open source and cybersecurity news

May 30, 2023

Latitude Financial Data Breach, Android Legit App Stealing Data, Tessa to Replace Human at NEDA

In this Episode:

Episode Transcription:

Pokie Huang: 

Hey, it’s 5:05 on Tuesday, May 30th. 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwon in Sydney, Australia, Kadi Grigg in Alexandria, Virginia, Katy Craig in San Diego, California, Marcel Brown in St. Louis, Missouri.

Let’s get to it!

Edwin Kwan: 

This is Edwin Kwan from Sydney, Australia. 

Latitude Financial released an ASX announcement forecasting its first half of 2023 Statutory losses to be around a $100 million. This is mainly attributed to the cyber attack and data breach it suffered in mid-March, which affected 14 million records containing personally identifiable information.

While the company was able to continue processing transactions during the cyber attack, new account originations and collections were closed or severely restricted for a period of approximately five weeks. This resulted in loss of income for Latitude Financial. The company is also setting aside approximately $53 million in the first half for costs associated with the cyber incident.

This provision, however, did not cover the potential for regulatory fines, class action, future system enhancements, or an assumption of insurance proceeds. This means that the total cost of the incident is still unknown.

Kadi Grigg: 

Last week, an article caught my attention and left me stunned. The headline read, “Chatbot to replace Human Staffers at National Eating Disorder Association, also known as NEDA.” 

Now, I’m no stranger to the idea of chatbots assisting in mental healthcare, but the complete replacement of human professionals, that’s what got me. Let’s rewind to January when I covered Koko, a free mental health company that was experimenting with GPT-3 aiming to reach 4,000 users. To give you a quick recap, there’s an alarming shortage of mental healthcare professionals, and this scarcity is even more pronounced in rural areas compared to cities. Chatbots offer a glimmer of hope to the future as they can potentially help more people. However, this solution comes at a cost. 

Ethical concerns arise such as whether users are reading end user license agreements, also known as EULAs. Moreover, the effectiveness of chatbots in providing help has yet to be scientifically proven through rigorous studies. 

So when I stumbled upon the news that a chatbot is set to replace all human staff at Nita, it truly baffled me. Similar to Koko, both entities are engaging with extremely vulnerable individuals, people who are seeking a human connection. This connection could be for finally admitting they have a problem, finding common ground, restoring a sense of normalcy, or countless other reasons. 

The point is they are reaching out to connect with another human being during a time of intense emotional vulnerability. However, companies are offering them an AI model to converse with, which feels cold and quite frankly, heartless. 

Consider the perspective of Dr. Ghassemi, who shared with NPR. “If I’m disclosing to you that I have an eating disorder, I’m not sure how I can get through lunch tomorrow. , I don’t think most people who would be disclosing that would want to receive a generic link of click here for tips on how to rethink food.” 

NEDA’s upcoming rollout of their chatbot named Tessa on their website in June, leaves me skeptical. Frankly, I believe this move is destined to backfire.

Only time will tell, but I strongly believe that those who are most vulnerable and reaching out for help are seeking human connection, not merely a helpful link to read. If they wanted to read such links, they would’ve easily Googled them already. 

This is Kadi Grigg in Alexandria, Virginia.

Katy Craig: 

So there’s this app called iRecorder Screen Recorder that seemed harmless at first. It hit Google Play back in September, 2021, letting users record their Android device screens. But here’s where things take a nasty turn. 

This is Katy Craig in San Diego, California. 

According to Security Firm ESET, that innocent app got an update almost a year later, and boy did it bring some creepy new features. It silently started recording nearby audio every 15 minutes and sending it straight to the app developer. That’s right. Your private conversations, your personal moments, all captured and shipped off without your knowledge. 

It seems they sneaked in some code from AhMyth, an open source RAT, or Remote Access Trojan. Once that RAT got added to iRecorder, every user who innocently downloaded the app unknowingly became part of this surreptitious audio recording scheme. 

ESET security researcher Lukas Stefanko decided to put this app to the test. He installed it multiple times on different devices in his lab. And guess what? Each time the app obediently recorded one minute of audio and sent it off to the attacker’s command and control server. And just to make it extra creepy, the app received the same instruction every 15 minutes, like a relentless eavesdropping machine. 

So folks, be cautious out there. Keep an eye on the apps you download. Pay attention to their updates even if they seem harmless. The bad guys are always finding new ways to exploit our trust. 

This is Katy Craig. Stay safe out there.

Marcel Brown: 

This is Marcel Brown, the most trusted name in technology with your technology history for May 30th. 

May 30th, 1896. The first auto accident on record occurs in New York City when a Duria Motor Wagon driven by Henry Wells collides with a bicycle ridden by Evelyn Thomas. New Yorkers probably accused Henry of being from Jersey, but he was actually from Massachusetts. 

May 30th, 1966. NASA launches Surveyor One. It will achieve the first soft landing on the moon by the United States, and it demonstrated the technology necessary to achieve landing and operations on the lunar surface for the man missions to follow. 

That’s your technology history for today. For more, tune in tomorrow and visit my website

Pokie Huang: 

That’s it for today’s open source and cybersecurity updates. For direct links to all stories and resources mentioned in today’s episode, go to, where you can listen to our growing library of over 100 episodes. You can also download the transcript of all episodes for easy reference.

5:05 is a Sourced Networks Production with updates available Monday through Friday on your favorite audio streaming platform. Just search for “It’s 5:05!”. And please consider subscribing while you’re there. 

Thank you to Edwin Kwan, Kadi Grigg, Katy Craig, Marcel Brown for today’s contributions. 

The Executive Producer and the editor is Mark Miller. The sound engineer is Pokie Huang. Music for today’s episode is by Blue Dot Sessions. We use Descript for spoken text editing and Audacity to layer in the soundscapes. The show distribution platform is provided by This is Pokie Huang. See you tomorrow… at 5:05.



Leave the first comment