Ticketmaster is the victim of a cyber attack, its parent company, Live Nation, confirmed. The information stolen allegedly includes personal information from 560 million individuals, including names, numbers, addresses, and partial payment details. Hacking group ShinyHunters has demanded $500,000 in ransom money to prevent the data's sale and confirmed it held the 1.3TB of stolen data to Hackread.

In a filing with the US Securities and Exchange Commission, Live Nation stated it had "identified unauthorized activity" on May 20 and subsequently started investigating it. On May 27, "a criminal threat actor offered what it alleged to be Company user data for sale via the dark web." 

Live Nation claims to be working to lower the risks posed to its customers and its own business. "As of the date of this filing, the incident has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations," the company added. "We continue to evaluate the risks and our remediation efforts are ongoing."

Ticketmaster has faced previous breaches, including a bot attack during Taylor Swift ticket sales. The company also has a history as a hacker, illegally — and repeatedly — accessing the computer system of its rival, Songkick. Ticketmaster paid a $10 million criminal fine rather than face prosecution. However, the company's former head of Artist Services, Zeeshan Zaidi, pled guilty to conspiring to commit computer intrusions and wire fraud due to his role in the scheme.

The families of the shooting victims at Robb Elementary School in Uvalde, Texas have sued Call of Duty publisher Activision and Meta. They alleged that the companies "knowingly exposed the shooter to the weapon [he used], conditioned him to see it as the solution to his problems, and trained him to use it." The plaintiffs also accused the companies of "chewing up alienated teenage boys and spitting out mass shooters." 

In the lawsuit, the plaintiffs explained that the Uvalde shooter played Call of Duty, which featured an assault-style rifle made by gunmaker Daniel Defense. They also mentioned that he frequently visited Instagram, which advertised the gunmaker's products. The lawsuit claimed, as well, that Instagram gives gunmakers "an unsupervised channel to speak directly to minors, in their homes, at school, even in the middle of the night." It argued that the shooter was "a poor and isolated teenager" from small town Texas who only learned about AR-15s and set his sights on it, because he was exposed to the weapon from playing Call of Duty and visiting Instagram. In addition, it accused Meta of being more lenient towards firearms sellers than other users who break its rules. Meta prohibits the buying the selling of weapons and ammunition, but users can violate the policy 10 times before they're banned from its platforms. 

"The truth is that the gun industry and Daniel Defense didn’t act alone. They couldn’t have reached this kid but for Instagram," the plaintiffs' lawyer, Attorney Josh Koskoff, said at a news conference. "They couldn’t expose him to the dopamine loop of virtually killing a person. That's what Call of Duty does." Koskoff's law firm was the same one who reached a $73 million settlement with rifle manufacturer Remington for the families of the Sandy Hook Elementary School shooting victims. 

An Activision spokesperson told The Washington Post and Bloomberg Law that the "Uvalde shooting was horrendous and heartbreaking in every way," and that the company expresses its deepest sympathies to the families, but "millions of people around the world enjoy video games without turning to horrific acts."

The US Department of Justice arrested a Wisconsin man last week for generating and distributing AI-generated child sexual abuse material (CSAM). As far as we know, this is the first case of its kind as the DOJ looks to establish a judicial precedent that exploitative materials are still illegal even when no children were used to create them. “Put simply, CSAM generated by AI is still CSAM,” Deputy Attorney General Lisa Monaco wrote in a press release.

The DOJ says 42-year-old software engineer Steven Anderegg of Holmen, WI, used a fork of the open-source AI image generator Stable Diffusion to make the images, which he then used to try to lure an underage boy into sexual situations. The latter will likely play a central role in the eventual trial for the four counts of “producing, distributing, and possessing obscene visual depictions of minors engaged in sexually explicit conduct and transferring obscene material to a minor under the age of 16.”

The government says Anderegg’s images showed “nude or partially clothed minors lasciviously displaying or touching their genitals or engaging in sexual intercourse with men.” The DOJ claims he used specific prompts, including negative prompts (extra guidance for the AI model, telling it what not to produce) to spur the generator into making the CSAM.

