Companies are offering interest-free advances to people with poor credit in exchange for detailed personal data. Wired: Tulloch [Editor's note: the anecdote character in the story] is one of a growing number of US workers turning their personal data over to private companies in exchange for paycheck advances, fueling an industry potentially worth up to $12 billion, by some estimates. In 2020, $9.5 billion in wages were accessed early, according to the research firm Aite-Novarica Group, up from $6.3 billion in 2019. These early payouts can be habit-forming; a 2021 report from the Financial Health Network found that more than 70 percent of pay advance users took out consecutive advances.

What Tulloch didn't know was that when he signed up for the app, a company called Argyle was retrieving the data that would be used to decide how much money to give him. It builds the technology that allows companies like B9 to extract a wealth of data from payroll accounts -- up to 140 data points. These can include shifts worked, time off, earnings and promotions history, health care and retirement contributions, even reputational markers like on-time rate or a gig worker's star rating and deactivation history. For every worker that uses its product, Argyle charges customers like B9 a fee, plus an additional monthly charge for continuous monitoring. This makes for a valuable data trove; it's further upstream than banking data, providing a fuller picture of a worker's earnings, deductions, and behavior. Some estimate that payroll data could be worth $10 billion. Argyle pegs it at 10 times higher.

Argyle is part of an emerging set of payroll data companies founded over the last four years to cash in on workers' personal information. They build secure connections between payroll providers like Paychex and businesses that want to access that data, like B9. Argyle acts like a courier, shuttling data from one account to another, the same way banking data is transmitted to apps like Venmo. Its competitors include Atomic, Pinwheel, Truv, and Plaid (which builds those bank integrations but recently began releasing payroll products). The data that workers provide can be used to underwrite financial products like loans, mortgages, insurance policies, and buy-now-pay-later apps; simplify direct deposit switching; or verify income and employment for apartment and job applications.

An anonymous reader quotes a report from Cointelegraph: Less than 1% of the biggest Bitcoin (BTC) hodlers allegedly control more than a quarter of all BTC in circulation, according to a new study. The National Bureau of Economic Research, an American private nonprofit research organization, released a study claiming that 10,000 Bitcoin investors, or 0.01% of all BTC holders, own 5 million BTC, or 27% of all 18.9 million coins in circulation. The amount of BTC held by the "one percent" is equivalent to approximately $232 billion, the Wall Street Journal reported on Monday.

The study, which was conducted by finance professors Antoinette Schoar at the MIT Sloan School of Management and Igor Makarov at the London School of Economics, aims to demonstrate that Bitcoin is not as decentralized as one might think. "Despite having been around for 14 years and the hype it has ratcheted up, it's still the case that it's a very concentrated ecosystem," Schoar said. According to the WSJ report, the top hodlers control a bigger share of BTC than the richest American households control in dollars. Citing data from the United States Federal Reserve, the report notes that the top 1% of U.S. households hold about a third of all wealth. The new report may sound alarming for the crypto community, as major Bitcoin advocates have been promoting decentralization as one of the Bitcoin network's biggest principles.

According to Quantum Economics founder Mati Greenspan, much of the circulating BTC supply is controlled by Satoshi Nakamoto, the pseudonymous creator of Bitcoin. "Satoshi's coins alone make up for more than 5%," Greenspan told Cointelegraph, adding: "Over time, the ownership of Bitcoin is designed to get more distributed. For fiat, the opposite tends to happen." It's worth noting that much of BTC's circulating supply is also apparently not controlled by anyone and is likely to be lost forever. According to crypto-insurance firm Coincover, around 4 million BTC is out of circulation due to lost access.

"Anyone can be a banker these days," argues Reuters. All it takes it the right software: Global brands from Mercedes and Amazon to IKEA and Walmart are cutting out the traditional financial middleman and plugging in software from tech startups to offer customers everything from banking and credit to insurance.

For established financial institutions, the warning signs are flashing.

