Welcome to the new normal in cybersecurity. On the plus side, everyone’s offering you two years of free identity theft monitoring for losing your data!
For all of the hype around AI, one thing that the most popular chatbots aren’t doing well at right now is security. This week, we reported that OpenAI is struggling to handle an explosion of PromptLock ransomware using its model, and the very next day, we reported that Anthropic is dealing with hackers using Claude as a staging ground for attacks as well. For all of their benefits and potential, it’s important to remember that AI chatbots are not built for data protection, and most do not care about your privacy.
It’s not just chatbots that are at risk, either. As companies find new ways to shoehorn AI into virtually all of their products, they also introduce new security vulnerabilities that allow anyone capable of exploiting them to make off with your data. For example, we also covered how AI-powered web browsers are especially vulnerable to prompt injection attacks, and fixing those issues is much more difficult than just issuing a patch or software update. If you feel like you’ve been hearing a lot about “prompt injections,” buckle up. It’s only going to get more common from here out.
Beyond AI, it wouldn’t be a week in security without another hack that impacts millions of people. This time, it’s TransUnion, one of the big three credit bureaus, with a breach that exposed the records of over 4.4 million people. Predictably, the company is offering two years of free credit monitoring to those affected, and you should definitely grab it if it’s available to you, but you can do better. Check out our roundup of the best identity theft protection services for companies that will really look out for your data, and actually help you recover if something does happen.
You may think that a VPN might be one way to avoid getting caught in data breaches, but despite their marketing, they’re not a privacy panacea. There are a lot of things a VPN can do for you, and we definitely recommend you get a good one (especially if you travel often or work remotely), but protecting you from a data breach isn’t necessarily one of them.
It’s definitely been a busy week. But it’s not everything that caught the attention of the PCMag security team. Here are some more stories from around the web that we think are worth checking out.