Cloud-based image generators like Midjourney and DALL-E 3 have safeguards against this type of activity, but Ars Technica reports that Anderegg allegedly used Stable Diffusion 1.5, a variant with fewer boundaries. Stability AI told the publication that fork was produced by Runway ML.

According to the DOJ, Anderegg communicated online with the 15-year-old boy, describing how he used the AI model to create the images. The agency says the accused sent the teen direct messages on Instagram, including several AI images of “minors lasciviously displaying their genitals.” To its credit, Instagram reported the images to the National Center for Missing and Exploited Children (NCMEC), which alerted law enforcement.

Anderegg could face five to 70 years in prison if convicted on all four counts. He’s currently in federal custody before a hearing scheduled for May 22.

The case will challenge the notion some may hold that CSAM’s illegal nature is based exclusively on the children exploited in their creation. Although AI-generated digital CSAM doesn’t involve any live humans (other than the one entering the prompts), it could still normalize and encourage the material, or be used to lure children into predatory situations. This appears to be something the feds want to clarify as the technology rapidly advances and grows in popularity.

“Technology may change, but our commitment to protecting children will not,” Deputy AG Monaco wrote. “The Justice Department will aggressively pursue those who produce and distribute child sexual abuse material—or CSAM—no matter how that material was created. Put simply, CSAM generated by AI is still CSAM, and we will hold accountable those who exploit AI to create obscene, abusive, and increasingly photorealistic images of children.”

Block appears to be squarely in the government’s sights. Prosecutors from the Southern District of New York are reportedly probing extensive compliance lapses at the parent company of Square and Cash App. NBC News says a former Block employee has handed over documents to federal authorities, painting a picture of how the company failed to gather required risk-assessment information from customers and subsequently processed illegal transactions.

The documents allegedly show that Block greenlit multiple crypto transactions involving known terrorist organizations. Furthermore, Square reportedly processed thousands of transfers involving nations under economic sanctions. “From the ground up, everything in the compliance section was flawed,” the whistleblower allegedly told NBC News. “It is led by people who should not be in charge of a regulated compliance program.”

Most transactions allegedly involved credit cards, dollar transfers or Bitcoin and weren’t reported to the government as mandated by law. In addition, Block reportedly refused to “correct company processes” when notified of the breaches.

The investigation follows a separate report from NBC News in February highlighting two different whistleblowers who flagged the same issues at Block. They cited “questionable Cash App transactions with entities under sanction by the Treasury Department’s Office of Foreign Assets Control, operations known to sell personal information and credit card data for illegal purposes, and offshore gambling sites barred to U.S. citizens.”

The practice allegedly spanned multiple years. NBC News says it reviewed around 100 pages of documents from the whistleblower involving people or organizations in countries under US sanctions, including Russia, Iran, Venezuela and Cuba. Some of them were reportedly from as recent as 2023.

Block

The whistleblower claims Block’s management was aware of the alleged offenses. “It’s my understanding from the documents that compliance lapses were known to Block leadership and the board in recent years,” Edward Siedle, a former SEC attorney representing the whistleblower, told NBC News.

The whistleblower says that, besides senior management, Block’s board was told about the compliance issues. Coincidentally or not, several board members made unexpected exits recently, including former US treasury secretary Lawrence Summers, who resigned in February, and Sharon Rothstein, who had been on the board since 2022. Block told NBC News that they were leaving to devote more time to other activities and that their exits weren’t “a result of any disagreements with the company on any matter relating to the company’s operations, policies or practices.”

Federal authorities have taken a greater interest in modern financial platforms in recent years after at least some of them had become something of a Wild West. Of course, FTX’s fraudulent practices and subsequent collapse led to a seismic decline in the cryptocurrency industry. Although it isn’t clear if the feds have gotten involved, Elon Musk’s X (the husk of what was once Dorsey’s Twitter) reportedly violated US sanctions by accepting blue-check subscription payments from terrorist organizations.

