Development

Data breach at PayPal prompts password resets and transaction refunds

PayPal has notified some customers of a data breach linked to its Working Capital loan application, after unauthorised access between 1 July and 12 December 2025 exposed personal information. Letters dated 10 February confirm that around 100 customers were potentially affected.

The incident was linked to an error in the Working Capital application, described as a ‘code change’. PayPal said it ‘terminated the unauthorised access to PayPal’s systems’ after discovery.

In a statement sent following publication, a PayPal spokesperson said ‘When there is a potential exposure of customer information, PayPal is required to notify affected customers. In this case, PayPal’s systems were not compromised. As such, we contacted the approximately 100 customers who were potentially impacted to provide awareness on this matter.’

Data potentially accessed includes names, email addresses, phone numbers, business addresses, Social Security numbers, and dates of birth. PayPal confirmed a small number of unauthorised transactions and said refunds were issued. Affected users had passwords reset and were offered credit monitoring.

Previous incidents include a 2023 credential stuffing attack that affected nearly 35,000 accounts and phishing campaigns that abused legitimate infrastructure. The company said it continues to use manual investigations and automated tools to mitigate fraud.

Customers are advised to use unique passwords, avoid unsolicited links, verify urgent messages directly via their accounts, and enable passkeys where available. Even limited breaches can heighten risks of targeted phishing and identity theft, especially for small businesses.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Turkey reviews children’s data handling as identity checks planned for social platforms

The data protection authority of Turkey has opened a new review into how major social media platforms manage children’s personal data.

A decision that places scrutiny on TikTok, Instagram, Facebook, YouTube, X and Discord as Ankara prepares legislation that would expand state authority over digital activity instead of relying on existing rules alone.

Regulators aim to assess safeguards for children and ensure stronger compliance with local standards.

The ruling party is expected to introduce a family package that would require identity verification for every account through phone numbers or the e-Devlet system. Children under 15 would not be allowed to create profiles and further limits could apply to users under 18.

A proposal that would also allow authorities to order the rapid removal of content deemed unlawful without waiting for court approval, while platforms that fail to comply may face penalties such as phased bandwidth reductions.

Rights advocates warn that mandatory verification and broader enforcement powers could reshape online speech across the country. Some argue that linking accounts to verified identities threatens anonymity and could restrict legitimate expression instead of fostering safety.

Turkey has already expanded online oversight since 2016 through laws that increased the government’s ability to block websites, require content removal and oblige major platforms to maintain a legal presence in the country.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Cloudflare outage causes global internet disruption after an internal error

A major outage on 20 February disrupted global internet traffic after an internal configuration failure at Cloudflare caused the unintended withdrawal of customer BGP routes.

The incident lasted just over six hours and left numerous services unreachable, despite early fears of a cyberattack. An internal update led to the systematic deletion of more than a thousand Bring Your Own IP prefixes, which pushed many connections into BGP path hunting instead of stable routing.

Engineers traced the disruption to an error in the company’s Addressing API, introduced during an automated cleanup task under the Code Orange resilience programme.

A flawed query interpreted an empty value as an instruction to delete all returned prefixes, removing essential bindings for hundreds of customers. Some users restored connectivity through the dashboard, while others required manual reconstruction carried out across the edge network.

An outage that affected a series of core offerings, including content delivery, security layers, dedicated egress and network protection services. Restoration took several hours because the withdrawn prefixes varied in severity, demanding different recovery methods instead of a uniform reinstatement process.

The error triggered widespread timeouts on dependent websites and applications, along with 403 responses on the 1.1.1.1 DNS resolver.

Cloudflare plans to introduce stricter API validation, circuit breakers for abnormal deletion patterns, and improved configuration separation. It has also issued a public apology for a failure that undermined its assurances of network resilience.

An event that reaffirmed the risks posed by internal automation faults when they interact with critical internet infrastructure.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Phishing messages target IndiaAI and Impact Summit 2026 participants

IndiaAI has issued an urgent advisory warning of a phishing campaign targeting attendees of the India AI Impact Summit 2026. Fraudulent SMS and WhatsApp messages claim refunds are pending and request sensitive financial details.

Organisers said the messages are not official and have not been authorised. Recipients are being urged to click links and provide full card numbers, WhatsApp numbers, and other contact information to ‘process’ refunds.

IndiaAI advised participants not to click suspicious links or share personal or banking information with unverified sources. Attendees in India are encouraged to delete such messages immediately and block the sender’s number.

Anyone who may have submitted details through a suspicious link should contact their bank without delay to secure their accounts. Organisers stressed that event-related communication will only be shared through official channels.

The advisory was issued under the AI Impact Summit 2026 banner, themed ‘Welfare for All | Happiness of All’, as authorities seek to prevent financial fraud linked to the high-profile gathering.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Saudi Arabia steps into global AI leadership to shape AI future

The Global Partnership on Artificial Intelligence (GPAI), a multilateral initiative hosted by the OECD and launched by the G7, has officially welcomed Saudi Arabia as a new member. The move reflects the Kingdom’s commitment to shaping global AI governance and ethical technology use.

Accession is led by the Saudi Data and Artificial Intelligence Authority and supported by Crown Prince Mohammed bin Salman. Joining GPAI aligns with Vision 2030, which aims to localise advanced technologies and boost the digital economy’s contribution to GDP.

