The Brief

Topline:

The backstory: On April 30th 1975, North Vietnamese troops captured Saigon, the capital of South Vietnam, effectively ending the Vietnam War. US troops had left about two years earlier.

What's been happening: In the run-up to the anniversary, a stretch of the 405 Freeway was designated as the Little Saigon Freeway. And a post office in Westminster was renamed the "Little Saigon Vietnam War Veterans Memorial Post Office."

The day of: The city of Westminster will hold its annual Black April event on Wednesday. Since last week, the city has been flying the South Vietnamese flag at half-staff at the Vietnamese-American War Memorial at Sid Goldstein Freedom Park.

General Motors agreed to pay $12.75 million in civil penalties for selling driving data of hundreds of thousands of California motorists to data brokers, allegedly without their consent.

The settlement, announced Friday, is the largest ever for violations of the California Consumer Privacy Act, a 2018 law that requires companies to tell consumers about how their data is shared and to respect requests to stop the sharing.

It stemmed from an investigation by California Attorney General Rob Bonta, several county district attorneys, and the California Privacy Protection Agency, which enforces the privacy act. They said General Motors misled drivers who paid for the emergency roadside and navigation service OnStar and made approximately $20 million from the unlawful sale of their data between 2020 and 2024. The information included names, location information, driving behavior, and contact information, Bonta said, which went to the data brokers LexisNexis Risk Solutions and Verisk Analytics.

“This trove of information included precise and personal location data that could identify the everyday habits and movements of Californians,” Bonta said in a press release.

The settlement also requires GM to stop selling data to any consumer reporting agencies for five years and submit privacy assessments to the state, among other provisions. It followed a similar agreement between the Federal Trade Commission and GM earlier this year and California settlements with Honda and Ford over the past 14 months for their own violations of the privacy act.

California’s investigation of GM began after a 2024 New York Times investigation found GM collected data about millions of drivers nationwide and sold it to insurance companies in order to charge the drivers higher premiums. Californians were not impacted by those premium hikes because a state law prohibits insurers from using driving data to set insurance rates, Bonta said.

Bonta told CalMatters at a press conference Friday that it’s unclear if location data collected by General Motors was used by other companies to make predictions about the prices people are willing to pay for goods. That practice is better known as surveillance pricing and can leverage location data. Target paid $5 million to settle a suit from San Diego County’s district attorney over its alleged use of location for the technique. Bonta’s office began an investigation into the surveillance pricing practices of businesses in January.

“I understand that there could be some overlap and maybe we'll discover something in our investigation in surveillance pricing, but that wasn't the focus of this case,” he said.

Los Angeles District Attorney Nathan Hochman said the case started with one person finding location data in a report they requested about the data collected on them. That discovery, he added, led to investigations by journalists, prosecutors, and regulators.

“This case shows more than anything that one consumer can make a huge difference,” he said.

Though the settlement isn’t much compared to the $2.7 billion in net income that General Motors made last year, Hochman called it an indication that companies should expect higher penalties in the future. California reached a privacy law violation settlement with Disney in February for $2.75 million, previously the largest of its kind.

In a statement shared with CalMatters, General Motors spokesperson Charlotte McCoy said, “This agreement addresses Smart Driver, a product we discontinued in 2024, and reinforces steps we’ve taken to strengthen our privacy practices. Vehicle connectivity is central to a modern and safe driving experience, which is why we’re committed to being clear and transparent with our customers about our practices and the choices and control they have over their information.”

Californians will soon have a new protection against companies that use their data without their consent. Starting August 1, the more than 500 data brokers registered with the state must comply with requests California residents can make using an online tool known as the Delete Request and Opt-out Platform, or DROP. The privacy protection agency introduced the tool earlier this year.

This article was originally published on CalMatters and was republished under the Creative Commons Attribution-NonCommercial-NoDerivatives license.

For nearly a year, people walking down Wilshire Boulevard in Koreatown have passed a small patch of what used to be one of the few public park spaces in the neighborhood. It’s now locked behind a tall chain link fence.

