The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Department of Energy (DOE), the Environmental Protection Agency (EPA), the Transportation Security Administration (TSA), the Department of Transportation (DOT), and the U.S. Department of Agriculture (USDA) recently issued an alert warning of

malicious cyber activity targeting U.S.-based automatic tank gauge (ATG) systems. ATG systems are widelyused throughout the Energy, Chemical, Food and Agriculture, and Transportation Systems Sectors forautomated and remote monitoring of storage tank parameters, including fuel and liquid levels,temperature, and possible leak detection. The authoring organizations urge ATG owners and operators todefend against this malicious activity by securing their ATG systems with strong passwords and byremoving them from the internet to reduce public exposure.

According to the alert, the recent malicious cyber activity “involves cyber threat actors compromising internet-exposed ATG systems and subsequently modifying them through command execution.”

This means that cyber actors could “disrupt or manipulate the below critical functions by interfacing directly with the tank management as though they possessed legitimate physical access to the system console.”

This would enable the threat actors to:

  • Alter system(s) attributes, such as network settings, product identifiers, tank volumes, and pump controls;
  • Compound operational malfunctions; components operating incorrectly could create a denial of view condition of tank fill levels, which could cause permanent damage to the tank system’s critical function;
  • Disable system alerts, reducing an operator’s ability to detect and mitigate system issues increases the risk of environmental or physical hazards from incidents such as leaks or relay failures.

The alert provides mitigation steps which should be implemented immediately.

On May 5, 2026, the parties in In re Doxim, Inc. Data Security Incident Litigation (E.D. Mich. June 13, 2024), filed a proposed $5.5 million class action settlement arising from a cyber incident involving Doxim, a software provider serving credit unions, wealth management service providers, and banking sectors in the United States and Canada.

Doxim detected suspicious activity on December 30, 2023, in the part of its network supporting credit union services. It later determined that files had been removed from its network and that those files included names, mailing addresses, account numbers, and/or Social Security numbers. Doxim began notifying affected individuals on approximately May 31, 2024.

In the litigation that followed, Plaintiffs alleged that Doxim failed to implement and maintain reasonable safeguards, failed to comply with industry-standard data security practices, failed to properly train employees, failed to timely detect the unauthorized access, and failed to timely notify impacted individuals. The proposed settlement class includes 1,100,911 individuals identified by Doxim’s records.

The case illustrates how a vendor incident can become a customer-data incident. If a service provider processes, stores, or transmits sensitive customer information, a breach at the service provider can still affect the organization’s customers and create risk around whether reasonable safeguards were in place, whether the vendor followed industry-standard security practices, whether employees were properly trained, and whether unauthorized access was timely detected and disclosed. For organizations using vendors to handle sensitive customer data, the diligence question is not only whether the vendor can perform the service, but whether it has appropriate safeguards for the data it receives.

A member of Kaiser Permanente, an integrated managed care consortium headquartered in Oakland, California, has asked a federal judge in Seattle to certify nationwide classes and California subclasses in a privacy lawsuit against Microsoft and Qualtrics over tracking technologies allegedly embedded in Kaiser’s website and patient portal. The plaintiff, identified as Jane Doe, claims that Microsoft’s Universal Event Tracking tool and Qualtrics’ website technologies secretly collected sensitive information from Kaiser members as they scheduled appointments, reviewed test results, searched health topics, and managed care through Kaiser’s online services.

The proposed classes would cover current and former Kaiser members whose health information or other private data was allegedly collected by Microsoft and Qualtrics without their knowledge or consent. The plaintiff is pursuing claims for invasion of privacy and intrusion upon seclusion, along with California-specific claims under the California Invasion of Privacy Act (CIPA) and Unfair Competition Law. In seeking class certification, she argues that the alleged collection practices were common across Kaiser’s website and treated users’ data in the same way, making the case appropriate for class-wide resolution.

