French telecommunications giant Orange SA revealed hackers stole data about 1.3 million customers in an attack last month, the latest in a series of cyberattacks on companies. Orange said hackers stole personal information such as names, telephone numbers and email addresses for clients or potential customers in the attack, the second cyberassault on the company this year.

Google has clarified its email scanning practices in a ‘terms of service’ update, informing users that its systems scan the content of emails stored on Google’s servers, as well as those being sent and received by any Google email account, to deliver tailored advertising. The practice has seen the search company face criticism from privacy action groups and lawsuits from the education sector.

A major hack of AOL Mail resulted in users' accounts being compromised to send out spam messages. AOL confirmed in a company blog post that "there was unauthorized access to information regarding a significant number of user accounts”. Spammers used the information to send "spoofed" emails – messages that appear to be from a valid address or trusted contact, but are not actually from those contacts – from about 2% of all AOL Mail accounts, the company said.

Heartbleed, the massive flaw in web encryption recently made public, is just one of the unending stream of vulnerabilities that enables hackers to steal personal details and passwords from companies with which you do business. A number of websites have launched recently to help users learn if any of their accounts have been hacked.

A new industry report published by Mandiant/FireEye says that the Chinese government has expanded the scope of its cyber espionage despite the greater public scrutiny these operations received in 2013. The same company in February 2013 published the much discussed APT1 report directly linking a Chinese army unit to a massive cyber espionage campaign against foreign businesses. Executive emails are among the priority data hackers are targeting.

Microsoft is caught up in a privacy storm after admitting it read the Hotmail inbox of a blogger while pursuing a software leak investigation. Microsoft owns Hotmail, an email service now called Outlook.com. The revelations have left Microsoft in a difficult position, as the firm has often criticised rival Google for its automatic scanning of users' emails in order to serve them with advertising.

Several email accounts owned by members of the Bush family or their close friends have been hacked. Personal details including private photographs, email addresses, phone numbers and mailing addresses for multiple members of the Bush family were stolen.

Cybersecurity firm Hold Security says that it has uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets. The discovery could open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system. The massive trove of credentials includes user names, which are typically email addresses, and passwords that in most cases are in unencrypted text.

More than 2 million consumer complaints were filed with the US Federal Trade Commission in 2013, with identity theft topping the list. 290,056 reports of the crime were collected by the agency, representing 14% of total complaints. People aged 50 to 59 had the most fraud complaints, with identity theft hitting people in their 20s the most often.

Usernames and passwords of some of Yahoo's email customers have been stolen and used to gather personal information about people those Yahoo mail users corresponded with, the company revealed. Yahoo did not say how many accounts were affected. Yahoo is the second-largest email service worldwide, after Google's Gmail, according to the research firm comScore. There are 273 million Yahoo mail accounts worldwide, including 81 million in the US.

Passwords and other details of 16 million email users in Germany have been stolen, the country's security agency has revealed. The Federal Office for Security said criminals had infected computers with software which allowed them to gather email addresses and account passwords.

For all their indignation when the scope of the NSA’s mass data collection became public, French intelligence services operate similar mass surveillance, with minimal oversight. Last week, with little public debate, the legislature approved a law that critics fear will markedly expand electronic surveillance of French residents and businesses. The law provides for no judicial oversight and allows electronic surveillance for a broad range of purposes, including “national security,” the protection of France’s “scientific and economic potential” and prevention of “terrorism” or “criminality.” French intelligence services are already reputed to be rapacious collectors of foreign industrial secrets.

More than two million stolen passwords used for sites such as Facebook, Google and Yahoo and other web services have been posted online. The details were probably uploaded by a criminal gang, security experts said. A security researcher noted that 30-40% of people use the same passwords on different websites, often simple passwords such as “123456”.

Nearly 150 million people have been affected by a loss of customer data by Adobe, over 20 times more than the company admitted initially. As well as allowing the data to be stolen in the first place, Adobe made two other serious errors when storing the data. Firstly, it encrypted all the passwords with the same key; secondly, the encryption used a method which renders the encrypted data insecure. An independent tool is available to check if your password was leaked.

Phil McKenna’s personal information was stolen by a professional identity thief. He investigated and found security breaches at companies holding his personal data were the most likely culprit. Each year 13 million Americans, or 5% of the adult population, are victims of identity theft. Fraudulent transactions, including credit card purchses, opening new lines of credit and wiring money from bank accounts, cost financial institutions and individuals more than $20 billion each year, according to a recent study by Javelin Strategy & Research.

The National Security Agency harvests hundreds of millions of contact lists from email and instant messaging accounts around the world. The collection program intercepts email address books and “buddy lists” as they move across global data links. During one typical day, the NSA’s Special Source Operations branch collected 444,743 email address books from Yahoo, 105,068 from Hotmail and 33,697 from Gmail. The typical daily intake corresponds to more than 250 million a year.

Pew Research conducted interviews underwritten by Carnegie Mellon University on Americans’ experiences with anonymity, privacy and security online. Findings included that 21% of internet users have had email or social networking accounts compromised or taken over without permission and 11% have had important personal information stolen such as their Social Security Number, credit card or bank account information, with 6% actually losing money.

