Google ordered to pay Argentine pictured naked in his yard
The policeman had sought payment from the internet giant for harm to his dignity, arguing he was behind a two-meter (6.6-foot) wall when a Google camera captured him in the buff, from behind, in small-town Argentina in 2017.
His house number and street name were also laid bare, broadcast on Argentine TV covering the story, and shared widely on social media.
The man claimed the invasion exposed him to ridicule at work and among his neighbors.
Another court last year dismissed the man's claim for damages, ruling he only had himself to blame for "walking around in inappropriate conditions in the garden of his home."
Google, for its part, claimed the perimeter wall was not high enough.
Appeals judges, however, concluded the man's dignity had been flagrantly violated, and awarded him an amount in Argentine pesos equivalent to about $12,500, payable by Google.
"This involves an image of a person that was not captured in a public space but within the confines of their home, behind a fence taller than the average-sized person. The invasion of privacy... is blatant," they wrote.
The judges said "there is no doubt that in this case there was an arbitrary intrusion into another's life."
And they found there was "no justification for (Google) to evade responsibility for this serious error that involved an intrusion into the plaintiff's house, within his private domain, undermining his dignity.
"No one wants to appear exposed to the world as the day they were born."
The judges pointed to Google's policy of blurring the faces and license plates of people and vehicles photographed for Street View as evidence it was aware of a duty to avoid harm to third parties.
But in this case, "it was not his face that was visible but his entire naked body, an image that should also have been prevented."
The court absolved co-accused telecoms company Cablevision SA and news site El Censor of liability for the image spreading, saying their actions had "helped highlight the misstep committed by Google."
sa/lm/val/mlr/aha
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Forbes
a day ago
- Forbes
Google Confirms It Has Been Hacked — What User Data Has Been Stolen?
Update, August 9, 2025: This story, originally published on August 7, has been updated with additional information from cybersecurity experts regarding the now confirmed hacking of Google. This article explores the user data that has been compromised during the attack and what organizations need to do next. The Google Threat Intelligence Group has officially confirmed that user data has been stolen following a successful hack attack impacting one of its databases. Here's what we know so far. Google Has Been Hacked — Data Has Been Compromised This is not a warning that the Google Chrome web browser is in need of an urgent security update, or a story about switching from passwords to passkeys to protect your Google account. No, this is exactly what the headline says: Google has been hacked. Source? That would be Google itself. An August 5 posting by the Google Threat Intelligence Group has confirmed that one of the corporate databases was impacted by hackers thought to be associated with the ShinyHunters ransomware group, more formally known as UNC6040. 'Google responded to the activity, performed an impact analysis and began mitigations,' the GTIG posting stated, adding the database in question was a Salesforce instance 'used to store contact information and related notes for small and medium businesses.' 'The speed at which organisations are falling victim to cyber attacks targeting Salesforce instances is nothing short of alarming,' Robin Brattel, CEO at Lab 1, said. 'We need to be honest: malicious campaigns are being scaled quicker than ever as hackers are using information that's already been made public, often from past data breaches, to target organisations.' Customer data was, Google said, 'retrieved by the threat actor,' in the short period of time that the attack window remained open. Although Google has not gone into great detail regarding the attack as of yet, it did confirm that the stolen data consisted of 'basic and largely publicly available business information, such as business names and contact details.' I reached out to Google for a statement and a spokesperson told me that the 'details that we're able to share at this time can all be found in our blog update,' adding that this includes additional information regarding the ShinyHunters associated UNC6040 threat group, which 'provides the security community with actionable intelligence on this actor.' Google also stated that ShinyHunters commonly uses an attack tactic of extorting victims using emails or telephone calls demanding bitcoin ransom payments within 72 hours of compromise. It has not, however, confirmed or denied that this was the case here. Google did confirm that the attack itself occurred in June. What Cybersecurity Experts Have To Say About The Hacking of Google 'The news that Google has suffered a data breach in the recent wave of attacks executed by ShinyHunters highlights that no organisation is immune to cybercrime,' William Wright, CEO of Closed Door Security, said, adding: 'It doesn't matter if you are a small business or one of the world's leading technology firms, all organizations are vulnerable.' While Google's update provides an overview of how these attacks unfolded, Wright continued, 'it does not state whether the impacted organisations have been informed, or, if they have been informed, when they were informed.' Which means that the cybercriminals involved, ShinyHunters or not, could have had this information fro two months to do with what they saw fit. 'Google has long been one of the leading companies in the world when it comes to cybersecurity,' Jamie Akhtar, CEO of CyberSmart, said, concluding that 'if it can happen to one of the wealthiest and best-defended companies in the world, it can happen to anyone.' Akhtar also issued a cautionary word, considering that the attack is being associated with the ShinyHunters ransomware and extortion cybercrime group. 