59-year-old Alex Mashinsky, the founder/former CEO of cryptocurrency lender Celsius Network, "pleaded guilty on Tuesday to two counts of fraud," reports Reuters.

He'd been indicted in July on seven counts of fraud, conspiracy and market manipulation charges, according to the article, and federal prosecutors in Manhattan "said he misled customers of Celsius to persuade them to invest, and artificially inflated the value of his company's proprietary crypto token." On Tuesday, during a hearing before U.S. District Judge John Koeltl, Mashinsky said he pleaded guilty to two out of the seven counts he was initially charged with: commodities fraud, and a fraudulent scheme to manipulate the price of CEL, Celsius' in-house token. In court, Mashinsky admitted to giving Celsius customers "false comfort" by giving an interview in 2021 in which he said Celsius had received approval from regulators for its "Earn" program, which it had not. That program offered to deploy customers' cryptocurrency assets to yield investment returns. He said he also failed to disclose that he had been selling his holdings of CEL, the platform's in-house token.

"I know what I did was wrong, and I want to try to do whatever I can to make it right," Mashinsky said. As part of his plea deal with prosecutors, Mashinsky agreed not to appeal any sentence of 30 years or less — the maximum he faces for the two counts. Koeltl is set to sentence him on April 8, 2025.

Federal prosecutors in Manhattan have said Mashinsky also personally reaped approximately $42 million in proceeds from selling his holdings of the Cel token. "Mashinsky made tens of millions of dollars selling his own CEL at artificially high prices, while his customers were left holding the bag when the company went bankrupt," Damian Williams, the U.S. Attorney in Manhattan, said in a statement on Tuesday... Founded in 2017, Celsius filed for Chapter 11 bankruptcy protection in July 2022 after customers rushed to withdraw deposits as crypto prices fell. Many were initially unable to access their funds... Celsius' former chief revenue officer, Roni Cohen-Pavon, pleaded guilty in September 2023 and agreed to cooperate with prosecutors' investigation.
"The company exited bankruptcy on Jan. 31, and has pivoted to Bitcoin mining..."

An anonymous reader shared this report from NBC News: Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers...

In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China's intercepting their communications. "Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible," Greene said. The FBI official said, "People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant" multi-factor authentication for email, social media and collaboration tool accounts...

The FBI and other federal law enforcement agencies have a complicated relationship with encryption technology, historically advocating against full end-to-end encryption that does not allow law enforcement access to digital material even with warrants. But the FBI has also supported forms of encryption that do allow some law enforcement access in certain circumstances.
Officials said the breach seems to include some live calls of specfic targets and also call records (showing numbers called and when). "The hackers focused on records around the Washington, D.C., area, and the FBI does not plan to alert people whose phone metadata was accessed."

"The scope of the telecom compromise is so significant, Greene said, that it was 'impossible" for the agencies "to predict a time frame on when we'll have full eviction.'"

The Federal Trade Commission on Tuesday announced sweeping action against some of the most important companies in the location data industry, including those that power surveillance tools used by a wide spread of U.S. law enforcement agencies and demanding they delete data related to certain sensitive areas like health clinics and places of worship. From a report: Venntel, through its parent company Gravy Analytics, takes location data from smartphones, either through ordinary apps installed on them or through the advertising ecosystem, and then provides that data feed to other companies who sell location tracking technology to the government or sells the data directly itself.

Venntel is the company that provides the underlying data for a variety of other government contractors and surveillance tools, including Locate X. 404 Media and a group of other journalists recently revealed Locate X could be used to pinpoint phones that visited abortion clinics. The FTC says in a proposed order that Gravy and Venntel will be banned from selling, disclosing, or using sensitive location data, except in "limited circumstances" involving national security or law enforcement.

schwit1 writes: Recruiters approach students with tempting offers, often after observing them for weeks. Promising salaries of over $800 per month -- double the average pay for chemists in Mexican companies, along with potential bonuses like cars or housing -- recruiters capitalize on the financial struggles of young professionals.

These "cooks" are tasked with improving fentanyl's addictive quality and finding alternative synthesis methods to mitigate supply chain disruptions caused by stricter chemical export controls from China and pandemic-induced bottlenecks. The Times interviewed seven drug "cooks," three university chemistry students recruited by the Sinaloa cartel, two agents, a recruiter, and a university professor -- all anonymously to avoid cartel retaliation. According to the recruiter, candidates must be passionate, discreet, and indifferent to the ethical consequences of their work.