So-called embedded finance — a fancy term for companies integrating software to offer financial services — means Amazon can let customers "buy now pay later" when they check out and Mercedes drivers can get their cars to pay for their fuel. To be sure, banks are still behind most of the transactions but investors and analysts say the risk for traditional lenders is that they will get pushed further away from the front end of the finance chain. And that means they'll be further away from the mountains of data others are hoovering up about the preferences and behaviours of their customers — data that could be crucial in giving them an edge over banks in financial services...

Accenture estimated in 2019 that new entrants to the payments market had amassed 8% of revenues globally — and that share has risen over the past year as the pandemic boosted digital payments and hit traditional payments, Alan McIntyre, senior banking industry director at Accenture, said. Now the focus is turning to lending, as well as complete off-the-shelf digital lenders with a variety of products businesses can pick and choose to embed in their processes... So far this year, investors have poured $4.25 billion into embedded finance startups, almost three times the amount in 2020, data provided to Reuters by PitchBook shows...

"Big banks and insurers will lose out if they don't act quickly and work out where to play in this market," said Simon Torrance, founder of Embedded Finance & Super App Strategies.

Several other retailers have announced plans this year to expand in financial services. Walmart launched a fintech startup with investment firm Ribbit Capital in January to develop financial products for its employees and customers while IKEA took a minority stake in BNPL firm Jifiti last month. Automakers such as Volkswagen's Audi and Tata's Jaguar Land Rover have experimented with embedding payment technology in their vehicles to take the hassle out of paying, besides Daimler's Mercedes.
Some traditional banks are now working with the big tech companies, the article notes, with JPMorgan even buying 75% of Volkswagen's payments business.

And it also points out the other thing that could protect their business from encroaching new startups: the possibility of new rules from financial regulators.

The extremes of floods and fires are not going away, but adaptation can lessen their impact. Economist (paywalled): If temperatures rise by 3C above pre-industrial levels in the coming decades -- as they might even if everyone manages to honour today's firm pledges -- large parts of the tropics risk becoming too hot for outdoor work. Coral reefs and the livelihoods that depend on them will vanish and the Amazon rainforest will become a ghost of itself. Severe harvest failures will be commonplace. Ice sheets in Antarctica and Greenland will shrink past the point of no return, promising sea rises measured not in millimetres, as today's are, but in metres.

Six years ago, in Paris, the countries of the world committed themselves to avoiding the worst of that nightmare by eliminating net greenhouse-gas emissions quickly enough to hold the temperature rise below 2C. Their progress towards that end remains woefully inadequate. Yet even if their efforts increased dramatically enough to meet the 2C goal, it would not stop forests from burning today; prairies would still dry out tomorrow, rivers break their banks and mountain glaciers disappear. Cutting emissions is thus not enough. The world also urgently needs to invest in adapting to the changing climate. The good news is that adaptation makes political sense. People can clearly see the need for it. When a country invests in flood defences it benefits its own citizens above all others -- there is no free-rider problem, as there could be for emissions reduction. Nor does all the money come from the public purse; companies and private individuals can see the need for adaptation and act on it. When they do not do so, insurance companies can open their eyes to the risks they are running.

Some adaptation is fairly easily set in place. Systems for warning Germans of coming floods will surely now improve. But other problems require much larger public investment, like that which has been put into water-management in the Netherlands. Rich countries can afford such things. Poor countries and poor people need help, which is why the Paris climate agreement calls for annual transfers of $100bn from rich to poor. The rich countries have not yet lived up to their side of this. On July 20th John Kerry, President Joe Biden's special envoy on climate change, reiterated America's pledge to triple its support to $1.5bn for adaptation in poorer countries by 2024, part of a broader move to increase investment in adaptation and mitigation in developing countries. More such efforts are vital.

