BleepingComputer's Ionut Ilascu reports: Background check service National Public Data confirms that hackers breached its systems after threat actors leaked a stolen database with millions of social security numbers and other sensitive personal information. The company states that the breached data may include names, email addresses, phone numbers, social security numbers (SSNs), and postal addresses.

In the statement disclosing the security incident, National Public Data says that "the information that was suspected of being breached contained name, email address, phone number, social security number, and mailing address(es)." The company acknowledges the "leaks of certain data in April 2024 and summer 2024" and believes the breach is associated with a threat actor "that was trying to hack into data in late December 2023." NPD says they investigated the incident, cooperated with law enforcement, and reviewed the potentially affected records. If significant developments occur, the company "will try to notify" the impacted individuals.

The Dubai Court of First Instance has declared that cryptocurrency can be used as a legal form of salary under employment contracts. CoinTelegraph reports: Irina Heaver, a partner at UAE law firm NeosLegal, explained that the ruling in case number 1739 of 2024 shows a shift from the court's earlier stance in 2023, where a similar claim was denied because the crypto involved lacked precise valuation. Heaver believes this shows a "progressive approach" to integrating digital currencies into the country's legal and economic framework. Heaver said that the case involved an employee who filed a lawsuit claiming that the employer had not paid their wages, wrongful termination compensation and other benefits. The worker's employment contract stipulated a monthly salary in fiat and 5,250 in EcoWatt tokens. The dispute stems from the employer's inability to pay the tokens portion of the employee's salary in six months.

In 2023, the court acknowledged the inclusion of the EcoWatts tokens in the contract. Still, it did not enforce the payment in crypto, as the employee failed to provide a clear method for valuing the currency in fiat terms. "This decision reflected a traditional viewpoint, emphasizing the need for concrete evidence when dealing with unconventional payment forms," Heaver said. However, the lawyer said that in 2024, the court "took a step forward," ruling in favor of the employee and ordering the payment of the crypto salary as per the employment contract without converting it into fiat. Heaver added that the court's reliance on the UAE Civil Transactions Law and Federal Decree-Law No. 33 of 2021 in both judgments shows the consistent application of legal principles in wage determination.

A federal judge blocked the launch of Venu, a sports streaming joint venture by Disney, Fox, and Warner Bros. Discovery, due to concerns it would substantially lessen competition and harm FuboTV. Variety reports: Fubo launched in 2015 as a start-up focused on streaming sports programming. [...] Venu, expected to launch in late August ahead of the start of the NFL's coming fall season and priced at an initial price tag of $42.99 per month, was to carry all of the sports offerings of ESPN, Fox Sports 1 and 2, and TNT for a price that is seen as more than a regional sports network but less than a full programming package available via YouTube TV or Hulu + Live TV. The three parent companies are targeting a new generation of consumers who disdain the high costs of traditional cable packages are more at home with signing up for streaming venues that are relatively easy to get in and out of based on the availability of favorite entertainment programs or sporting events.

Judge Garnett found that once Venu launches, FuboTV would face "a swift exodus" of large numbers of subscribers, and indicated she felt "that Fubo's bankruptcy and delisting of the company's stock will likely soon follow. These are quintessential harms that money cannot adequately repair." Fubo alleged that Venu's launch "will cause it to lose approximately 300,000 to 400,000 (or nearly 30%) of its subscribers, suffer a significant decline in its ability to attract new subscribers, lose between $75 and $95 million in revenue, and be transformed into a penny stock awaiting delisting from the New York Stock Exchange, all before year-end 2024," the judge said in her decision. "We respectfully disagree with the court's ruling and are appealing it," Disney, Fox and Warner Bros. Discovery said in a statement. "We believe that Fubo's arguments are wrong on the facts and the law, and that Fubo has failed to prove it is legally entitled to a preliminary injunction. Venu Sports is a pro-competitive option that aims to enhance consumer choice by reaching a segment of viewers who currently are not served by existing subscription options."

The San Francisco City Attorney's office is suing 16 of the most frequently visited AI-powered "undressing" websites, often used to create nude deepfakes of women and girls without their consent. From a report: The landmark lawsuit, announced at a press conference by City Attorney David Chiu, says that the targeted websites were collectively visited over 200 million times in the first six months of 2024 alone.

