The Australian government has revealed that 30GB of defence data was stolen in an extensive cyberattack on a government contractor (BBC News). The attack, which began in July 2016, was not detected until November that year. Defence Industry Minister Christopher Pyne says the attack, which has been described as "extensive and extreme" does not represent a threat to national security. The attacker, dubbed "Alf", has not been identified.
2. Israeli hackers watched Russian hackers exploiting Kaspersky
Adding to allegations that Kaspersky's antivirus software has been compromised by Russian government hackers, The New York Times reports that Israeli government hackers attempting to penetrate the antivirus firm "looked on in real time as Russian government hackers searched computers around the world for the code names of American intelligence programs" (TechCrunch). While German security services say that they've not detected any of the reported threats in Kaspersky's software, the situation is bleak for the antivirus firm, which depends on the trust of its customers to do business.
US credit checking agency Equifax has revealed that the personal information of around 400,000 people in the UK "may potentially have been accessed" in a hack that's thought to have affected up to 145 million customers (The Guardian). The breach, which has been revealed to have been made possible by poor update patching and cybersecurity practices on Equifax's part, is among the biggest on record. While Equifax's UK systems were not affected, the company says that British customer data may have been accessed because some UK customer's information was stored on the US system between 2011 and 2016 due to a "process failure". This data includes names, dates of birth, email addresses and telephone numbers, but does not postal addresses, passwords or financial information.
Microsoft has added new fact-checking capabilities to its Bing search engine, with a fact-check label that publishers can use to indicate the veracity of news stories (The Verge). The company detailed the label in a blog for sites wishing to use it, saying that linked fact-checking sites' "analysis must be transparent about sources and methods, with citations and references to primary sources included". Although the ClaimReview embedding code can be linked to any site, Microsoft says that only sites that follow Bing's fact-checking criteria will be shown, to help prevent the system from being used to propagate false claims.