Latest tech support scam stokes concerns Dell customer data was breached

Tech-support scams, in which fraudsters pose as computer technicians who charge hefty fees to fix non-existent malware infections, have been a nuisancefor year. A relatively new one targeting Dell computer owners is notable because the criminals behind it use private customer details to trick their marks into thinking the calls come from authorized Dell personnel.

"What made the calls interesting was that they had all the information about my computer; model number, serial number, and notably the last item I had called Dell technical support about (my optical drive)," Ars reader Joseph B. wrote in an e-mail. "That they knew about my optical drive call from several months prior made me think there was some sort of information breach versus just my computer being compromised."

He isn't the only Dell customer reporting such an experience. In a Dell forum post from July, Ars reader Patrick Z. reported receiving similar calls. When he pressed company representatives to explain how the scammers had so much information about him, a company employee shut him down. "Dell is aware of this and other complaints and is investigating," the employee wrote. "No, there will not be a public post/blog. We consider this closed from a Forum perspective."

What's more, a blog post published Tuesday reported scammers knew of every problem the author had ever called Dell about. None of those problems were ever discussed in public forums, leading the author to share the suspicion that proprietary Dell data had somehow been breached.

The blog post went on to detail several posts on Dell's public support forum reporting the same phenomenon. In all, there were eight separate customers. In addition to having the customers' phone numbers, model numbers, and serial numbers, the scammers in some cases also knew of previous support calls the targets had made.

"Was DELL hacked...?? How did this 'helpful tech representative' have my contact info AND knowledge of my technical issue ???????" one person posting on Dell's website in July asked. "DELL??? HELLO ????"

Six months later, Dell still hasn't answered. In a series of e-mail exchanges, Ars repeatedly asked Dell representatives if they had any reason to suspect the scammers hacked or otherwise breached Dell security to obtain the customer data. The representative acknowledged the ongoing scam and pointed to this advisory Dell officials issued in October. Among other things, the advisory requests anyone who receives such a call to report it using a link on Dell's website.

"Protection of our customers' data is a top priority for Dell," the spokeswoman wrote. "We ask our customers keep in mind, we do not make unsolicited calls asking to charge to fix an issue they did not report or previously request help with unless they have signed up for our premium support services like Dell Tech Concierge, Dell Premium Support or Dell ProSupport services."

The spokeswoman, however, didn't answer the question Ars asked repeatedly—did Dell officiaOne theory that partially answers the question is that the scammers exploited a vulnerability that became public in November. It resided on Dell PCs that came pre-installed with digital certificates that made it easy for attackers to cryptographically impersonate any website on the Internet. The same certificate, it turned out, also allowed hackers to surreptitiously obtain the unique service tag Dell assigns to computers it sells.

The theory still doesn't explain how scammers obtained contact information and support histories. The vulnerability, however, does demonstrate the plausibility that hackers could have devised a way to obtain personal details belonging to Dell customers. For the time being, owners of Dell computers should presume their support histories and purchase and contact information has been compromised, and act accordingly.ls have any reason to believe its customer data had been compromised, and if not, how did they believe the scammers had access to serial numbers, contact information, and past support calls.

Twitter hires Apple exec to be its new diversity chief

Twitter is hiring a former Apple executive to become its new vice president for diversity and inclusion, after facing harsh criticism in the past few months for its non diverse workforce.Jeffrey Siminoff is replacing Janet Van Huysse, who held the position at the social network for six years. Twitter's head of human resources Brian Schipper tweeted the announcement on Monday .Siminoff tweeted Monday he's "super excited" to be joining Twitter sometime next month. He was Apple's director of worldwide inclusion and diversity for more than two years,according to his LinkedIn profile. Siminoff also led global diversity and inclusion efforts at Morgan Stanley for three years. He's also a founding member of Out Leadership, a global LGBT leadership organization.Twitter did not immediately respond to a request for comment.Van Huysse tweeted Monday that after "6 incredible years, it's time for my next chapter."