The university professor highlighted a disturbing trend: students openly expressed interest in synthesizing illicit drugs during lectures.

America's FBI "has been investigating a longtime Exxon Mobil consultant," reports Reuters, "over the contractor's alleged role in a hack-and-leak operation that targeted hundreds of the oil company's biggest critics, according to three people familiar with the matter." The operation involved mercenary hackers who successfully breached the email accounts of environmental activists and others, the sources told Reuters. The scheme allegedly began in late 2015, when U.S. authorities contend that the names of the hacking targets were compiled by the DCI Group, a public affairs and lobbying company working for Exxon at the time, one of the sources said. DCI provided the names to an Israeli private detective, who then outsourced the hacking, according to the source.

In an effort to push a narrative that Exxon was the target of a political vendetta aimed at destroying its business, some of the stolen material was subsequently leaked to the media by DCI, Reuters determined. The Federal Bureau of Investigation found that DCI shared the information with Exxon before leaking it, the source said. Some environmental activists interviewed by Reuters say the hacking operation disrupted preparations for lawsuits by cities and state attorneys general against Exxon and other energy companies... The stolen material continues to be used today to counter litigation claiming the oil giant misled the public and its investors about the risks of climate change...

The investigation into the hack-and-leak operation comes amid growing concern among law enforcement agencies worldwide about how such cyberespionage schemes threaten to taint judicial proceedings. The FBI has been investigating the broader use of mercenary hackers to tamper with lawsuits since early 2018, Reuters has previously reported. The Israeli private detective hired by DCI, Amit Forlit, was arrested this year at London's Heathrow Airport and is fighting extradition to the United States on charges of hacking and wire fraud... Federal prosecutors have secured a related conviction: that of Forlit's former business associate, private investigator Aviram Azari. Azari pleaded guilty in 2022 to wire fraud, conspiracy to commit hacking and aggravated identity theft, which included targeting the environmental activists.

United Nations members gathered this week in Busan, South Korea to negotiate the first treaty reducing plastic pollution. But Politico reports that "talks collapsed late Sunday after negotiators failed to resolve their differences and agree on a global plastic treaty. At the heart of the disagreement was a refusal by oil-rich nations led by Saudi Arabia to accept a deal that put limits on plastic production... Throughout the two years of talks, oil-rich and plastic-producing states had repeatedly clashed with nations that wanted to reduce plastic production to solve a worsening plastic pollution crisis. Many went to Busan hopeful differences would be put aside in the name of combatting a common global threat. But in the end this proved too optimistic...

The EU, alongside more than 100 other countries that included the U.K., on Thursday had backed a new proposal spearheaded by Panama pushing for a global target to reduce plastic production to "sustainable levels", drawing a clear battle line for the talks. But three negotiators from countries in the High Ambition Coalition to End Plastic Pollution — granted anonymity to discuss closed-door talks — told POLITICO Saudi Arabia had coordinated a push from oil-rich and plastic-producing countries to block any proposals for the treaty that threatened to reduce plastic production. The vast majority of plastic is made from oil or natural gas...

Along with disagreements over plastic production, countries were also unable to agree on whether and how to target particularly polluting plastic products, and how to finance the treaty. Two of the "high-ambition" negotiators referenced above suggested the talks were doomed to fail from the beginning, arguing that there was never going to be enough time given the scope of the mandate. "I think the pressure on us to deliver that in 18 months ... was kind of stupid then, and it's still stupid now," said one. "Usually these processes take a number of years — beyond what we are doing...." But many observers and some delegates said the summit's collapse demonstrated the failures of consensus-based environmental multilateralism, arguing that requiring all countries to agree by consensus gave reluctant nations too much veto power. NGOs like the Center for International Environmental Law hope this week's failed talks will serve as a lesson for future U.N. talks...

The date and time of the next round of talks is yet to be announced.
Greenpeace issued a statement saying "over 100 Member States, representing billions of people, rejected a toothless deal that would have accomplished nothing, and stood before the world committing to an ambitious treaty."

And they argued that the message is clear. "Ambitious countries must not allow the fossil fuel and petrochemical industries, backed by a small minority of countries, to prevent the will of the vast majority. A strong agreement that protects people and the planet is our only option."

