Can Boston's innovation scene get its mojo back? The Globe's 2025 Tech Power Players say yes.

But the local tech scene has more than a chance to regain its buzz. And the road back to prominence goes through what investors say is the only area in technology that matters right now: artificial intelligence.
How — and how quickly — the
Boston, however, has an advantage, one captured by the
Globe'
s Tech Power Players, our annual list of the most consequential leaders in the region's innovation economy. In a word, it's diversity — an exceptional combination of academics, entrepreneurs, investors, and industries, ranging from software to clean energy to health care.
Advertisement
This diversity provides the talent and opportunity to not only advance foundational AI models that learn from vast troves of data, but also to develop applications that spread the benefits of AI to businesses and consumers — in ways that affect lives. Thanks to key leaders in the scene, that development is underway.
Advertisement
PathAI, a Boston company that has raised more than $250 million in VC funding, has trained AI models to help pathologists diagnose disease and pharmaceutical companies to develop treatments while improving laboratory workflows; the firm is led by physician-scientist-turned-CEO Andy Beck. Familiar Machines & Magic of Woburn,
Boston firm
Motional's IONIQ 5 robotaxi parked along the Boston Harbor.
Motional
The state's biggest industries, meanwhile, are looking to AI — and local tech firms — to make them more efficient, effective, and competitive. Boston Medical Center, for example, is experimenting with AI tools to schedule operating rooms, translate medical records into different languages, and take notes during doctor-patient conversations, allowing doctors to focus on care.
'When you put together health care with all the innovation in Boston,' says Joy Brown, BMC's chief digital information officer, 'you have the opportunity to change health care.'
When it comes to emerging technologies, the race often goes to the early, not just the swift. The question is whether Boston, which famously missed the personal computer wave and the interactive, social internet known as Web 2.0 (so long, Facebook!), is embracing AI too late.
The
Advertisement
The Bay Area accounted for 33 of the 50 companies on
Mikey Shulman, CEO and cofounder of Suno, in the company's Cambridge office.
Barry Chin/Globe Staff
'It's time for Boston to reinvent itself,' says Adrian Mendoza, founder and general partner of the Boston VC firm Mendoza Ventures. 'We've got to create an AI hub here.'
Mendoza and others in the tech community say the state should support AI on the scale of the vaunted biotech initiative, which was launched in 2008 and solidified Boston and Cambridge as the premier life sciences cluster.
Daniela Rus, director of the Computer Science and Artificial Intelligence Laboratory at MIT, says the key is creating compelling opportunities for local university graduates to stay here rather than take their smarts, ambitions, and startups to Silicon Valley and other places. One way to attract and keep talent here, she says, would be to provide startups low- or no-cost access to the massive — and expensive — computing power needed to build and train AI models.
Most important, Rus says, the state needs to go big. 'The moment is now,' she says, 'not 10 years from now.'
Rus is among those who say the
Advertisement
Sabrina Mansur, executive director of the Massachusetts AI Hub, the Healey administration's AI initiative, says the $100 million will be a catalyst to encourage partnerships between companies, industries, universities, and government. Massachusetts, she adds, can offer more than just money to AI entrepreneurs; the state presents the opportunity to work with industries such as robotics, clean energy, and biotech.
'This is where you come to change the world,' Mansur says.
Just look at the region's clean energy and sustainability sectors, which have some of the world's leading companies. Form Energy, cofounded by MIT materials scientist
A computer rendering of a commercial-scale fusion power plant that Commonwealth Fusion Systems plans to build in Virginia, not far from Washington D.C.
Commonwealth Fusion Systems
Is all this enough to change the trajectory of the local tech sector? Employment in Boston-area startups declined more than 4 percent last year, according to San Francisco VC firm SignalFire, while venture investment in local information technology companies fell to the lowest level in six years, according to PitchBook.
Advertisement
But local techsters say the region still has the key ingredients: talent and money. Universities, teaching hospitals, and growing companies continue to fight to attract the best and the brightest while venture capital remains a robust industry. Only California and New York have bigger VC sectors than Massachusetts, according to the National Venture Capital Association.
What Boston needs to become a stronger innovation hub are more successful home-grown companies, along the lines of tech stars HubSpot ($32 billion stock market value), Toast ($25 billion market value), and Klaviyo ($10 billion market value), says Jeff Bussgang, cofounder and general partner of the Boston VC firm Flybridge.
What it will take are determined founders, smart investors, and, ultimately, the approach of Red Sox slugger Rafael Devers.
'We just gotta keep swinging hard,' says Bussgang, 'and connect on one or two pitches.'
Explore the list by sector
Rob Gavin can be reached at