The case is another reminder that litigation over pixels, tags, SDKs, and other website tracking tools in healthcare settings remains very active. Although the court previously narrowed the suit by dismissing certain claims, it allowed core privacy theories to proceed. The next major question is whether the plaintiff can show that the alleged data collection practices are sufficiently uniform across Kaiser users to support class treatment. For healthcare organizations and their vendors, the case underscores the importance of understanding exactly what third-party code collects, where that data goes, and whether the organization has a defensible basis for using those tools in patient-facing digital environments.

AI giant Anthropic has suggested that the world temporarily “pause” on AI development because of AI tools’ ability for “‘recursive self-improvement’– that is, being able to make better and more powerful versions of itself. Recursive self-improvement is a bugbear of AI safety researchers, viewed as the key step for AI to become superintelligent and therefore unleash widespread consequences on humanity.”

Anthropic’s post cautioned of a “trend” of increasing capability in its product Claude which, “taken far enough and given enough compute … points to an AI system capable of fully autonomously designing and developing its own successor.” As a result, there is a risk of “humans losing control over AI systems.”

Anthropic is proposing that “policymakers, researchers, civil society and other AI companies” collaborate and meet to “help answer some of the questions this piece raises..

This warning follows on the heels of Anthropic’s previous warning about the capabilities of Mythos, causing it to pull its public release.

When an AI company warns the world that it needs to pay attention to the risk of technology, it is probably worth consideration.

AI governance is often discussed through the lens of policies, frameworks, and responsible AI principles. Those tools matter, but they are not where many of the most important AI decisions are actually being made. In practice, AI governance is increasingly happening in contracts. Vendor agreements now decide who can use data, whether customer inputs may be used for training, what rights exist around outputs, what evidence a vendor must provide, and when a customer can suspend or terminate use. Those are not just legal terms. They are operational controls.

This shift matters because AI contracts are moving from broad, aspirational language to more specific governance mechanisms. The most important example is training rights. Using data to provide a service is very different from using data to improve a model, and both are different from using that data to improve a model offered to other customers. When agreements blur those distinctions, they quietly allocate risk and value in ways that may not be obvious. Clear definitions of inputs, outputs, training, fine-tuning, and permitted use are now central to responsible AI contracting.

The practical takeaway is simple: if you want to understand an organization’s AI governance posture, read its contracts. Strong agreements do more than prohibit risky conduct. They create verifiable controls, event-based audit rights, traceability, escalation paths, and clear permissions. In many cases, better contracts can move deals faster because they give legal, security, procurement, and business teams concrete terms to evaluate. AI governance has not disappeared. It has moved into the agreement, and that is where organizations need to focus their attention.

For organizations of all types and sizes, the next step is to treat AI contract review as a core part of AI governance, not a back-end procurement exercise. Before adopting or renewing an AI tool, make sure the agreement clearly answers the key governance questions: what data can be used, for what purpose, with what limits, and with what accountability if something goes wrong.

I apologize that this post is not light reading. It’s critically important to know what the threats are so you can avoid becoming a victim.

Although disconcerting, it is crucial to know what has happened in the first half of this year. TechCrunch recently issued a report outlining the worst breaches of 2026—so far:

  • DOGE’s massive swipe of Social Security data (I’ve discussed this  in numerous posts)
  • Hackers increased targeting of water systems and energy grids (discussed here)
  • Iranian government hackers attacking Stryker with a destructive device hack (ditto)
  • ShinyHunters’ disruptive hacking campaign against Instructure, among other targets (ShinyHunters has been a frequent subject of our posts)
  • The supply chain under attack, targeting open-source projects and big tech companies
  • FBI’s surveillance system breach, sparking a “major cyber incident“
  • Hasbro’s hack leading to weeks of downtime
  • Exposure of millions of passports and driver licenses

What can we learn from these trends?