'Given what we know about common ransomware methods, it's very possible this breach stemmed from social engineering or some form of human error,' Akhtar said, adding that this 'illustrates that the best technical defences in the world won't protect you if a member of staff clicks on something they shouldn't or is artfully duped by social engineering.' Meanwhile, Dray Agha, senior manager of security operations at Huntress, drew attention to the critical supply chain risks posed by third-party platforms, agreeing with Akhtar's note of caution. 'Even tech giants aren't immune, highlighting that businesses must rigorously vet and continuously monitor all vendors with access to their data,' Agha warned. 'The reported use of voice phishing by UNC6040 is a stark reminder that human factors remain a commonly targeted attack surface.' Which is why, Agha advised that organizations need to invest in a layered approach to security that includes 'advanced security awareness training, as well as strict access controls, especially for cloud platforms holding sensitive customer information." Some cybersecurity experts went further, insisting that 'hacks like this are preventable - in fact, they're impossible - when enterprises deploy truly credential-less authentication.' Of course, Federico Simonetti, the chief technology officer at Xiid, would say that as he has skin in the game, but that doesn't negate the point being made. If a hacker calls an IT help desk in an attempt to socially engineer their way to a user password reset, Simonetti said, they can't. 'Today, credential-less authentication isn't just a nice-to-have.,' Simonetti insisted, 'it's an essential.' I'll leave the final word to Akhtar though, who noted that 'while any breach at Google is shocking, there's no indication as yet that any of the data stolen is particularly sensitive or places customers in real peril.' Indeed, Google has already stated that the compromised user data is a Salesforce instance containing publicly available information. 'As such,' Akhtar concluded, 'our advice to businesses is to be cautious but don't panic.'
Forbes
2 days ago
- Forbes
Confirmed: Google Has Been Hacked — User Data Compromised
Update, August 8, 2025: This story, originally published on August 7, has been updated with additional information from cybersecurity experts regarding the confirmed hacking of Google that has exposed user data. The Google Threat Intelligence Group has officially confirmed that user data has been stolen following a successful hack attack impacting one of its databases. Here's what we know so far. Google Has Been Hacked — Data Has Been Compromised This is not a warning that the Google Chrome web browser is in need of an urgent security update, or a story about switching from passwords to passkeys to protect your Google account. No, this is exactly what the headline says: Google has been hacked. Source? That would be Google itself. An August 5 posting by the Google Threat Intelligence Group has confirmed that one of the corporate databases was impacted by hackers thought to be associated with the ShinyHunters ransomware group, more formally known as UNC6040. 'Google responded to the activity, performed an impact analysis and began mitigations,' the GTIG posting stated, adding the database in question was a Salesforce instance 'used to store contact information and related notes for small and medium businesses.' 'The speed at which organisations are falling victim to cyber attacks targeting Salesforce instances is nothing short of alarming,' Robin Brattel, CEO at Lab 1, said. 'We need to be honest: malicious campaigns are being scaled quicker than ever as hackers are using information that's already been made public, often from past data breaches, to target organisations.' Customer data was, Google said, 'retrieved by the threat actor,' in the short period of time that the attack window remained open. Although Google has not gone into great detail regarding the attack as of yet, it did confirm that the stolen data consisted of 'basic and largely publicly available business information, such as business names and contact details.' I reached out to Google for a statement and a spokesperson told me that the 'details that we're able to share at this time can all be found in our blog update,' adding that this includes additional information regarding the ShinyHunters associated UNC6040 threat group, which 'provides the security community with actionable intelligence on this actor.' Google also stated that ShinyHunters commonly uses an attack tactic of extorting victims using emails or telephone calls demanding bitcoin ransom payments within 72 hours of compromise. It has not, however, confirmed or denied that this was the case here. Google did confirm that the attack itself occurred in June. What Cybersecurity Experts Have To Say About The Hacking of Google 'The news that Google has suffered a data breach in the recent wave of attacks executed by ShinyHunters highlights that no organisation is immune to cybercrime,' William Wright, CEO of Closed Door Security, said, adding: 'It doesn't matter if you are a small business or one of the world's leading technology firms, all organizations are vulnerable.' While Google's update provides an overview of how these attacks unfolded, Wright continued, 'it does not state whether the impacted organisations have been informed, or, if they have been informed, when they were informed.' Which means that the cybercriminals involved, ShinyHunters or not, could have had this information fro two months to do with what they saw fit. 'Google has long been one of the leading companies in the world when it comes to cybersecurity,' Jamie Akhtar, CEO of CyberSmart, said, concluding that 'if it can happen to one of the wealthiest and best-defended companies in the world, it can happen to anyone.'