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Forbes

8 hours ago

• Forbes

If You Get This Message From Apple Or Google, It's An Attack

Delete all these messages. There's nothing a cyber criminal likes more than highly publicized events, sudden fear and a sense or urgency. And so last week's headlines that 16 billion passwords leaked in the 'largest ever data breach' hit the jackpot. That this 'opened access' to Apple and Google accounts, the most prized of all, just made it all the sweeter. The fact there's no new data breach impacting Google or Apple or Microsoft or Facebook is beside the point. This is an amalgamation of various breaches, collecting data from multiple sources including infostealers on PCs. But users reading the headlines will not realize and will understandably panic. This highlights the weakness in using passwords to secure accounts. Despite what you've read, the answer is not to reset or change all your passwords. It's to enable two-factor authentication on all your key accounts — especially the likes of Apple, Google, Microsoft, Facebook and Amazon. Better still, switch to passkeys where you can. But many everyday users are now at risk from attacks, whether or not their user names and passwords were in any of those breached datasets. Attackers will now send out emails pretending to be from Apple, Google or other brands, warning of the breach and linking to the public headlines and password reset advice. And those emails or texts will helpfully include a password reset link or a helpline number to call. We've already seen multiple attacks on Apple and Google users, with fake support emails or calls or texts warning that accounts are compromised and passwords need to be reset. These recent headlines are a surprise gift to those attackers. And so, a timely reminder that no major tech brand — Google, Apple, Microsoft and Facebook included — will ever reach out to you about an account security problem or to reset a password. If you receive any such message or call, it's an attack. Period. Google has asked me in the past to 'please reiterate to your readers that Google will not contact you to reset your password or troubleshoot account issues.' The same is true for all those others. It never happens. As the FBI says, 'legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals." Even if a message is so plausible that you can't ignore it, you must still delete it and access your account using the usual means. Online or using your app. If there's a password issue you'll be directed to a reset option. There won't be. Similarly, if you receive a call or a message to call back, do not respond. Access your account as normal. Google and Apple account details are the most valuable, granting access to many apps and services and the mobile phones that control our lives. But treat any messages from Microsoft or Facebook or any other brand in the wake of this 'breach' the same way. The key advice — to add 2FA or passkeys — will protect you even if a breach is new. The final advice is to avoid SMS 2FA — use another method if you can.

Yahoo

a day ago

• Yahoo

16 billion password data breach hits Apple, Google, Facebook and more — LIVE updates and how to stay safe