According to TechCrunch, “the attacks are getting bolder, more destructive, and harder to contain.” The trends confirm that as technology advances, so must defenses equally. Cybersecurity measures must be sophisticated enough to block attackers so they will move on to the next victim. A mature cybersecurity posture, both personally and professionally, must be a priority to prevent becoming victimized. In a world of geopolitical discontent, cyber attackers serve as warriors for nation states, and at the same time, our own government is failing to protect our data and our warriors’ data. Unfortunately, the Cybersecurity and Infrastructure Security Agency’s funding has been decimated, so we are left to our own devices (pardon the pun).

We need to take greater responsibility for protecting our own information while demanding stronger safeguards from our government, especially for the sensitive data of current and veteran military personnel. Additionally, private companies must also do more to prevent exposure. Robust cybersecurity programs across individuals, government, and the private sector are essential. This is no longer a future concern; it is reality. Without collective action, the second half of 2026 will bring more of the same.

A new report by Wired states that customer data from “more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.” According to the report, travelers’ information and booking data may have been stolen from the hotels and are being used by threat actors to launch social engineered phishing schemes.

These scams are effective because they exploit trusted brands and impersonate legitimate guest relations professionals. Victims are contacted about travel they have booked—or plan to book—through messages that appear to come from a hotel, reservation platform or guest services team. These messages often include accurate booking details to build credibility and redirect the victim to a fake guest portal or payment verification page. The victim is told there is an issue with payment and that the booking will be cancelled in the next 24-48 hours if it is not resolved. Once redirected to the fake guest portal or payment verification page, the victim is prompted to enter their credit card information which is transmitted directly to the threat actor. In many cases, victims do not realize they have been targeted until weeks or months later.

Here is a great summary of how the scam works if you want more information.

Tips to prevent becoming a victim include:

  • Do not respond directly to unsolicited emails, phone calls, texts, or instant messages. If you’ve received a request for additional payment or payment information, reach out to the company you booked through directly via information on their website or in your booking confirmation.
  • Watch out for pressure tactics. Legitimate businesses do not call or send text messages pressuring you to act immediately. They also will not demand payment with a different payment method from the one you used to book your reservation.
  • Secure your accounts after a breach. If you receive a notice that you were impacted by a data breach, take the time to change your passwords and check for suspicious activity, like unauthorized payments or logins. Setting up two-factor authentication can also help to better protect your accounts.

A California court just gave companies facing website tracking claims under the California Invasion of Privacy Act (CIPA) a very helpful ruling. In Blaker v. NetScout Systems, Inc., Case No. 25STCV31283 (May 27, 2026), the plaintiff claimed that NetScout violated California’s trap-and-trace law by using a software development kit (SDK) on its website that allegedly captured visitor communications without notice or consent. The court rejected that theory, finding that CIPA’s pen register and trap-and-trace provisions apply to telephone communications only, not ordinary software on a commercial website. 

That distinction matters because many recent CIPA claims try to take laws originally aimed at telephone surveillance and apply them to common website technologies, including SDKs, pixels, analytics tools, and other tracking tools. The court looked closely at the statute and found that the broader words plaintiffs often rely on, such as “addressing” and “signaling information,” have to be read alongside the statute’s more telephone-focused terms, like “originating number,” “dialing,” and “routing.” The court also pointed to related provisions that refer specifically to the “telephone line” where a pen register or trap-and-trace device would be attached, which made it hard to square the plaintiff’s website theory with the statute as a whole. Additionally, since the internet was already widely used when these provisions were enacted in 2015, the court said lawmakers could have said the law applied to commercial websites if that is what they intended. 

For businesses, this is a big decision because it gives defendants a clear, common-sense response to one of the main theories behind these CIPA website tracking cases: a website tool is not automatically the same thing as a telephone trap-and-trace device. The ruling is also notable because the court sustained NetScout’s demurrer without leave to amend, meaning the plaintiff was not given another chance to rework the complaint. This does not mean every CIPA website tracking case goes away, but it gives companies a strong new argument to push back when plaintiffs try to stretch telephone surveillance laws to cover routine website technology.