The offending websites allow users to upload images of real, fully clothed people, which are then digitally "undressed" with AI tools that simulate nudity. One of these websites, which wasn't identified within the complaint, reportedly advertises: "Imagine wasting time taking her out on dates, when you can just use [the redacted website] to get her nudes."

A 43-year-old Jordanian national, Hashem Younis Hashem Hnaihen, was arrested in Orlando, Florida, and charged with threatening to use explosives and destroying a solar power facility. According to the U.S. Department of Justice, the charges could result in up to 60 years in prison. Gizmodo reports: Hashem Younis Hashem Hnaihen allegedly smashed windows at local businesses in Florida, leaving behind threatening letters about their perceived support of Israel, and broke into a solar power generation facility in Wedgefield, Florida back in June. Hnaihen allegedly spent hours smashing solar panels, cutting various wires, and destroying critical electronic equipment, according to a press release from the DOJ issued Thursday.

Hnaihen was wearing a mask when he allegedly smashed the glass front doors of businesses that he thought supported Israel in June, the DOJ says, leaving behind "warning letters" that included lines like a desire to, "destroy or explode everything here in whole America. Especially the companies and factories that support the racist state of Israel." [...] Hnaihen was arrested on July 11, though news of his arrest was only made public today. Hnaihen entered a plea of not guilty and faces a maximum of 10 years in prison for each threat made against the Florida businesses and a maximum of 20 years for the destruction of an energy facility, according to the DOJ.

According to Kaspersky, hackers linked to Chinese threat actors have targeted Russian state agencies and tech companies in a campaign named EastWind. The Record reports: [T]he attackers used the GrewApacha remote access trojan (RAT), an unknown PlugY backdoor and an updated version of CloudSorcerer malware, which was previously used to spy on Russian organizations. The GrewApacha RAT has been used by the Beijing-linked hacking group APT31 since at least 2021, the researchers said, while PlugY shares many similarities with tools used by the suspected Chinese threat actor known as APT27.

According to Kaspersky, the hackers sent phishing emails containing malicious archives. In the first stage of the attack, they exploited a dynamic link library (DLL), commonly found in Windows computers, to collect information about the infected devices and load the additional malicious tools. While Kaspersky didn't explicitly attribute the recent attacks to APT31 or APT27, they highlighted links between the tools that were used. Although PlugY malware is still being analyzed, it is highly likely that it was developed using the DRBControl backdoor code, the researchers said. This backdoor was previously linked to APT27 and bears similarities to PlugX malware, another tool typically used by hackers based in China.

Google's master software for some Android phones includes a hidden feature that is insecure and could be activated to allow remote control or spying on users, according to a security company that found it inside phones at a U.S. intelligence contractor. From a report: The feature appears intended to give employees at stores selling Pixel phones and other models deep access to the devices so they can demonstrate how they work, according to researchers at iVerify who shared their findings with The Washington Post. The discovery and Google's lack of explanation alarmed the intelligence contractor, data analysis platform vendor Palantir Technologies, to the extent that it has stopped issuing Android phones to employees, Palantir told The Post.

"Mobile security is a very real concern for us, given where we're operating and who we're serving," Palantir Chief Information Security Officer Dane Stuckey said. "This was very deleterious of trust, to have third-party, unvetted insecure software on it. We have no idea how it got there, so we made the decision to effectively ban Androids internally." The security company said it contacted Google about its findings more than 90 days ago and that the tech giant has not indicated whether it would remove or fix the application. On Wednesday night, Google told The Post that it would issue an update to remove the application. "Out of an abundance of precaution, we will be removing this from all supported in-market Pixel devices with an upcoming Pixel software update," said company spokesperson Ed Fernandez. He said distributors of other Android phones would also be notified.

