An anonymous reader quotes a report from TechCrunch: South Korean e-commerce platform Coupang over the weekend said nearly 34 million Korean customers' personal information had been leaked in a data breach that had been ongoing for more than five months. The company said it first detected the unauthorized exposure of 4,500 user accounts on November 18, but a subsequent investigation revealed that the breach had actually compromised about 33.7 million customer accounts in South Korea. The breach affected customers' names, email addresses, phone numbers, shipping addresses, and certain order histories, per Coupang. More sensitive data like payment information, credit card numbers, and login credentials was not compromised and remains secure, the company said. [...] Police have reportedly identified at least one suspect, a former Chinese Coupang employee now abroad, after launching an investigation following a November 18 complaint.

An anonymous reader quotes a report from The Record: Russian telecom operators have begun cutting mobile internet access for 24 hours for citizens returning to the country from abroad, in what officials say is an effort to prevent Ukrainian drones from using domestic SIM cards for navigation. "When a SIM card enters Russia from abroad, the user has to confirm that it's being used by a person -- not installed in a drone," the Digital Development Ministry said in a statement earlier this week.

Users can restore access sooner by solving a captcha or calling their operator for identification. Authorities said the temporary blackout is meant to "ensure the safety of Russian citizens" and prevent SIM cards from being embedded in "enemy drones." The new rule has led to unexpected outages for residents in border regions, whose phones can automatically connect to foreign carriers. Officials advised users to switch to manual network selection to avoid being cut off.

The US could lose out on valuable AI and tech talent if some of its immigration policies are not modernized, Google says in a letter sent to the Department of Labor. From a report: Google says policies like Schedule A, a list of occupations the government "pre-certified" as not having enough American workers, have to be more flexible and move faster to meet demand in technologies like AI and cybersecurity. The company says the government must update Schedule A to include AI and cybersecurity and do so more regularly.

"There's wide recognition that there is a global shortage of talent in AI, but the fact remains that the US is one of the harder places to bring talent from abroad, and we risk losing out on some of the most highly sought-after people in the world," Karan Bhatia, head of government affairs and public policy at Google, tells The Verge. He noted that the occupations in Schedule A have not been updated in 20 years.

Companies can apply for permanent residencies, colloquially known as green cards, for employees. The Department of Labor requires companies to get a permanent labor certification (PERM) proving there is a shortage of workers in that role. That process may take time, so the government "pre-certified" some jobs through Schedule A. The US Citizenship and Immigration Services lists Schedule A occupations as physical therapists, professional nurses, or "immigrants of exceptional ability in the sciences or arts." While the wait time for a green card isn't reduced, Google says Schedule A cuts down the processing time by about a year.

Capital One is buying Discover Financial (non-payalled source) in a deal that would marry two of the largest credit-card companies in the U.S. WSJ: The all-stock deal could be announced Tuesday, according to people familiar with the matter. Discover has a market value of $28 billion, and the takeover would be expected to value it at a premium to that. Buying Discover will give Capital One, a credit-card lender with a market value of a little over $52 billion, a network that would vastly increase its power in the payments ecosystem.

Card networks are critical to enabling transactions and setting fees that merchants pay when consumers shop with credit cards. Though much smaller than Visa and Mastercard, Discover is one of the few competitors to those companies in the U.S. and it is one of a small number of card issuers that also has a payments network. Capital One, the ninth-largest bank in the country and a major credit-card issuer, uses Visa and Mastercard for most of its cards. The bank plans to switch at least some of its cards to the Discover network, while continuing to use Visa and Mastercard on others. Those larger networks have more merchant acceptance abroad than Discover does. Update: Capital One has proposed to pay $35.3 billion for Discover in an all-stock deal.

