in the leak – the irony is that Mark Zuckerberg is regrettably included in the leak as well.
The leaked data is easily accessible by anybody on the internet. It can be used on different individuals for various cybercrimes. The details can be used and exploited by advertisers to target their set of customers to push targeted advertisements.
The data can also be used by hackers to perform hacking attempts or social media engineering attacks. In simple terms, they can use your data to hack your social media profiles. Even an individual with the basic level or underdeveloped data skill can use the leaked data to perform certain Cybercrimes.
In the year 2018, it was said that the political firm called Cambridge Analytica had mined the data from 50 million Facebook profiles. The firm had mined and gathered the data and later used it to help the political candidate from across the globe to target their candidates and making them win the elections. This was also covered in a Netflix documentary – The Great Hack.
2018 Facebook-Cambridge Analytica Scandal
This was revealed after the backdrop of the U.S presidential elections of 2016 and the referendum of Brexit.
According to Alon Gal, the leaked data could provide valuable information to cybercriminals who use people’s information to scam them or impersonate them into handing over their login credentials.
He also said that the huge information and the phone numbers which are leaked on the internet will lead certain bad actors to easily take advantage of the data.
India is yet to have a strict data protection regulatory bill. Several countries in the West have Data Protection Regulation. In India, a bill names the Personal Data Protection bill is yet to be passed in the Lok Sabha. It has been pending since 2019.
The bill is said to contain certain provisions regarding to the breach of personal data. However, one can rely on sections 43A and 72A of the Information Technology Act of 2000. This article provides compensation in the case of improper disclosure of personal information.
From a security point of view, there is nothing much Facebook can do about the data leak of the users since it is already leaked on the internet and it has affected the users said, Alon Gal.
FAQ
How did Facebook leak data?
The recent data breach is believed to relate to a vulnerability which Facebook reportedly fixed in August of 2019. While the exact source of the data can’t be verified.
How to check if your Facebook data was leaked?
haveibeenpwned.com is a site developed by Australian web-security consultant Troy Hunt, where you can enter your phone number or email address and see the result.
How does Facebook make money from data?
Facebook makes most of its money by serving ads on the social media and messaging platforms it owns — Facebook, Messenger, Instagram, and WhatsApp. Advertisers pay Facebook to make their ads visible to people.
Conclusion
Alon Gal added on saying that what Facebook could possibly do is notifying users, so that they could stay cautious on certain phishing schemes or frauds using their personal data.
The costliest and fastest-growing outcome of cybercrime is the theft of information. Millions of people’s personal and confidential data are stolen and a fast buck is substituted. To deter cybercriminals from building solutions against them, cybercriminals are continually evolving and discovering new ways to exploit online security. But hackers aren’t the product of all data violations. ‘loopholes’ and unprotected servers most frequently provide wrong actors with access without even breaking-in. The pandemic has shaken the nation, leaving private and government entities with trouble conducting their daily operations. With the unforeseen COVID 19 circumstances, corporations and organizations, including layoffs, pay cuts, and more, are among the most affected industries. The pandemic has forced companies and organizations, by using remote operations, digital platforms, etc., to transition their working formats, accelerating adoption of the technology. Sources say that 94% of organizations are currently using a cloud service, and 83% of businesses’ workloads will be in the cloud.
1. Big Basket user data for sale online
On October 2020 around 20 million users account information were leaked
In October 2020 around 20 million users’ account information was leaked. According to the Atlanta-based cyber intelligence company Cyble, consumer data from the online grocery platform Big Basket is for sale in the online cybercrime market. With a price tag of 3 million rupees ($40,000), part of a database containing personal details of nearly 20 million users was available, Cyble said on November 7. The data included names, email IDs, hashes for passwords, PINs, mobile numbers, addresses, birth dates, locations, and IP addresses. Cyble said it discovered the data on October 30 and disclosed the apparent violation to Big Basket on November 1 after comparing it with the details of Big Basket users to confirm it.