Ars Technica's Ashley Belanger reports: Artists defending a class-action lawsuit are claiming a major win this week in their fight to stop the most sophisticated AI image generators from copying billions of artworks to train AI models and replicate their styles without compensating artists. In an order on Monday, US district judge William Orrick denied key parts of motions to dismiss from Stability AI, Midjourney, Runway AI, and DeviantArt. The court will now allow artists to proceed with discovery on claims that AI image generators relying on Stable Diffusion violate both the Copyright Act and the Lanham Act, which protects artists from commercial misuse of their names and unique styles.

"We won BIG," an artist plaintiff, Karla Ortiz, wrote on X (formerly Twitter), celebrating the order. "Not only do we proceed on our copyright claims," but "this order also means companies who utilize" Stable Diffusion models and LAION-like datasets that scrape artists' works for AI training without permission "could now be liable for copyright infringement violations, amongst other violations." Lawyers for the artists, Joseph Saveri and Matthew Butterick, told Ars that artists suing "consider the Court's order a significant step forward for the case," as "the Court allowed Plaintiffs' core copyright-infringement claims against all four defendants to proceed."

TechCrunch's Lauren Forristal reports: The U.S. Federal Trade Commission (FTC) announced on Wednesday a final rule that will tackle several types of fake reviews and prohibit marketers from using deceptive practices, such as AI-generated reviews, censoring honest negative reviews and compensating third parties for positive reviews. The decision was the result of a 5-to-0 vote. The new rule will start being enforced 60 days after it's published in the official government publication called Federal Register. [...]

According to the final rule, the maximum civil penalty for fake reviews is $51,744 per violation. However, the courts could impose lower penalties depending on the specific case. "Ultimately, courts will also decide how to calculate the number of violations in a given case," the Commission wrote. [...] The FTC initially proposed the rule on June 30, 2023, following an advanced notice of proposed rulemaking issued in November 2022. You can read the finalized rule here (PDF), but we also included a summary of it below:

- No fake or disingenuous reviews. This includes AI-generated reviews and reviews from anyone who doesn't have experience with the actual product.
- Businesses can't sell or buy reviews, whether negative or positive.
- Company insiders writing reviews need to clearly disclose their connection to the business. Officers or managers are prohibited from giving testimonials and can't ask employees to solicit reviews from relatives.
- Company-controlled review websites that claim to be independent aren't allowed.
- No using legal threats, physical threats or intimidation to forcefully delete or prevent negative reviews. Businesses also can't misrepresent that the review portion of their website comprises all or most of the reviews when it's suppressing the negative ones.
- No selling or buying fake engagement like social media followers, likes or views obtained through bots or hacked accounts.

New submitter beamdriver writes: As is being reported in Newsday, Disney has asked a Florida court to dismiss a wrongful-death lawsuit filed by the husband of a Carle Place physician who suffered a fatal allergic reaction after eating at a Disney Springs restaurant.

The company cited legal language agreed to years earlier when Jeffrey Piccolo, widower of Kanokporn Tangsuan, 42, of Plainview, signed up for a one-month trial of the Disney+ streaming service that requires users to arbitrate all disputes with the company, records show.

Kanokporn Tangsuan, died in October after dining with her husband, Jeffrey Piccolo, at a restaurant in a section of the Walt Disney World Resort. Despite informing the waitstaff several times of her severe peanut and dairy allergies and receiving assurances that her meal would be allergen-free, she began having severe difficulty breathing shortly after dinner. She self-administered an epi-pen and was transported to a hospital, where she later died.

A medical examiner attributed her death to anaphylaxis due to elevated levels of dairy and nuts in her system, according to the suit.

An anonymous reader quotes a report from Wired: Florida's ban on cultivated meat is being challenged in federal court in a lawsuit that was filed yesterday. The case is being brought by the cultivated meat firm Upside Foods and the Institute of Justice (IJ), a nonprofit public interest law firm. Florida governor Ron DeSantis signed the legislation making the sale of cultivated meat illegal in Florida on May 1, and the bill came into effect on July 1. Alabama passed a similar bill banning cultivated meat that will come into effect from October 1. The case brought by Upside Foods and the IJ argues that Florida's ban is unconstitutional in three different ways. First, they argue, the ban violates theSupremacy Clause that gives federal law priority over state law in certain instances. The court case argues that the Florida ban violates two different provisions in the Federal Meat Inspection Act and Poultry Products Inspection Act.