The Washington Post reports on tens of thousands of Americans "forced to pay for medication" to prevent the HIV infections, "despite federal requirements guaranteeing free access to treatment...according to multiple studies and interviews with medical professionals, activists and patients." Insurance companies are skirting rules compelling them to pay for pre-exposure prophylaxis treatment, known as PrEP, researchers and HIV advocacy organizations say — leaving patients to shell out hundreds of dollars each year for medication co-pays, doctor visits and screenings required to stay on drugs that reduce the risk of contracting HIV through sex by 99 percent.

Under the Affordable Care Act, commercial insurers must cover certain preventive health services. This is supposed to include at least one form of oral PrEP and related health services, such as regular testing for HIV and other sexually transmitted diseases, for people at increased risk of contracting HIV, according to 2021 guidance from the Biden administration. Responding to complaints that patients were still being charged, the Biden administration in October released new guidance instructing private insurers to cover all forms of PrEP without prior authorization, including new long-acting injections.

Nearly a third of a national sample of 325 health coverage plans on government insurance marketplaces did not include PrEP on their lists of covered preventive services, according to the AIDS Institute, a New York-based nonprofit. Between 20 and 30 percent of PrEP users with commercial insurance still had to pay for it despite the coverage mandate, with an average cost of $227 for 2022, according to the Centers for Disease Control and Prevention. Government regulators have been slow to crack down on insurer violations, activists say, creating a barrier to getting more at-risk Americans on the medication. The CDC estimates that only a third of the more than 1 million people who could benefit from PrEP have received a prescription, according to its most recent data.
The issue appears to be lax enforcement against insurers who break rules, a policy advocate told the newspaper. America's Centers for Medicare and Medicaid Services, which enforces regulations for preventive care, "said it takes enforcement seriously and recently found two insurance plans in violation of coverage requirements following consumer complaints."

And the Post spoke to an official at America's Labor Department, who said they were investigating a complaint against a large insurance company, but "said the agency does not have enough staff to conduct proactive investigations and lacks the authority to sue and penalize insurers that break the rules."

A bipartisan group of 12 senators has urged the TSA inspector general to investigate the agency's use of facial recognition technology, citing concerns over privacy, civil liberties, and its expansion to over 430 airports without sufficient safeguards or proven effectiveness. Gizmodo reports: "This technology will soon be in use at hundreds of major and mid-size airports without an independent evaluation of the technology's precision or an audit of whether there are sufficient safeguards in place to protect passenger privacy," the senators wrote. The letter was signed by Jeffrey Merkley (D-OR), John Kennedy (R-LA), Ed Markey (D-MA), Ted Cruz (R-TX), Roger Marshall (R-Kansas), Ron Wyden (D-OR), Steve Daines (R-MT), Elizabeth Warren (D-MA), Bernie Sanders (I-VT), Cynthia Lummis (R-WY), Chris Van Hollen (D-MD), and Peter Welch (D-VT).

While the TSA's facial recognition program is currently optional and only in a few dozen airports, the agency announced in June that it plans to expand the technology to more than 430 airports. And the senators' letter quotes a talk given by TSA Administrator David Pekoske in 2023 in which he said "we will get to the point where we require biometrics across the board." [...] The latest letter urges the TSA's inspector general to evaluate the agency's facial recognition program to determine whether it's resulted in a meaningful reduction in passenger delays, assess whether it's prevented anyone on no-fly lists from boarding a plane, and identify how frequently it results in identity verification errors.

A security researcher discovered an unprotected database belonging to SL Data Services containing over 600,000 sensitive files, including criminal histories and background checks with names, addresses, and social media accounts. The Register reports: We don't know how long the personal information was openly accessible. Infosec specialist Jeremiah Fowler says he found the Amazon S3 bucket in October and reported it to the data collection company by phone and email every few days for more than two weeks. [The info service provider eventually closed up the S3 bucket, says Fowler, although he never received any response.] In addition to not being password protected, none of the information was encrypted, he told The Register. In total, the open bucket contained 644,869 PDF files in a 713.1 GB archive.

Some 95 percent of the documents Fowler saw were labeled "background checks," he said. These contained full names, home addresses, phone numbers, email addresses, employment, family members, social media accounts, and criminal record history belonging to thousands of people. In at least one of these documents, the criminal record indicated that the person had been convicted of sexual misconduct. It included case details, fines, dates, and additional charges. While court records and sex offender status are usually public records in the US, this exposed cache could be combined with other data points to make complete profiles of people -- along with their family members and co-workers -- providing everything criminals would need for targeted phishing and/or social engineering attacks.