An anonymous reader quotes a report from The Intercept: The popular legal research and data brokerage firm LexisNexis signed a $16.8 million contract to sell information to U.S. Immigration and Customs Enforcement, according to documents shared with The Intercept. The deal is already drawing fire from critics and comes less than two years after the company downplayed its ties to ICE, claiming it was "not working with them to build data infrastructure to assist their efforts." Though LexisNexis is perhaps best known for its role as a powerful scholarly and legal research tool, the company also caters to the immensely lucrative "risk" industry, providing, it says, 10,000 different data points on hundreds of millions of people to companies like financial institutions and insurance companies who want to, say, flag individuals with a history of fraud. LexisNexis Risk Solutions is also marketed to law enforcement agencies, offering "advanced analytics to generate quality investigative leads, produce actionable intelligence and drive informed decisions" -- in other words, to find and arrest people.

The LexisNexis ICE deal appears to be providing a replacement for CLEAR, a risk industry service operated by Thomson Reuters that has been crucial to ICE's deportation efforts. In February, the Washington Post noted that the CLEAR contract was expiring and that it was "unclear whether the Biden administration will renew the deal or award a new contract." LexisNexis's February 25 ICE contract was shared with The Intercept by Mijente, a Latinx advocacy organization that has criticized links between ICE and tech companies it says are profiting from human rights abuses, including LexisNexis and Thomson Reuters. The contract shows LexisNexis will provide Homeland Security investigators access to billions of different records containing personal data aggregated from a wide array of public and private sources, including credit history, bankruptcy records, license plate images, and cellular subscriber information. The company will also provide analytical tools that can help police connect these vast stores of data to the right person. In a statement to The Intercept, a LexisNexis Risk Solutions spokesperson said: "Our tool contains data primarily from public government records. The principal non-public data is authorized by Congress for such uses in the Drivers Privacy Protection Act and Gramm-Leach-Bliley Act statutes." They declined to say exactly what categories of data the company would provide ICE under the new contract, or what policies, if any, will govern how agency agency uses it.

One of the most active and notorious data-stealing ransomware groups, Maze, says it is "officially closed." From a report: The announcement came as a waffling statement, riddled with spelling mistakes, and published on its website on the dark web, which for the past year has published vast troves of stolen internal documents and files from the companies it targeted, including Cognizant, cybersecurity insurance firm Chubb, pharmaceutical giant ExecuPharm, Tesla and SpaceX parts supplier Visser, and defense contractor Kimchuk. Where typical ransomware groups would infect a victim with file-encrypting malware and hold the files for a ransom, Maze gained its notoriety for first exfiltrating a victim's data and threatening to publish the stolen files unless the ransom was paid. It quickly became the preferred tactic of ransomware groups, which set up websites -- often on the dark web -- to leak the files it stole if the victim refused to pay up. Maze initially used exploit kits and spam campaigns to infect its victims, but later began using known security vulnerabilities to specifically target big name companies. Maze was known to use vulnerable virtual private network (VPN) and remote desktop (RDP) servers to launch targeted attacks against its victim's network. Some of the demanded ransoms reached into the millions of dollars.

An anonymous reader shares a report: The railroad tracks cut through Weyling White's boyhood backyard like an invisible fence. He would play there on sweltering afternoons, stacking rocks along the rails under the watch of his grandfather, who established a firm rule: Weyling wasn't to cross the right of way into the white part of town. The other side had nicer homes and parks, all the medical offices, and the town's only hospital. As a consequence, White said, his family mostly got by without regular care, relying on home remedies and the healing hands of the Baptist church. "There were no health care resources whatsoever," said White, 34. "You would see tons of worse health outcomes for people on those streets." The hard lines of segregation have faded in Ahoskie, a town of 5,000 people in the northeastern corner of the state. But in health care, a new force is redrawing those barriers: algorithms that blindly soak up and perpetuate historical imbalances in access to medical resources. A STAT investigation found that a common method of using analytics software to target medical services to patients who need them most is infusing racial bias into decision-making about who should receive stepped-up care. While a study published last year documented bias in the use of an algorithm in one health system, STAT found the problems arise from multiple algorithms used in hospitals across the country.

