Privacy and data protection

Orange suffers major data breach

Orange Belgium has confirmed a data breach affecting 850,000 customers, after a cyberattack targeted one of its internal IT systems. The attack, discovered in late July, exposed names, phone numbers, SIM card details, tariff plans and PUK codes. No financial or password data was compromised.

The telecoms provider blocked access to the affected system and notified authorities. A formal complaint has also been filed with the judiciary. All affected users are being informed via email or SMS and are urged to stay alert for phishing and identity fraud attempts.

Orange Belgium has advised users to strengthen account security with strong, unique passwords and to be cautious of suspicious links and messages. This marks the third cyber incident involving Orange in 2025, following earlier attacks, though those breaches varied in impact.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google enhances AI Mode with personalised dining suggestions

Google has expanded its AI Mode in Search to 180 additional countries and territories, introducing new agentic features to help users make restaurant reservations. The service remains limited to English and is not yet available in the European Union.

The update enables users to specify their dining preferences and constraints, allowing the system to scan multiple platforms and present real-time availability. Once a choice is made, users are directed to the restaurant’s booking page.

Partners supporting the service include OpenTable, Resy, SeatGeek, StubHub, Booksy, Tock, and Ticketmaster. The feature is part of Google’s Search Labs experiment, available to subscribers of Google AI Ultra in the United States.

AI Mode also tailors suggestions based on previous searches and introduces a Share function, letting users share restaurant options or planning results with others, with the option to delete links.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trump downplays TikTok security concerns as ban stalls

US President Donald Trump has dismissed national security and privacy concerns surrounding TikTok as ‘highly overrated,’ signalling once again that the popular video-sharing platform is unlikely to face a ban anytime soon. Although Congress passed legislation requiring TikTok’s Chinese parent company, ByteDance, to sell its controlling stake or face a nationwide ban, Trump has repeatedly pushed back enforcement deadlines, with the next one set for 17 September.

Trump has already issued three extensions since taking office for his second term. The first came on 20 January, after TikTok briefly went offline when the court-approved ban took effect. Another followed in April, when a potential US buyout collapsed after China objected to Trump’s tariff moves. Trump insists that American buyers remain interested but says the process is ‘complex,’ justifying further delays.

Despite the legal framework for a ban, Trump’s administration has not faced significant legal challenges over his executive orders keeping TikTok active, which contrasts with many of his other directives. The White House even launched its own TikTok account this week, underscoring the platform’s mainstream role in US politics. Trump himself admitted he is a fan, noting its popularity among his children and younger voters.

Public opinion on TikTok remains deeply divided. A Pew Research Center survey found only about one-third of Americans now support a ban, a sharp decline from half of respondents in 2023. Roughly equal shares oppose a ban or remain undecided. Among supporters of restrictions, most cite concerns about user data security. Still, with Trump downplaying risks and signalling a willingness to keep the app alive, TikTok’s future in the US looks increasingly secure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Ransomware attack at DaVita exposes data of 2.7 million patients in the US

A ransomware attack against dialysis provider DaVita has exposed the personal data of 2.7 million people, according to a notice on the US health department’s website.

The company first disclosed the cyber incident in April, saying it had taken steps to restore operations but could not predict the scale of disruption.

DaVita confirmed that hackers gained unauthorised access to its laboratory database, which contained sensitive information belonging to some current and former patients. The firm said it is now contacting those affected and offering free credit monitoring to help protect against identity theft.

Despite the intrusion, DaVita maintained uninterrupted dialysis services across its network of nearly 3,000 outpatient clinics and home treatment programmes. The company described the cyberattack as a temporary disruption but stressed that patient care was never compromised.

Financial disclosures show the incident led to around $13.5 million in charges during the second quarter of 2025. Most of the costs were linked to system restoration and third-party support, with $1 million attributed to higher patient care expenses.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Russia pushes mandatory messaging app Max on all new devices

Russia will require all new mobile phones and tablets sold starting in September, including a government-backed messenger called Max. Developed by Kremlin-controlled tech firm VK, the app offers messaging, video calls, mobile payments, and access to state services.

Authorities claim Max is a safe alternative to Western apps, but critics warn it could act as a state surveillance tool. The platform is reported to collect financial data, purchase history, and location details, all accessible to security services.

Journalist Andrei Okun described Max as a ‘Digital Gulag’ designed to control daily life and communications.

The move is part of Russia’s broader push to replace Western platforms. New restrictions have already limited calls on WhatsApp and Telegram, and officials hinted that WhatsApp may face a ban.

Telegram remains widely used but is expected to face greater pressure as the Kremlin directs officials to adopt Max.

