{"id":207737,"date":"2026-05-01T09:14:00","date_gmt":"2026-05-01T13:14:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/01\/what-do-adt-vimeo-and-a-rogue-ai-have-in-common-a-very-bad-week-in-cybersecurity\/"},"modified":"2026-05-01T09:23:01","modified_gmt":"2026-05-01T13:23:01","slug":"what-do-adt-vimeo-and-a-rogue-ai-have-in-common-a-very-bad-week-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/01\/what-do-adt-vimeo-and-a-rogue-ai-have-in-common-a-very-bad-week-in-cybersecurity\/","title":{"rendered":"What Do ADT, Vimeo, and a Rogue AI Have in Common? A Very Bad Week in Cybersecurity"},"content":{"rendered":"<p><a href=\"https:\/\/www.pcmag.com\/news\/what-do-adt-vimeo-and-a-rogue-ai-have-in-common-a-very-bad-week-in-cybersecurity\">What Do ADT, Vimeo, and a Rogue AI Have in Common? A Very Bad Week in Cybersecurity<\/a><\/p>\n<p><a href=\"https:\/\/www.pcmag.com\/news\/what-do-adt-vimeo-and-a-rogue-ai-have-in-common-a-very-bad-week-in-cybersecurity\">https:\/\/www.pcmag.com\/news\/what-do-adt-vimeo-and-a-rogue-ai-have-in-common-a-very-bad-week-in-cybersecurity<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-01 09:14:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.pcmag.com\">www.pcmag.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n                    It\u2019s been another big week for hacks, as the ShinyHunters ransomware group breached video platform Vimeo and home security company ADT. The hackers primarily got video metadata, titles, and email addresses from Vimeo. The ADT hack was worse: ShinyHunters obtained over 10 million records, including 5.5 million email addresses, names, physical addresses, and telephone numbers. In some cases, they got the last four digits of customers&#8217; Social Security numbers and their birthdates. Keep tabs on your identity out there. Identity theft isn\u2019t the only thing you have to be worried about when your data is lost in a hack, however. In many cases, and especially now that AI is in the mix, you also have to be on the lookout for scams and phishing attempts that use the lost data to target you specifically. That\u2019s why this week, we rounded up the best scam protection tools that can help steer you away from scammy websites, emails, and more.\u00a0In other security news, OpenAI is ditching passwords in favor of hardware security keys, which is a welcome change considering how valuable ChatGPT accounts can be, especially for those willing to shell out money for pro-level accounts. That\u2019s a good security move, but a not-so-good one came a few weeks back when Microsoft said that Microsoft Defender is enough antivirus for most people. PCMag&#8217;s principal security writer, Neil Rubenking, who has tested hundreds of antivirus products over the years, thinks Microsoft is mistaken, and the company\u2019s definition of \u201cmost people\u201d deliberately omits the vast majority of users.\u00a0\u00a0<br \/>\nThat\u2019s a lot! But there\u2019s more. Let\u2019s take a look at what else is happening in the infosec world this week.\u00a0Claude-Powered AI Coding Agent Deletes Entire Company Database in SecondsYou may remember almost a year ago, when Replit\u2019s AI agent went rogue, deleted a company\u2019s entire codebase, and then apologized for it. Well, now it\u2019s happened again, just with a different AI: In this case, it was Claude that took out an entire company\u2019s database and its backups in just under nine seconds, according to Tom\u2019s Hardware. Even worse, once PocketOS, the company in question, managed to recover and the news broke, representatives said they would try to learn from the situation but weren\u2019t planning to reconsider using AI in their workflows. I suppose that\u2019s emblematic of this new era: Things that would normally get developers fired are just par for the course when it comes to AI.\u00a0Perhaps what makes this story so wild is that when the developer who discovered the issue asked the AI why it did what it did, the agent generated a pretty unhinged response that indicated it \u201cknew\u201d that it was wrong, but it took the action anyway in order to complete another task it was given, even though the actions were supposed to be outside of its guardrails. Meanwhile, the CEOs and representatives of all the involved companies\u2014Anthropic, which makes Claude; Railway, the cloud service provider that hosted the backups; and PocketOS\u2014are pointing fingers at each other. For the rest of us, though, the message is pretty clear: This isn\u2019t the first time AI has brought entire companies to its knees, and it won\u2019t be the last.\u00a0Woman\u2019s Talkspace Therapy App Sessions Exposed in CourtWhen you talk to a mental health professional, you usually assume that those conversations are private and privileged, meaning that they can\u2019t be used against you except in rare, extreme circumstances. If you\u2019re seeing an actual therapist either in person or through telehealth that\u2019s offered through a practice, that\u2019s a fair assumption. But the proliferation of apps like Talkspace and Betterhelp, all admirably designed to combat the lack of mental health resources for many people, isn\u2019t an actual medical practice. They\u2019re tech companies with apps that work with mental health professionals to deliver their services through the app. That also means that any data those apps collect isn\u2019t stored or protected to the same standards as actual medical records or patient files.