The bias is not intentional, but it reinforces deeply rooted inequities in the American health care system, effectively walling off low-income Black and Hispanic patients from services that less sick white patients routinely receive. These algorithms are running in the background of most Americans' interaction with the health care system. They sift data on patients' medical problems, prior health costs, medication use, lab results, and other information to predict how much their care will cost in the future and inform decisions such as whether they should get extra doctor visits or other support to manage their illnesses at home. The trouble is, these data reflect long-standing racial disparities in access to care, insurance coverage, and use of services, leading the algorithms to systematically overlook the needs of people of color in ways that insurers and providers may fail to recognize.

Long-time Slashdot reader leathered shares an investigation from the Correspondent about blockchain -- and " what's so terribly revolutionary about it? What problem does it solve...? I can tell you upfront, it's a bizarre journey to nowhere. I've never seen so much incomprehensible jargon to describe so little... And I've never seen so many people searching so hard for a problem to go with their solution...." [Y]ou can't do much with bitcoin. But blockchain, on the other hand: it's the technology behind bitcoin, which makes it cool. Blockchain generalises the bitcoin pitch: let's not just get rid of banks, but also the land registry, voting machines, insurance companies, Facebook, Uber, Amazon, the Lung Foundation, the porn industry and government and businesses in general. They are superfluous, thanks to the blockchain. Power to the users...!

The only thing is that there's a huge gap between promise and reality. It seems that blockchain sounds best in a PowerPoint slide. Most blockchain projects don't make it past a press release, an inventory by Bloomberg showed... Out of over 86,000 blockchain projects that had been launched, 92% had been abandoned by the end of 2017, according to consultancy firm Deloitte. Why are they deciding to stop? Enlightened — and thus former — blockchain developer Mark van Cuijk explained: "You could also use a forklift to put a six-pack of beer on your kitchen counter. But it's just not very efficient...."

[I]nformation and communications technology is like the rest of the world — a big old mess. And that's something that we — outsiders, laypeople, non-tech geeks — simply refuse to accept. Councillors and managers think that problems — however large and fundamental they are — evaporate instantaneously thanks to technology they've heard about in a fancy PowerPoint presentation. How will it work? Who cares! Don't try to understand it, just reap the benefits!

This is the market for magic, and that market is big. Whether it's about blockchain, big data, cloud computing, AI or other buzzwords...

Maybe this is blockchain's greatest merit: it's an awareness campaign, albeit an expensive one. "Back-office management" isn't an item on the agenda in board meetings, but "blockchain" and "innovation" are... Yes, it took a few wild, unmet promises, but the result is that administrators are now interested in the boring subjects that help make the world run a bit more efficiently — nothing spectacular, just a bit better.

Airbnb announced that it is laying off around a quarter of its workforce, citing revenue declines and a need to curtail costs. TechCrunch reports: In the note, written by Airbnb CEO and co-founder Brian Chesky, the company said that 1,900 employees will be laid off, or 25.3% of its 7,500 workers. The layoffs will impact a number of internal product groups, including Transportation and Airbnb Studios, efforts that will be placed on hold, and its Hotels and Lux work, which will be "scale[d] back." The company declined to break down per-country totals for the layoffs in a phone call with TechCrunch, but its memo did note that its staffing cuts are "mapped to a more focused business." The former startup appears to be narrowing its efforts, targeting core operations and shedding more experimental and costly endeavours. According to Chesky's missive, Airbnb anticipates its 2020 revenue coming in under 50% of 2019's total; Airbnb saw around $4.8 billion in revenue last year, according to reports. The report adds: "Separated employees will receive 14 weeks of pay, and one more week for each year served at the company (rounding partial years up). The firm is also dropping its one-year equity cliff so that employees who are laid off with under 12 months of tenure can buy their vested options; Airbnb will also provide 12 months of health insurance through COBRA in the United States, and health care coverage through 2020 in the rest of the world."