A federal judge has sentenced Binance founder Changpeng Zhao (often known as “CZ”) to four months in prison, as first reported by The New York Times. Prosecutors had recommended three years. Zhao pleaded guilty in November to violating the Bank Secrecy Act by failing to set up an anti-money-laundering program.

The DOJ accused Zhao of allowing criminal activity to flourish on the crypto exchange. “Binance turned a blind eye to its legal obligations in the pursuit of profit. Its willful failures allowed money to flow to terrorists, cybercriminals, and child abusers through its platform,” Treasury Secretary Janet Yellen said in November.

The government accused Binance of refusing to comply with American sanctions and failing to report suspicious transactions related to drugs and child sexual abuse materials. Prosecutors said in court that Zhao had told Binance employees it was “better to ask for forgiveness than permission” while bragging that if Binance had obeyed the law, it wouldn’t be “as big as we are today.”

Under the plea deal’s terms, Binance agreed to forfeit $2.5 billion and pay a $1.8 billion fine. Zhao personally paid $50 million as part of the settlement.

Although the charges differed, Zhao’s sentence is dramatically shorter than the 25 years fellow crypto figurehead Sam Bankman-Fried received in March. SBF, as he’s often known, was convicted on seven counts of fraud and conspiracy for his role at the helm of the crypto platform FTX.

Zhao played an integral role in Bankman-Fried’s downfall — and the crypto industry’s broader decline in the last 18 months. The Binance founder tweeted in November 2022 that his company would liquidate its holdings in FTX’s de facto token. He said “recent revelations that have came[sic] to light” while citing “ethical concerns” and “regulatory risks.” The posts not only crushed FTX but the crypto world at large. (They likely helped attract the government’s attention as well.) When FTX’s wells dried up following the platform’s rapid collapse, Zhao briefly agreed to buy the company but quickly backed out.

Prosecutors said Zhao’s crime carried a standard federal sentence of 12 to 18 months but argued for a three-year term, describing his crimes as being “on an unprecedented scale.” But Judge Richard A. Jones saw it differently, sentencing him to a measly one-twelfth of the government’s suggested term.

“This wasn’t a mistake — it wasn’t a regulatory oops,” Kevin Mosley, a DOJ lawyer, reportedly said in court on Tuesday. “Breaking U.S. law was not incidental to his plan to make as much money as possible. Violating the law was integral to that endeavor.”

A Russian military court sentenced Meta spokesperson Andy Stone in absentia to six years in prison for "publicly defending terrorism," Reuters reports. Stone's lawyer reportedly asked for an acquittal and there are plans to appeal the sentence. 

A few months after Russian officials placed him on a wanted list and started a criminal investigation, a Moscow court issued an arrest warrant for Stone on several terrorism-related charges in February. It cited Stone's alleged "promotion of terrorist activities, public calls for terrorist activities, public justification of terrorism or propaganda of terrorism and public calls for extremist activities."

The measure follows Russia's investigative committee opening a probe into Meta in March 2022. It claimed that Stone had incited extremist activity after lifting "a ban on calls for violence against the Russian military on its platforms." Around that time, Stone said Meta was "temporarily" allowing some posts that would have previously been taken down for inciting violence to stay on its platforms, but noted that the company would still outlaw “credible calls for violence against Russian civilians.”

In any case, it seems unlikely that Stone will actually spend time behind bars in Russia, unless he were to travel there or to a country that has an extradition treaty with the nation. It's not uncommon for a person to be charged or sentenced (often for spying- or hacking-related crimes) in another country and never actually have to deal with those consequences.

Russia has designated Meta as an extremist organization. It blocked access to Facebook and Instagram soon after commencing its invasion of Ukraine in 2022.

Engadget has contacted Meta for comment.

Disgraced former FTX CEO Sam Bankman-Fried was just sentenced to 25 years behind bars in a ruling handed forth New York's Southern District Court. Judge Lewis A. Kaplan announced the decision this morning.

