Ireland DPC Fines Meta $275 Million for Data Privacy Breach

Meta Platforms has been fined $275 million for violating European Union privacy rules, the result of a 2021 data leak that led to the online publication of personal information belonging to 500 million Facebook users. The penalty is the latest imposed on Meta by Ireland’s Data Protection Commission, which in September imposed a $400 million penalty on Instagram for mishandling children’s data. In October 2021, the same regulator fined Meta $235 million for violations by its WhatsApp messaging service. In total, Irish authorities have imposed penalties of more than $900 million on Meta in the past two years. Continue reading Ireland DPC Fines Meta $275 Million for Data Privacy Breach

WhatsApp Debuts Communities with End-to-End Encryption

Meta Platforms is globally releasing a major update for WhatsApp called Communities, which doubles the number of group chat members to 1,024, and adds video (and voice) for up to 32. Designed for schools, clubs, churches, the workplace and other organizations, Communities features include support for sub-groups, admin controls and in-chat polls. “We’re aiming to raise the bar for how organizations communicate with a level of privacy and security not found anywhere else,” the company said of the upgrade, stressing end-to-end encryption. In fact, Communities are not publicly discoverable, requiring an invitation. Continue reading WhatsApp Debuts Communities with End-to-End Encryption

Exposed Database of Facebook User Data Is Found Online

More than 419 million records of Facebook users in the United States, United Kingdom and Vietnam — including Facebook IDs and user phone numbers — were recently found online (although Facebook disputes that number). The exposed server was reportedly not password-protected, which suggests the database was accessible to anyone. The server contained user data across multiple databases that could potentially enable spam calls and SIM-swapping attacks. According to Facebook, the breach involved user data collected prior to the introduction of new security measures. The company has since taken the exposed data set offline.  Continue reading Exposed Database of Facebook User Data Is Found Online

Phone Companies Adopt New Plan to Combat Robocallers

A dozen major phone companies — including mobile and broadband service providers such as AT&T, Comcast, Sprint, T-Mobile and Verizon — are teaming with 51 attorneys general from across the U.S. to introduce call-blocking tech and additional measures designed to help regulators take on scammers by preventing robocalls. According to Irvine, CA-based call-blocking service YouMail, robocalls reached 4.7 billion consumers in July alone. “Robocalls are a scourge — at best, annoying, at worst, scamming people out of their hard-earned money,” said North Carolina attorney general Josh Stein. Continue reading Phone Companies Adopt New Plan to Combat Robocallers

Facebook Says Spammers, Not Nation-State, Behind Breach

Facebook’s internal investigation into the recent data breach that affected 30 million user accounts has concluded that the hack was the work of spammers disguised as a digital marketing company, and not foreign nationals. Facebook believes the attack was initiated by a group of Facebook and Instagram spammers that intended to make money by means of deceptive advertising. The FBI is continuing its investigation into the hack, which is the worst security breach in the social network’s 14-year history. Continue reading Facebook Says Spammers, Not Nation-State, Behind Breach

Facebook’s Zuckerberg to Testify Before Congress Next Week

In light of Facebook’s latest revelation that data from as many as 87 million users — not the 50 million figure originally reported — was improperly shared with Cambridge Analytica, CEO Mark Zuckerberg admitted he made a “huge mistake” by not paying more attention to the potential for abuse. Facebook further revealed that marketers, using a now-disabled feature that distributed profile data connected to email addresses and phone numbers, could have harvested data from “most people on Facebook.” Zuckerberg is scheduled to appear before federal committees next week. Continue reading Facebook’s Zuckerberg to Testify Before Congress Next Week

Security Update: 3 Billion Yahoo Accounts Hit in 2013 Attack

Yahoo announced yesterday that all 3 billion of its user accounts were affected by a previously disclosed August 2013 cyberattack, originally reported by the company as affecting 1 billion accounts. Yahoo had earlier reported that a separate 2014 attack affected 500 million accounts. Last year we learned that, “digital thieves made off with names, birth dates, phone numbers and passwords of users that were encrypted with security that was easy to crack,” according to The New York Times. “The intruders also obtained the security questions and backup email addresses used to reset lost passwords.” Continue reading Security Update: 3 Billion Yahoo Accounts Hit in 2013 Attack

Yahoo: Second Data Breach Involves 1 Billion User Accounts

In September, Yahoo revealed a 2014 security breach that involved 500,000 of its users’ accounts. Now the company has announced an even larger data breach from 2013 involving more than one billion accounts, including those of more than 150,000 government and military employees. “The two attacks are the largest known security breaches of one company’s computer network,” reports The New York Times. “The newly disclosed 2013 attack involved sensitive user information, including names, telephone numbers, dates of birth, encrypted passwords and unencrypted security questions that could be used to reset a password.” Continue reading Yahoo: Second Data Breach Involves 1 Billion User Accounts

Hackers Steal Data From Half a Billion Yahoo User Accounts

In what could mark the largest-ever theft of personal data, Yahoo has confirmed that more than 500 million of its user accounts were hacked in late 2014. The Internet company is pointing the blame at state-sponsored hackers who reportedly stole names, email addresses, birth dates, phone numbers and encrypted passwords after breaking into the Yahoo network. The company does not believe the hack impacted unprotected passwords or financial data such as payment card or bank account info. The breach was discovered after Yahoo began investigating a claim by hackers who were attempting to sell 280 million usernames and passwords. Continue reading Hackers Steal Data From Half a Billion Yahoo User Accounts

Twitter Launches “Quality Filter” to Help Combat Cyberbullies

Twitter wants to put an end to cyberbullying on its popular social platform. CEO Dick Costolo recently addressed the issue in an internal memo and mentioned plans to intervene against abusive Twitter users whenever possible. Among those plans is the “quality filter,” a feature designed to help verified users remove inappropriate, offensive and abusive Tweets from their notifications timeline. As of now, the new feature is only available to iOS users with verified Twitter accounts.  Continue reading Twitter Launches “Quality Filter” to Help Combat Cyberbullies

Third Party Site May Have Stored 200,000 Snapchat Images

Members of anonymous online messaging forum 4chan claim to have access to as many as 200,000 Snapchat photos through a third-party app called Snapsaved. The smartphone tool allows creators to store photos from their Snapchat accounts. Anonymous members have said that a link will be posted, allowing users to download the photos. It is not clear who created Snapsaved, and the app’s site is no longer working. Meanwhile, Snapchat claims that its servers have not been compromised.

Continue reading Third Party Site May Have Stored 200,000 Snapchat Images

Why Analysts Are Concerned About the JP Morgan Data Breach

In an era of system hacks becoming more common, JP Morgan is the latest to report a massive breach of customer information. While the company believed a few weeks ago that only one million accounts were affected, it now reports that 76 million households and 8 million small businesses were part of the data breach. While recent breaches have largely involved retailers, some analysts are more concerned about the JP Morgan case, especially since banks tend to have more sensitive data about their customers. Continue reading Why Analysts Are Concerned About the JP Morgan Data Breach