Texas-based encrypted email service Lavabit announced it was shutting itself down in order to avoid complying with what it considered unjust secret US court orders to provide government access to user content. Silent Circle, another US-based service, founded by internet security guru Phil Zimmerman, followed suit by shutting its own encrypted email service. The growing and accurate perception that most US-based companies are not to be trusted with the privacy of electronic communications poses a real threat to those companies' interests.

Google has made it clear that people who send or receive email via Gmail should not expect their messages to remain private. Public interest group Consumer Watchdog called the statement a "stunning admission" and warned people who cared about their privacy not to use Google's email service.

Lavabit is no more. Silent Circle has shuttered its secure email service. All the major email providers appear to be complicit in one form or another with PRISM, the NSA’s clandestine email surveillance program revealed in early June. Now Google’s legal team is arguing that users who access Google services like Gmail should not expect their transactions to remain secret.

Combating cybercrime is an uphill struggle, with the tools needed to commit technological crimes becoming more readily and cheaply available. According to data collated by analysts including the United Nations Office on Drugs and Crime, cybercrime is worth about US$400 billion annually. Cybercrime ranges from mining and exploiting personal data, including fraud, to industrial and state-sponsored espionage. Smaller companies are increasingly the target as larger companies do a better job of protecting themselves.

There is no need to surrender your privacy online. Free email, social networking and other digital services are only provided in return for volunteering personal information. Third parties – from government agencies to cybercriminals – can often get their hands on more information. Properly implemented strong encryption is something you can rely on to keep your information more secure.

Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption on Outlook.com and Hotmail. Files provided by Edward Snowden illustrate the scale of co-operation between Silicon Valley and the intelligence agencies over the last three years.

Top secret documents detail the massive scope of efforts by the US to spy on Europe. Each month, the US saves data from around half a billion communications connections from Germany alone. There are alliances with over 80 major global corporations supporting monitoring networks abroad.

A New York court has granted oil giant Chevron subpoena access to "more than 100 email accounts, including environmental activists, journalists, and attorneys" involved in a long-running dispute in Ecuador, according to the Electronic Frontier Foundation (EFF). None of the individuals represented by EFF has been sued by Chevron or accused of wrongdoing.

You will not always know when you have something to hide because you have almost zero chance of ever knowing the vast number of laws and regulations that apply to you. If authorities have access to all your communications, it is almost certain they could find something you have done that violates some law or regulation. Authorities already abuse their powers, but if everyone’s action is monitored and everyone violates an obscure law at some point, then punishment becomes purely selective. Those with power will have what they need to punish anyone they like, whenever they choose. That is the same as no rules.

The American intelligence director and White House have finally confirmed what insiders have long known: the Obama administration is spying on the entire world. Former NSA employees Thomas Drake and Bill Binney explained that facilities can store personal data on people from all over the world and keep it for decades. This includes emails, Skype conversations, Google searches, YouTube videos, Facebook posts, bank transfers – electronic data of every kind.

The top-secret PRISM program allows the US intelligence community and its partners to gain access to a wide range of digital information from American Internet companies, including emails and stored data. The documents show how the program interacts with major Internet companies, including Microsoft, Google, Yahoo, Apple, Facebook, Skype and AOL.

A Hong Kong businessman’s email account was hacked and a bogus message was sent to his accountant, purportedly from the director, instructing him to transfer US$90,000 to another company’s account. The businessman has initiated legal proceedings to try and recover his funds.

Police forces across the UK are routinely snooping on people's email and phone call details, a major survey has found. The survey using Freedom of Information laws found that 25 police forces made 506,720 requests for people’s email and phone records over the past three years, with the number of requests increasing significantly each year. Merseyside made the most requests, with 36 requests for every 1,000 residents living in the county.

IRS files obtained by the American Civil Liberties Union reveal the tax collection agency believes it can read American citizens' emails without a warrant. As long as you've stored your email in a cloud service like Google Mail and those emails haven't been deleted after a few months, the agency thinks it doesn't need a warrant to read them. The Electronic Communications Privacy Act of 1986 allows government agencies to obtain emails older than 180 days without a warrant.

Despite the pervasiveness of law enforcement surveillance of digital communication, the FBI still has difficultly in monitoring Gmail, Skype, and Dropbox in real time, even though archived emails and data is easily available. But that may change soon, because the bureau says it has made gaining more powers to wiretap all forms of Internet conversation and cloud storage managed by US companies a “top priority” this year.

Syria, China, Iran, Bahrain and Vietnam are flagrantly spying online, media watchdog RSF (Journalists without Borders) reported, urging controls on the export of Internet surveillance tools to regimes clamping down on dissent. A new report entitled "Enemies of the Internet" also singled out five companies -- Gamma, Trovicor, Hacking Team, Amesys and Blue Coat -- that it branded "digital era mercenaries," who were helping oppressive governments.