VK says Max has already attracted 18 million downloads, though parts of the app remain in testing. From 2026, Russia will also require smart TVs to come preloaded with a state-backed service offering free access to government channels.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Google pushes agentic AI worldwide with AI Mode rollout

Google has expanded its AI Mode service to 180 additional countries, extending advanced agentic capabilities to a global audience.

Previously available only in markets such as the US, UK and India, the service allows users to search for information and carry out tasks on their behalf. The update reflects Google’s ambition to move from simple answers to action-oriented assistance.

A key rollout feature is the restaurant booking tool for AI Ultra subscribers. Using natural language requests such as ”find a romantic Italian spot for two tonight,” the system can check availability, offer personalised suggestions and confirm reservations directly within search.

The feature relies on real-time data from partners like OpenTable and highlights how Google’s AI can execute tasks instead of simply presenting options.

Further tools are expected soon, including ticketing for events and appointment scheduling. These are powered by the Gemini models, which tailor recommendations based on user behaviour and allow group planning through shared responses.

While the services could reduce reliance on third-party apps in sectors such as travel and hospitality, they also raise concerns over data privacy, inclusivity and cultural differences in an English-only rollout.

The global expansion strengthens Google’s position against rivals like Microsoft and OpenAI, who are also pushing forward in agentic AI. The company sees subscription upgrades to AI Ultra as a way to offset slower advertising growth, while early reports suggest increased user engagement.

However, the long-term impact will depend on balancing innovation with ethical safeguards as Google works to deliver more multilingual and accessible features.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Skype used to distribute hidden malware in small business attacks

Security researchers at Kaspersky discovered that hackers used Skype to distribute a Remote Access Trojan known as GodRAT. Initially spread via malicious screensaver files disguised as financial documents, the malware employed steganography to conceal shellcode inside image files, which then downloaded GodRAT from a remote server.

Once activated, GodRAT collected detailed system information, including OS specs, antivirus presence, user account data and more. The trojan could also download additional plugins such as file explorers and password stealers. In some cases, it deployed a second malware, AsyncRAT, granting attackers prolonged access.

GodRAT appears to be an evolution of previous tools, such as AwesomePuppet, and shares artifacts with Gh0st RAT, suggesting a link to the Winnti APT group. While Kaspersky did not disclose the number of victims, the campaign primarily targeted small and medium-sized businesses in the UAE, Hong Kong, Jordan, and Lebanon. Cybercrime using Skype as a vector reportedly ceased around March 2025 as criminals shifted to other distribution channels.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft limits certain companies’ access to the SharePoint early warning system

Microsoft has limited certain Chinese companies’ access to its early warning system for cybersecurity vulnerabilities following suspicions about their involvement in recent SharePoint hacking attempts.

The decision restricts the sharing of proof-of-concept code, which mimics genuine malicious software. While valuable for cybersecurity professionals strengthening their systems, the code can also be misused by hackers.

The restrictions follow Microsoft’s observation of exploitation attempts targeting SharePoint servers in July. Concerns arose that a member of the Microsoft Active Protections Program may have repurposed early warnings for offensive activity.

Microsoft maintains that it regularly reviews participants and suspends those violating contracts, including prohibitions on participating in cyber attacks.

Beijing has denied involvement in the hacking, while Microsoft has refrained from disclosing which companies were affected or details of the ongoing investigation.

Analysts note that balancing collaboration with international security partners and preventing information misuse remains a key challenge for global cybersecurity programmes.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Students seek emotional support from AI chatbots

College students are increasingly turning to AI chatbots for emotional support, prompting concern among mental health professionals. A 2025 report ranked ‘therapy and companionship’ as the top use case for generative AI, particularly among younger users.

Studies by MIT and OpenAI show that frequent AI use can lower social confidence and increase avoidance of face-to-face interaction. On campuses, digital mental health platforms now supplement counselling services, offering tools that identify at-risk students and provide basic support.

Experts warn that chatbot companionship may create emotional habits that lack grounding in reality and hinder social skill development. Counsellors advocate for educating students on safe AI use and suggest universities adopt tools that flag risky engagement patterns.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI improves customer experience at Citi

Citi has expanded its digital client platform, CitiDirect Commercial Banking, with new AI capabilities to improve customer service and security.

The platform now supports over half of Citi’s global commercial banking client base and handles around 2.3 million sessions.

AI features assist in fraud detection, automate customer queries, and provide real-time onboarding updates and guidance.

KYC renewals have been simplified through automated alerts and pre-filled forms, cutting effort and processing time for clients.

Live in markets including the UK, US, India, and others, the platform has received positive feedback from over 10,000 users. Citi says the enhancements are part of a broader effort to make mid-sized corporate banking faster, more innovative, and more efficient.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.