Privacy Please
Avsnitt

S7, E275 - Choose Wisely: GigaWiper, Your New Delete Button & The Gold Bar Grift

Dela

Send us Fan Mail


Full Show Notes

This week on Privacy Please, Cam breaks down four stories that all come back to one theme: choice.

GigaWiper — Microsoft researchers uncovered a new backdoor malware built from pieces of older malware families, giving attackers the ability to decide after they're already inside a network how they want to cause damage — from low-level disk wipes to fake ransomware with encryption keys that are never even saved. Multiple security firms are independently tracking it, with no group attribution yet.

Connecticut's new AI disclosure law — As of July 1st, companies covered by Connecticut's privacy law must clearly disclose whether their data is used to train large language models like ChatGPT, Gemini, DeepSeek, or Grok. Cam digs into why "disclosure" doesn't always mean "clarity," and what to actually look for in a privacy policy update.

California's Delete Act (DROP) — A correction and a deep dive: DROP has been live since January 1st, not launching in August as previously stated. What actually changes on August 1st is enforcement — the date data brokers become legally required to act on deletion requests. Cam walks through exactly how to submit one at privacy.ca.gov.

The Phantom Hacker gold bar scam — A 78-year-old Phoenix woman nearly lost $600,000 in gold bars to a scammer posing as a federal official — until she turned the tables and called the FBI herself. Cam covers the arrest, the courier-for-hire business model behind it, and the billion-dollar scale of phantom hacker scams since 2024.

Tips for this episode:

  • Back up your data offline — wipers don't negotiate, there's no ransom to pay your way out
  • Search privacy policy updates for "train," "AI," or "language model" before skimming past them
  • California residents: submit a DROP request now at privacy.ca.gov so it's queued before enforcement begins on August 1st
  • No real government agency will ever tell you to convert your money to gold, crypto, or gift cards — hang up and call the agency back yourself

Sources referenced:

  • Microsoft Security research on GigaWiper
  • Connecticut Data Privacy Act (CTDPA) amendment, effective July 1, 2026
  • California Delete Act / DROP platform, cppa.ca.gov
  • FBI IC3 reporting on Phantom Hacker and gold bar scams
  • AZFamily coverage of the Gary Christopher arrest, Phoenix Sky Harbor Airport


Chapter Timestamps

00:00 – Cold Open 01:30 – GigaWiper: Choose-Your-Own-Destruction Malware 04:00 – Connecticut's LLM Data Disclosure Law 06:15 – California's Delete Act & DROP Platform 08:30 – The Phantom Hacker Gold Bar Scam 11:30 – Recap & Close

Support the show

Podden och tillhörande omslagsbild på den här sidan tillhör A Problem Lounge Show. Innehållet i podden är skapat av A Problem Lounge Show och inte av, eller tillsammans med, Poddtoppen.