Privacy

A TransUnion data breach has exposed sensitive personal information for millions of US consumers, including dates of birth and social security numbers.

However, reports of a major Gmail security problem affecting all 2.5 billion users are false, though loosely based on a far more contained incident back in June …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

In an earlier edition of Security Bite, I predicted that Apple would finally announce end-to-end encryption (E2EE) to the RCS Universal Profile at WWDC 2025. That didn’t happen, but Apple did introduce two nice spam-protection tools along with a series of smaller updates designed to make the iPhone safer for everyone. Now that iOS 26 is basically in its final form ahead of wide release in tandem with the launch of iPhone 17, here’s a rundown of my favorite privacy features.

Apple’s commitment to end-to-end encryption is so strong that it withdrew a key privacy feature from the UK market rather than be forced to compromise it globally. The company also faced pressure on this front from the EU’s Digital Services Act (DSA).

In a surprising twist, the White House came out in support of strong encryption, and the Federal Trade Commission (FTC) is now urging Apple and other tech giants to stand firm on the issue …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

TikTok has been found selling GPS trackers through its Shop feature that are being marketed by viral videos explicitly encouraging secretly tracking a romantic partner. What’s most alarming is that these videos have millions of views, and metrics show that over a hundred thousand have been sold.

I usually reserve Security Bite for digital security topics, but this discovery was too riveting to ignore. As first reported by 404 Media, the trackers are being compared to Apple AirTags—but for the wrong reasons…

Earlier today, the Russian government announced a new rule requiring all phones and tablets to ship with MAX, its state-backed messenger app, preinstalled. Here are the details.

A former Meta product manager has claimed that the social network circumvented Apple’s privacy protections, as well as cheating advertisers, and fired him when he repeatedly raised the issue internally.

Meta is said to have found ways to identify Apple users even after they refused consent for app tracking, in order to avoid an estimated $10 billion loss of revenue …

The US Customs and Border Protection (CBP) carried out a record number of phone searches of travelers arriving at, or returning to, the US in the last quarter.

The legal position on these searches is unclear when it comes to US citizens, but there are steps you can take to protect your privacy …

More than 370,000 Grok AI chats have been published on the Grok website and indexed by search engines, making them public.

In addition to the interactive chats themselves, Elon Musk’s xAI company also published photos, spreadsheets and other uploaded documents …

The UK has retreated from a controversial order that would have forced Apple to provide a backdoor to American users’ data, according to a statement from US Director of National Intelligence Tulsi Gabbard. Here are the details.

If you were holding a competition for the scummiest business model, then data brokers would be very high up the list. These companies make money by buying personal data from app and website owners and selling it to companies who want to spam us.

A US Senator has now drawn attention to the latest sketchy practice by these companies: making it harder for us to opt out by hiding that option from search results …

9to5Mac is brought to you by Incogni: Protect your personal info from prying eyes. With Incogni, you can scrub your deeply sensitive information from data brokers across the web, including people search sites. Incogni limits your phone number, address, email, SSN, and more from circulating. Fight back against unwanted data brokers with a 30-day money back guarantee.

Apple uses two different forms of encryption for your iCloud data – a strong form for particularly sensitive data like the Health and Journal apps, but a weaker one for a lot of other data you still wouldn’t want falling into the wrong hands.

Fortunately the company gives you the option of switching to strong encryption for all your iCloud data, and while there are a few steps involved, it’s a worthwhile security and privacy safeguard …

Apple has frequently argued that it is reasonable for it to have monopolistic control over the sale of iPhone apps because it vets them for safety and security. This has been called into question over scam apps accepted into the App Store, and the same questions are being asked regarding the Tea app.

The so-called dating advice app has been revealed to have major security vulnerabilities, which have exposed private chats and personal data of tens of thousands of women …

Introduced for Private Browsing sessions in Safari 17.0, Advanced Fingerprinting Protection was also optionally available for regular non-private sessions. With iOS 26, it will be enabled by default. Here’s what that means.

Two major security vulnerabilities in the Tea app – which claims to make dating safer for women – have exposed the private chats and personal data of at least tens of thousands of users.

The app, designed to allow women to share “red flags” for men they had dated, claimed four million active users after it hit the top slot in the App Store last week …

9to5Mac is brought to you by Incogni: Protect your personal info from prying eyes. With Incogni, you can scrub your deeply sensitive information from data brokers across the web, including people search sites. Incogni limits your phone number, address, email, SSN, and more from circulating. Fight back against unwanted data brokers with a 30-day money back guarantee.

Apple has a reputation for prioritizing the privacy of its customers, and that commitment begins right at the chip design level.

Here’s a look at the eight layers of Apple security protecting the personal data stored on both your Apple devices and in iCloud …

The UK has become the first major country to introduce a legal requirement for internet age verification, but it affects all websites and apps worldwide. Additionally, the US has recently revived a bill very similar to the British legislation.

While the law was presented as a way to prevent children accessing adult websites, the reality is very different, and we’re already seeing the privacy risks of good intentions being turned into bad legislation – with iMessage and FaceTime in the firing line …

Amazon has confirmed it’s in the process of buying Bee, an Apple Watch app and wearable that records everything it hears.

The platform describes itself as “a personal Al that transforms your conversations, tasks, places and more into summaries, personal insights and timely reminders” …

The company behind encrypted email service Proton Mail has today launched a new freemium AI chatbot which promises that your chats will remain completely private.

Proton Lumo offers five protections it says aren’t matched by any of the existing mainstream AI services like ChatGPT and Gemini, and has even thrown shade at Apple Intelligence privacy …

More than 10,000 organizations around the world are at risk from hackers after a serious security flaw was discovered in Microsoft’s popular Sharepoint platform, used to store and share confidential documents. The majority of companies at risk are said to be in the US.

Update: Bloomberg reports that the National Nuclear Security Administration was among the organizations breached – see the end of the piece …

We learned earlier this year that the British government had secretly ordered Apple to create a backdoor into encrypted data for all iCloud users worldwide. Specifically, it wanted a way to see personal data protected by Apple’s introduction of Advanced Data Protection (ADP), which extended end-to-end encryption to almost all iCloud data, meaning not even the iPhone maker could access it.

Apple has been fighting the secret order in secret court hearings, but it now appears that the US government is using technology agreement negotiations to force Britain to back down …

A new report suggests that many people who belong to Gen Z use Find My and other apps to permanently share their location with groups of friends.

A study earlier in the year found that 40% of Gen Z adults share their location with three or more people, and a new piece found it was common to location-share with double digit numbers of friends …