On May 27, 2026, Connecticut Governor Ned Lamont signed Senate Bill 5 (“the Bill”) into law, creating a broad framework for artificial intelligence oversight in the state. The Bill reaches beyond any single category of AI use and touches consumer disclosures, employment tools, AI companions, synthetic media, workforce issues, state agency AI use, and privacy-related governance. The law is relevant not only to technology companies, but also to employers and businesses in Connecticut that use AI-enabled tools in their ordinary operations.

The Bill defines “artificial intelligence” as “any machine-based system that, for any explicit or implicit objective, infers from the inputs such system receives how to generate outputs, including, but not limited to, content, decisions, predictions or recommendations, that can influence physical or virtual environments.” That broad definition may capture a wide range of tools businesses already use, including systems for hiring, customer engagement, analytics, content generation, fraud detection, personalization, and internal productivity. The Bill is a reminder that AI governance cannot be limited to high-profile AI projects. It should also include vendor tools and embedded automated features that may already be operating across the business and that could constitute AI under the statute.

The employment provisions are especially notable. The Bill regulates “automated employment-related decision technology,” defined as technology that processes personal data and uses computation to generate an output, such as a prediction, recommendation, classification, ranking, or score, that is a substantial factor used to make or materially influence an employment-related decision. Employers using these systems should pay close attention to notice obligations before covered employment decisions are made. Required notices must address the purpose of the technology, the nature of the employment decision, the trade name of the technology, the categories and sources of personal data analyzed, how the data will be assessed, and contact information for the deployer. These requirements are likely to require coordination among legal, HR, procurement, and IT teams.

Senate Bill 5 also targets AI systems that interact directly with consumers. An “artificial intelligence companion” includes AI with a natural language interface that provides adaptive, human-like responses and can sustain a relationship across multiple interactions. Operators must generally provide disclosures so users understand they are communicating with an AI companion, not a human being. Operators must also implement protocols to detect and address user expressions indicating suicide, self-harm, or imminent physical violence, including referrals to appropriate mental health resources. In doing so, Connecticut joins other states such as California, Washington, and Iowa in regulating AI chatbots and companion platforms, particularly where the technology may influence vulnerable users such as minors or blur the line between human and automated interaction.

The law further addresses AI-generated media. Covered providers of certain generative AI systems must include provenance data in audio, image, or video content created or materially altered by those systems and must use reasonable methods to make that provenance data difficult to tamper with, remove, or disassociate from the content. This requirement fits within a broader trend toward transparency obligations for AI-generated media.

The Bill establishes staggered effective dates—many provisions take effect on October 1, 2026, although key employment deployer obligations apply to covered deployments on or after October 1, 2027. AI companion requirements take effect on January 1, 2027. Businesses operating in Connecticut should begin by inventorying AI tools, mapping where personal data is processed, reviewing vendor roles, and updating AI governance before the Bill’s staggered compliance dates arrive.

If you are a Signal user, be on the alert for a new phishing campaign that attempts to steal recovery keys used to access cloud backups.

If successful, the attackers could have access to entire message archives, conversations, photos and documents shared through the Signal platform. Signal is often used for highly sensitive communications, so the threat is real and could be significant.

The attackers are using fraudulent messages impersonating Signal Support, telling users that their account data is at risk because of a synchronization problem and directing users to retrieve their backup recovery key from the Signal app and paste it into the conversation. The message tries to scare users by telling them that sharing the key is to prevent permanent data loss and creates a sense of urgency.

Signal will never ask users to share credential information and will not proactively contact users asking for passwords or recovery keys, so if you receive such a request, you should know it is malicious. Cyber Insider suggests the following tips to reduce becoming victimized by this latest scheme:

  • Never share a Signal recovery key, registration code, or PIN with anyone.
  • Treat unsolicited messages claiming to be from “Signal Support” as suspicious.
  • Verify account warnings directly within the Signal application rather than through links or instructions received in messages.
  • Enable Registration Lock and other account-protection features offered by Signal.
  • Store recovery keys and PINs securely in a password manager or offline location.
  • Consider using disappearing messages to reduce the amount of historical data available if an account is compromised.