Climate-change-related threats such as extreme weather, large-scale biodiversity losses and a failure of political leaders to slow planetary heating are now the top long-term risks facing the globe, business and other leaders said. From a report: An annual risk survey published ahead of the World Economic Forum next week put climate threats ahead of risks ranging from cyberattacks and pandemics to geopolitical conflict and weapons of mass destruction for the first time. "That's new. Last year we didn't have it," said Mirek Dusek, deputy head of the Centre for Geopolitical and Regional Affairs and an executive committee member of the World Economic Forum, of the rise of environmental issues up the list. The shift comes as climate-changing emissions continue to rise strongly globally, despite government and business commitments to reduce them, and as the potential impact of runaway climate change becomes clearer. From wildfires in Australia, Brazil and California to worsening storms, floods and droughts, "all key indicators point that this is a situation that's bad and it's getting worse," said John Drzik, chairman of Marsh & McLennan Insights, a global risk, insurance and professional services firm.

Hackers are holding foreign exchange company Travelex to ransom after a cyber-attack forced the firm to turn off all computer systems and resort to using pen and paper. From a report: On New Year's Eve, hackers launched their attack on the Travelex network. As a result, the company took down its websites across 30 countries to contain "the virus and protect data." A ransomware gang called Sodinokibi has told the BBC it is behind the hack and wants Travelex to pay $6 million. The gang, also known as REvil, claims to have gained access to the company's computer network six months ago and to have downloaded 5GB of sensitive customer data. Dates of birth, credit card information and national insurance numbers are all in their possession, they say. The hackers said: "In the case of payment, we will delete and will not use that [data]base and restore them the entire network. "The deadline for doubling the payment is two days. Then another seven days and the sale of the entire base."

Security researchers say they found evidence that a Chinese government-linked hacking group has been bypassing two-factor authentication (2FA) in a recent wave of attacks. From a report: The attacks have been attributed to a group the cyber-security industry is tracking as APT20, believed to operate on the behest of the Beijing government, Dutch cyber-security firm Fox-IT said in a report published last week. The group's primary targets were government entities and managed service providers (MSPs). The government entities and MSPs were active in fields like aviation, healthcare, finance, insurance, energy, and even something as niche as gambling and physical locks.

The Fox-IT report comes to fill in a gap in the group's history. APT20's hacking goes back to 2011, but researchers lost track of the group's operations in 2016-2017, when they changed their mode of operation. Fox-IT's report documents what the group has been doing over the past two years and how they've been doing it. According to researchers, the hackers used web servers as the initial point of entry into a target's systems, with a particular focus on JBoss, an enterprise application platform often found in large corporate and government networks.

An anonymous reader quotes a report from The Wall Street Journal: Embattled lab-testing startup uBiome Inc. filed for bankruptcy protection Wednesday and put its assets up for sale after suspending testing of its clinical products. The San Francisco-based company filed for chapter 11 protection in U.S. Bankruptcy Court in Wilmington, Del., and said it has lined up an $8 million bankruptcy loan to keep its business open while it looks for a buyer. The company, which is under federal investigation for its billing practices, laid off around half of its global workforce in July.

UBiome had been trying to build a business on testing patients' microbiomes based on emerging science that suggests microorganisms in the gut and other parts of the body can play a role in health. The startup had raised $83 million in a financing round from investors that included 8VC and Y Combinator. But the company has suspended the two lab tests for which it was billing insurance companies. Some of the companies had already largely or completely stopped paying claims. UBiome co-founders Jessica Richman and Zac Apte, who were earlier suspended from their positions as co-chief executives, resigned from the company's board. In June, the board appointed Curtis Solsvig of restructuring firm Goldin Associates as acting CEO.