A U.S. federal appeals court ruled that sanctions against Tornado Cash, a crypto transaction anonymization service, must be abandoned, stating that its immutable smart contracts do not constitute "property" under U.S. law and that the Treasury overstepped its authority. The ruling is available here (PDF). CoinDesk reports: The decision answers a controversial privacy debate on whether the government -- via a sanctions list maintained by the U.S. Treasury Department -- has a right to target the technology because it's associated with criminals. The ruling reversed a district court's August ruling that had sided with the government's pursuit of what it had characterized as a "notorious" crypto-mixing service.

OFAC had sanctioned Tornado Cash last year, contending that it was a vital tool used by bad actors including North Korea's Lazarus Group to launder crypto tokens pilfered from platforms and games such as Axie Infinity. Coinbase (COIN) and others had sued the government, claiming it had overreached. Paul Grewal, chief legal officer of crypto exchange Coinbase, cheered the ruling in a Tuesday post on X, calling it a "historic win for crypto." "These smart contracts must now be removed from the sanctions list and U.S. persons will once again be allowed to use this privacy-protecting protocol," Grewal wrote. "Put another way, the government's overreach will not stand." "We readily recognize the real-world downsides of certain uncontrollable technology falling outside of OFAC's sanctioning authority," the judges said, referencing the ineffectiveness of a law that was established well before the world moved online. "But we must uphold the statutory bargain struck (or mis-struck) by Congress, not tinker with it."

Tornado Cash's TORN token has since rallied 500%, passing the $20 mark.

The FTC has opened a broad antitrust investigation into Microsoft, including of its software licensing and cloud computing business. Bloomberg first reported the news. Reuters reports: The probe was approved by FTC Chair Lina Khan ahead of her likely departure in January. The election of Donald Trump as U.S. president and the expectation he will appoint a fellow Republican with a softer approach toward business, leaves the outcome of the investigation up in the air.

The FTC is examining allegations that the software giant is potentially abusing its market power in productivity software by imposing punitive licensing terms to prevent customers from moving their data from its Azure cloud service to other competitive platforms, sources confirmed earlier this month. The FTC is also looking at practices related to cybersecurity and artificial intelligence products, the source said on Wednesday.

A piracy ring that gave 22 million subscribers in Europe cheap access to content stolen from international streaming services has been shut down by Italian authorities after a two-year investigation. From a report: The criminal enterprise used a complex international IT system to "capture and resell" live programming and other on-demand content from companies including sports broadcaster DAZN, Netflix, Amazon Prime, Paramount, Sky and Disney+, prosecutors said in a statement on Wednesday.

Authorities estimate the operation generated revenues of roughly $264.3 million a month [non-paywalled link], or $3.2 billion a year, and caused combined damages of more than $10.6 billion to the affected broadcast companies. "The rate of profit you get from these illegal activities with lower risk is equivalent to that of cocaine trafficking," Francesco Curcio, the criminal prosecutor who led the investigation, told reporters.

An anonymous reader quotes a report from TechCrunch: Security researchers have uncovered two previously unknown zero-day vulnerabilities that are being actively exploited by RomCom, a Russian-linked hacking group, to target Firefox browser users and Windows device owners across Europe and North America. RomCom is a cybercrime group that is known to carry out cyberattacks and other digital intrusions for the Russian government. The group -- which was last month linked to a ransomware attack targeting Japanese tech giant Casio -- is also known for its aggressive stance against organizations allied with Ukraine, which Russia invaded in 2014.

Researchers with security firm ESET say they found evidence that RomCom combined use of the two zero-day bugs -- described as such because the software makers had no time to roll out fixes before they were used to hack people -- to create a "zero click" exploit, which allows the hackers to remotely plant malware on a target's computer without any user interaction. "This level of sophistication demonstrates the threat actor's capability and intent to develop stealthy attack methods," ESET researchers Damien Schaeffer and Romain Dumont said in a blog post on Monday. [...] Schaeffer told TechCrunch that the number of potential victims from RomCom's "widespread" hacking campaign ranged from a single victim per country to as many as 250 victims, with the majority of targets based in Europe and North America. Mozilla and the Tor Project quickly patched a Firefox-based vulnerability after being alerted by ESET, with no evidence of Tor Browser exploitation. Meanwhile, Microsoft addressed a Windows vulnerability on November 12 following a report by Google's Threat Analysis Group, indicating potential use in government-backed hacking campaigns.