The Nokia 130 and 150 are two new updated feature phones from Nokia that ship "with the form of an earlier generation of tech but the software of the current time," reports Gizmodo. From the report: The Nokia 150 is arguably the more worthy of the two; it comes in three colors and features a 2.4-inch QVGA display, a 1,450 mAh removable battery with up to a month of standby time, and a headphone jack for listening to music like we're still pirating it from the internet (though you can also tune in to the built-in FM radio, a feature you'd have to download an app to replicate on an iPhone). The rear-facing 0.3-MP VGA camera is as mediocre as it sounds; it's similar to the camera specs on an LG-made candybar phone I was carting around in 2008. You can save all your data on a MicroSD card and charge the phone with micro USB.

The Nokia 130 has the same size screen and removable battery, but it doesn't have a camera, which makes sense if you were looking at one of these as a secondary device. You probably already have a smartphone that takes satisfying photos. The Nokia 130 and 150 are rated IP52, making them resistant to dust and water but not entirely waterproof. And they both have physical buttons, including a full 12-key number pad, plus navigational buttons to get around the operating system, called Series 30+ or S30+. Nokia developed the software specifically for these entry-level devices, and it made sure to include a revamped Snake game. Nokia swears there are "hours of fun in store," which seems like marketing rehashed from its '90s glory days.

The Nokia 130 and 150 are primarily available abroad. Note that these two models have been around since 2016 and that this latest release is a part of the phone's upgrade cycle. The company, acquired by Finnish conglomerate HMD Mobile, has yet to reveal pricing. But previous generations started at under $50 after converting currencies. It's quite a deal compared to what you'd get with an aging, low-cost Android phone.

FTX suffered a "complete failure of corporate controls" according to the company's new chief executive who was appointed as part of the crypto exchange's bankruptcy process. From a report: In a filing [PDF] to federal bankruptcy court, John J. Ray, who has helped oversee some of the biggest bankruptcies ever, including Enron's, said despite his 40 years in the business of restructuring companies, he's never seen anything as bad as FTX.

"Never in my career have I seen such a complete failure of corporate controls and such a complete absence of trustworthy financial information as occurred here. From compromised systems integrity and faulty regulatory oversight abroad, to the concentration of control in the hands of a very small group of inexperienced, unsophisticated and potentially compromised individuals, this situation is unprecedented."

President Trump tweeted on Monday night that he will sign an executive order to temporarily suspend immigration into the U.S. to help prevent the spread of the coronavirus, adding that his decision was spurred by an "attack from the Invisible Enemy, as well as the need to protect the jobs of our GREAT American Citizens." Trump later clarified at a coronavirus press briefing on Tuesday and said the order would only be in place for 60 days and apply to individuals seeking permanent residency or green card seekers. From a report: "We have a solemn duty to ensure these unemployed Americans regain their jobs and their livelihoods, therefore in order to protect American workers, I will be issuing a temporary suspension of immigration into the United States." "By pausing immigration we'll help put Americans first in line for jobs as America reopens," he continued. "I would be wrong and unjust for Americans laid off by the virus to be replaced by new immigrant labor flown in from abroad."

Trump said that the order would last 60 days and then would be reevaluated by him and "a group of people based on economic conditions at the time" on whether the measure should be extended. He said the order would only apply to individuals seeking permanent residency or green card seekers. He added that additional immigration measures may be considered in the future as the country seeks to reopen its industries shut down in order to stop the novel coronavirus spread. As of Tuesday evening, the U.S. recorded over 820,000 coronavirus cases and more than 44,000 deaths.

Coinbase has become the only cryptocurrency company with a Visa Principal Member certification. TechCrunch reports: Cryptocurrency company Coinbase has been working with Paysafe to issue the Coinbase Card, a Visa debit card that works with your Coinbase account balance. The company is now a Visa Principal Member, which should help Coinbase rely less on Paysafe and control a bigger chunk of the card payment stack.

The company will offer the Coinbase Card in more markets in the future. The new status could open up more possibilities and features as well. While Coinbase originally launched the Coinbase Card in the U.K., it is now available in 29 European countries. It works with any Visa-compatible payment terminal and ATM. Users can decide in the app which wallet they want to use for upcoming transactions. This way, you can spend money in 10 cryptocurrencies. There are some conversion fees just like on Coinbase. In addition to those fees, there can be some additional fees if you withdraw a lot of money or make a purchase abroad.

