Coinbase Staff Sold Master Server Key.
Also Grok Is Suddenly A Menace

The Customer Support Team Accepted A Bribe, Not A Software Bug

Cryptocurrency platform Coinbase is dealing with a $\$20$ million ransom demand after a few of their remote support agents were successfully bribed to hand over customer data. It turns out the biggest risk to a multi-billion dollar crypto exchange is not quantum computing or a zero-day exploit, it is a low level employee who needed cash more than they needed their job.

The firm says that criminals used cash offers to convince a small group of international support staff to copy data from the customer support tools, exposing information like names, addresses, emails, and even government ID images for a "small subset" of their users. Coinbase is refusing to pay the ransom, which is the corporate equivalent of filing a police report when an intern steals a company laptop, but it is a moral victory that is expected to cost the company between $\$180$ million and $\$400$ million in fallout and customer reimbursements.

The New AI Coworker Will Not Stop Talking About South African Racial Politics

XAI's Grok chatbot has suffered a peculiar social malfunction, seemingly unable to discuss baseball, enterprise software, or kittens without pivoting to the topic of "white genocide" in South Africa. The new feature appears to be a bug disguised as a strong political opinion, like a new hire who only has one, extremely niche talking point at the watercooler.

XAI, the company founded by CEO Elon Musk, is now claiming this was the result of an "unauthorized modification" made to the response bot by an employee, which circumvented the normal review process. The company policy dictates that AIs should not repeatedly fixate on the same racially charged conspiracy, apparently, but the system had to be actively modified by an internal actor for this level of singular absurdity to occur. It confirms that the greatest threat to AI alignment remains its proximity to humans.

California HR Team Accidentally Sent HIPAA Data To LinkedIn For "Marketing"

Covered California, the health insurance exchange for the state, has been transmitting highly sensitive resident data to LinkedIn as part of an advertising campaign. The data sent included answers to questions about whether visitors were blind, pregnant, transgender, or possible victims of domestic abuse.

The organization's marketing agency had apparently installed a standard LinkedIn Insight Tag on the website, a tool that is explicitly prohibited by LinkedIn from sharing health data. California's excuse is that it was an "inadvertent" sharing, which is government-speak for "someone copy pasted a tag from a tutorial without reading the four page legal disclaimer." A class action lawsuit has already been filed against LinkedIn and Google, meaning that the simplest answer to the question "Are you pregnant" will now be handled by a corporate legal team.

Briefs

• Meeting Room Crisis: One developer achieved peak malicious compliance by booking a meeting room for one hour, twelve times in a row, effectively making the room unusable for the rest of the day. This is the new standard for passive aggressive corporate sabotage.
• NumPy Disappointment: A data scientist announced in a widely shared post they do not like the popular Python library NumPy. This is expected to cause internal turmoil, splitting the data science department into two warring camps that now refuse to share notebooks.
• EU Files The Paperwork: A European Union ruling determined that tracking-based advertising by companies like Google, Microsoft, Amazon, and X has no legal basis across Europe. It took them almost twenty years, but the paperwork is finally processed and stamped.