Inside, the grass is overgrown and trash is piled up along the edges. The memorial to Sen. Robert F. Kennedy — built at the site where he was assassinated in 1968 at the Ambassador Hotel — has fallen into disrepair.

The Los Angeles Unified School District fenced off RFK Inspiration Park, located on Wilshire Boulevard. Nearly a year later, the district is considering reopening the space, but only to students at the adjacent RFK Community Schools.

That’s frustrating for some neighbors, who say the park used to belong to everyone.

“I remember the park being open and suddenly a few months after, it was gated,” said Vanessa Aikens, who lives a few blocks away. “I was just wondering why they gated the area because there seemed to be a lot of people interacting with it.”

There has been little information relayed to the community about why.

“We have a number of our members who live right around there and so there’s an angle of access to green space, the access to a safe space for our homeless neighbors,” said Yuval Yossefy, treasurer of Ktown for All, an all-volunteer grassroots organization serving Koreatown’s unhoused community. “This went basically unnoticed.”

Enrique Legaspi, assistant principal at RFK Community Schools, said the school and the district are discussing using the park again, including for classes and student activities. LAUSD confirmed that school leaders have expressed strong interest in using the space for outdoor learning, art programs and student wellness activities.

Officials plan to involve the school community and nearby residents as plans take shape, but they have not given a timeline or said whether the park will reopen to the public.

Koreatown lacks parks

For years, the city’s Department of Recreation and Parks operated and maintained the park under an agreement with the school district dating back to 2010. At the time, the public was allowed to use the space.

Last March, the department stepped away. By then, it had already been taking on costs outside what the 2010 agreement required.

“RAP communicated uncertainty about its ability to sustain long-term maintenance due to staffing and funding constraints,” said Deirdra Boykin, a department spokesperson.

For people who live nearby, the loss of the park has been simple and immediate: there’s nowhere else like it.

“There are no parks around where I live,” Aikens said. “Now I just walk straight down the street.”

In a neighborhood with such limited park space, the memorial park went relatively unnoticed.

“There definitely isn’t enough green space here,” said Emere Alademir, 23, who lives nearby. “I’m originally from Toronto and everywhere they have green space.”

People who never used the park say they would visit if it reopened.

“I’ve never actually gone in but I would be open to coming here if it reopens,” said Wendy Kim, 70, who has lived in the neighborhood for 40 years. “Why not? It’s good for everyone.”

Kim, who splits her time between LA and Seoul, said the parks in Seoul are much better maintained than the ones in LA, and that when she craves nature, she travels out of the city for a hike.

“But every place is different and here, the homeless issue is out of hand. That’s just the reality,” she said.

The fence goes up

Public records obtained by Yossefy and reviewed by The LA Local show that city and LAUSD officials coordinated the park’s handoff around a May 22 encampment removal and cleanup, after which LAUSD took control of the site and moved forward with fencing it off. The emails do not explicitly state that the park was fenced because unhoused people were there, but they show encampment removal was a central part of the transition plan.

Volunteers with Ktown For All, who do weekly outreach to the unhoused community in the area, said they were used to seeing people at the park every Saturday.

“It’s just like all of a sudden the fence was there,” said Nicolas Emmons, who has been doing outreach near RFK since around 2021.

Emmons and others said that while some unhoused residents stayed in the park, the majority of the park was open and available.

“At its peak, it was only a small percentage of the park that was being used by people to live in,” he said. “Some of the people that lived there even took it upon themselves to clean the area around their setup.”

Eunice Jeon, another volunteer with the organization, said they had built relationships with people there over several years.

“We regularly saw people there and had built relationships with people there,” she said. “They respected and treated the park well.”

Jeon added that despite restricting access, the closure has not visibly improved the space.

“If anything I would say the park is in worse state ever since the fence has gone up despite nobody being in there,” she said.

Jeon said many individuals she encountered were navigating complex barriers to housing and services, often caught in bureaucratic loops that made it difficult to access help.

