Daily Briefing is a curated listicle made available by The Readable. The summaries of each article were created by ChatGPT 4o and edited by Dain Oh. Arthur Gregory Willers contributes to enhance the overall readability of the briefing.
1. South Korean government and companies restrict China’s AI ‘DeepSeek’ over security concerns
Several South Korean government agencies, including the Ministry of Foreign Affairs and the Ministry of Trade, Industry and Energy, have blocked access to the Chinese artificial intelligence platform DeepSeek over concerns about excessive data collection, multiple local news outlets reported Thursday.
These ministries handle sensitive diplomatic and trade-related information, and their decision reflects broader government concerns about potential leaks when using generative AI technologies. The Ministry of the Interior and Safety had previously warned government agencies to be cautious with AI platforms like DeepSeek and ChatGPT, emphasizing the need to avoid inputting sensitive or personal data.
DeepSeek has come under scrutiny for allegedly collecting extensive user data, including device information, IP addresses and keystroke patterns, which are stored on servers in China. Other countries, including Australia, Japan and Taiwan, have also imposed restrictions on its use.
South Korea’s Personal Information Protection Commission has requested clarification from DeepSeek about its data collection and storage policies, but the company has yet to respond. Meanwhile, major South Korean corporations—including Kakao, LG Uplus and Korea Hydro & Nuclear Power—have independently restricted or banned the platform over security concerns.
Governments worldwide are growing increasingly wary of DeepSeek’s data practices. Australia, Japan, Taiwan and the U.S. state of Texas have banned the platform on government-owned devices, while Italy has removed it from app marketplaces entirely. The United Kingdom and the European Union are also monitoring potential risks associated with DeepSeek and similar AI models.
These actions reflect rising concerns about privacy and national security risks posed by AI systems developed in China.
2. Ransomware payments decline, but incidents rise amid evolving threats – Chainalysis
In 2024, ransomware attackers collected about $813.6 million in payments from victims, a 35% drop from the record $1.25 billion in 2023. The decline is largely attributed to increased law enforcement efforts, improved international cooperation, and a growing refusal by victims to pay ransoms.
Notably, ransom payments rose slightly in the first half of 2024 compared to the same period in 2023, but the second half saw a sharp decline of about 34.9%.
Despite the decline in ransom payments, ransomware incidents continued to rise, with data leak sites reporting more victims in 2024 than in any previous year. This suggests that while more organizations were targeted, fewer chose to pay.
The ransomware landscape also saw the emergence of new strains, often developed from rebranded, leaked or purchased code, highlighting an increasingly adaptive threat environment. Attack operations have become faster, with negotiations often starting within hours of data exfiltration.
Law enforcement efforts have significantly disrupted major ransomware groups. LockBit, for example, saw a 79% drop in payments after interventions by the U.K.’s National Crime Agency and the U.S. Federal Bureau of Investigation in early 2024. Similarly, ALPHV/BlackCat shut down in January 2024 following an exit scam, leaving a void in the ransomware ecosystem.
The current landscape is now dominated by newcomers targeting small- to mid-sized markets, often demanding more modest ransoms.
3. Asheville Eye Associates reports data breach affecting 193,000 patients – HIPAA Journal
Asheville Eye Associates, an eye care provider in western North Carolina, has disclosed a cyberattack that compromised the personal and protected health information of about 193,300 patients. The breach involved unauthorized access to names, addresses, health insurance details and medical treatment information.
The organization has notified law enforcement and hired third-party cybersecurity experts to investigate. As of the notification date, there is no evidence the compromised data has been misused.
The DragonForce ransomware group has claimed responsibility for the attack, stating it took place in November 2024. The group alleges it exfiltrated 540 GB of data before encrypting files.
According to DragonForce, Asheville Eye Associates initially made contact but later ceased communications, and no ransom was paid. The organization maintains that patient Social Security numbers, credit card numbers and financial information were not exposed.
Asheville Eye Associates advises affected patients to review statements from their healthcare providers and insurers for accuracy and to check for unauthorized charges. The organization continues working with cybersecurity experts to strengthen its security measures and prevent future incidents.
