Naked Security Naked Security

News in brief: Ariana Grande hacked; new data laws unveiled; Marcus Hutchins due to be released

Your daily round-up of some of the other stories in the news

Your daily round-up of some of the other stories in the news

Ariana Grande’s Instagram account hijacked

US pop star Ariana Grande (pictured) became the latest celebrity to fall victim to having her social media compromised at the weekend – the star’s Instagram account was compromised, with the cybervandals publishing several posts that contained racist slurs and profanities.

Grande, who won hearts around the world for her emotional return to Manchester to put on a star-studded concert after the bombing of her gig in the northern British city in May in which 23 people, mostly young fans, were killed, quickly regained control of her account, deleting the malicious posts and alerting her 111m followers to what had happened.

Here at Naked Security we hope that Grande has enabled two-factor authentication on her account, which Instagram introduced back in March, and Ariana, if you’re reading this, do have a look at our tips for securing your account.

New data protection laws unveiled

The UK government has unveiled its plans for bringing the EU’s General Data Protection Regulation (GDPR) into law with the publication of the new UK Data Protection bill.

GDPR comes into force across the 28 EU member states in May next year, and applies to any business, European or not, that processes the data of EU citizens.

The steps the bill takes to align British law with that of the EU comes as no surprise, regardless of the fact that the UK is due to leave the EU in March 2019 – the UK will still be a member of the EU when GDPR takes effect, and many British businesses will continue to do business with European companies after Brexit.

Matt Hancock, the digital minister, appearing to appropriate much of the credit for provisions painstakingly hammered out in Brussels, said in a statement that the bill “will give us one of the most robust, yet dynamic, sets of data laws in the world. The bill will give people control over their data [and] require more consent for its use. We have some of the best data science in the world and this new law will help it to thrive.”

@MalwareTechBlog set to be released

Marcus Hutchins, the security researcher better known as @MalwareTechBlog who stopped the WannaCry outbreak by inadvertently activating a killswitch, was expected to be released on Monday after his legal team didn’t have enough time to raise the $30,000 bail set for him by a Las Vegas judge on Friday.

Hutchins was arrested as he tried to board a flight in Las Vegas to return to the UK last Wednesday after attending the Def Con conference and charged with having been involved in the creation and distribution of the Kronos banking trojan along with an un-named co-defendant.

His lawyer, Adrian Lobo, said she expected him to fly to Wisconsin on Tuesday, where the indictment against him had been filed. Sky News reported over the weekend that Hutchins plans to plead not guilty to the six counts in the indictment, but it was  also claimed over the weekend that Hutchins had admitted to police that he had written the Kronos code and had indicated that he’d sold it online.

Hutchins has had to surrender his passport so has to remain in the US, and apparently will also have to wear a GPS tag and stay off the internet.

Catch up with all of today’s stories on Naked Security