Controversial gunshot-detection company ShotSpotter has deployed more than 25,000 microphones across 170 cities worldwide. This week, WIRED and South Side Weekly revealed the company may continue to provide gunshot data to police in cities even after contracts have ended. Internal emails seen by the publications suggest ShotSpotter sensors may have stayed online despite law enforcement deals having expired, raising questions about what will happen to 2,500 microphones in Chicago when its contract runs out at the end of the year.

Elsewhere, Change Healthcare finally admitted to paying a ransom to the AlphV hackers, also known as BlackCat, that extorted the medical company. Weeks ago, WIRED revealed the attackers were paid $22 million, one of the largest ransomware payments ever. However, in a statement this week the company admitted for the first time that it paid the ransom as part of its effort “to do all it could to protect patient data from disclosure.” Some of that data still found its way onto the dark web.

In another successful grift, researchers have found animators in North Korea creating artwork for major Hollywood studios. A misconfigured North Korea cloud server, discovered at the end of last year, contained thousands of animation files, notes, and working documents for productions of shows that stream on Amazon Prime Video and Max. The companies likely didn’t know workers from the Hermit Kingdom were creating the artwork, but it’s another example of how North Korea is using skilled workers to circumvent sanctions and make the regime money.

Meanwhile, Cisco revealed this week that some of its devices, called Adaptive Security Appliances, have been targeted by state-sponsored hackers who exploited two zero-day vulnerabilities in the systems. The attack, dubbed ArcaneDoor, is believed to have had an espionage focus and sources suspect China’s state-backed hackers may be the culprits.

The November presidential elections may still be months away, but the next US president will have increased surveillance capabilities. This week Joe Biden signed a controversial bill extending and enhancing Section 702 of the Foreign Intelligence Surveillance Act. FISA allows spy agencies to collect Americans’ calls, emails, and more when pursuing foreign intelligence. Critics say the changes are “a gift to any president who may wish to spy on political enemies.”

That’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

In January, an Instagram account in Baltimore, Maryland, posted an alleged audio recording of local school principal Eric Eiswert making racist and antisemitic comments. Baltimore County Public Schools quickly opened an investigation into the incident. However, this week, a former athletic director at Pikesville High School was arrested after police said he used artificial intelligence software to create the fake audio clip of Eiswert. The audio included comments about “ungrateful Black kids” and disparaging remarks about the Jewish community.

Dazhon Darien, the former staff member, was arrested after being stopped in possession of a gun at an airport when officials saw there was an outstanding arrest warrant, the Baltimore Banner reported. The media organization reports that Darien was charged with disrupting school activities and stalking. The fake clip was allegedly made in retaliation for the principal investigating Darien over irregular payments to his roommate.