When you buy through links on our articles, Future and its syndication partners may earn a commission. The news of a massive 16 billion data breach that exposed login credentials from Apple, Google, Facebook has made record as one of the largest data breaches in history. Cybernews reports that records from over 30 databases have been stolen, with each containing up to 3.5 billion passwords from social media and VPN logins to corporate platforms and developer platforms. The recent data breach contains a massive amount of information that can affect billions of online account, as cybercriminals now have access to a mass amount of login credentials. This puts users at risk of further malicious behavior from phishing attacks, social engineering and identity theft. Here are the latest updates on what we know about the data breach, how to find out if you're affected and how to stay safe. Currently, nearly all major platforms have been affected by the breach, including Apple accounts (formerly Apple IDs), Gmail, Facebook accounts and GitHub as well as instant messaging platforms like Telegram and both commercial and government platform portals. The data appears to contain URLs, usernames and passwords. However, with the unfathomable size of the data that's been exposed, there's no way to tell how many accounts are currently under threat. The stolen data appears to come from several infostealers, and while the datasets are new, the sheer amount of info could also be from a mix of different datasets from previous breaches, including a database containing 184 million records discovered in May this year. With the 16 billion login credentials now being exposed, it's important to check if your account has been exposed and to stay safe. First, the best way to keep your account secure is to enable two-factor authentication (2FA). This will stop threat actors from easily accessing your online accounts, as a second form of authentication through an app, phone, passcode or a physical USB key will need to be approved by you. If you haven't already, find out how to enable 2FA right now. Second, to find out if your login credentials have been affected, use Have I Been Pwned and check if your email is in the clear. If you are at risk, immediately change your password, delete unused accounts and consider using one of the best password managers to secure your online accounts. Security researchers have identified what they call "one of the largest data breaches in history", which includes more than 16 billion logins that include Apple credentials. According to a report from Cybernews, the staggering amount of information is contained in numerous datasets that have been uncovered since the start of the year. So far, the researchers have discovered 30 datasets, each containing up to 3.5 billion records. This includes everything from social media and VPN logins to corporate platforms and developer platforms. 'This is not just a leak — it's a blueprint for mass exploitation," the researchers told Cybernews. The easiest way to find out if your email and password are affected in this mass data breach is to use Have I Been Pwned. It's a free service that collates data from hacks and can also send you alerts when your online account is at risk. The site will notify you if your email is involved in the breach, and you can also check if your password has been exposed through Pwned Passwords. You can do a manual check right on the site, but we also recommend using the Notify Me service to make sure your accounts aren't affected in the future, too. With 16 billion login credentials being exposed, there's a big chance that your account is at risk. If left unchecked, cybercriminals can gain access to your accounts, leading to phishing attacks, identity theft, ransomware and more. To counter this, change your passwords immediately, especially if you reuse passwords for multiple accounts. It's a good idea to use a strong, complex password with a mix of numbers and symbols, and use PasswordMonster's Password Strength Meter to see how effective it is. To manage it all, it's a good idea to use one of the best password managers, as these will store, secure and autofill your passwords, and they also support passkeys across accounts. We reached out to security researcher and owner of Volodymyr Diachenko, about the data breach, who explains that it wasn't just from one infostealer malware, but many: "First things first — it wasn't a single source of exposure. This is not about the number (though it is scary!), but the scale and rise of infostealers infections these days," Diachenko states. "What this number reflects is the size of different infostealers datasets exposed publicly since the beginning of this year alone. They were observed by me and my team via passwordless repositories left exposed inadvertently." The data breach is known to have come from various infostealers. As per reports, infostealers are what caused the exposure of login credentials. This is a form of malware that can secretly steal sensitive data like passwords or chat logs and send them back to hackers. Cybersecurity expert Diachenko states: "It comes from various infostealers logs. Probably a backend infrastructure left exposed. Elasticsearch is a good environment to query such logs." While this is named the largest data breach in history, the 16 billion login credentials were only exposed "briefly," according to researchers in the Cybernews report. However, it's still long enough for threat actors to gain information and to put accounts at risk. "The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data," Cybernews states. Along with this, out of the 30 datasets discovered, the majority of these were temporarily accessible through Elasticsearch, which is a free and open-source search engine, or "object storage instances." Earlier this month, Google released a survey detailing the growing awareness of the threat from scams in the U.S., stating that over 60% of users in the U.S. have seen an increase in scams over the past year. While many have seen scams through SMS texts, 61% state they have been targeted through emails. Plus, the survey notes that one-third of those experiencing an increase in scams have "personally experienced a data