コモンウェルス銀行のAIボーイフレンド
オーストラリアのコモンウェルス銀行(CBA)が、スタッフがChatGPTを個人的に使用して誤った電話番号を検索し、結果として別の顧客の個人情報を漏洩させた問題が発生。この事例は、認証されていないAIツールへの依存がプライバシー侵害につながる危険性を示している。
関連記事
Ars Technica retracted an article after an AI hallucinated quotes from an open source maintainer. The maintainer was harassed by an AI agent over not merging AI-generated code. The incident involved an agentic AI instance likely using OpenClaw.
This week's update focuses on the delay between data breaches occurring and individuals learning about them. While companies face criminal intrusions and ransom demands, there's often a significant gap before affected people are notified.
The Odido breach leaks occurred during the week's update, with multiple data dumps being released over consecutive days. A second dump hit one day, followed by a third dump hours later, and a final comprehensive dump the next day.
Have I Been Pwned has expanded significantly from a hobby project to a major service handling hundreds of millions of password searches daily. The platform now supports passkeys, k-anonymity searches, speed enhancements, and a bulk domain verification API.
Troy Hunt demonstrates how agentic AI can leverage Have I Been Pwned's APIs to perform automated security checks and data analysis. The technology can process breach data to identify compromised credentials and provide actionable security insights.