The legal complaint (PDF) also alleges that the ban violates theCommerce Clause, which gives the US Congress exclusive power to regulate interstate commerce. The IJ argues that the Commerce Clause restricts states from enacting laws that unduly restrict interstate commerce, and that Florida's ban in its current form has the effect of discriminating against it. "Florida's law has nothing to do with protecting health and safety," said IJ senior attorney Paul Sherman in a press conference today. "It is a transparent example of economic protectionism." Sherman said that Upside Foods and the IJ would also apply for a preliminary injunction that would allow the company to sell cultivated meat in Florida while the legal challenge is still ongoing. The complaint says that Upside had planned to distribute its cultivated chicken at Art Basel in Miami in early December 2024. The company protested the Florida ban by holding a tasting of its chicken on June 27 in Miami, shortly before the ban came into effect. Sherman said that the Alabama ban was also "in our sights" but that the IJ had targeted the Florida law as it came into effect before the Alabama ban. "We're hoping we'll be able to get a quick ruling [in Florida] on a preliminary injunction there," and use that as a precedent to challenge the Alabama ban, he said. "Consumers should decide what kind of meat they want to buy and feed their families -- not politicians," said the Good Food Institute (GFI), a nonprofit focused on advancing alternative proteins and which is serving as a consulting consul in this case. "This lawsuit seeks to protect these consumer rights, along with the rights of companies to compete in a fair and open marketplace."

In a press release today, Texas Attorney General Ken Paxton said he has filed a lawsuit against General Motors, alleging the carmaker illegally collected and sold drivers' data to insurance companies without their consent or knowledge. CNN reports: In car models from 2015 and later, the Detroit-based car manufacturer allegedly used technology to "collect, record, analyze, and transmit highly detailed driving data about each time a driver used their vehicle," according to the AG's statement. General Motors sold this information to several other companies, including to at least two companies for the purpose of generating "Driving Scores" about GM's customers, the AG alleged. The suit said those two companies then sold these scores to insurance companies.

Insurance companies can use data to see how many times people exceeded a speed limit or obeyed other traffic laws. Some insurance firms ask customers if they want to voluntarily opt-in to such programs, promising lower rates for safer drivers. But the attorney general's office claimed GM "deceived" its Texan customers by encouraging them to enroll in programs such as OnStar Smart Driver. But by agreeing to join these programs, customers also unknowingly agreed to the collection and sale of their data, the attorney general's office said. "Despite lengthy and convoluted disclosures, General Motors never informed its customers of its actual conduct -- the systematic collection and sale of their highly detailed driving data," the AG's office said in a statement. The filing can be read here (PDF).

An anonymous reader quotes a report from ExtremeTech: The family of a French mariner who died on the imploded Titan submersible last year has sued Titan's maker, OceanGate Expeditions, for more than $50 million. The lawsuit claims OceanGate is responsible for explorers' suffering immediately preceding their deaths, as well as for failing to disclose the extent of the submersible's risks. Among those risks are Titan's cheap materials, including the $30 Logitech gaming controller used aboard the vehicle. [...]

The lawsuit points at Titan's "hip, contemporary, wireless electronics system" and then alleges that none of the controllers or gauges inside Titan would operate without a constant source of power and a wireless signal. One of those controllers was a modified Logitech F710 Gamepad, a $30 to $40 device designed for, well, gaming. The gamepad quickly became the subject of internet mockery following the loss of Titan; some speculators said the submersible must have been doomed to fail if it used such cheap components. The lawsuit even claims the controller's Bluetooth (rather than wired) connectivity set it up for failure. Still, other speculators believe the controller wouldn't have had much impact on the submersible's operational durability. Instead, the issue would have been with the vehicle's carbon fiber pressure cylinder, which Rush allegedly bought off Boeing at a discount after the material passed its "airplane shelf life." Regardless of the exact material, it seems the consensus among members of the public is that for OceanGate, quality was an afterthought.

