7-Eleven has confirmed a data breach that exposed the personal information of over 185,000 individuals. The incident was disclosed in a filing with the state government, detailing the types of data compromised. Affected data includes names, dates of birth, postal addresses, and Social Security numbers, according to the filing.

The breach was discovered during a routine security review, the company stated. 7-Eleven has not yet disclosed the exact method of the breach or how long the attackers had access to the systems. The company is working with law enforcement and cybersecurity experts to investigate the incident.

Customers whose data was compromised are being notified by mail. 7-Eleven is offering affected individuals free credit monitoring and identity theft protection services for a period of one year. The company has also set up a dedicated call center to answer questions from concerned customers.

The breach appears to have targeted a specific database containing personal information. 7-Eleven has since implemented additional security measures to prevent future incidents. The company urged customers to remain vigilant and monitor their financial accounts for suspicious activity.

This incident adds to a growing list of data breaches affecting major retailers. 7-Eleven operates over 70,000 stores globally, though the breach appears to be limited to its U.S. operations. The company has not disclosed the exact number of affected stores or the timeframe of the breach.

7-Eleven has not yet provided a timeline for when the breach occurred or when it was first detected. The company stated that it is cooperating fully with authorities and will provide updates as the investigation progresses. Customers are advised to change their passwords and enable two-factor authentication on their accounts.

The company emphasized that it takes data security seriously and apologized for the inconvenience caused. 7-Eleven is reviewing its security protocols and investing in additional safeguards to protect customer data. The breach is a reminder for consumers to regularly monitor their personal information for signs of misuse.

An Israeli cybersecurity firm has identified Iranian government-backed hackers as the perpetrators behind a series of data breaches attributed to the fake hacktivist persona 'Ababil of Minab'. The breaches began after the start of the war in Iran, according to the firm's report. The Los Angeles transit system was among the targets, suffering a breach that took weeks to fully recover from.

The hackers, operating under the guise of hacktivists, have claimed responsibility for multiple data breaches since the conflict began. The Israeli firm's analysis traced the attacks back to Iran's government, linking the persona to state-sponsored cyber operations. The Los Angeles transit system breach disrupted services and required extensive recovery efforts.

The transit system did not immediately comment on the attribution, but officials previously acknowledged the breach and the prolonged recovery process. The hackers claimed to have stolen sensitive data, though the extent of the compromise remains unclear. The Israeli firm's report provides technical evidence connecting the attacks to Iranian state actors.

Ababil of Minab first emerged as a hacktivist group claiming to target Israeli and Western entities. However, the cybersecurity firm's investigation revealed that the group's operations align with known Iranian cyber espionage tactics. The Los Angeles transit system breach is one of several incidents attributed to this group since the war began.

The recovery process for the transit system involved restoring systems and securing networks, taking weeks to complete. Officials have not disclosed the full impact on operations or passenger data. The Israeli firm's findings underscore the ongoing threat of state-sponsored cyber attacks disguised as hacktivism.

The breach highlights the vulnerability of critical infrastructure to sophisticated cyber attacks. The Los Angeles transit system has since implemented additional security measures to prevent future incidents. The Israeli firm continues to monitor Ababil of Minab's activities, warning that further attacks are likely.

The attribution of the breach to Iranian hackers adds to tensions between Iran and Western nations. The Israeli firm's report has been shared with relevant authorities. The Los Angeles transit system has not confirmed the attribution but has cooperated with cybersecurity experts to address the breach.

As of now, the transit system has fully recovered from the breach, with no further disruptions reported. The Israeli firm's analysis provides a detailed account of the hackers' methods and connections. The incident serves as a reminder of the persistent cyber threats facing public infrastructure.

The earliest arrests under the Take It Down Act (TIDA) suggest that law enforcement can identify individuals illegally posting and selling nonconsensual sexualized deepfakes without extensive investigation. Last week, the FBI arrested two men after visiting porn websites and clicking on hashtags like #AI #Deepfakes or video titles such as "AI_tits" or "Ass_AI." The suspects were easily traced through these straightforward identifiers.

One suspect accused of violating TIDA is 20-year-old Arturo Hernandez. He allegedly posted 113 albums that were viewed nearly a million times, featuring AI-generated sexualized images and videos of approximately 50 women. The victims included political figures, actresses, and musicians, as well as women who are not public figures, such as female individuals who attended his Texas high school and an Instagram friend.

The Take It Down Act, signed into law earlier this year, makes it a federal crime to publish or distribute nonconsensual intimate images, including deepfakes. The law provides for penalties including fines and imprisonment. The FBI's approach in these cases involved monitoring public-facing platforms for obvious indicators of illegal content.

Authorities noted that the suspects did not attempt to conceal their activities, using explicit hashtags and titles that made the content easy to find. This suggests that some perpetrators may not fully understand the legal risks or the ease with which law enforcement can track them. The FBI emphasized that even basic online surveillance can yield results in such cases.

The arrests highlight the growing challenge of AI-generated nonconsensual pornography, which has proliferated with advances in generative AI. Victims often face significant emotional distress and reputational harm, and the law aims to provide a mechanism for recourse. However, enforcement relies on proactive monitoring by agencies like the FBI.

Hernandez faces charges under TIDA, and the investigation is ongoing. The FBI has not disclosed the identity of the second suspect. The cases underscore the importance of public awareness about the legal consequences of creating and sharing such content.

The Take It Down Act also includes provisions for victims to request removal of content from platforms. Tech companies are required to respond to such requests within a reasonable timeframe. The law represents a federal effort to address the harms of nonconsensual deepfakes, which have become more common with accessible AI tools.

As of now, Hernandez is in custody pending trial. The FBI continues to investigate similar cases, urging the public to report suspected violations. The agency stated that it will use all available tools to enforce TIDA and protect victims from AI-generated abuse.

A third-party website handling UK visa applications exposed thousands of applicants' sensitive documents online. The portal leaked passports and selfies submitted as part of the application process. The company behind the site has not remedied the security flaw, opting instead to involve legal counsel.

The exposed data included high-resolution images of passports and facial photographs. These documents are typically required for identity verification during visa processing. The leak potentially compromised the personal information of numerous applicants.

Security researchers discovered the vulnerability and reported it to the company. Despite the notification, the company failed to patch the issue. Instead, they responded by sending attorneys to address the matter, leaving the data exposed.

The portal is used by applicants to submit required documentation for UK visas. The breach raises concerns about the handling of sensitive personal data by third-party vendors. Applicants may face risks of identity theft or fraud due to the exposure.

The company has not publicly acknowledged the leak or provided a timeline for a fix. The lack of action has drawn criticism from cybersecurity experts. They emphasize the importance of promptly securing such vulnerabilities.

UK visa authorities have not commented on the incident. It remains unclear how many applicants were affected. The portal continues to operate without the security flaw being addressed.

The company's decision to send attorneys instead of fixing the leak has been met with dismay. The incident highlights ongoing challenges in data protection within government-adjacent services. No official statement has been released regarding next steps.