Criminals used artificial intelligence-based software to impersonate a chief executive's voice and demand a fraudulent transfer of $243,000 in March in what cybercrime experts described as an unusual case of artificial intelligence being used in hacking. From a report: The CEO of a U.K.-based energy firm thought he was speaking on the phone with his boss, the chief executive of the firm's German parent company, who asked him to send the funds to a Hungarian supplier. The caller said the request was urgent, directing the executive to pay within an hour, according to the company's insurance firm, Euler Hermes Group. Law enforcement authorities and AI experts have predicted that criminals would use AI to automate cyberattacks. Whoever was behind this incident appears to have used AI-based software to successfully mimic the German executive's voice by phone. The U.K. CEO recognized his boss' slight German accent and the melody of his voice on the phone, said Rudiger Kirsch, a fraud expert at Euler Hermes, a subsidiary of Munich-based financial services company Allianz.

Florida's Department of Highway Safety and Motor Vehicles "made $77 million in 2017 by selling drivers' personal information to more than 30 private companies, including marketing firms, bill collectors, insurance companies and data brokers..." according to local news site.

schwit1 shared this report from WPTV: A Florida woman is blaming the state government for an onslaught of robocalls and direct mail offers â"- accusations that come as the Scripps station WFTS in Tampa uncovered that the DMV makes millions by selling Florida drivers' personal information to outside companies, including marketing firms.

WFTS I-Team Investigator Adam Walser obtained records showing the state sold information on Florida drivers and ID cardholders to more than 30 private companies, including marketing firms, bill collectors, insurance companies and data brokers in the business of reselling information.
They also report that the woman was illiterate, and "had no digital footprint â" until she got an ID." But within days, her legal guardian reports she was "receiving direct mail offers for lawn service, credit cards, cell phones and insurance. She also now receives constant robocalls and salespeople have even started showing up at her door."

And their investigation revealed more damning details. One data broker said their firm "has an agreement with the state to buy driver and ID cardholder data for a penny a record." A promotional video on their web site brags they have "access to 2.5 billion customers and two-thirds of the world's population."

Though it may be possible to opt-out of data collection from individual marketing companies, a spokesperson for the state of Florida "said there's no way for drivers to opt out if they don't want their personal information sold."

Why is it still so easy for consumers to buy poorly made, dangerous batteries that explode, and why is it so difficult to tamp down on counterfeits or hold the sellers -- or the platforms the sellers use, such as Amazon -- accountable? From a report: In the massive global network of manufacturers, distributors, sellers, and resellers, it can be nearly impossible to tell who's actually responsible for getting any given product into your living room. Even when it sets your couch on fire. [...] More than half of the items sold on Amazon are listed by third-party sellers -- not by Amazon itself -- which makes ensuring that products are safe and authentic difficult, according to Juozas Kaziukenas, the founder of Marketplace Pulse, a firm that researches Amazon. In the case of batteries, batches of lithium-ion cells made in China that don't pass inspection sometimes end up listed by sellers on Amazon, said Michael Rohwer, a director of Business for Social Responsibility, a nonprofit that works with companies on their supply-chain practices.

[...] Insurance companies have even started to sue both Amazon and battery makers because they say they've had to pay out many claims over lithium-ion-battery explosions. Allstate New Jersey Insurance sued Amazon in U.S. District Court in New Jersey, alleging that a battery bought on Amazon caused "extensive" damage to a home, which required the insurance company to make "significant payments" to the insured. That case was eventually dismissed, but both State Farm and General Insurance Company of America are currently suing Amazon because of fires they say were caused by lithium-ion batteries purchased on the platform.

An anonymous reader shares a report: Any sports fan will know, or at least appreciate, the disappointment of going to watch your team only to find that a top player has been left out. But what if you could pay an extra bit of money for your ticket -- say, 5-15% on top of the normal price -- and insure the cost of your ticket against such a situation? If your favourite player does not play, for whatever reason, you get your money back. That's the intriguing premise behind Fansure, a start-up currently based in Belmont, California. When I spoke to the firm's marketing manager, Tara Fan, she explained it in the context of a basketball game: "Some tickets are $300-$400 to go to a game. Typically, you're paying that to see someone like LeBron James, or Kevin Durant, or someone like that." It works like this: You buy the ticket as normal. Then, at least 48 hours before the game, you go to Fansure, and you pay them an added percentage. The amount reflects what Fansure thinks is the likelihood of your selected player appearing or not.