At least four pre-paid debit cards that accept cryptocurrencies abruptly suspended service on Friday. An anonymous reader quotes TheNextWeb: Speaking to their customers on Twitter, the affected companies have said the move is the result of actions from their card issuer, [WaveCrest], who was acting on behalf of Visa Europe... A statement from Visa Europe obtained by The Daily Beast reporter Joseph Cox said the action was taken due to WaveCrest's "non-compliance" with VISA's membership regulations... In its statement, Visa makes clear that this isn't a crackdown on cryptocurrencies, but rather action against one company that broke its rules.
"All funds stored on cards are safe and will be returned to your Cryptopay accounts ASAP," one of the affected debit card companies assured users on Twitter, adding "Sorry for all the inconvenience caused..."

According to the article, "Some users on Twitter are reportedly stranded abroad without funds."

The Office of the Privacy Commissioner of Canada said Tuesday that the Canada-based online dating and social networking service Ashely Madison used inadequate privacy and security technology while marketing itself as a discreet and secure way for consenting adults to have affairs. CBC.ca reports: "In a report Tuesday, the privacy watchdog says the Toronto-based company violated numerous privacy laws in Canada and abroad in the era before a massive data breach exposed confidential information from their clients to hackers. The hack stole correspondence, identifying details and even credit card information from millions of the site's users. The resulting scandal cost the company about a quarter of its annual revenues from irate customers who demanded refunds and cancelled their accounts. Working with a similar agency in Australia, the privacy group says the company knew that its security protocols were lacking but didn't do enough to guard against being hacked. The company even adorned its website with the logo of a 'trusted security award' -- a claim the company admits it fabricated." The report found that "poor habits such as inadequate authentication processes and sub-par key and password management practices were rampant at the company" and that "much of the company's efforts to monitor its own security were 'focused on detecting system performance issues and unusual employee requests for decryption of sensitive user data.'" What's more is that Ashley Madison continued to store personal information of its users even after some of which had deleted or deactivated their account(s). These people then had their information included in databases published online after the hack.

HughPickens.com writes: Nathaniel Popper writes in the NYT that with its volatile currency and dysfunctional banks, Argentina is the perfect place to experiment with a new digital currency. The number of Bitcoin users in Argentina is relatively small; it barely registers on most charts of global Bitcoin usage. But Argentina has been quietly gaining renown in technology circles as the first, and almost only, place where Bitcoins are being regularly used by ordinary people for real commercial transactions. For example, BitPagos is selling bitcoins in over 8,000 Argentine convenience stores and is helping more than 200 hotels, both cheap and boutique, take credit-card payments from foreign tourists. The money brought to Argentina using Bitcoin circumvents the onerous government restrictions on receiving money from abroad

The Rock Hostel is one of hundreds of hotels in the country using BitPagos to collect credit-card payments from foreign customers. If owner Rodriguez Pons accepted credit-card payments from American customers through the usual financial channels, customers would be billed in dollars, and when those dollars came to Pons's Argentine bank account, they would be converted at the official rate, about 30 percent lower than the black-market rate. It would also take 20 days for Pons to get her pesos. BitPagos helped counter these drawbacks by taking the credit-card payment in the United States and then using the dollars to buy Bitcoins, generally from Coinbase, before sending them to Pons immediately.

Bitcoin proponents like to say that the currency first became popular in the places that needed it least, like Europe and the United States, given how smoothly the currencies and financial services work there. It makes sense that a place like Argentina would be fertile ground for a virtual currency. Inflation is constant: At the end of 2014, for example, the peso was worth 25 percent less than it was at the beginning of the year. And that adversity pales in comparison with past bouts of hyperinflation, defaults on national debts and currency revaluations. "In the long run, Bitcoin will be very disruptive to the developed world," says Dan Morehead, a former Goldman Sachs executive who now runs a hedge fund focused on Bitcoin. Things are happening sooner in Argentina, he says, because its financial system creates hassles for the people there. But, he added, "Argentina is just a more extreme example of the situation in every country."