breach." What's more, the FBI also states that online scams have seen a 33% rise last year, with a total of $16.6 billion being stolen. In light of this data breach, there could be a major rise in phishing scams or account takeovers. This is why Google has warned users to change their passwords and rely on other forms of authentication, including passkeys. The datasets with exposed login credentials contained old and recent infostealer logs, and as Diachenko points out: "Credentials we've seen in infostealer logs contained login URLs to Apple, Facebook, and Google login pages.' Many of the data sets contained other specific information. One dataset was named after Telegram with 60 million records, another was labeled with a name relating to the Russian Federation with 455 million records and one with the largest amount of records at 3.5 billion is said to have a connection to a Portuguese-speaking population, as Cybernews reports. However, many datasets were also simply named "logins" and "credentials" with massive amounts of information. There's no way to tell what services these are for, and considering the billions of credentials leaked, there's reason to believe that accounts for any platform online are at risk. With infostealers being the cause of the mass data breach, it's best to know how to keep your PC secure from the malware. Trusted downloads: Only download software through legitimate websites and sources. Stay clear of suspicious emails: Never click on unexpected links or attachments. Make sure you know the signs of phishing emails. Update your system: Whether it's on your iPhone, Android phone, Windows laptop or MacBook, keep your system up to date with the latest security patches to stay secure. Use a VPN: Virtual private networks can mask your identity online, making it harder for threat actors to track you down. Be sure to use one of the best VPNs. Download antivirus software: This can keep many forms of malware at bay, including known infostealers. You can check out the best antivirus software for your system. Enable 2FA: In case your login credentials are caught in the data breach, enabling two-factor authentication will make it harder for cybercriminals to access your online accounts. We've seen major data breaches before, including the RockYou2024 leak exposing nearly 10 billion passwords with a mix of old and new records, along with the previous RockYou2021, which kicked off with 8.4 billion passwords. Recently, the largest ever data leak hit China and exposed more than 4 billion user records. This breach included financial data, WeChat and Alipay details as well as sensitive personal info like IDs, birthdates, phone numbers, and residential data. This 16 billion password data breach is one of the largest in history, but last year we reported on the supermassive Mother of all Breaches (MOAB), which contained 26 billion records or 13 terabytes of data taken from previous leaks, breaches and hacked databases. Data breaches aren't anything new, and one of our team has been hacked before. This was due to Adobe being hacked and the attackers getting a list of 153 million usernames and passwords in 2013. If you're worried about the 16 billion data breach, you can find out the best steps to take to prevent being hacked and improve your online security. Some essential tips include signing up for Have I Been Pwned, staying clear of reusing passwords, deleting unused accounts and making sure to enable two-factor authentication. Many companies, including Google, Apple, and Microsoft, are using passkeys to reduce the growing risk of phishing attempts, as login credentials in data breaches that cybercriminals use can lead to account takeovers. In fact, Microsoft is now making passwordless the default for new users. Niall McConachie, regional director (UK & Ireland) at Yubico (the company behind the YubiKey), reached out to weigh in on the data breach: 'As this huge data breach shows, passwords are just not good enough to protect our most important personal details and secure our online presence," McConachie states. "By continuing to rely on passwords, huge data breaches like this will persist — and they'll only get worse. McConachie continues: "As we rely on the internet more and more for critical services, users should opt for the highest-assurance authentication method to ensure their data is fully protected and not at risk of being accessed by cyber criminals. 'Instead of relying on passwords or legacy MFA to keep accounts safe, users must be encouraged to protect their accounts with device-bound passkey options like physical security keys." Since news broke about the data breach, it's been difficult to tell if login credentials included accounts from Apple, Google, Facebook and more. But Cybernews has now shared screenshots of the datasets (not including personal info, of course). These datasets show that there are URLs to Facebook, Google, Github, Zoom, Twitch, and other login pages. However, with the amount of data that is being exposed, the number of platforms that are affected is uncertain. As previously noted, there's reason to believe that every major platform has been affected by the data breach. A recent report from cybersecurity site BleepingComputer indicates the 16 billion password data breach actually isn't new, with the data instead likely to have been circulating for years. The data may have been collected by cybercriminals and researchers and repackaged into the massive database, only for this to be exposed online. The infostealers involved in compiling the login credentials, such as usernames and passwords, may have been collected over time, with different archives being into the massive database. Cybernews states that the data in the breach is recent and "not merely recycled from old breaches," but some data could be overlapping. Either way, many credentials were exposed in the breach, so it's a good idea to secure your accounts, change your passwords and stay safe. One of the key risks of a data breach this big is how easily cybercriminals will be able to access multiple accounts, especially for those who reuse passwords. A survey from NordPass indicates that as many as 62% of Americans, 60% of Brits and 50% of Germans admit to reusing passwords across multiple online accounts. Ignas Valancius, head of engineering at cybersecurity company NordPass, had this to say: 'Users must be extra careful because information in the leaked datasets opens the door to pretty much any online service, from Facebook and Google to GitHub and Telegram. Even some government platforms were compromised. 