“A lot of the time they’re limited by transportation. Some services don’t allow certain things. They need an address, but in order to get something mailed, they need their driver’s license, which they don’t have because they don’t have an address,” she said.

In email chains included in the public records, officials also discussed installing permanent wrought iron fencing at the site. When asked if that remains the plan, LAUSD said the project is still in the “planning phase” and that details, including potential site features, have not been finalized.

“If the park is fenced off, nobody can access it. It doesn’t provide you any use,” Yoseffy said. “There are a number of people that can’t access this park, whether they were sleeping in this park, or they used the park to exercise, if they liked to sit and read — none of those things can happen there anymore because it’s completely closed off.”

Public records show little evidence of public notice. One email mentions posting notices at the park ahead of the cleanup, but there was no formal announcement made to residents that the park — which had been open to the public for years — would be closed and no longer accessible.

“I think that a public space is meant to be used by the public, including the unhoused,” Jeon said. “That’s something they need to address instead of locking up the parks. That’s a failure of the city. Kicking them out won’t keep anyone safer if they have fewer and fewer places to go.”

LA Local reporter Marina Peña contributed to this report.

The online education platform Canvas went offline after a data breach on Thursday, temporarily leaving students and faculty at thousands of U.S. colleges — and K-12 schools — without access to course materials and communications during finals period.

"I'm sure somewhere in the country when the outage happened, there probably were people actually taking final exams on the platform when it crashed," says Damon Linker, a senior lecturer in political science at the University of Pennsylvania.

Thirty million users — including at half of the higher education institutions in North America — rely on Canvas to manage courses, submit assignments, view grades and facilitate communication, according to its parent company, Instructure.

But when Linker and many other users tried to do so on Thursday afternoon, they met a black screen and a warning message.

"ShinyHunters has breached Instructure [again]," it read. "Instead of contacting us to resolve it they ignored us and did some 'security patches.'"

ShinyHunters is the same entity that took credit for a massive Ticketmaster data breach in 2024. Like many such groups, it's a cluster of young people working remotely together, "kind of like a ransomware gang," says Rachel Tobac, the CEO of SocialProof Security, which trains people and companies to defend themselves against hackers.

ShinyHunters wrote on a threat intelligence website earlier this week that the initial breach on Saturday involved data — including private messages — from 275 million students, teachers and staff at nearly 9,000 schools worldwide. The group said Thursday that affected schools can prevent the release of their data by consulting with cyber advisory firms and negotiating settlements through the encrypted chat platform Tox.

"You have till the end of the day by 12 May 2026 before everything is leaked," the hackers wrote.

Instructure has confirmed a series of cybersecurity breaches this week and provided status updates on its website. It said the breach only appeared to involve identifying information like names, email addresses, student ID numbers and user messages — no passwords, birth dates, government identifiers or financial information.

Instructure confirmed on an FAQ page that it started an investigation after it first detected unauthorized activity in Canvas on April 29, and took Canvas offline on Thursday after that same unauthorized actor "made changes that appeared when some students and teachers were logged in." They said the actor exploited an issue with its Free-for-Teacher accounts, which it has temporarily shut down.

"This gives us the confidence to restore access to Canvas, which is now fully back online and available for use," it said in a statement to NPR. "We regret the inconvenience and concern this may have caused."

It's not clear whether Instructure paid a ransom or what the return of Canvas access could mean for the hackers' May 12 deadline.

Tobac says Canvas could be back online because of a successful negotiation, or because the hackers "didn't get super far in their attack." Either way, she says users should stay vigilant, especially for phishing messages — whether it's someone posing as Canvas prompting a password change, or pretending to be a professor sending course materials.

"I would operate under the assumption that there's going to be some knock-on effects here," she says.

Not everyone got back online immediately 

Just before midnight on Thursday, Instructure posted online that "Canvas is now available for most users," though two separate services, Canvas Beta and Canvas Test, remained in maintenance mode.

