Apple has fixed a bug that could cause parts of Signal notifications to remain stored on iPhones even after messages disappeared and the app was deleted. "Affected users concerned about push notifications can update their devices to stop what Apple characterized as 'notifications marked for deletion' that 'could be unexpectedly retained on the device,'" reports Ars Technica. "According to Apple, the push notifications should never have been stored, but a 'logging issue' failed to redact data." From the report: Vulnerable users hoping to evade law enforcement surveillance often use encrypted apps like Signal to communicate sensitive information. That's why users felt blindsided when 404 Media reported that Apple was unexpectedly storing push notifications displaying parts of encrypted messages for up to a month. This occurred even after the message was set to disappear and the app itself was deleted from the device.

404 Media flagged the issue after speaking to multiple people who attended a hearing where the FBI testified that it "was able to forensically extract copies of incoming Signal messages from a defendant's iPhone, even after the app was deleted, because copies of the content were saved in the device's push notification database." The shocking revelation came in a case that 404 Media noted was "the first time authorities charged people for alleged 'Antifa' activities after President Trump designated the umbrella term a terrorist organization." "We're grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue," Signal's post said. "It takes an ecosystem to preserve the fundamental human right to private communication."

In their post, Signal confirmed that after users update their devices, "no action is needed for this fix to protect Signal users on iOS. Once you install the patch, all inadvertently-preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications."

An anonymous reader quotes a report from TechCrunch: The French government agency that handles the issuing and management of citizens' identity documents, including national IDs, passports, and immigration documents, confirmed Wednesday that it experienced a data breach. In an announcement, the Agence Nationale des Titres Securises (ANTS) said the data stolen in the breach could include full names, dates and places of birth, mailing and email addresses, and phone numbers on an undisclosed number of citizens. ANTS said the investigation to determine how the breach happened and its impact is ongoing, and people whose data was affected are being notified.

ANTS, which said it detected the attack on April 15, did not specify how many people were affected by the breach. But some reporting suggests millions may have had some of their personal information stolen. According to Bleeping Computer, a hacker has advertised the stolen data on a hacking forum, claiming to have a database with 19 million records. The hacker's forum post referenced the same kind of stolen information as mentioned in ANTS' announcement and was published before ANTS publicly disclosed the breach on April 20.

An anonymous reader quotes a report from the Associated Press: New York is suing Coinbase and Gemini, two of the newest players in the prediction market industry, arguing that the companies' unregulated and unlicensed platforms are illegal gambling operations. Attorney General Letitia James' lawsuit, filed Tuesday in state court in Manhattan, seeks to bar the companies' platforms from operating in the state unless and until they obtain licenses from the state Gaming Commission.

"Gambling by another name is still gambling, and it is not exempt from regulation under our state laws and Constitution," James said in a statement. "Gemini and Coinbase's so-called prediction markets are just illegal gambling operations, exposing young people to addictive platforms that lack the necessary guardrails." Both companies began as cryptocurrency trading platforms before branching into the prediction space, which has been dominated by Kalshi and Polymarket.

[...] New York's lawsuit alleges that the Coinbase and Gemini are seeking "to avoid the legal and financial consequences" of the state's close regulation of gambling "by offering what is quintessentially wagering under the guise of offering 'event contracts' on a 'prediction market.'" By operating without licenses, the lawsuit says, Coinbase's and Gemini's prediction market businesses aren't paying the same taxes as licensed casinos and mobile sportsbooks, which are taxed by the state at a rate of approximately 51% of gross revenues. In addition, the lawsuit says, Coinbase and Gemini allow users as young as 18, while state law prohibits wagering by anyone under 21.