PSI Software SE and Fulton County Confirms Ransomware Attack

• Written by Shipra Sanganeria Cybersecurity & Tech Writer
• Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Germany-based critical infrastructure software provider, PSI Software SE, confirmed a cyber incident to be a ransomware attack in a recent announcement on February 15.

Operating at a global level, PSI Software provides software products and customized solutions to organizations in the logistics, energy, and manufacturing sectors.

In an announcement last week, the company revealed that a cyberattack had impacted its internal infrastructure, forcing it to disconnect several of its internal systems, including mail system ‘’to prevent data breaches and data corruption.’’

Without disclosing any details about the threat actor, the company in a Monday update (February 19), confirmed the incident to be a ransomware attack. ‘’We are currently analyzing the exact vector of the attack,’’ PSI stated.

‘’There are at present no indications that PSI systems at customer sites have been compromised. According to current knowledge, there was no access to remote connections for the maintenance of customer systems,’’ the update revealed.

The company says that since February 16, it’s been working with the relevant authorities and experts recommended by the Federal Office for Information Security. Furthermore, it has deployed several remediation measures to prevent any further damage.

At the time of writing, except the cyber incident update page, the remaining website continues to be offline.

In a separate incident, on February 14, Fulton County, Georgia (US) officials confirmed the January cyber incident to be a ransomware attack.

The financially motivated attack left the county’s critical government operations paralyzed, including essential phone lines, water department, property tax and justice system.

“While our investigation remains ongoing, we do have evidence that suggests this was the result of a ransomware incident caused by financially motivated actors,” Fulton County computer systems Commission Chairman Robb Pitts said.

The county officials ongoing investigation is yet to reveal if any employees or county residents’ sensitive information has been compromised. Nevertheless, the county reassured that in case of a data breach, impacted individuals would be notified and provided relevant data protection resources.

Romantic AI-Powered Chatbots Raises Significant Privacy Concerns

• Written by Shipra Sanganeria Cybersecurity & Tech Writer
• Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Privacy concerns due to AI-powered romantic partners are on the rise with more people using these free or paid apps, a new study by Mozilla Foundation has revealed.

In its analysis of 11 romantic chatbots, the company found a series of security and privacy issues. Despite making claims of protecting user privacy, these apps are known to collect and store a lot of sensitive information, which are invasive in nature.

According to the company, overall, 90% of the surveyed apps failed to meet Mozilla’s Minimum Security Standards, i.e., securing a users’ personal data. Of these:

• Almost half (45%) allowed users to create weak passwords, including “1.”
• Most (73%) of these apps didn’t reveal how they manage security vulnerabilities, especially in the midst of growing cyber threats (powered by generative AI).
• Most (64%) haven’t published clear information about encryption and whether they use it.
• Except EVA AI Chat Bot & Soulmate, all the other apps (90%) might sell or share users’ personal information. The analyzed apps had an average of 2,663 trackers per minute, said Mozilla.
• Around half (45%) of the apps won’t allow a user to delete his/her personal data. For instance, “[..] Romantic AI put it, “communication via the chatbot belongs to software,” the study revealed .

Some of the stored or harvested personal data include content (user conversation), financial information, device and network data, health, gender identity and preference, sexual health, prescriptions, contact, and audio, visual information.

Among the surveyed personal apps, Mozilla laid emphasis on a specific chatbot – CrushOn.AI, a Not Safe For Work (NSFW) platform. The AI chatbot is known to collect unnecessary but very sensitive information of individuals.

Based on its analysis, Mozilla also revealed that it was unclear about the origin of the companies running these apps. Thus, to prevent misuse of their personal information, it is imperative that not only users limit the app usage but also avoid revealing personal information while accessing these chatbots.