Longtime Slashdot reader schwit1 shares a report from Axios: Locking up merchandise at drugstores and discount retailers hasn't curbed retail theft but is driving frustrated consumers to shop online more, retail experts tell Axios. Retail crime is eating into retailers' profits and high theft rates are also leading to a rise in store closures. Secured cases can cause sales to drop 15% to 25%, Joe Budano, CEO of anti-theft technology company Indyme, previously told Axios. Barricading everything from razors to laundry detergent has largely backfired and broken shopping in America, Bloomberg reports.

Aisles full of locked plexiglass cases are common at many CVS and Walgreens stores where consumers have to wait for an employee to unlock them. Target, Walmart, Dollar General and other retailers have also pulled back on self-checkout to deter shoplifting. "Locking up products worsens the shopping experience, and it makes things inconvenient and difficult," GlobalData retail analyst Neil Saunders said, adding it pushes shoppers to other retailers or to move purchases online.

Driving the news: Manmohan Mahajan, Walgreens global chief financial officer, said in a June earnings call that the retailer was experiencing "higher levels of shrink." Amazon CEO Andy Jassy spoke of the "speed and ease" of ordering online versus walking into pharmacies on a call with investors last week. "It's a pretty tough experience with how much is locked behind cabinets, where you have to press a button to get somebody to come out and open the cabinets for you," Jassy said. schwit1 adds: "The American-style retail shopping experience was invented in a high-trust environment. As trust erodes, so does the experience."

An anonymous reader quotes a report from the Electronic Frontier Foundation (EFF): In a major decision on Friday, the federal Fifth Circuit Court of Appeals held (PDF) that geofence warrants are "categorically prohibited by the Fourth Amendment." Closely following arguments EFF has made in a number of cases, the court found that geofence warrants constitute the sort of "general, exploratory rummaging" that the drafters of the Fourth Amendment intended to outlaw. EFF applauds this decision because it is essential that every person feels like they can simply take their cell phone out into the world without the fear that they might end up a criminal suspect because their location data was swept up in open-ended digital dragnet. The new Fifth Circuit case, United States v. Smith, involved an armed robbery and assault of a US Postal Service worker at a post office in Mississippi in 2018. After several months of investigation, police had no identifiable suspects, so they obtained a geofence warrant covering a large geographic area around the post office for the hour surrounding the crime. Google responded to the warrant with information on several devices, ultimately leading police to the two defendants.

On appeal, the Fifth Circuit reached several important holdings. First, it determined that under the Supreme Court's landmark ruling in Carpenter v. United States, individuals have a reasonable expectation of privacy in the location data implicated by geofence warrants. As a result, the court broke from the Fourth Circuit's deeply flawed decision last month in United States v. Chatrie, noting that although geofence warrants can be more "limited temporally" than the data sought in Carpenter, geofence location data is still highly invasive because it can expose sensitive information about a person's associations and allow police to "follow" them into private spaces. Second, the court found that even though investigators seek warrants for geofence location data, these searches are inherently unconstitutional. As the court noted, geofence warrants require a provider, almost always Google, to search "the entirety" of its reserve of location data "while law enforcement officials have no idea who they are looking for, or whether the search will even turn up a result." Therefore, "the quintessential problem with these warrants is that they never include a specific user to be identified, only a temporal and geographic location where any given user may turn up post-search. That is constitutionally insufficient."

Unsurprisingly, however, the court found that in 2018, police could have relied on such a warrant in "good faith," because geofence technology was novel, and police reached out to other agencies with more experience for guidance. This means that the evidence they obtained will not be suppressed in this case.

Over the weekend, former President Donald Trump's campaign said that it had been hacked, with internal documents reportedly obtained illegally by foreign sources to interfere with the 2024 election. While the Trump campaign claimed that Iran was responsible, it is unclear who exactly was behind the incident. The FBI said it was aware of the allegations and confirmed Monday that it is "investigating this matter." The Hill reports: U.S. agencies have thus far failed to comment on the claims that Iran was responsible for the hack, even as recent intelligence community reports have noted growing Iranian efforts to influence the U.S. election. "This is something we've raised for some time, raised concerns that Iranian cyber actors have been seeking to influence elections around the world including those happening in the United States," John Kirby, the White House's national security communications adviser, told reporters Monday. "These latest attempts to interfere in U.S. elections is nothing new for the Iranian regime, which from our vantage point has attempted to undermine democracies for many years now."