'I recommend changing passwords immediately before the threat actors start poking around in your accounts. You need to act fast because platforms like Google, Apple, or Facebook are the gateways to your entire digital life, especially if you store passwords in browsers and don't use multi-factor authentication (MFA) or passkeys. 'If hackers manage to get their hands on your password for Google, Apple, or Facebook, stealing your money and identity may be easier than taking candy from a three-year-old." While not part of the 16 million passwords leaked in the data breach we're covering, BleepingComputer reported on another confirmed data breach, this time from Krispy Kreme. According to the report, over 160,000 individuals were impacted by a November 2024 cyberattack, with attackers (apparently claimed by the Play ransomware gang) stealing personal information. The U.S. chain sent notifications to the people who were affected. Data breaches are on the rise, and the recent massive leak of login credentials across multiple platforms shows that now's the time to stay safe online. Make sure you're using one of the best VPNs and best antivirus software to keep your accounts secure. Though it can be scary to know that your data is out there on the web, circulating amongst hackers, there are steps you can take to protect yourself. First, as we've mentioned below, make sure you're changing the passwords to your accounts and using unique, strong passwords for each account. When possible, use passkeys instead. Always use two-factor or multi-factor authentication when an account has it available. As with all data breaches, the biggest threat will be phishing attacks and online fraud. Avoid clicking on links or downloading attachments from unknown senders as hackers often set up fake pages to steal your credentials, credit card data and other sensitive info. Never click on any unexpected links, attachments, files or QR codes from people you don't know. You also want to be wary of people on social media who may reach out to you with offers or those who want you to download or click on files or attachments. If you receive something that appears to be from someone you do know, confirm it with them in an independent manner like calling them on the phone, or texting them. If you haven't signed up for one of the best identity theft protection services, now might be a good time to look into them. You can also consider putting fraud alerts on your files with the Big Three credit-reporting agencies Equifax, Experian and TransUnion, and even instituting a credit freeze (although doing so can complicate getting a loan or opening new payment accounts). When going online, make sure you have one of the best antivirus software programs installed and up to date since these programs often include a have VPN, password manager, secure browser and other extra security tools to help keep you safe online. As more and more companies realize how easy it is to breach passwords, how frequently users reuse them – or use weak passwords – they have begun moving to a stronger method: passkeys. Microsoft recently announced that the Authenticator app will shut off the password autofill feature in July, a move that the company is likely making as it moves towards a passwordless future. And Google recently issued a security warning encouraging users to enable two-factor authentication or risk an account lock down; Google's VP of privacy Evan Kotsovinos was quoted as saying another good step to make your account even more secure is to replace your password entirely. Kotsovinos' recommendation is to trade your password in for a passkey, which involves using your biometric information like your fingerprint or facial recognition alongside a trusted device like your smartphone. To that end, Facebook announced this week that it would soon be rolling out passkey login's for its users, making it both easier and more secure to sign in to its services. Facebook users should soon see the option to enable passkey login's in the Account Center, from the Settings of their Facebook accounts on their mobile devices, and the option will also get rolled out to Messenger, and eventually Meta Pay. The Facebook passkey will work with the same fingerprint, facial recognition or PIN technology that you use to unlock your device. Because they're stored on your device, they cannot be guessed, cracked or shared. However, if you still wish to use a password, you can. If, like our own James Frew, you have also committed the security sin of reusing passwords or have used an unsecure Wi-Fi, or some other less-than-safe computer behavior, and wound up getting hacked, you might wonder what you should be doing next. Here's everything James did to re-establish a safe, secure computing environment for himself and make sure he was practicing safe computer habits. 1. Don't reuse passwords 2. Enable Two-Factor Authentication 3. Delete unused accounts 4. Sign up to Have I Been Pwned 5. Start fresh Checking your phone and seeing that 16 billion passwords have been leaked online is enough to give anyone a proper scare. However, when you're dealing with a data breach or data leak as massive as this one, it's important to put things in context before you Spadafora here and I've been covering cybersecurity news for over a decade. During that time, I've seen a lot of massive security incidents like this one. However, there's one thing a lot of them have in that no brand or company is mentioned outright in our coverage here at Tom's Guide and at other news outlets across the web, this is an easy giveaway that this isn't a new breach or leak but instead a collection-style one. In this case, it's likely not brand new data being exposed online but passwords and other personal info from previous security incidents. This data is then repacked in a way that's easier to search through and simpler for other cybercriminals