As posted by CNN, Bankman-Fried expressed regret for his actions and the people he harmed. "It's been excruciating to watch," he said. "Customers don't deserve any of that pain." He also acknowledged the serious time he was likely to spend behind bars. "My useful life is probably over," he said. "It's been over for a while now."

Bankman-Fried is expected to appeal the decision. His defense team asked for a sentence of five to 6.5 years, citing his “charitable works and demonstrated commitment to others.” The team also suggested lenience on the grounds that victims would be made whole, referring to a January bankruptcy court hearing showing that customers and creditors will get their money back. Prosecutors, on the other hand, wanted something much harsher. They asked for a sentence of 40 to 50 years "to reflect the seriousness of the defendant's crimes," US Attorney Damian Williams told the court earlier this month. The maximum possible sentence was 110 years.

SBF, as he's now infamously known, was arrested in the Bahamas back in December of 2022. He faced seven charges, including wire fraud against FTX customers, wire fraud against Alameda Research lenders, conspiracy to commit wire fraud against both entities, conspiracy to commit securities and commodities fraud on FTX customers and conspiracy to commit money laundering. He was found guilty of all charges.

The trial lasted one month, with prosecutors arguing that he used FTX funds to keep sibling company Alameda Research afloat. Caroline Ellison, his one-time girlfriend and CEO of Alameda, confirmed this to be true and admitted that she committed fraud on behalf of Bankman-Fried. The defendant’s lawyers, on the other hand, tried to portray him as a hapless math nerd who wrestled with “forces largely outside of his control.”

Alameda borrowed more than $8 billion from FTX, money that was taken from accounts belonging to FTX customers. Bankman-Fried claims he only learned of this in 2020 but performed no actions to safeguard the funds. He took the stand during the trial and said that he deeply regrets “not taking a deeper look into" what was going on with both companies. FTX collapsed and filed for bankruptcy in 2022. 

“Clearly, I made a lot of mistakes. There are things I would give anything to be able to do over again,” he told the New York Times before the trial started.

A man has been jailed for 66 weeks in England after pleading guilty to cyberflashing. Nicholas Hawkes is the first person to be convicted of the crime in the country under the Online Safety Act. Cyberflashing (sending unsolicited photos of genitalia) was outlawed in England and Wales under the law on January 31.

“Cyberflashing is a serious crime which leaves a lasting impact on victims, but all too often it can be dismissed as thoughtless ‘banter’ or a harmless joke," prosecutor Hannah von Dadelzsen said in a statement. “Just as those who commit indecent exposure in the physical world can expect to face the consequences, so too should offenders who commit their crimes online; hiding behind a screen does not hide you from the law."

Registered sex offender Hawkes, of Basildon, Essex, admitted to sending a photo of his genitals to a 15-year-old girl and a woman in early February. The woman took screenshots of the image and reported it to police. Cyberflashing victims receive lifelong anonymity under the Sexual Offences Act after reporting such crimes.

Hawkes pleaded guilty on February 12 to two counts of sending a photograph or film of genitals to cause alarm, distress or humiliation. He was held in custody until his sentencing on Tuesday. Hawkes was jailed for one year for the cyberflashing counts, and 14 weeks for breaching a previous order. He was convicted last year of exposure and sexual activity with a child under 16 and was sentenced to a community order.

Some other jurisdictions have similar laws against cyberflashing. Scotland banned it in 2010 and Northern Ireland followed suit last year. Singapore made it a crime in 2019, while the practice is illegal in some circumstances in Australia. Some states have moved to tackle cyberflashing too, including California, Virginia and Texas.

A former Google engineer was arrested in California on Wednesday for stealing more than 500 files containing artificial intelligence trade secrets from the company and using the information to benefit rival tech companies in China.

In an indictment that was unsealed in a federal California court, prosecutors accused Linwei Ding, a 38-year-old Chinese national who started working at Google in 2019, of uploading trade secrets from his Google-issued laptop to personal cloud storage accounts. The documents that Ding stole involved “building blocks” of Google’s AI infrastructure, according to the indictment. He uploaded them to his personal accounts over a period of one year from May 2022 to May 2023.