WIRED
2 days ago
- WIRED
Leak Reveals the Workaday Lives of North Korean IT Scammers
Aug 7, 2025 7:15 PM Spreadsheets, Slack messages, and files linked to an alleged group of North Korean IT workers expose their meticulous job-planning and targeting—and the constant surveillance they're under. PHOTO-ILLUSTRATION: WIRED STAFF; GETTY IMAGES Job hunting is a fresh kind of hell. Hours are wasted sifting through open roles, tweaking cover letters, dealing with obtuse recruiters—and that's all before you get started with potential interviews. Arguably, some of the world's most prolific job applicants—or at least most persistent—are those of North Korea's sprawling IT worker schemes. For years, Kim Jong Un's repressive regime has successfully sent skilled coders abroad where they're tasked with finding remote work and sending money back to the heavily sanctioned and isolated nation. Each year, thousands of IT workers bring in somewhere between $250 million and $600 million, according to United Nations estimates. Now an apparent huge new trove of data, obtained by a cybersecurity researcher, sheds new light on how one group of alleged North Korean IT workers has been running its operations and the meticulous planning involved in the money-making schemes. Money made by scam IT workers contributes to North Korea's weapons of mass destruction development efforts and ballistic missile programs, the US government has said. Emails, spreadsheets, documents, and chat messages from Google, Github, and Slack accounts allegedly linked to the alleged North Korean scammers show how they track potential jobs, log their ongoing applications, and record earnings with a painstaking attention to detail. The cache of data, which represents a glimpse into the workaday life of some of North Korea's IT workers, also purportedly includes fake IDs that may be used for job applications, as well as example cover letters, details of laptop farms, and manuals used to create online accounts. It reinforces how reliant upon US-based tech services, such as Google, Slack, and GitHub, the DPRK workers are. 'I think this is the first time to see their internal [operations], how they are working,' says the security researcher, who uses the handle SttyK and asked not to be named due to privacy and security concerns. SttyK, who is presenting their findings at the Black Hat security conference in Las Vegas today, says an unnamed confidential source provided them with the data from the online accounts. 'There are several dozen gigabytes worth of data. There are thousands of emails,' says SttyK, who showed WIRED their presentation ahead of the conference. North Korea's IT workers have, in recent years, infiltrated huge Fortune 500 companies, a host of tech and crypto firms, and countless small businesses. While not all IT worker teams use the same approaches, they often use fake or stolen identities to get work and also use facilitators who help cover their digital tracks. The IT workers are often based in Russia or China and are given more freedom and liberties—they've been seen enjoying pool parties and dining out on expensive steak dinners—than millions of North Koreans who are not afforded basic human rights. One North Korean defector who operated as an IT worker recently told the BBC that 85 percent of their ill-gained earnings were sent to North Korea. 'It's still much better than when we were in North Korea,' they said. Multiple screenshots of spreadsheets in the data obtained by SttyK show a cluster of IT workers that appear to be split into 12 groups—each with around a dozen members—and an overall 'master boss.' The spreadsheets are methodologically put together to track jobs and budgets: They have summary and analysis tabs that drill down into the data for each group. Rows and columns are neatly filled out; they appear to be updated and maintained regularly. The tables show the potential target jobs for IT workers. One sheet, which seemingly includes daily updates, lists job descriptions ('need a new react and web3 developer'), the companies advertising them, and their locations. It also links to the vacancies on freelance websites or contact details for those conducting the hiring. One 'status' column says whether they are 'waiting' or if there has been 'contact.' Screenshots of one spreadsheet seen by WIRED appears to list the potential real-world names of the IT workers themselves. Alongside each name is a register of the make and model of computer they allegedly have, as well as monitors, hard drives, and serial numbers for each device. The 'master boss,' who does not have a name listed, is apparently using a 34-inch monitor and two 500GB hard drives. One 'analysis' page in the data seen by SttyK, the security researcher, shows a list of types of work the group of fraudsters are involved in: AI, blockchain, web scraping, bot development, mobile app and web development, trading, CMS development, desktop app development, and 'others.' Each category has a potential budget listed and a 'total paid' field. A dozen graphs in one spreadsheet claim to track how much they have been paid, the most lucrative regions to make money from, and whether getting paid weekly, monthly, or as a fixed sum is the most successful. 'It's professionally run,' says Michael 'Barni' Barnhart, a leading North Korean hacking and threat researcher who works for insider threat security firm DTEX. 