Sensitive and personal information for some 40 million people was stolen from Avid Life Media, a Toronto-based organization that owns the “world’s leading dating service” for those looking to have an affair, Ashley Madison, which has 37 million users, and hookup sites like Established Men and Cougar Life, KrebsOnSecurity reported Sunday. The company confirmed it had been hacked and was investigating the origin, nature and scope of the incident, in a statement Monday. The hackers identified themselves as the “Impact Team” and left a message instructing Avid Life Media to permanently shut down Ashley Madison and Established Men or the hackers would release the data taken from the company. “We have taken over all systems in your entire office and production domains, all customer information databases, source code repositories, financial records, emails,” Impact Team’s message said. The message singled out Avid Life Media Chief Technology Officer Trevor Stokes, who had noted in an internal document that protecting personal information was his biggest “critical success factor” and that he would “hate to see our systems hacked and/or the leak of personal information.” Impact Team welcomed Stokes to his “worst fucking nightmare.” The hackers demanded Avid Life media permanently shut down Ashley Madison and Established Men, “or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.” Other Avid Life Media websites were allowed to stay online. Avid Life Media said it secured its sites and closed "the unauthorized access points,” and is working with law enforcement to hold any and all parties responsible.

PayPal modified terms of its user agreement, as promised to the FCC (see 1506290044), to make it clear that it primarily uses autodialed or prerecorded calls and text to help detect, investigate and protect customers from fraud; provide notices to customers about their accounts or account activity; or collect a debt, said in an email to customers last weekend. The new section also clarifies autodialed or prerecorded calls or texts won't be used to contact customers for marketing purposes without prior express written consent; customers can continue to use PayPal products and services without consenting to autodialed or prerecorded calls or texts; and customers can revoke consent to receiving these communications, the email said.

Ryan J. Vallee, 21, of Franklin, New Hampshire, was charged with two counts of computer hacking to steal information, seven counts of computer hacking to extort, 10 counts of making interstate threats, and seven counts of aggravated identity theft, after remotely hacking into the social media, email and online shopping accounts of about a dozen minor females and threatening to delete, deface and make purchases from the accounts unless the victims sent him sexually explicit photographs of themselves, a Justice Department news release said Thursday. Vallee allegedly distributed sexually explicit photographs of the girls and their friends, DOJ said.

UCLA Health was the victim of a criminal cyberattack last year that may have resulted in hackers obtaining personal information including names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information for patients, it said in a statement Friday. “While the attackers accessed parts of the computer network that contain personal and medical information, UCLA Health has no evidence at this time that the cyber attacker actually accessed or acquired any individual’s personal or medical information.” Data for 4.5 million individuals may have been involved in the attack that is believed to have occurred in September, it said. UCLA Health is working with the FBI and private computer forensic experts to “further secure information on network servers,” it said. Hospital System President James Atkinson said UCLA Health takes the attack “extremely seriously” and has “taken significant steps to further protect data and strengthen our network against another cyber attack.”

MPAA said Friday that it wants to “set the record straight” on its positions on the ICANN Privacy & Proxy Services Accreditation Issues Working Group's work on proposed revisions to ICANN's proxy services registration policies. The association said in an email that groups opposed to aspects of PPSAI's initial report on revision proposals have “distorted” MPAA's positions. Privacy advocates and some industry groups have opposed aspects of PPSAI's initial report, particularly a proposal to bar owners of domain names associated with websites engaged in commercial activity from using proxy services to mask ownership information on WHOIS registration (see 1507010065). MPAA said that ICANN hasn't adopted any final changes to its proxy service rules and noted that “while we are working to develop a framework to help creators protect their content when clear and verifiable abuse is occurring, we’ve made it very clear that we also support the legitimate use of privacy and proxy services.” MPAA said it disagrees with claims that its role on PPSAI means it supports policies that will chill free speech and expose marginalized groups to possible harassment. “Not only do we tell stories that advance challenging societal conversations, we also consistently resist government calls for censorship,” MPAA said. “In this case, we are engaged with ICANN to help creators reach out directly to the bad actors that are abusing the Internet to distribute infringing content and profit from others’ hard work.”