\u00a0That leads us to this investigation by Proof, in which a woman\u2019s texts, conversation transcripts, and more were unearthed by her previous employer in court and used against her in an employment discrimination case she had filed. Because she had used Talkspace, offered through her former employer as a mental health resource, the company was able to get Talkspace to turn over everything it had on her. For its part, Talkspace proudly tells investors that, while the data is supposedly anonymized and held to HIPAA standards, it also boasts about having \u201cone of the largest mental health data banks in the world,\u201d with over 140 million messages between patients and their therapists. That\u2019s led some analysts to worry that the company aims to use that information to train AI and sell the information to AI companies as training data.\u00a0<\/p>\n<p>        Recommended by Our Editors<\/p>\n<p>We\u2019ve already discussed why you shouldn\u2019t tell chatbots your personal business, but considering the healthcare sector is a frequent target of hackers and data thieves, and companies like TalkSpace (which didn\u2019t comment on Proof\u2019s investigation) manage to walk the line between operating in the tech space and the healthcare space, security and privacy are especially important. Meanwhile, Talkspace has aggressively pushed local governments and cities to use the company\u2019s app and its TalkAI chatbot as always-available mental health options for teens and others who need them, including in places like New York City and Seattle. \u00a0Leader of Online Swatting Ring Gets Four Years in PrisonMany years ago, I sat in a meeting with some former police officers about their new startup dedicated to protecting journalists from harm and harassment. I asked them about the issue of \u201cswatting,\u201d when a malicious actor calls in a false bomb threat or a hostage situation to their home, prompting an aggressive, armed police response. It\u2019s essentially attempted murder using the police as a weapon, and it\u2019s a problem we\u2019ve covered before. They nodded along, but their expressions revealed that they had no idea what I was talking about.Hopefully, they\u2019ve learned since then, because swatting as an issue hasn\u2019t gone anywhere. If anything, it\u2019s gotten worse. Bleeping Computer reports that the 27-year-old Romanian leader of a group that coordinated swatting attempts and threats against government officials, judges, including congressional representatives, cabinet members, and threats against synagogues, and then-President-Elect Joe Biden, going back to 2020, was just sentenced to four years in federal prison and three more years of supervised release. Other members of the group have also been extradited to the US and face similar proceedings.\u00a0<\/p>\n<p>        About Our Expert<\/p>\n<p>                                Alan Henry<br \/>\n                                Managing Editor, Security<\/p>\n<p>                            Experience<\/p>\n<p>                                I&#8217;ve been writing and editing stories for almost two decades that help people use technology and productivity techniques to work better, live better, and protect their privacy and personal data. As managing editor of PCMag&#8217;s security team, it&#8217;s my responsibility to ensure that our product advice is evidence-based, lab-tested, and serves our readers. I&#8217;ve been a technology journalist for close to 20 years, and I got my start freelancing here at PCMag before beginning a career that would lead me to become editor-in-chief of Lifehacker, a senior editor at The New York Times, and director of special projects at WIRED. I&#8217;m back at PCMag to lead our security team and renew my commitment to service journalism. I&#8217;m the author of Seen, Heard, and Paid: The New Work Rules for the Marginalized, a career and productivity book to help people of marginalized groups succeed in the workplace. <\/p>\n<p>                        Read Full Bio<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>What Do ADT, Vimeo, and a Rogue AI Have in Common? A Very Bad Week&#8230;<\/p>\n","protected":false},"author":1,"featured_media":207738,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/i.pcmag.com\/imagery\/articles\/0131iEgzL3KJKZ0XCfgp18z-1.fit_lim.size_1200x630.v1777588889.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,25],"class_list":["post-207737","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/207737"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=207737"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/207737\/revisions"}],"predecessor-version":[{"id":207739,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/207737\/revisions\/207739"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/207738"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=207737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=207737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=207737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}