The NHS is reportedly set to grant “unlimited access” to identifiable patient data to staff from companies, including Palantir, involved in developing its federated data platform. This change, detailed in an internal briefing, would allow external engineers, such as those from Palantir and consultancy firms, to access the National Data Integration Tenant (NDIT) with an “admin” role. This marks a departure from current protocols, which require individual data access approvals for specific datasets. While the NHS maintains strict data management policies and security clearances for external personnel, the briefing acknowledges a potential “risk of loss of public confidence” regarding patient data safeguarding due to these enhanced permissions. Recommendations within the document suggest limiting the number and duration of these external admin roles.
Read More
During the third day of the trial concerning his lawsuit against Sam Altman and OpenAI, Elon Musk accused an OpenAI lawyer of attempting to “trick” him. Musk’s testimony was characterized as combative. This legal battle centers on allegations of OpenAI deviating from its original mission.
Read More
The concerning news that the medical data of half a million Britons has been found listed for sale on a Chinese website has understandably sparked a great deal of apprehension, particularly as we navigate an increasingly digital world where personal information is a valuable commodity. The very notion of sensitive health details being treated as a product for sale is deeply unsettling, highlighting the inherent risks associated with the digitization of our most private information. This situation raises critical questions about data security, accountability, and the ethical implications of how our personal information is handled.
The selling of such data is demonstrably profitable, creating a strong incentive for malicious actors to acquire and exploit it.… Continue reading
A former DOGE software engineer, allegedly embedded within the Social Security Administration, is accused of exfiltrating databases containing records of over 500 million Americans on a thumb drive. This individual reportedly informed colleagues that he possessed sensitive citizen data and expected a presidential pardon if his actions were deemed illegal. This incident is part of a pattern of alleged data mismanagement and overreach by DOGE operatives within federal agencies, raising significant privacy and security concerns.
Read More
The U.S. Internal Revenue Service has reportedly engaged in an improper disclosure of confidential tax information belonging to thousands of individuals to federal immigration enforcement authorities. This significant breach, as detailed by the Washington Post and corroborated by sources familiar with the matter, suggests a serious lapse in the safeguarding of sensitive taxpayer data. The IRS is said to have recently uncovered this error and is now collaborating with other federal agencies to address the fallout from this disclosure.
The implications of such a disclosure are far-reaching and raise substantial questions about the integrity of taxpayer privacy and the government’s ability to protect confidential information.… Continue reading
The platform is implementing new default settings to enhance user safety and privacy. These changes will restrict visibility and communication options, with access to age-restricted communities and sensitive content now requiring age verification. This ensures that only adults can engage with potentially mature material, fostering a more controlled online environment.
Read More
A recent report reveals that Madhu Gottumukkala, the head of the Cybersecurity and Infrastructure Security Agency, uploaded “sensitive” contracting materials to a public version of ChatGPT, triggering an internal review. The documents, marked “for official use only,” were not classified but were considered sensitive and should not have been released publicly, which triggered automated alerts. Despite Gottumukkala having special permission to use ChatGPT, the incident prompted a review by top DHS officials to assess potential harm, with the results still unknown. This event occurred amid the widespread adoption of AI in the workplace, highlighting the increasing need for careful handling of sensitive information.
Read More
France is set to publish a notice in the coming days regarding the adoption of a domestic videoconferencing platform, Visio, by 2027, as announced by the Minister for State Reform. Following the previous mandate for officials to use Tchap, Visio is currently used by 40,000 staff members, including various ministries. The goal is to expand Visio’s user base to 250,000, with Dinum closely monitoring the transition and potentially blocking other video tools on the state’s network to ensure compliance.
Read More
TikTok CEO Shou Chew informed employees of an agreement to spin off its US assets into a new entity with primarily American investors. This move, which comes after a law mandated divestiture from parent company ByteDance, aims to secure TikTok’s future in the US. The joint venture will be 50% owned by a group including Oracle and Silver Lake, with ByteDance retaining nearly 20% ownership. The deal, which includes data storage and content moderation by the new entity, is expected to close by January 22, 2026, pending approvals from both the US and Chinese governments.
Read More
In a recent security incident, OpenAI confirmed that a data breach involving its analytics partner, Mixpanel, exposed some user information. The breach occurred on November 9 when a threat actor infiltrated Mixpanel’s systems, though critical data like passwords and payment details remained secure. Exposed user profile data included names, email addresses, coarse location data, and browser information. OpenAI has removed Mixpanel from its production environment and is advising potentially affected API users to remain vigilant against phishing attempts.
Read More
John Q. Hosedrinker 
Matt Underwood