An anonymous reader quotes a report from the New York Times: The founder of an artificial intelligence start-up focused on education was arrested and charged with defrauding her investors, lying about the company's profits and falsely claiming that some of the largest school districts in the country, including New York City's, were her customers. The founder, Joanna Smith-Griffin, started the company, AllHere Education, in 2016, with the goal of using artificial intelligence to increase student and parent engagement and curb absenteeism. In the years that followed, Ms. Smith-Griffin, 33, misrepresented AllHere's revenue and customer base to fraudulently raise almost $10 million in funds, according to the indictment. Once the company's valuation had climbed, she sold some of her stake in it and spent hundreds of thousands of dollars on a down payment for a new home and on her wedding.

Ms. Smith-Griffin was arrested Tuesday in North Carolina, where she lives, and charged with wire fraud, securities fraud and aggravated identity theft. She faces more than 40 years in prison. AllHere is now in bankruptcy proceedings, prosectors said, and all of its employees have been laid off. "Her alleged actions impacted the potential for improved learning environments across major school districts by selfishly prioritizing personal expenses," said James E. Dennehy, the F.B.I. assistant director in New York leading the investigation into Ms. Smith-Griffin. "The F.B.I. will ensure that any individual exploiting the promise of educational opportunities for our city's children will be taught a lesson." Smith-Griffin is the latest Forbes 30 Under 30 honoree to be indicted on fraud. "The Forbes-to-Fraud pipeline includes FTX founder Sam Bankman-Fried and Caroline Ellison, co-CEO of Alameda Research; fintech Frank founder Charlie Javice; and 'Pharma bro' Martin Shkreli," notes TechCrunch.

Interpol arrested 1,006 suspects in Africa during a massive two-month operation, clamping down on cybercrime that left tens of thousands of victims, including some who were trafficked, and produced millions in financial damages, the global police organization said Tuesday. From a report: Operation Serengeti, a joint operation with Afripol, the African Union's police agency, ran from Sept. 2 to Oct. 31 in 19 African countries and targeted criminals behind ransomware, business email compromise, digital extortion and online scams, the agency said in a statement.

Blue Yonder, a Panasonic subsidiary specializing in AI-driven supply chain solutions, experienced a recent ransomware attack that impacted many of its customers. "Among its 3,000 customers are high-profile organizations like DHL, Renault, Bayer, Morrisons, Nestle, 3M, Tesco, Starbucks, Ace Hardware, Procter & Gamble, Sainsbury, and 7-Eleven," reports BleepingComputer. From the report: On Friday, the company warned that it was experiencing disruptions to its managed services hosting environment due to a ransomware incident that occurred the day before, on November 21. "On November 21, 2024, Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident," reads the announcement. "Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols."

Blue Yonder claims it has detected no suspicious activity in its public cloud environment and is still processing multiple recovery strategies. [...] As expected, this has impacted clients directly, as a spokesperson for UK grocery store chain Morrisons has confirmed to the media they have reverted to a slower backup process. Sainsbury told CNN that it had contingency plans in place to overcome the disruption. A Saturday update informed customers that the restoration of the impacted services continued, but no specific timelines for complete restoration could be shared yet. Another update published on Sunday reiterated the same, urging clients to monitor the customer update page on Blue Yonder's website over the coming days.

The U.S. is preparing to impose new sanctions targeting 200 Chinese chipmakers and potentially restricting the export of High Bandwidth Memory (HBM). The move is intended to further hinder China's semiconductor and AI advancements. Tom's Hardware reports: The update sheds light on the Biden administration's recent efforts to impose stricter regulations on chip manufacturers in China. The latest swarm of sanctions reportedly targets roughly 200 Chinese firms. US companies are prohibited from exporting select technologies or products to the targeted firms. The report suggests that the US Department of Commerce aims to push these new regulations before the Thanksgiving break - or November 28. Neither the Department of Commerce nor the Chamber of Commerce responded to Reuters' request for comments.

Moreover, another wave of sanctions is set to follow in December - targeting the export of HBM (High Bandwidth Memory) - primarily to choke China's advance in the AI domain. The impacts of these restrictions are materializing given that Huawei's Kirin SoCs and Ascend AI accelerators will reportedly remain stuck at 7nm technology until 2026 as SMIC fails to procure cutting-edge Extreme Ultraviolet (EUV) machines from ASML.