Someone like Durant for instance, rarely misses a game for the Golden State Warriors and so the premium would be relatively low. "It would only be, I would say, 8% of your ticket price," Ms Fan explained. "It's like... $30 to cover a $400 ticket. And so that's where the benefit rolls out." If Durant plays, you've wasted your $30, which Fansure pockets. If he doesn't, you still get to go and enjoy the game, and Fansure will refund you the entire amount of the ticket (but keeps the bit you paid for insurance).

Mondelez, the US food company that owns the Oreo and Cadbury brands, is suing its insurance company, Zurich, for refusing to pay out on a $100m claim for damage caused by the NotPetya cyber attack. From a report: The case will be the first serious legal dispute over how companies can recover the costs of a cyber attack [Editor's note: the article may be paywalled; alternative source], as insurance groups seek to tightly define their liabilities. "It's a pretty big deal. I've never seen an insurance company take this position," said Robert Stines, a cyber law specialist at the US law firm Freeborn. "It's going to send ripples through the insurance industry. Major companies are going to rethink what's in their policies." The NotPetya attack in the summer of 2017 crippled the computer systems of companies around the world, including Merck, the pharmaceuticals company, Reckitt Benckiser, the consumer group, and Maersk, the world's largest shipping group. It caused billions of dollars of damage and has been blamed by the US and the UK on Russian hackers attacking the Ukrainian government.

[...] According to the Mondelez court documents, Zurich initially worked to adjust the claim in the usual way and at one point even promised to make a $10m interim payment. But it later refused to pay, relying on an exclusion in the policy for "a hostile or warlike action" by a government or sovereign power or people acting for them. Mondelez described Zurich's refusal as "unprecedented" and is seeking $100m in damages. Both companies declined to comment on the case.

An anonymous reader shares a report: On Monday, New Year's Eve, a hacker group announced it had breached a law firm handling cases related to the September 11 attacks, and threatened to publicly release a large cache of related internal files unless their ransom demands were met. The news is the latest public extortion attempt from the group known as The Dark Overlord, which has previously targeted a production studio working for Netflix, as well as a host of medical centres and private businesses across the United States. The announcement also signals a slight evolution in The Dark Overlord's strategy, which has expanded on leveraging the media to exert pressure on victims, to now distributing its threats and stolen data in a wider fashion.

In its announcement published on Pastebin, The Dark Overlord points to several different insurers and legal firms, claiming specifically that it hacked Hiscox Syndicates Ltd, Lloyds of London, and Silverstein Properties. "Hiscox Syndicates Ltd and Lloyds of London are some of the biggest insurers on the planet insuring everything from the smallest policies to some of the largest policies on the planet, and who even insured structures such as the World Trade Centers," the announcement reads.

Personal data has become widely available in China and can be scooped up for pennies by insurance companies, banks, loan sharks, and scammers alike, according to sellers and financiers interviewed by Reuters. From a report: In May, China introduced its most comprehensive data protection laws to date, tightening restrictions on the sharing of private data held by financial institutions and other firms. "Personal information leaks are risky," said Susan Ning, a partner at the law firm King & Wood Mallesons in Beijing. "Such information can facilitate other crimes," she added. Insurers often buy numbers from shadowy online data sellers, who themselves have acquired the information illegally, according to people in the industry. Some companies illegally buy information from the department of motor vehicles, car licensing authorities, car sellers, or from police stations, said Michelle Hu, a partner at Boston Consulting Group who has been a consultant on insurance deals. By entering keywords like "personal data" or "cellphone data", in Chinese, Reuters found more than 30 groups created for the purpose of selling and buying personal information on Tencent's instant messaging service QQ and Baidu forum site Tieba.