February 22, 2018

The U.S. may have a serious fake passport problem, two Democratic senators say.

In a letter Thursday to Kevin McAleenan, the acting commissioner of U.S. Customs and Border Patrol, Sens. Ron Wyden (Ore.) and Claire McCaskill (Mo.) claim that the law enforcement agency lacks "the software necessary to authenticate the information stored on" newer passports, which have been outfitted with smart chips. These so-called e-Passports bear chips that store traveler data that has been locked with verified digital signatures. Border Patrol agents are supposed to be able to access the chips and verify their information through dedicated machines.

But while CBP agents at airports and border crossings can in fact download the data off of the smart chips, Wyden and McCaskill write that the agency's software actually "cannot verify the digital signatures stored on the e-Passport chips." Without signature verification, CBP is "unable to determine" whether an individual's passport may have been "tampered with or forged," the senators claim.

Wyden and McCaskill say that CBP has had this e-Passport verification problem since 2007 because of the software deficit. Moreover, the senators claim that the agency has known this security gap exists since 2010, when the government released a report on the matter. Roughly 60 countries issue e-Passports to their citizens, including Iran, the Philippines, Russia, Turkey, Sweden, and the U.S.

"It is past time for CBP to utilize the digital security features it required be built into e-Passports," the duo writes, calling for the agency to "develop and implement a plan to properly authenticate e-Passports by Jan. 1, 2019." Read the letter to CBP here. Kelly O'Meara Morales

February 6, 2018
Joe Raedle/Getty Images

After Hurricane Maria ravaged Puerto Rico, many islanders did not have access to food. And the Federal Emergency Management Agency's attempts to swiftly feed them didn't exactly go off without a hitch.

In one unsettlingly illustrative example, which The New York Times detailed on Tuesday, FEMA hired Tribute Contracting LLC in October, two weeks after the hurricane, to deliver 30 million meals to Puerto Rico. A little more than two weeks later, Tribute, which was set to earn $156 million for its work, had only made good on delivering 50,000 meals.

Tribute has just one employee — owner Tiffany Brown — who actually subcontracted a wedding caterer to prepare the meals. Her subcontractor didn't prepare enough meals as swiftly as FEMA wanted, and didn't package the food in "self-heating" bags, as Uncle Sam required, causing FEMA to cancel the contract, calling it "a logistical nightmare."

Brown, who likens herself to a "broker" of sorts, disputes FEMA's account and is demanding a $70 million settlement. Her subcontractors, meanwhile, are reportedly threatening to sue her too.

The whole thing sounds like a real mess. But the Times report is, unfortunately, just one of several stories that have emerged about the government and FEMA's failure to adequately provide emergency supplies to Puerto Rico in the aftermath of the hurricane. Read more at The New York Times. Kelly O'Meara Morales

December 14, 2016

Yahoo on Wednesday revealed that more than one billion user accounts may have been compromised in a hack that occurred in 2013. In a statement, Yahoo said it believes "an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts," including names, email addresses, phone numbers, and possibly security questions and answers. The company does not believe the system where payment and bank information is stored was affected, however.

Back in September, Yahoo announced that nearly 500 million accounts had been compromised in a 2014 hack; on Wednesday, the company said it believes this newly disclosed breach was separate from that incident. You can read its full statement on Wednesday's announcement below. Kimberly Alters

September 26, 2016
Justin Sullivan/Getty Images

Credit scores are checked by employers, landlords, utility companies, and lenders, and that's one reason why some consumer advocates are worried about Wells Fargo opening millions of phony accounts.

Wells Fargo has been fined $185 million for letting employees open checking and credit card accounts for customers without their knowledge, and while the company says it is contacting customers to find out if the accounts they have are authorized and promises to try to make restitution, it's highly likely credit scores have been majorly affected. When credit cards are issued, it's reflected on an individual's credit report. In some cases, NPR reports, Wells Fargo employees took money from a customer's existing account and moved it into a new account, which could have led to insufficient funds and late fees. There's also the possibility of customers not paying the annual fee for a credit card, since they couldn't make a payment for an account they didn't know was open.

These little dings to a credit report can add up, Ira Rheingold, executive director of the National Association of Consumer Advocates, told NPR. "You may not have qualified for a mortgage or you might have been dinged by getting charged a little higher interest rate because of what was reported wrongly on your credit report," he said. Rheingold wants to know how Wells Fargo is going to be able to figure out how the fake accounts affected customers — did a person miss out on getting a job because an employer saw late payments on their credit score? Will they be able to find out if a person received a higher interest rate on their mortgage because of inaccurate information? Even if all that can be determined, "once something affects a consumer's credit report and credit scores, it has the potential to have a lot of impact across the consumer's entire economic life," attorney Chi Chi Wu of the National Consumer Law Center told NPR. Catherine Garcia

August 5, 2015

Researchers have discovered that a bloom of toxic algae off the West Coast is denser, deeper, and covers a larger area than previously thought.

Surveyors on a National Oceanic and Atmospheric Administration vessel found that the cloud of microscopic algae could be 40 miles wide and is 650 feet deep in some areas, The Associated Press reports. It's thriving due to unusually warm Pacific Ocean temperatures, stretches from Alaska down to California, and has forced fisheries to shut down. In Washington, elevated levels of toxins have been found in Dungeness crab meat, and more than half of the state's coast is now closed to crab fishing.

Scientists say that while these "red tides" are cyclical and have happened before, this time around it's larger and lasting much longer. "We think it's just sitting and lingering out there," says Anthony Odell, a University of Washington research analyst. "It's farther offshore, but it's still there." Catherine Garcia

June 11, 2015
Win McNamee/Getty Images

The president of a union for government workers believes that hackers stole the personnel data and Social Security numbers of every federal employee during a December data breach.

In a letter sent Thursday to Office of Personnel Management director Katherine Archuleta and obtained by The Associated Press, J. David Cox, president of the American Federal of Government Employees, wrote that the union believes the "Central Personnel Data File was the targeted database, and the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to 1 million former federal employees." Each data file contains up to 780 separate pieces of information on an employee, including age, gender, Social Security number, health insurance and pension details, and military records. Cox said the union also believes the Social Security numbers were not encrypted, "a cybersecurity failure that is absolutely indefensible and outrageous."

Sen. Harry Reid (D-Nev.), who was briefed on the case, said on the Senate floor that the hack was by "the Chinese," but did not say if it was tied to the government or individuals. China has denied being involved in the hacking, and a spokesman for the Office of Personnel Management said for security reasons, he could not comment. Catherine Garcia

May 26, 2015

A new study published in the journal BMJ has found that women who take birth control pills that use newer types of the progestin hormone have three times the risk of developing blood clots compared with women not taking the oral contraceptive.

Blood clots have been a known risk of taking the pill since the 1990s. Drugmakers have been changing the progesterone levels of the pill since it was first introduced in 1960 in order to lower side effects like weight gain and acne. Those tweaks could be the reason why the risk of blood clots went up, considering that the scientists adjusted for factors like cancer, varicose veins, smoking, and obesity on the risk of blood clots, and the link between newer contraceptives and an increased risk of blood clots remained high, Time reports.

"Our study suggests that the newer contraceptives have a higher risk of [blood clots] than the older agents," Yana Vinogradova, research fellow at the University of Nottingham and lead for the study, told Time. "While [blood clots] are a relatively rare problem, they are serious and potentially avoidable with the appropriate drug choice. Doctors need to consider all health issues when prescribing contraceptives, selecting a drug type associated with the lowest risk for patients with particular susceptibilities." Catherine Garcia