Ding was arrested in Newark, California, and charged with four counts of theft of trade secrets. If convicted, he can be sentenced up to 10 years in prison and a fine of up to $250,000 for each count.

“We have strict safeguards to prevent the theft of our confidential commercial information and trade secrets,” Google spokesperson José Castañeda told Engadget. “After an investigation, we found that this employee stole numerous documents, and we quickly referred the case to law enforcement. We are grateful to the FBI for helping protect our information and will continue cooperating with them closely.”

The development comes at a time of heightened tensions between the United States and China over the explosion of artificial intelligence. Last year, the Biden administration banned the export of advanced AI chips designed by American companies like NVIDIA to China to stop the country from using AI to strengthen its military. “Today’s charges are the latest illustration of the lengths affiliates of companies based in the People’s Republic of China are wiling to go to steal American innovation,” said FBI director Christopher Wray in a statement. “The theft of innovative technology and trade secrets from American companies can cost jobs and have devastating economic and national security consequences.”

The indictment revealed all kinds of details about the nature of the crime. Ding allegedly copied information from Google’s files into Apple Notes on his laptop first, and then converted them to PDF files that he uploaded to his personal Google account to evade detection by Google’s data loss prevention systems. He also gave his Google badge to another Google employee in California to make it seem like he was working from Google’s offices in the state while actually working for rival companies in China. Prosecutors said that Ding helped in raising capital for one of the Chinese companies he worked with as its chief technology officer. Last year, he also founded another AI company in China and served as its CEO.

This isn’t the first time that the US has arrested a Chinese national for stealing trade secrets from American companies. In the last few years, the US attorney’s office in San Francisco has charged three former Apple employees for stealing trade secrets related to the Apple Car, a project the company recently canceled, and siphoning them off to companies in China. Last month, one of those engineers was sentenced to six months in prison and asked to pay nearly $150,000 in fines. 

Jack Teixeira, the Massachusetts Air National Guardsman accused of leaking classified defense secrets on Discord, has pled guilty. The New York Times reports the 22-year-old withdrew his not-guilty plea on Monday, trading a guilty admission for up to around 16 years in prison. Had he gone to trial and lost, he could have faced up to 60 years.

In a Boston federal court, Teixeira pleaded guilty to six counts of “willful retention and transmission of national defense information” under the Espionage Act. Federal authorities arrested the airman at his mother’s house last April.

The Air National Guardsman is accused of sharing classified documents on a Minecraft-focused Discord server in late 2022. The posted files included volumes of information about the war in Ukraine (including details about military equipment and Russian and Ukrainian troop movements), as well as Russia’s attempts to stockpile more weapons from Egypt and Turkey. The content eventually landed on 4chan, Telegram and other Discord servers.

The leaked docs also contained a report about the hacking of an unnamed American company by “a foreign adversary” and details about a plot to assault US troops serving abroad. 

The government said it didn’t find evidence of deliberate espionage motives, nor did it accuse Teixeira of acting as a whistleblower in the mold of Edward Snowden. Instead, prosecutors concluded he wanted to gain status with his online friends. The New York Times reports that a senior federal law enforcement official, speaking anonymously to the paper, said the DOJ wouldn’t have agreed to the reduced sentencing if it had uncovered more malicious motives.

The judge presiding over the case, Indira Talwani, scheduled a hearing in September to finalize her endorsement of the deal. The sentencing guidelines range from 11 to more than 16 years in prison. His lawyer, Michael K. Bachrach, told reporters Teixeira’s immaturity played a pivotal role while promising he would push for the lowest sentence. “He is very much a kid,” the attorney reportedly said. “We will be able to establish why his youth played a substantial role.”

A NYT investigation of more than 9,500 of Teixeira’s messages, published last May, revealed an obsession with “weapons, mass shootings, shadowy conspiracy theories — and proving he was in the right, and in the know.”