'Everyone has to make their quotas. Everything needs to be jotted down. Everything needs to be noted,' he says. The researcher adds that he has seen similar levels of record keeping with North Korea's sophisticated hacking groups, which have stolen billions in cryptocurrency in recent years, and are largely separate to IT worker schemes. Barnhart has viewed the data obtained by SttyK and says it overlaps with what he and other researchers were tracking. 'I do think this data is very real,' says Evan Gordenker, a consulting senior manager at the Unit 42 threat intelligence team of cybersecurity company Palo Alto Networks, who has also seen the data SttyK obtained. Gordenker says the firm had been tracking multiple accounts in the data and that one of the prominent GitHub accounts was previously exposing the IT workers' files publicly. None of the DPRK-linked email addresses responded to WIRED's requests for comment. GitHub removed three developer accounts after WIRED got in touch, with Raj Laud, the company's head of cybersecurity and online safety, saying they have been suspended in line with its 'spam and inauthentic activity' rules. 'The prevalence of such nation-state threat activity is an industry-wide challenge and a complex issue that we take seriously,' Laud says. Google declined to comment on specific accounts WIRED provided, citing policies around account privacy and security. 'We have processes and policies in place to detect these operations and report them to law enforcement,' says Mike Sinno, director of detection and response at Google. 'These processes include taking action against fraudulent activity, proactively notifying targeted organizations, and working with public and private partnerships to share threat intelligence that strengthens defenses against these campaigns.' 'We have strict policies in place that prohibit the use of Slack by sanctioned individuals or entities, and we take swift action when we identify activity that violates these rules,' says Allen Tsai, senior director of corporate communications at Slack's parent company Salesforce. 'We cooperate with law enforcement and relevant authorities as required by law and do not comment on specific accounts or ongoing investigations.' Another spreadsheet also lists members as being part of a 'unit' called 'KUT,' a potential abbreviation of North Korea's Kim Chaek University of Technology, which has been cited in US government warnings about DPRK-linked IT workers. One column in the spreadsheet also lists 'ownership' as 'Ryonbong,' likely referring to defense company Korea Ryonbong General Corporation, which has been sanctioned by the US since 2005 and UN since 2009. 'The vast majority of them [IT workers] are subordinate to and working on behalf of entities directly involved in the DPRK's UN-prohibited WMD and ballistic missile programs, as well as its advanced conventional weapons development and trade sectors,' the US Treasury Department said in a May 2022 report. Across the myriad of IT worker-linked GitHub and LinkedIn accounts, CVs, and portfolio websites that researchers have identified in recent years, there are often distinct patterns. Email addresses and accounts use the same names; CVs can look identical. 'Reusing resume content is also something that we've seen frequently across their profiles,' says Benjamin Racenberg, a senior researcher who has tracked North Korean IT worker personas at cybersecurity firm Nisos. Racenberg says the scammers are increasingly adopting AI for image manipulation, video calls, and as part of scripts they use. 'For portfolio websites, we've seen them use templates and use the same template over and over again,' Racenberg says. That all points to some day-to-day drudgery for the IT workers tasked with running the criminal schemes for the Kim regime. 'It's a lot of copy and paste,' Unit 42's Gordenker says. One suspected IT worker Gordenker has tracked was spotted using 119 identities. 'He Googles Japanese name generators—spelled wrong of course—and then over the course of about four hours, just fills out spreadsheets just full of names and potential places [to target].' The detailed documentation also serves another purpose, though: tracking the IT workers and their actions. 'There's a lot of moving parts once the money gets into the actual hands of leadership, so they're going to need accurate numbers,' DTEX's Barnhart says. Employee monitoring software has been seen on the scammers' machines in some instances and researchers claim North Koreans in job interviews won't answer questions about Kim. SttyK says they saw dozens of screen recordings in Slack channels showing the workers daily activity. In screenshots of a Slack instance, the 'Boss' account sends a message: '@channel: Everyone should try to work more than at least 14 hrs a day.' The next message they sent says: 'This time track includes idling time, as you know.' 'Interestingly, their communication has been all English, not Korean,' SttyK says. The researcher, along with others, speculates this may be for a couple of reasons: first, to blend into legitimate activity; and secondly, to help improve their English skills for applications and interviews. Google account data, SttyK says, shows they were frequently using online translation to process messages. Beyond a glimpse at the ways in which the IT workers track their performance, the data SttyK obtained gives some limited clues about the day-to-day lives of the individual scammers themselves. One spreadsheet lists a volleyball tournament the IT workers apparently had planned; in Slack channels, they celebrated birthdays and shared inspirational memes from a popular Instagram account. In some screen recordings, SttyK says, they can be seen playing Counter-Strike . 'I felt there was a strong unity among the members,' SttyK says.
