Hackers Leak Stolen Data from Madison Square Garden

Meta is currently testing face-recognition software developed by Rank One, a supplier to the U.S. military and regional police departments, according to a WIRED investigation published this week. The company has been exploring the integration of facial recognition into its smart glasses, and earlier reports revealed that the accompanying app contained code,now removed,that would have allowed Meta to activate such features on the devices.

Meanwhile, Anthropic remains in talks with the Trump administration after concerns from the White House over the safety of its new public model, Claude Fable 5, reportedly led the company to pull the product from the market. Security experts warn, however, that advanced AI models capable of discovering and exploiting software vulnerabilities,essentially creating powerful hacking tools,will soon become widespread globally.

This week, a leak exposed the identities of members of Peter Thiel’s secretive ‘Dialog’ society, revealing over 200 prominent individuals registered for a retreat featuring panels on building a cult, sex, and preparing for World War III. WIRED also uncovered that the society employs a covert system for ranking its members.

The United Kingdom is set to begin scanning the faces of asylum-seekers for age verification, despite evidence that such tools are deeply flawed and can lead to life-altering errors.

On a lighter note, Knicks fans worldwide were able to watch Thursday’s ticker tape parade in New York City via traffic surveillance cameras streamed by artist Morry Kolman, showcasing a more positive use of surveillance technology.

And there’s more. Each week, we compile the top security and privacy news we didn’t cover in depth. Click the headlines to read the full stories. And stay safe out there.

The hacking and extortion group ShinyHunters has been loudly claiming a string of high-profile victims in recent months, including education tech firm Instructure,disrupting thousands of schools,photography company Kodak, and a key European human rights organization. This week, the group published data allegedly stolen from Madison Square Garden, according to a report from 404 Media.

The published data, reportedly containing millions of records across 45GB of files, includes potential personal information from customers and references players and coaches from the Knicks. The leak came shortly after the Knicks won their first NBA championship since 1973. A sample reviewed by 404 Media included a file purportedly listing “talent,” including Knicks members.

WIRED has previously reported on Madison Square Garden’s extensive use of surveillance technologies, including face recognition systems. Alleged emails in the stolen data viewed by 404 Media include a complaint from one individual about face recognition technology. MSG did not respond to requests for comment, and after the story broke, a federal class action lawsuit was filed over the alleged data breach.

At least three bars in San Francisco’s Castro district, a well-known LGBTQ neighborhood, have been using face scanners at their entrances to collect detailed customer information. The bars rely on technology from Patronscan, an ID verification company, to capture facial images, names, and genders, according to Gazetteer SF, which visited bars using the system. Staff can also log instances of fighting, theft, or other negative behaviors, allowing face recognition to identify the person on future visits. This data can be shared through a “safety network” with other firms using the same technology, creating a widespread surveillance network.

For months, European governments and companies have been moving away from US technology, citing surveillance and security risks. This week, France’s domestic spy agency, the DGSI, announced it would stop using Palantir’s data and AI tools in the coming years, replacing them with software from French firm ChapsVision. “We must use our own AI models,” French prime minister Sébastien Lecornu said. “We cannot rely on tools developed by foreign powers. France must have its own tools.”

While France has been particularly aggressive in removing US technology from its public institutions,even building its own open source alternatives to Zoom and Microsoft Office,it is not the first European intelligence agency to choose ChapsVision over Palantir. Last month, Germany’s intelligence agency BfV announced it would adopt the French technology instead.

Apple’s ‘Hide My Email’ tool lets users generate random email addresses for private sign-ups to websites and apps, avoiding the need to share personal information. However, the company is changing how it creates these addresses. Currently, they all use the @icloud.com domain. Going forward, as reported by TechCrunch this week, Apple plans to use @private.icloud.com. The subtle shift could make it easier for companies to detect when users are employing the privacy-preserving service and demand an alternative email address.