Students and faculty at at least some schools were still unable to access Canvas on Friday — either because service had not yet been restored or because administrators warned them to stay away.

Penn State University, for example, said Friday morning that while the school's Canvas access had been partially restored, it was "not yet ready for use."

"Technical teams at Penn State are actively working to prepare the system for our community," it added. "As access is restored, Canvas integrations and related services will be brought back online in phases."

Several schools have taken similar approaches, either temporarily disabling Canvas access or outright asking users to steer clear. The University of California said across its schools, "Canvas access will not be restored until we are confident the system is secure."

And it's not just higher education: The Montgomery County Public School system in Maryland alerted families on Friday morning that even as service returned, it is "continuing to test and review systems before restoring access."

Tobac says this could mean that schools think the attackers might still be within their systems, potentially stealing information like passwords and messages.

"The attackers probably got some sensitive information and … [schools] don't want this information out online," she says.

Many schools are urging users to be on high alert for any unsolicited emails or messages that appear to come from Canvas, especially those requesting login credentials, as Georgetown University warned. The University of Amsterdam — which says it's one of 44 Dutch educational institutions affected — also recommends people change their passwords on any other sites where they use the same one.

Tobac also recommends using a password manager — to generate long, random passwords for each login — and turning on multi-factor authentication for all online accounts, not just Canvas. She says any student or professor who gets a suspicious call, text or email should "use another method of communication to verify what is authentic."

"Even if there was no breach yesterday, I would say these are the things that I recommend you do," she adds, urging people to "be politely paranoid."

The breach disrupts finals, highlights vulnerabilities

Several schools affected by the breach have already postponed or outright scrapped some final exams, with others warning students and professors that they might need to do so.

The University of Illinois is postponing all final exams and assignments scheduled through Sunday. Penn State canceled certain exams scheduled for Thursday night and Friday, saying it was working with faculty to "determine next steps for final grading" and urging students to check their emails (not Canvas) regularly in the meantime. And Baylor University delayed Friday exams and asked all faculty to send students "whatever study materials they have on their local computers to students as soon as possible."

The breach has underscored how much of academia relies on a single, centralized platform.

Linker, of UPenn, told NPR that he received an influx of panicked messages from students on Thursday afternoon when they suddenly couldn't access PowerPoints, readings and previous exams as they tried to study for Monday's final.

"The problem with using a platform like Canvas is that most [students] are not going to have the readings available printed out or on their laptops," he explains. "It all lives on the online platform, and if that platform goes down, they have no way to access them."

He told students on Thursday that he would upload the course materials to another platform (like Dropbox or Google Docs) if Canvas access wasn't restored by Friday morning. Fortunately, he says, it came back online shortly before 9 a.m. ET.

But Linker says he has concerns about relying fully on Canvas in the future.

"Given what this has exposed, the vulnerability involved and also the concern with the data breaches, I'm starting to rethink whether this is really a wise way to proceed," he says.

One example of that is grading. Linker says Canvas makes it so easy to calculate and weigh students' scores — on individual assessments and overall — that it's come to function as a digital grade book. Going forward, he says he may start keeping an analog record of students' grades just in case.

While Canvas does have competitors like Blackboard, Linker says he doesn't think any would be less vulnerable to a future breach. And Tobac agrees.

"The problem is not that this one website had this cyber event, right? Because nothing in this world is unhackable," she says. "The thing that we have to think about is disaster recovery: How do we continue doing business when there is a cyber event, and how do we do our very best to keep the bad actors out?"

Tobac says this week has shown that many institutions did not have a clear plan for how students and professors can be in touch and access course materials without Canvas. She said those plans should vary based on schools' different circumstances and schedules — which might explain why some are proceeding with finals as usual while others are scrapping exams altogether. But she'd like them to approach the immediate aftermath with one common goal.

"We have to treat people with dignity and respect," Tobac says. "And I hope that that is something that the institutions do, within their timelines and constraints."
Copyright 2026 NPR