Through membership in GPAI, which unites over 40 countries, Saudi Arabia will help establish international AI standards, promote human-centric and responsible AI development, and strengthen global cooperation in the sector.

Officials also anticipate that the move will attract high-quality international investment, leveraging the Kingdom’s expanding regulatory framework and growing AI and data ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Deutsche Bank expands digital asset plans 

The German banking giant has applied for a digital asset custody licence from BaFin, marking a significant step in its expansion into cryptocurrency services. The move positions Deutsche Bank to offer safekeeping solutions for clients seeking exposure to digital assets.

Plans form part of a broader strategy to build a dedicated digital assets division, according to David Lynne, a commercial banking executive. DWS Group’s initiatives highlight rising institutional interest in crypto partnerships in Germany.

Previous experimentation includes a tokenised investment platform developed in Singapore with Memento Blockchain, enabling access to digital asset funds through fiat on-ramps.

Activity mirrors wider domestic momentum, as Deutsche WertpapierService Bank has already launched crypto infrastructure linking traditional and digital accounts.

Regulatory clarity and growing client demand appear to be key drivers, with Deutsche Bank signalling a cautious yet deliberate approach to integrating cryptocurrencies into its mainstream banking services.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Secure quantum-safe optical transport strengthens Japan’s AI data center infrastructure

Nokia and KDDI Corporation demonstrated quantum-safe optical transport at Sakai Data Center, supporting advanced AI workloads. The network aims to deliver secure, uninterrupted data transfer while protecting sensitive AI operations.

The demonstration showcases KDDI’s scalable AI-ready infrastructure for real-time training, inference, and analytics. Quantum-safe encryption and resilient transport protect customer data and critical infrastructure across Japan’s distributed data centres.

Using Nokia’s 1830 Photonic Service Switch (PSS) and 1830 Security Management Server (SMS), the partners validated high-capacity, secure optical connectivity. The solution delivers privacy, reliability, and fast quantum-safe encryption for modern AI workloads.

Executives from both companies emphasised the importance of secure, scalable networks in enabling AI-driven services. Nokia and KDDI will continue advancing quantum-safe data centre connectivity, supporting Japan’s digital infrastructure and key enterprise applications.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

China sets new record in rare disease AI diagnosis

A Chinese research team has developed an AI-powered system, DeepRare, to diagnose rare diseases with unprecedented accuracy.

The project, led by Shenhua Hospital and the university’s School of Artificial Intelligence, has already attracted over 1,000 specialised users from more than 600 medical and research institutions worldwide.

Tests show DeepRare achieves 57.18 percent accuracy using only clinical data, marking a 24-point improvement over previous models. Including genetic data raises accuracy above 70 percent, showing potential to improve diagnosis in areas without advanced testing.

The system draws on an extensive knowledge base of medical literature and real-world cases. Its cycle of hypothesis, validation, and self-review boosts reliability and fills reasoning gaps, surpassing the limits of traditional AI models.

By enhancing transparency and precision, DeepRare offers a practical tool for clinicians facing the persistent challenge of identifying rare diseases, potentially setting a new global standard for AI-assisted diagnostics.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Generative AI presents the biggest data-risk challenge in history

Cybersecurity specialists warn that generative AI systems, such as large language models, are creating a data risk frontier far larger than that posed by previous digital innovations.

Because these models are trained on extensive datasets drawn from web pages, internal documents, email corpora and proprietary sources, they can unintentionally memorise or regenerate sensitive information, increasing the risk of exposure.

The article highlights several core concerns. Data leakage and memorisation, where AI models can repeat or infer private data if training processes are not tightly controlled.

Amplification of poor hygiene, when generative tools can magnify the reach of bad actors by automating phishing, social engineering, and malware generation at scale.

Compounding breach impact, if an AI model is trained on stolen or leaked data, it could internalise and regurgitate that information without detection, entrenching harm. Cloud and access governance gaps that allow organisations to adopt AI without robust access controls and encryption may widen their attack surface.

The author calls for revised data governance frameworks, including strict training data provenance, auditability, encryption, minimisation and purpose limitation, to mitigate what is described as ‘the biggest data risk in history.’

Recommendations also include accountability measures for models, continuous monitoring, and legislative action to align AI development with privacy and security principles.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Quantum computing breakthrough slows information loss

Chinese scientists have observed and controlled a rare intermediate state in a quantum system, effectively slowing quantum chaos. Using the 78-qubit Chuang Tzu 2.0 superconducting processor, researchers demonstrated how a temporary stable phase can be extended or shortened.

The team identified a prethermalisation plateau, a brief period during which the system resists disorder before rapidly descending into full complexity. Careful adjustment of control sequences enabled scientists to tune the rate of quantum decoherence and control how information spreads.

Findings, published in Nature, offer a potential window for preserving fragile quantum information. Longer coherence times could significantly improve the reliability of quantum computing and error correction methods.

Researchers say the work also highlights the advantage of quantum processors in simulating phenomena too complex for classical supercomputers. Applications may range from drug discovery and advanced materials research to next-generation secure communications.

Continued development of larger and more powerful quantum chips is now underway. Mastering such transitional states will be crucial to unlocking the full potential of quantum technologies.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!