to use in their attacks. For instance, similar collections like the RockYou2024 leak with 9 billion records and Collection #1 with more than 22 million unique passwords were distributed this way in the this doesn't mean you shouldn't swap out your simple passwords with strong and complex ones or take a hard look at your online security habits. It just means that you shouldn't worry too much as there's a high chance that a lot of these 16 billion credentials were already exposed online and likely for sale on the dark web. So instead of being scared, let this be the powerful catalyst you need to transform your online security – by changing your passwords (or better yet switching to passkeys), locking down your online accounts with 2FA, deleting unused accounts and apps, and sharpening your ability to spot a phishing scam. With billions of passwords floating around online, you may be wondering what steps you can take to improve your online security. If that's the case, chances are you might be considering investing in antivirus software or even identity theft protection. They're both designed to help keep you safe online but there are some key differences between the two that will help you decide which is right for best antivirus software (or the best Mac antivirus software for your Apple computer or the best Android antivirus apps for your Android smartphone) is designed to protect you from malware and other threats before they can infect your devices. By using a database of known threats, your antivirus software is able to scan and flag any potentially harmful files or software. It's worth noting that while paid antivirus software is updated more regularly and comes with plenty of extras like a VPN or a password manager, you likely already have access to built-in antivirus software in the form of Windows Defender on PC, XProtect on Mac and Google Play Protect on Android. Now the best identity theft protection services often come with an antivirus solution but that's not their main purpose. Instead, they're designed to proactively monitor your banking and other online accounts for signs of fraud or suspicious activity. They also keep an eye on your Social Security number and other sensitive personal information. The big difference with identity theft protection is that these services include identity theft insurance to help you recover funds lost to fraud in addition to helping you recover your identity. At the same time, you also get access to experts that can walk you through the process of freezing your credit and dealing with the fallout from identity theft. They can help you get new documents big thing to keep in mind with identity theft protection is that it only works if you sign up before a major security incident takes up for both antivirus software and identity theft protection is the best way to protect yourself and your data online. However, this can get expensive fast. If you're on a tight budget, I'd start with antivirus software first and then sign up for identity theft protection once you have more to lose. One way to make things more affordable is to look for antivirus and identity theft protection providers that offer family plans. That way, you can spread the cost between multiple people and rest easy knowing that your grandparents, parents, aunts, uncles, your children and yourself are all protected. Likewise, you want to stay up to date on the latest online scams and make sure that you share this knowledge with both your older and younger family members. Besides having your personal data and passwords exposed online, you also need to be on the lookout for new or upgraded malware. Case in point, the Godfather malware, which was first spotted back in 2021, recently got an upgrade that makes it even more is a banking malware that targets popular banking and financial apps by using overlay attacks. While you might think you're logging into your banking app once infected, you're actually inputting your username and password onto an overlay that appears over the legitimate app. Hackers study the look and design of popular banking apps to create these overlays which they use to harvest account credentials. With these in hand, they can log into and drain your financial accounts. Now though, the Godfather malware is using a new trick to evade detection and steal money from unsuspecting users. Instead of overlays, the malware is now using virtual versions of legitimate apps to commit fraud in real avoid falling victim to this and other malware strains, you want to avoid sideloading apps, opening attachments or links from unknown senders and it's always a good idea to limit the number of apps on your phone overall as even good apps can go bad when they're injected with malicious code. Though this breach may be the biggest in terms of numbers it has similarities to a few other recent breaches – for example, like three other recent breaches, this latest massive breach includes older data that has been around for a while and repackages it, then leaves it exposed it an open database making it easily accessible for any threat actor to grab. When it's discovered, it is quickly removed which makes it difficult to determine who owned the database and therefore, who was responsible for breaching the collected information. The data leak of AT&T data that we reported about earlier this month is similar and involved more than 86 million records that tied AT&T user data to sensitive personal information like Social Security numbers and birth dates. And again, a day earlier in China, more than 4 billion records were compiled that included everything from WeChat transcripts and phone numbers to gambling history. In May of this year, 184 million passwords from companies like Apple, Google, Microsoft, Instagram, Facebook, Snapchat and more were compiled and stored in a plaintext database. The trend towards larger and larger breaches is clear. At this point it seems inevitable that your passwords and data can, and will, be compromised at some point and it is up to the consumer to protect themselves by using every tool available to protect themselves. When a large number of passwords or a collection of sensitive personal information is exposed online, people often get hung