Microsoft has launched a new print, television and online advertising campaign that attacks Google on an issue that Microsoft believes is one of its great vulnerabilities: privacy. The ads showcase research that shows most people don’t know that web email providers like Google scan the contents of their email messages to deliver personalized ads to them — and when they do find out, they don’t like it.

In the US, the laws applying to email privacy were mainly enacted in 1986, when no-one had any idea how important email would become or how it would be used. In late December 2012, Congress passed amendments to update privacy laws but law enforcement lobbied strongly against the requirement for a search warrant to read stored emails. Although constitutional law provides many protections against government intrusion, there is very weak privacy protection for email.

Authorities in the US can often obtain your emails and texts by going to Google or AT&T with a simple subpoena. Usually you won’t even be notified. Stored data, such as email drafts and messages older than 180 days, has very few protections.

The UK government wants the police, intelligence services and other government departments to have access to data relating to web, email and phone traffic. It would allow all communication details collected and stored by ISPs and phone companies to be accessed in near-realtime by UK authorities.

If the director of the Central Intelligence Agency couldn’t keep his emails secret, then how can the average American? Privacy experts say people grossly underestimate how transparent their digital communications have become. Among means of protecting yourself, you should be aware of regulations applying to email providers like Google and Yahoo. You should also ensure your messages are encrypted.

Privacy protections for even the most sophisticated users of consumer email services actually protect very little. With increasing regularity, email and other digital communications have come back to haunt politicians and business leaders. The US and foreign governments now make a regular habit of seeking data about people from Internet giants. Google, one of the few tech companies that discloses details about the requests, said it complied with 90% of requests from US authorities.

In the US, law enforcement authorities can easily trace who sent an email. The way that emails are protected is completely outdated when compared to how people communicate today. Law enforcement officials are increasingly asking Web companies to hand over customers’ data by issuing subpoenas, which don’t require a judge’s approval, and companies rarely fight them.

A blogger who sharply criticized Chevron’s actions in Ecuador received a nasty surprise when Google was subpoenaed for information about his email. Google said it intended to comply with the request unless the blogger moved to quash the subpoena. As part of a lawsuit filed by Chevron, subpoenas were sent to Google, Microsoft and Yahoo looking for information about 101 email addresses. Chevron was allegedly seeking nine years of log data.

Yahoo confirmed that approximately 450,000 Yahoo and other company users’ names and passwords were compromised. US security firm Trustedsec said that hackers used the well-established technique of SQL injection to extract the sensitive information from the database. The firm also reported that the most alarming part of the story was that the passwords were stored entirely unencrypted.

The $32 billion US cybercrime industry has become far more sophisticated. The email hack of today includes our email address and the password that goes with it. At best, some cyber-creep has full access to our private email correspondence. A hacker gaining access to your email account can use information for identity theft or to gain access to financial accounts, as well as for cyber-extortion. Your friends, family and colleagues are also at risk when you are hacked.

Fraudsters traded 12 million pieces of personal information online between January and April of 2012. The figure represents a threefold increase on 2010. Credit-checking company Experian said many people were unaware their identity had been stolen until they were refused credit cards or mobile phone contracts. It advised people to make their passwords more complicated so they are harder for fraudsters to crack. Victims of identity fraud also suffered debts run up in their name and being chased by debt collectors for money they did not owe.

The FBI is asking Internet companies not to oppose a controversial proposal that would require firms, including Microsoft, Facebook, Yahoo, and Google, to build in backdoors for government surveillance. The FBI general counsel's office has drafted a proposed law that would require social-networking web sites and providers of VoIP, instant messaging and web email to alter their code to ensure their products are wiretap-friendly.

Google’s public version of how it came to secretly intercept data sent on unencrypted Wifi routers over a two-year period doesn’t quite mesh with what the search giant told federal regulators. If Google had its way, the public would have never learned that software on Google’s Street View mapping cars was “intended” to collect payload data from open Wifi networks, according to the Federal Communications Commission. Engineers intended to capture the content of Wifi communications, such as email. Google management said it did not realize it was sniffing packets of data on unsecured networks in about a dozen countries until German privacy authorities began questioning what data its mapping cars were collecting.

Sky News has said it illegally hacked emails belonging to members of the public on two separate occasions. Sky News said the action was in the public interest and amounted to “responsible journalism”.

A California judge ordered Google to temporarily deactivate a Gmail account after a bank mistakenly sent sensitive data to the account. The Rocky Mountain Bank of Wyoming sued Google to obtain the account holder’s name after a bank employee erroneously emailed an attachment to the account containing sensitive information on the bank’s customers.

After the overthrow of Colonel Gadhafi, journalists found a building where former agents spied on emails and chat messages with the help of technology Libya acquired from Amesys, a unit of French technology firm Bull SA. Boeing’s Narus Internet spying division also had meetings with Gadhafi’s agents.

The American firm, Narus, now owned by Boeing, supplied Internet interception technology to allow Egypt to spy on Internet users. Narus was founded in 1997 by Israeli security experts to create and sell mass surveillance systems for governments and large corporate clients. Other Narus global customers include the national telecommunications authorities in Pakistan and Saudi Arabia. There are many other companies in the United States that produce and sell similar spying and control technology.