A new bill introduced by Sen. Peter Welch (D-Vt) aims to make it easier for human creators to find out if their work was used without permission to train artificial intelligence. NBC News reports: The Transparency and Responsibility for Artificial Intelligence Networks (TRAIN) Act would enable copyright holders to subpoena training records of generative AI models, if the holder can declare a "good faith belief" that their work was used to train the model. The developers would only need to reveal the training material that is "sufficient to identify with certainty" whether the copyright holder's works were used. Failing to comply would create a legal assumption -- until proven otherwise -- that the AI developer did indeed use the copyrighted work. [...]

In a news release, Welch said the TRAIN Act has been endorsed by several organizations -- including the Screen Actors Guild-American Federation of Television and Radio Artists (SAG-AFTRA), the American Federation of Musicians, and the Recording Academy -- as well as major music labels -- including Universal Music Group, Warner Music Group and Sony Music Group.

An anonymous reader quotes a report from Ars Technica: The Supreme Court signaled it may take up a case that could determine whether Internet service providers must terminate users who are accused of copyright infringement. In an order (PDF) issued today, the court invited the Department of Justice's solicitor general to file a brief "expressing the views of the United States."

In Sony Music Entertainment v. Cox Communications, the major record labels argue that cable provider Cox should be held liable for failing to terminate users who were repeatedly flagged for infringement based on their IP addresses being connected to torrent downloads. There was a mixed ruling at the US Court of Appeals for the 4th Circuit as the appeals court affirmed a jury's finding that Cox was guilty of willful contributory infringement but reversed a verdict on vicarious infringement "because Cox did not profit from its subscribers' acts of infringement." That ruling vacated a $1 billion damages award and ordered a new damages trial. Cox and Sony are both seeking a Supreme Court review. Cox wants to overturn the finding of willful contributory infringement, while Sony wants to reinstate the $1 billion verdict.

The Supreme Court asking for US input on Sony v. Cox could be a precursor to the high court taking up the case. For example, the court last year asked the solicitor general to weigh in on Texas and Florida laws that restricted how social media companies can moderate their platforms. The court subsequently took up the case and vacated lower-court rulings, making it clear that content moderation is protected by the First Amendment.

Some days more than half of California's available solar power goes to waste, according to research from the California Institute for Energy and Environment. "In the last 12 months, California's solar farms have curtailed production of more than 3 million megawatt hours of solar energy," according to a data analysis by the Los Angeles Times — enough to power 518,000 California homes for a year.

And it was curtailed "either on the orders of the state's grid operator or because prices had plummeted because of the glut. The waste would have been even larger if California had not paid utilities in other states to take the excess solar energy, documents from the state's grid operator show." That means green energy paid for by California electricity customers is sent away, lowering bills for residents of other states. Arizona's largest public utility reaped $69 million in savings last year by buying from the market California created to get rid of its excess solar power. The utility returned that money to its customers as a credit on their bills. Also reaping profits are electricity traders, including banks and hedge funds. The increasing oversupply of solar power has created a situation where energy traders can buy the excess at prices so low they become negative, said energy consultant Gary Ackerman, the former executive director of the Western Power Trading Forum. That means the solar plant is paying the traders to take it. "This is all being underwritten by California ratepayers," Ackerman said...

The solar glut also means higher electricity bills for Californians, since they are effectively paying to generate the power but not using it. California's electric rates are roughly twice the nation's average, with only Hawaii having higher rates. Rates at Southern California Edison and Pacific Gas & Electric increased by 51% over the last three years. "Ratepayers aren't getting the energy they've paid for," said Ron Miller, an energy industry consultant in Denver. He calculates that the retail value of the solar energy thrown away in a year would be more than $1 billion.

Gov. Gavin Newsom's advisors and those who manage the state's electric grid say they are working to reduce the curtailments, including by building more industrial-scale battery storage facilities that soak up the excess solar power during the day and then release it at night. Officials in the governor's office declined to be interviewed, but issued a statement saying the curtailments are often because of congestion on transmission lines, rather than a statewide oversupply of power. The state has been spending heavily to upgrade transmission lines to ease the congestion. "It's also important to have extra energy resources available that can help the state during periods of extreme weather and historic heatwaves when demand is particularly high, which have happened the past few years," the statement said...

The commercial solar industry contends that the expansion of storage capacity to bank solar power will eventually eliminate the glut.