up on whether it's a data breach or a data leak. Here's the difference between the a data breach to occur, hackers or other cybercriminals need to gain unauthorized access to a company or even a government's systems. Once inside, they then steal or exfiltrate as much data as they can with the intention to use this info for blackmail, phishing or other cyberattacks. Now with a data leak, the same types of personal and even financial information from a data breach may be exposed. However, how that data ended up online is the main difference. Data leaks often occur due to human error. For instance, maybe someone forgot to password protect a database and left it open online for anyone to access it. This might sound hard to believe but this happens way more often than you'd way that a data leak can occur is through scraping. Just like marketing firms do, hackers often scrape public databases for personal details and other info. All of this data is then put together in a database and if not secured correctly, it too can leak out onto the open web. Regardless of if you're dealing with a data breach or a data leak, the end result for you as the user is the same. Your information is available online and could be used against you. One way to limit your exposure is by using a data removal tool. There are standalone ones like Incogni or you might find one available as an extra feature with your antivirus software or VPN, like with ExpressVPN's Personal Data Removal this security incident has made you rethink your cyber hygiene, a data removal service is another tool you should add to your security arsenal along with antivirus software and identity theft protection. Now that billions of passwords have been exposed online, hackers and other cybercriminals are probably already thinking about how they'll use this data to their advantage in future attacks. Here are the ways this leaked data will likely be used first:If a password was leaked alongside a username, then hackers are definitely going to try and see if they can use these credentials to log in. They will likely try the account the password is associated with first and then after that, they might try to log into other popular online services. What they're hoping for is that the person this username and password belongs to was foolish enough to reuse the same credentials across multiple online accounts. Password reuse is one of the easiest ways you can set yourself up to get hacked, so if you use the same password on multiple sites and services, stop what you're doing and go create a unique and complex password for each of them. If the leaked username and password work, they'll then take over the account and use it as their own. They could use it in other attacks or even to send out phishing messages to any contacts associated with that account. The next big thing that we'll likely see are targeted phishing attacks. Unlike your standard phishing attack, these ones go after specific people by using public or stolen info to build trust with potential victims. If a hacker impersonates someone you know or claims to know them too, you're more likely to respond to their messages and you could potentially be swayed by their if a username and password combo was leaked for a banking or financial account that contains loads of sensitive personal data, hackers could try to steal your identity. These are all the main potential threats you're going to want to be on the lookout for but there could be more. My advice, keep your head on a swivel and keep tabs on all of your online accounts just to be safe. Likewise, consider investing in identity theft protection for additional peace of mind. CNBC is reporting that Aflac has "identified suspicious activity" in its network. This activity could impact Social Security numbers and other information. 'We continue to serve our customers as we respond to this incident and can underwrite policies, review claims, and otherwise service our customers as usual,' Aflac said in a statement. According to CNBC, the investigation is in its early stages and Aflac does not yet have the total number for potentially affected customers. Impacted information may include claims information, health info, Social Security numbers and other personal information related to everyone from customers andbeneficiaries to employees, agents and "other individuals." The insurance company has said that it will offer free credit monitoring and identity theft protection and Medicaid shield for up to 2 years for anyone that reaches out to its call center. Google will reportedly require you to activate 2-step verification to access your Gmail account. Especially as Gmail was one of the affected databases in the big breach. It's meant to help curb phishing and spam emails that have been on the rise lately. As part of that you should replace your password with a passkey. You can activate 2SV now if you haven't already to get ahead of it. With this massive data breach on the mind, now is as good a time as any to do some security home work. We've put together guide to the seven things you should do now to make sure your accounts and devices are safe. We have more details in the guide but here's a brief rundown what you need to secure. Passwords Browsers Two-factor and Multi-factor authentication Update social media settings Delete, remove and unsubscribe Update software and enable automate updates Check and update settings This record-breaking data breach included URLs, usernames, and, most importantly, passwords, which means you should seriously consider updating yours for Google and Facebook. But creating strong, complex passwords is a tall order, and remembering them is even harder, especially when you should ideally have one for every site you log into. You could try to keep them all in your head if you have Rain Man-level recall. If you don't, why not offload that process by getting a password manager and free up all that precious memory for more important things? Password managers make it easy to securely store all of your passwords in one place, and most will even autofill them into a website or app when you log in. We dive into the best picks for iPhone, Android, privacy, and more in our guide to the best password managers.