A report from the Office of the Director of National Intelligence released last month noted Iranian efforts designed to "fuel distrust in U.S. political institutions and increase social discord." "The IC has observed Tehran working to influence the presidential election, probably because Iranian leaders want to avoid an outcome they perceive would increase tensions with the United States. Tehran relies on vast webs of online personas and propaganda mills to spread disinformation," the report states, including being particularly active on exacerbating tensions over the Israel-Gaza conflict.

An anonymous reader quotes a report from Ars Technica: A patent lawsuit filed by one of 3D printing's most established firms against a consumer-focused upstart could have a big impact on the wider 3D-printing scene. In two complaints, (1, 2, PDF) filed in the Eastern District of Texas, Marshall Division, against six entities related to Bambu Lab, Stratasys alleges that Bambu Lab infringed upon 10 patents that it owns, some through subsidiaries like Makerbot (acquired in 2013). Among the patents cited are US9421713B2, "Additive manufacturing method for printing three-dimensional parts with purge towers," and US9592660B2, "Heated build platform and system for three-dimensional printing methods."

There are not many, if any, 3D printers sold to consumers that do not have a heated bed, which prevents the first layers of a model from cooling during printing and potentially shrinking and warping the model. "Purge towers" (or "prime towers" in Bambu's parlance) allow for multicolor printing by providing a place for the filament remaining in a nozzle to be extracted and prevent bleed-over between colors. Stratasys' infringement claims also target some fundamental technologies around force detection and fused deposition modeling (FDM) that, like purge towers, are used by other 3D-printer makers that target entry-level and intermediate 3D-printing enthusiasts.

"Zelle payments can't be reversed once they're sent," notes the Los Angeles Times — which could be why they're popular with scammers. "You can't simply stop the payment (like a check) or dispute it (like a credit card). Now, the federal regulator overseeing financial products is probing whether banks that offer Zelle to their account holders are doing enough to protect them against scams. Two major banks — JPMorgan Chase and Wells Fargo — disclosed in their security filings in the last week that they'd been contacted by the Consumer Financial Protection Bureau. According to the Wall Street Journal, which reported the filings Wednesday, the CFPB is exploring whether banks are moving quickly enough to shut down scammers' accounts and whether they're doing enough to identify and prevent scammers from signing up for accounts in the first place...

A J.D. Power survey this year found that 3% of the people who'd used Zelle said they had lost money to scammers, which was less than the average for peer-to-peer money transfer services such as Venmo, CashApp and PayPal. The chief executive of Early Warning Services, which runs Zelle, told a Senate subcommittee in July that only 0.1% of the transactions on Zelle involved a scam or fraud; in 2023, the company said, that percentage was 0.05%. But Zelle operates at such a large scale — 120 million users, 2.9 billion transactions and $806 billion transferred in 2023, according to Early Warning Services — that even a tiny percentage of scam and fraud problems translates into a large number of users and dollars... From 2022 to 2023, Zelle cut the rate of scams by nearly 50% even as the volume of transactions grew 28%, resulting in less money scammed in 2023 than in 2022, said Ben Chance, the chief fraud risk management officer for Zelle. The company didn't disclose the amounts involved, but if 0.05% of the $806 billion transferred in 2023 involved scam or fraud, that would translate to $403 million.

Do Zelle users get reimbursed for scams? Only in certain cases, and this is where the banks that offer Zelle have drawn the most heat. If you use Zelle to pay a scammer, banks say, that's a payment you authorized, so they're not obliged under law to refund your money... Some banks, such as Bank of America, say they will put a freeze on transfers by a suspected scammer as soon as a report comes in, then investigate and, if the report is substantiated, seize and return the money. But that works only if the scam is reported right away, before the scammer has the chance to withdraw the funds — which many will do immediately, said Iskander Sanchez-Rola, director of innovation at the cybersecurity company Gen.