benrothke writes There are really two stories within Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door. The first is how Brian Krebs uncovered the Russian cybergangs that sent trillions of spam emails for years. As interesting and compelling as that part of the story is; the second storyline is much more surprising and fascinating. Brian Krebs is one of the premier cybersecurity journalists. From 1995 to 2009, he was a reporter for The Washington Post, where he covered Internet security, technology policy, cybercrime and privacy issues. When Krebs presented the Post with his story about the Russian spammers, rather than run with it, the Post lawyers got in the way and were terrified of being sued for libel by the Russians. Many of the stories Krebs ran took months to get approval and many were rejected. It was the extreme reticence by the Post to deal with the issue that ultimately led Krebs to leave the paper. Before Krebs wrote this interesting book and did his groundbreaking research, it was clear that there were bad guys abroad spamming American's with countless emails for pharmaceuticals which led to a global spam problem. Read below for the rest of Ben's review.

New submitter DoILookAmused writes A few years ago, the Argentinean government implemented a 35% tax on all offshore buys using a credit card. In yesterday's press release, the city of Buenos Aires announced it will charge a 3% gross income tax for all streaming or media purchase abroad allegedly to bring it to "competitive prices with local media companies". This tax doesn't supersede the national 35% tax, which has sparked several reactions.

A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it's a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there's no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they're overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.

(Read more for more, and look for a video interview with Halderman soon).

Last week, you asked questions (many rather pointed!) of Amir Taaki, co-founder of Bitcoin Consultancy, which develops Bitcoin related services, exchanges and Bitcoin itself. (They also own Britcoin.co.uk.) Says Taaki: "When creating video games I spent much time imagining tools to make artists lives easier, and how we could keep funding developers to write free software. One contribution of mine to the community was a site where developers could get funded for developing features and I'd love nothing more than to pay people to write free software." With regard to Bitcoin, similarly, "We need fulltime developers thinking about the problems and solutions needed to keep this system running. We aim to get all the creative thinkers from the community and provide a mechanism for enabling their work." Below find his answers to the questions readers raised.

Declan McCullogh is reporting at CNET that a federal district court judge has rebuked the Department of Homeland Security, "which had claimed it can seize a traveler's laptop and search it six months later without warrant." As described in the article, DHS policies have been stacked against travelers entering the US, including citizens returning from abroad: "There's no requirement that they be returned to their owners after even six months or a year has passed, though supervisory approval is required if they're held for more than 15 days. The complete contents of a hard drive or memory card can be perused at length for evidence of lawbreaking of any kind, even if it's underpaying taxes or not paying parking tickets." This ruling does not address immediate searches at the border, but says that DHS cannot hold computers for indefinite searching, as in the case to hand, concerning a US citizen returning from a trip to Korea, whose laptop was seized and held for months before a search was even conducted on it.

AHuxley writes "Apple suggests that the nation's cellphone networks could be open to 'potentially catastrophic' cyberattacks by iPhone-using hackers at home and abroad if iPhone owners are permitted to legally jailbreak their wireless devices. The Copyright Office is currently considering a request by the Electronic Frontier Foundation to legalize the widespread practice of jailbreaking. Apple has responded to the request by saying that if the 'baseband processor' software — which enables a connection to cell phone towers — is exposed, then a user could crash the tower software, or use the Exclusive Chip Identification number to make calls anonymously. Apple also thinks its closed business model is what made the iPhone a success. The Vodafone scandal from a few years back showed how a network could be compromised, but that was from within. So, what do you think? Is Apple playing the 'evil genius' hacker card or can 'anyone' with a smartphone and a genius friend pop a US cell tower?"

The Austin Game Developer's Conference, now under new management, kicks off today with a keynote from Blizzard President Michael Morhaime. He started off the event with a discussion of the potential of gaming in the 20th Century, and the lessons his company has learned from the long trial that has been World of Warcraft. Read on for notes from his presentation.