Siminoff will likely work quickly to make the San Francisco-based micro blogging service more diverse. In November, a former high-ranking Twitter engineer who is black publicly questioned the company's commitment to diversity. The topic remains a thorny issue across Silicon Valley as Twitter and other tech giants including Apple, Facebook and Intel are wrestling with how to make their male-dominated and largely white work forces more inclusive.

Last month, former Twitter engineer Leslie Miley, wrote in a blog post that the lack of African-Americans, Hispanics and women on Twitter's engineering team is hurting the company. He cited a Pew Research Center survey that revealed about a quarter of African-Americans and HisTwitter's current USworkforce is 2 percent African-American and 4 percent Hispanic, while women make up 13 percent of its ranks globally. The social network has said it wants to increase minorities in tech jobs in the United States to 9 percent and in leadership roles to 6 percent.

During a ceremony this month honoring those trying to make the tech industry more inclusive, Twitter CEO Jack Dorsey said his company wants to be as diverse as its 320 million global users.

"We really need to be reflective of the people that we serve, what their concerns are, how they want to participate in the world, what communities they're a part of and build tools to make their lives easier," he said panics online said they use Twitter, a sharp contrast to the company's employee ranks.

BBC goes offline kin NYE attac

Users received an error message and the broadcaster said on Twitter the outage was due to technical problems.

BBC later apologised for the outage.

“The BBC website is now back up and operating normally. We apologise for any inconvenience you may have experienced,” a spokesperson said.A news story posted on the website said it had been due to a “distributed denial of service” attack in which a website is swamped with more traffic than it can handle.

This is a relatively common way to target a website and temporarily make it inaccessible.The reported attack hit a wide range of BBC websites and also affected the iPlayer and iPlayer Radio services.The corporation’s televised news service and live radio services remained on the air.

Twitter, Politwoops reach deal: Archive can again surface politicians' deleted tweets

Call it "The Case of the Missing Tweet." A politician sends out a controversial remark using Twitter. Then lo and behold, when public outcry begins, the tweet is suddenly nowhere to be found. It's been deleted.Now though, thanks to an agreement between Twitter and a pair of government-transparency groups, you'll again have access to a website that archives those tweets to make sure they're part of the public record. Twitter announced the deal this week.

The site, Politwoops, was disrupted earlier this year when Twitter stopped giving it access to code that made preservation of the tweets possible. The social network said at the time that it supported "increasing transparency in politics and using civic tech and open data to hold government accountable to constituents." But it also said that saving and publishing deleted tweets broke its rules and violated its users' privacy.

The Netherlands-based Open State Foundation, the transparency group behind the site, and the US-based Sunlight Foundation, which runs Politwoops in the states,responded with an open letter in September calling for restoration of access. The groups argued that a citizen's right to information outweighs a political figure's right to retroactively edit a statement.

The conflict raised the question of what counts as a public record in the Internet era. It also highlighted the ease with which a careless user of social media can get into hot water. One example: Last July, a worker for Donald Trump's campaign inadvertently included a picture of Nazi soldiers in a patriotic photo-collage tweeted and deleted by Trump's account. In 2014, several politicians deleted tweets that had shown support for a US Army soldier who'd been help captive by the Taliban but was later charged by the Army with desertion.

In its post about the agreement Thursday, San Francisco-based Twitter gave no details, but it quoted remarks made by CEO Jack Dorsey during the social network's conference for software developers this past October."We have a responsibility to continue to empower organizations that bring more transparency to public dialogue, such as Politwoops," Dorsey said at the Flight conference. "We need to make sure we are serving all these organizations and developers in the best way, because that is what will make Twitter great. We need to listen, we need to learn, and we need to have this conversation with you. We want to start that today."

In its own online statement, the Open State Foundation said the deal was the result of several meetings with Twitter since Dorsey's remarks.It's not clear when Politwoops will again start posting deleted tweets. An online statement from the Sunlight Foundation said that "in the coming days and weeks, we'll be working behind the scenes to get Politwoops up and running." The Open State Foundation said in its statement that in the "coming months" it will relaunch Politwoops in the more than 30 countries in which it had been available and that it will look to add more countries to the list.