2. Twitter Breach
130 Twitter accounts were targeted due to the twitter breach
The attack on July 15, 2020, targeted a small number of employees through a phone spear-phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to their internal systems. Via a phone spear-phishing attack, the famous microblogging site came under cyberattack in July this year. 130 Twitter accounts were targeted, eventually Tweeting from45, accessing DM inbox 36, and downloading Twitter Data from 7. To access the internal systems and obtain knowledge about the processes, the attackers used special employee passwords. This information then allowed them to target additional staff who had access to the support resources for the Twitter account.
3.Whatsapp Breach
The new policy effectively takes away the discretion that users
The new policy effectively takes away the discretion that users had until now not to share their information with other apps owned by Facebook and third parties. While the revised privacy policy of Facebook-owned WhatsApp has stoked fears about privacy and data sharing with other apps, what is missing in the midst of the clamour is this: if India had a data protection law in place, WhatsApp would not have been able to go forward with this update in the first place. In reality, for two years now, India’s data protection law has been languishing.
4. Zoom Credential-Based Breach
More than 500,000 Zoom accounts were hacked in April
More than 500,000 Zoom accounts were hacked in April and then sold for either free or less than a penny each on the dark web and hacker forums. The compromised credentials are gathered through password stuffing attacks, according to reports, where threat actors attempt to login to Zoom using accounts leaked from older data breaches. The efficient logins are then collected into lists that are marketed to other hackers.
5. Unacademy Data Breach
Over 20 million user accounts were exposed and sold to the Dark Web
Unacademy, one of the prominent online educational platforms based in Bengaluru, suffered a data breach in January this year. Over 20 million user accounts, including usernames, SHA-256 hashed passwords, date entered, last login date, email addresses, first and last names, and whether the account is active, a staff member, or a superuser, were exposed to the breach and sold on the Dark Web. The big data breach was revealed by the US-based cybersecurity company Cyble, according to reports. There are also several accounts using corporate emails in the exposed database, including those of Wipro, Infosys, Cognizant, Google, and Facebook.
6. Tetrad Data Breach
Market research company Tetrad experienced a data breach on February 3 that included data from Tetrad customers, and it differs by the form of business and their data collection methods. The data included a spreadsheet detailing over 4,000 current and expected locations related to IBM Tririga deployments, according to reports. Other critical data, such as the sum of 130 million rows of data on US households, were compromised in addition to the data collected by retail companies.
7. Sina Weibo Data Breach
In March, the Chinese Weibo social network suffered a major breach of data containing 538 million Weibo users’ information. Personal details, such as real names, site usernames, gender, location, phone numbers, among others, were included in the data. The hacker was selling the Weibo data for just ¥1,799($250), according to reports.
8. Easyjet Data Breach
EasyJet also reported that 2,208 traveler’s credit card details were revealed
The British low-cost airline group EasyJet experienced a large-scale data breach on May 19 this year, compromising data from nine million customers. The data included email addresses, travel information, and, in certain cases, payment card information, according to reports. EasyJet also reported that 2,208 travelers’ credit card details were revealed.
9.MGM Grand Data Breach
MGM announced a data breach in February for about 10.6 million customers who stayed at MGM resorts. The data, which included personal information ranging from home addresses and contact details to driver’s licenses and passport numbers, appeared online.
10. Marriott Data Breach
In January this year, Marriott International faced a major data infringement. In January this year, Marriott International faced a major data infringement. Contact details such as name, mailing address, email address, and phone number were included in the information, as well as loyalty account information, and additional personal details such as business, gender, and birthday, day and month, relationships and affiliations, and so on.
11. Nintendo Data Breach
300,000 Nintendo Network ID accounts were compromised
Nintendo, the Japanese video gaming giant, reported in April this year that by using unauthorized logins, 300,000 Nintendo Network ID accounts were compromised. The additional Nintendo Network ID (NNID) accounts that were compromised had their passwords reset, according to reports and the related users were directly contacted.
Conclusion
While our hope is eternal, with the rise in data insecurity, from exposed databases to phishing attempts, from malware to data leaks from third parties, the odds do not look good. In the first quarter of2020, an increase of 273 percent over the previous year was reported. Data breaches aren’t going anywhere and we’re here to keep you up-to-date on the worst data breaches of the year putting you at risk of identity theft.
