Meta announced last week that it would be ditching fact-checkers in favor of X-like Community Notes, and self-described “leaker” Alessandro Paluzzi shared screenshots on Monday showing what the feature might look like in Threads.

Based on the screenshots, it appears you’ll be able to start the process of writing a Community Note from the three-dots menu on a post, which is where you can already access features like muting an account or reporting a post. Another screenshot shows that when you write a Community Note, your note will be anonymous.

A third screenshot appears to show an Instagram help center page about Community Notes that has a button to join a waitlist for the program. However, the layout of the page looks different from other live help center pages I can see right now.

Meta didn’t immediately reply to a request for comment.

Meta said last week that it plans to “phase in Community Notes in the US first over the next couple of months” and then “improve it over the course of the year,” but it hasn’t specified exactly when the feature might be available on Threads. My colleague Alex Heath reported Sunday that Community Notes “was not on the product roadmap before this week.”

In addition to the move to Community Notes, Meta said it’s also getting rid of “a number of restrictions” on topics like immigration and gender, and phasing “civil content” back into Facebook, Instagram, and Threads. Instagram boss Adam Mosseri published a video today showing how to set the amount of political content you see on Threads.

German automaker Volkswagen isn’t having a great time. The company is planning to cut capacity at five factories, reducing production by about 700,000 vehicles, while also laying off more than 35,000 workers in its home country. Now, reports suggest the company had a massive data leak at its subsidiary software company Cariad, which exposed personal data, including geolocation data, of around 800,000 EV owners online and accessible for months. Such information could be valuable to criminals for extortion purposes. What’s interesting is that a hacker association informed the company about this data leak after receiving a tip from an anonymous hacker.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

Enter the giveaway by signing up for my free newsletter.

What you need to know about the data leak

As reported by Germany’s Der Spiegel magazine, Volkswagen is facing a major data security issue after movement data from 800,000 electric cars and the personal contact information of their owners were left exposed on the internet. This data revealed sensitive details, such as the precise locations where cars were parked, including private locations like people’s homes, government buildings and even questionable spots like brothels.

The exposed data includes detailed movement patterns of these vehicles, allowing for the creation of comprehensive profiles of individuals’ daily activities. This could be particularly concerning for public figures or anyone with privacy concerns.

Several car brands under the Volkswagen group, including VW, Audi, Seat and Skoda, were affected by the breach, which exposed sensitive data across multiple countries. The information was stored on Amazon cloud servers without adequate protection, leaving it vulnerable for months before the issue was discovered.

For around 466,000 of the 800,000 affected vehicles, the location data was detailed enough to map out drivers’ daily routines. Spiegel reported that the list of affected users included German politicians, business leaders, the entire EV fleet used by Hamburg police and even suspected intelligence agents.

The breach came to light when an anonymous hacker tipped off the Chaos Computer Club. While Volkswagen left the data easily accessible during this time, there is no indication so far that anyone misused or accessed it maliciously.

We reached out to Volkswagen for comment but did not hear back by our deadline.

VW emblem on vehicle (Kurt “CyberGuy” Knutsson)

THE AI-POWERED GRANDMA TAKING ON SCAMMERS

How can this data leak affect you?

The Volkswagen data leak is more than just a tech issue. It is a real concern for anyone who values their privacy. With precise location data out in the open, someone could figure out where you live, work or spend your free time. This information could be misused in many ways, from targeted scams where hackers pretend to be Volkswagen or its partners to trick you into giving up sensitive information, to more personal threats like stalking or harassment.

Imagine someone knowing your daily routine or identifying places you visit that you would prefer to keep private. Visits to clinics, legal offices or other sensitive locations could expose you to embarrassment or blackmail. 

The breach also raises concerns for business leaders, government officials and military personnel as their movements linked to high-security or restricted areas could be exposed, increasing the risk of corporate espionage or national security threats. Moreover, when paired with other vulnerabilities, such as app credentials, hackers could potentially exploit the data to unlock or even control vehicles remotely.

VW electric SUV (Kurt “CyberGuy” Knutsson)

THE ONE SIMPLE TRICK TO HELP KEEP OUT CYBER CREEPS ON IPHONE

6 ways you can stay safe after this leak

In light of the recent Volkswagen data breach, it is crucial to take proactive measures to safeguard your personal data. Here are 6 ways you can stay safe after this leak:

1) Check your app settings: Review the permissions and data-sharing settings in your car’s companion app. Disable features that track or share your location if they are not essential for your use. Regularly update the app to ensure you have the latest security patches.

2) Be alert to scams: Keep an eye out for suspicious emails, messages or calls pretending to be from Volkswagen or related services. Avoid clicking on links or sharing sensitive information without verifying the sender.

3) Consider data opt-out options: Many vehicles with online features allow you to limit or disable certain data-sharing functionalities. Check your car’s settings to reduce the amount of personal data being collected.

4) Strengthen your online accounts: If you use the same email or password across multiple accounts, update them immediately. Enable two-factor authentication wherever possible to add an extra layer of security to your accounts.

5) Beware of snail mail scams: While most people focus on digital threats, physical mail scams can also follow a data breach like this. If your contact information was exposed, you might receive fraudulent letters pretending to be from Volkswagen or related services. These could ask for payments, personal details or even encourage you to visit fake websites.

6) Install strong antivirus software: Ensure that you have strong antivirus software installed on all your devices, especially those connected to your vehicle or its apps. This can help protect you from malicious links that install malware, potentially accessing your private information. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

30% OF AMERICANS OVER 65 WANT TO BE REMOVED FROM THE WEB. HERE’S WHY

Kurt’s key takeaway

The Volkswagen data leak is a glaring example of how companies need to take user data security more seriously. Exposing personal details and precise locations is not just a technical mistake. It is a massive breach of trust. While VW has patched the issue, the damage shows how important it is for businesses to be more responsible with the data they collect. People deserve to know their information is safe and used only when necessary. If companies cannot protect their customers’ privacy, they risk losing their confidence altogether. It is time for the industry to step up and do better.

Do you think stricter regulations should be in place for companies that handle user data? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Decentralized social network Mastodon has announced plans to transfer its ownership to a new nonprofit entity. Ownership of Mastodon will move away from the control of CEO Eugen Rochko, in contrast to the power exerted by other social media CEOs like Meta cofounder Mark Zuckerberg and X owner Elon Musk.

“Simply, we are going to transfer ownership of key Mastodon ecosystem and platform components to a new nonprofit organization,” Mastodon says in a blog post, “affirming the intent that Mastodon should not be owned or controlled by a single individual.”

Rochko, who founded Mastodon in 2016, will take on a new role with a focus on product strategy while ownership moves to a new not-for-profit entity based somewhere in Europe, with the exact location still to be finalized. The organization is currently headquartered in Germany, where it was a nonprofit until its charitable status was stripped last year. This move is a way of restoring Rochko’s original intent for Mastodon.

“When founder Eugen Rochko started working on Mastodon, his focus was on creating the code and conditions for the kind of social media he envisioned,” Mastodon says. “The legal setup was a means to an end, a quick fix to allow him to continue operations. From the start, he declared that Mastodon would not be for sale and would be free of the control of a single wealthy individual, and he could ensure that because he was the person in control, the only ultimate decision-maker.”

In the short term, nothing should change for users. Mastodon will continue to host the mastodon.social and mastodon.online servers and support its federated network. Routine code development and bug fixes are ongoing, though the announcement adds that “changes are definitely in the pipeline.”

“Our core mission remains the same: to create the tools and digital spaces where people can build authentic, constructive online communities free from ads, data exploitation, manipulative algorithms or corporate monopolies,” Mastodon says.