Netflix is “really optimistic” about Ultra HD as a subscription and revenue “driver,” CEO Reed Hastings said on a quarterly earnings interview Wednesday. “So as more and more Ultra HD TVs get sold at major electronics outlets over the next five years, more and more people will want Ultra HD” from Netflix, he said. Each Ultra HD stream is about 15 Mbps, “so it takes a good-quality Internet connection,” he said. “Of course, that's getting more and more reliable. So when we see those coming together, we see over time a significant percentage of our membership upgrading to get the Ultra HD service, again, over the next couple of years.” Netflix is confident about its long-term success in Japan after launching there this fall, Hastings said. It plans to launch in Japan with “aggressive” pricing and local content, including “some local originals,” he said. “We're really focused on doing a great job.” Japan is “unique” among other markets “because it's very brand-sensitive,” Hastings said. “So Japan will probably be our slowest market to get to a certain penetration threshold, but it may be one of our best markets in the long term because when the Japanese society embraces a brand, it's a very deep connection, very long-term. So we're willing to make that investment, knowing that it's not the quick route to success that it might be in other countries.”

General Electric installed new fiber optic lines to support its industrial Internet initiative, the company said in a news release Thursday. The cables installed at GE's Global Research Center in Niskayuna, N.Y. deliver speeds of 100 Gbps, it said. GE said Cisco contributed to the infrastructure project, which will be featured during demonstrations Thursday at the Industrial Internet Consortium's Summer Conference at the research center.

The Software and Information Industry Association is hosting an event July 23 that will focus on rethinking the meaning of data privacy and consider whether the current policymaking is working to advance individual privacy, an SIIA news release said Wednesday. “The issues of data privacy and security are too often over-simplified -- more data equals less privacy, which demands more regulation,” the release said. FTC Commissioner Maureen Ohlhausen will deliver opening remarks. A panel discussion on how big data and the IoT have spurred valuable privacy debates and whether current and proposed regulations could inhibit innovation and economic progress will follow. The event is 12-1 p.m. at the Capitol Visitor’s Center SVC 201-00.

Whenever Christos Catsouras searches his last name on Google, photos of his deceased daughter Nikki’s body and the wrecked car she was in during a fatal accident in 2006 surface, Catsouras said during a Consumer Watchdog-hosted news conference in Santa Monica, California, Wednesday. Having "the right to be forgotten" apply in the U.S. would be “the most amazing thing for our family and many other families out there,” Catsouras said. Photos of Nikki’s body were leaked by the California Highway Patrol and Catsouras said some individuals attach the photos and send them to him in emails. There is “absolutely no justification for these links to continue to exist,” said Consumer Watchdog Privacy Project Director John Simpson. Removing photos or links from search engine results isn't censorship because the content still exists and such removal is possible for a company to do because Google is honoring removal requests in Europe, Simpson said. In June, Google announced it would remove revenge porn from its search results, Simpson said. “To me, some of the photos that are haunting the Catsouras family are just as abusive and harmful [as revenge porn] and I don’t understand why Google won’t remove those links,” Simpson said. Consumer Watchdog initially contacted Google asking the company to honor right to be forgotten requests in the U.S., but Simpson said Google never responded. Bing and Yahoo should also honor removal requests, Simpson said, explaining Consumer Watchdog has focused on Google because “they are the big dog” and Google more than any other search engine or company describes itself as privacy friendly. Consumer Watchdog filed a complaint with the FTC against Google last week alleging that Google’s refusal to offer Americans the right to be forgotten privacy tool that Europeans have is an unfair and deceptive practice -- a violation of Section 5 of the FTC Act (see 1507070023). Simpson said the FTC has confirmed receipt of the complaint and is considering it, which Simpson said he took to be a positive sign. Simpson added that Consumer Watchdog would drop the complaint if Google did what was right and honored removal requests. Simpson said search engines are the first step, but as society figures out what are appropriate privacy protections in the digital age, additional policy changes may be necessary. Google had no immediate comment.

Some 70 members of Darkode, an underground, invite-only, online meeting forum for those interested in buying, selling and trading malware, botnets, stolen personally identifiable information, credit card information, hacked server credentials and other pieces of data and software obtained from cybercrimes, were arrested and charged, the Department of Justice and the FBI said in a blog post Wednesday. Law enforcement agencies from 20 countries were involved in Operation Shrouded Horizon, making the Darkode takedown the largest coordinated international law enforcement effort ever directed at an online cybercrime forum, a DOJ news release said. A dozen individuals in the U.S. were indicted, search warrants were served in the U.S. and the FBI seized Darkode’s domain and servers, DOJ and the FBI said. The investigation focused primarily on the Darkode members responsible for developing, distributing, facilitating and supporting the “most egregious and complex cyber criminal schemes targeting victims and financial systems around the world,” they said. “Of the roughly 800 criminal internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States and around the world and was the most sophisticated English-speaking forum for criminal computer hackers in the world,” U.S. Attorney David Hickton of the Western District of Pennsylvania said. “This is a milestone in our efforts to shut down criminals’ ability to buy, sell, and trade malware, botnets and personally identifiable information used to steal from U.S. citizens and individuals around the world,” FBI Deputy Director Mark Giuliano said.