The New York Times visits the downtown of one of America's biggest tech cities to explore San Francisco's "Vacant to Vibrant" initiative, where "city and business leaders provide free rent for up to six months" to "entrepreneurs who want to set up shop in empty spaces, many of which are on the ground floor of office buildings."

The program also offers funding for business expenses (plus technical and business permit assistance) — and it seems to be working. One cafe went on to sign a five-year lease for a space in the financial district's iconic One Embarcadero Center building — and the building's landlord says the program also resulted in another three long leases. Can the progress continue? The hope is that these pop-up operations will pay rent and sign longer leases after the free-rent period is over, and that their presence will regenerate foot traffic in the area. Some 850 entrepreneurs initially applied for a slot, and 17 businesses were chosen to occupy nine storefront spaces in the fall. Out of those businesses, seven extended their leases and now pay rent. Eleven businesses were selected in May for the program's second cohort, which started operating their storefronts this summer...

The city's office vacancy rate hit 33.7%, a record high, in the second quarter this year, according to JLL, a commercial real estate brokerage. That's one of the bleakest office markets in the nation, which has an average vacancy rate of about 22%. For the moment, however, San Francisco has a silver lining in Vacant to Vibrant. Rod Diehl, the BXP executive vice president who oversees its West Coast properties, said the pop-up strategy was good not just for local business owners to test their concepts and explore growth opportunities, but also for office leasing efforts... Beyond free rent, which is typically given for three months with a possibility for another three months, Vacant to Vibrant provides up to $12,000 to the businesses to help cover insurance and other expenses. The program also offers grants up to $5,000 for building owners to cover costs for tenant improvements in the spaces as well as for other expenses like utilities...

In addition to the Vacant to Vibrant program — which received $1 million from the city initially and is set to receive another $1 million for the current fiscal year, which began July 1 — the city is directing nearly $2 million toward a similar pop-up program. This new program would help businesses occupy larger empty spaces along Powell Street, as crime and other retail pressures have driven out several retailers, including Anthropologie, Banana Republic and Crate & Barrel, in the Union Square area.
One business owner who joined "Vacant to Vibrant" in May says they haven't decided yet whether to sign a lease. "It's not as crowded as before the pandemic." But according to the article, "she was hopeful that more businesses opening nearby would attract more people."

"In addition to filling empty storefronts, the program has the opportunity to bring in a fresher and more localized downtown shopping vibe, said Laurel Arvanitidis, director for business development at San Francisco's Office of Economic and Workplace Development." Victor Gonzalez, an entrepreneur who founded GCS Agency to stage showings for artists, is embracing the opportunity to get a foothold downtown despite the city's challenges. When he opened a storefront as part of the first Vacant to Vibrant cohort in the Financial District last year, he immediately knew that he wanted to stay there as long as possible. He has since signed a three-year lease. "San Francisco is no stranger to big booms and busts," he said. "So if we're in the midst of a bust, what's next? It's a boom. And I want to be positioned to be part of it."

An anonymous reader shared this report from CNN: More than a year after Hyundai and Kia released new anti-theft software updates, thefts of vehicles with the new software are falling — even as thefts overall remain astoundingly high, according to a new analysis of insurance claim data. The automakers released the updates starting last February, after a tenfold increase in thefts of certain Hyundai and Kia models in just the past three years — sparked by a series of social media posts that showed people how to steal the vehicles. "Whole vehicle" theft claims — insurance claims for the loss of the entire vehicle — are 64% lower among the Hyundai and Kia cars that have had the software upgrade, compared to cars of the same make, model and year without the upgrade, according to the Highway Loss Data Institute. "The companies' solution is extremely effective," Matt Moore, senior vice president of HLDI, an industry group backed by auto insurers, said in a statement...

Between early 2020 and the first half of 2023, thefts of Hyundai and Kia models rose more than 1,000%.
The article points out that HDLI's analysis covered 2023, and "By the end of that year, only about 30% of vehicles eligible for the security software had it installed. By now, around 61% of eligible Hyundai vehicles have the software upgrade, a Hyundai spokesperson said."

The car companies told CNN that more than 2 million Hyundai and Kia vehicles have gotten the update (part of a $200 million class action settlement reached in May of 2023).