New York Post

a day ago

• New York Post

‘There's a baby in there. But it's dead:' mom shares horrific story

'Oh my god, you're pregnant.' The nurse had whispered it like a revelation. As if she had been delivering good news. But all Ash could do was blink at her. She had to once again recount her nightmare: 'That's literally the whole reason I'm here… There's a baby in there. But it's dead.' 3 'There's a baby in there. But it's dead,' a woman named Ash shared about her health issues. kidspot 'It could have been life-threatening' Ash had just completed a routine urine test ahead of surgery, which had flagged high hCG (human chorionic gonadotropin) levels. Weeks beforehand, The Gold Coast mom terminated her pregnancy after the embryo implanted in her C-section scar, left behind from her previous pregnancy. 'It would have been like life-threatening had I continued that pregnancy ' Ash revealed to Kidspot. 3 Weeks before, Ash terminated her pregnancy after the embryo implanted in her C-section scar, left behind from a previous pregnancy. Seika – The frightening list of risks she was faced with included permanent bladder damage, severe haemorrhaging and the potential need for a hysterectomy. Scar tissue doesn't stretch like the uterus does. Had the baby been left to grow with the placenta attached to her scar, the outcome could have been devastating. It is one of the rarest forms of pregnancy, so rare that many doctors hadn't had much experience with a case like hers. It meant different specialists, numerous appointments and trying to find whatever information she could online. She turned to Google, Facebook groups and TikTok to find others who had experienced the same thing. 'I tried every possible like hashtag like 'cesarean scar', 'c-section defect.' I tried all of them,' she revealed. 'It's crazy that as women, we don't even know our own bodies and how things can work. It's just… it's crazy.' Originally, after terminating her pregnancy, doctors were keen to wait for her body to absorb and pass the pregnancy. The doctors treated her with methotrexate. Only they didn't foresee the complications. Ash was in and out of emergency rooms, consistently begging doctors to do something to help. 'That led to like a cascade of months of like emergency trips to the hospital where I was having haemorrhaging bleeds and intense pain,' she said. 'I'd get to the emergency and then they would say there's nothing that we can do. You've just got to wait for this to be absorbed by your body.' The mental toll of waiting became too much. 'I snapped one day' she admitted. 'How many more emergency trips to the hospital am I going to have to go through?' 'My bladder was fully adhered to my caesarean scar defect' Throughout this process, Ash repeatedly asked for other options. She'd asked doctors to perform a D&C (dilatation and curettage). 'They're like no you can't have a D&C due to the location of the pregnancy,' she recounted. Doctors were concerned it could lead to a rupture of her uterus. After months of complications, pain, and being medically gaslit, a private surgeon in Brisbane performed a robot-assisted laparoscopic resection of her uterus. 'They cut open the uterus. He took out the old pregnancy,' she explained. 3 'It's crazy that as women, we don't even know our own bodies and how things can work. It's just… it's crazy,' Ash said. kidspot But he found something else. 'My bladder was like fully adhered to my caesarean scar defect on the outside of my uterus,' Ash revealed. 'He said it was like folded like a concertina three times and attached.' It explained so much. 'I just thought, no wonder I could never fully empty my bladder after giving birth,' she said. For Ash, it explained symptoms she had ignored for years. 'So I remember asking him 'So is this the reason why that like I could never fully empty my bladder?'' she said. 'Since the surgery my bladder has been performing like normal. Like pre-children.' 'No one's talking about this' More and more mothers are experiencing chapters of her story, and in some cases some mothers replicate her experience. 'That's what made me want to share on TikTok. The amount of women that have come into my inbox and say 'I had this, I never even knew',' Ash revealed. 'We don't even know our own bodies, because no one's talking about this.' And through all of it, one thing kept her going. Her son. 'I kept thinking, 'I have to be okay. I have to be here for him,'' she said. ' As much as I wanted this baby, I already had a little boy who needed his mum.' The door isn't closed to more children, but the risks are now clear. 'I am allowed to try again after the three month mark,' Ash said. 'But there's a chance it could be an ectopic again.' Any new pregnancy would be high-risk and require close monitoring and early delivery by repeat caesarean. 'I don't know if I'm brave enough to risk it,' she admitted. 'I want another baby… but I also want to stay alive for the one I already have.'