Happy Monday. Or maybe not so happy, if you were depending on Google for your job. Here are our top stories today.
The Amazon of DeFi?
Thatâs what Yearn Finance is rapidly becoming as a result of acquisitions and partnerships, CoinDeskâs Brady Dale suggests in a big-picture analysis this morning. If Bezosâ behemoth has become synonymous in consumersâ minds with low prices, wide delivery and ample selection, Cronjeâs creation could achieve similar status among the âdegensâ of decentralized finance by delivering low fees, high yields and a wide selection of risk profiles. Hmm, a financial supermarket. Where have we heard that one before?
Nexus Mutual CEO hacked
But not Nexus itself. The DeFi insurerâs chief, Hugh Karp, is out $8M worth of its NXM tokens thanks to a wily attacker. Karp is being gracious about it, though. âIf you return the NXM in full, we will drop all investigations and I will grant you a $300K bounty,â he told his unknown assailant on Twitter.
Mind the gap
Crypto exchanges have been heavily advertising on the London Underground, cheaper than usual due to the economic fallout from coronavirus. London is about to go into its strictest tier of lockdown, though, which would presumably reduce ridership and hence eyeballs on the ads.Â
Exuberant
Bitcoin is still on track to hit a new high of $20,000 in the coming weeks, several analysts told CoinDesk markets reporter Omkar Godbole. MicroStrategy borrowing $650 million to buy more of the digital gold is one factor that drove the price up over the weekend. But leveraged bets are a risky strategy, for pros only, and even Vitalik is warning; donât try this at home, kids.Â
The U.S. government is fanatical about collecting data. Securing it? Not so much.Â
Over the weekend, it emerged that several U.S. federal agencies and potentially thousands of international corporations have likely had their communications networks compromised, in what appears to be the most sophisticated act of espionage in the past decade.
Reports indicate that malicious actors, likely backed by the Russian state, have hacked their way to troves of sensitive information at the U.S. Treasury and Commerce departments. A routine code update introduced spyware onto a key piece of management software developed by SolarWinds. Not much has been publicly confirmed, though it appears these hackers have had free access to much of the Treasury and Commerce departmentsâ email systems dating back to the spring of this year.
Yet, the damage could be far more widespread: SolarWinds also counts the Secret Service, the Defense Department, the Federal Reserve, Lockheed Martin and the National Security Agency, among its customers.
The attack serves as the latest reminder of the amount of personal, professional and publicly sensitive information that transverses the internet and is held in sometimes insecure databases. Over the past several decades, government and corporate agencies have amassed vast quantities of data â on both companies and individuals â all potentially subject to exploitation. Knowing what types of data, how itâs stored, how long itâs kept by government or corporate institutions is often the exception. Far more frequently, these information stores are black boxes.
Last week, CoinDeskâs privacy reporter Ben Powers detailed how the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Treasury Department responsible for snooping out and eliminating crime in financial systems, maintains a database of detailed personal and business information.
In its mission to acquire and disseminate data related to crime, FinCEN has a window into the world of the global economy. This includes information related to suspicious activity reports (SARs), a form of documentation that came into the public light after publication of the FinCEN Files. SARs are filed by banks, and other financial institutions, to alert federal watchdogs of sketchy behavior, but in themselves are not confirmations of any wrongdoing.
Powersâ report focused on the fact that much of this data may never be deleted and is hackable, just like any online system.
âI donât think data retention is seriously thought about at the government level,â Michael Yaeger, a shareholder at the law firm of Carlton Fields, told Powers. âThey specify how long they retain it at the bank level, but the government doesnât. Itâs not in the habit of destroying data.â
On the contrary, like 1970s disco diva Andrea True, Uncle Sam wants âmore, more, more.â
In a memo late last week, FinCEN clarified there is no limit on âthe sharing of personally identifiable informationâ between private financial institutions, like banks or cryptocurrency exchanges, under the 2001 Patriot Actâs safe-harbor provisions. In fact, the U.S. agency is encouraging these institutions to share information, while lowering the bar to what may be deemed pertinent.
âOverall, the sheet seemingly lowers the obstacles for further sharing of personal customer information among banks, the threshold of what qualifies as âsuspiciousâ activity and whether the entities sharing customer information even need to be financial institutions,â Powers wrote in a second article, co-authored by CoinDeskâs regulatory maven Nikhilesh De and Executive Editor Marc Hochstein.
To be sure, this is all in the service of catching bona fide bad guys. But the first paragraph of Powersâ first piece is a salient warning, particularly in light of the subsequent SolarWinds revelations: âIf a despotic governmentâs bank transactions can be leaked, so can yours.âÂ
