Capital One Breach Exposes Data of 106 Million Customers

A hacker accessed the personal data of about 106 million credit card customers and applicants of Capital One Financial, the fifth-largest credit card company in the U.S., making it one of the biggest such breaches of a large bank. Federal authorities arrested 33-year old Paige Thompson, who is accused of breaking through the bank’s firewall to access data stored on Amazon’s cloud service. Most of those exposed by the hack were customers and small businesses who applied for credit cards between 2005 and early 2019. Continue reading Capital One Breach Exposes Data of 106 Million Customers

SEC Fines Facebook $100 Million Over Misuse of User Data

The Securities and Exchange Commission fined Facebook $100 million to settle a case related to Cambridge Analytica, which in 2014-2015 collected Facebook data — including names, genders, locations, birthdays and “page likes” — of about 30 million Americans to create “personality scores” and ultimately use it for Donald Trump’s presidential election campaign. When Facebook discovered this misuse of data in 2015, it didn’t reveal what had happened for two years, during which time it presented the issue of data misuse as hypothetical. Continue reading SEC Fines Facebook $100 Million Over Misuse of User Data

2017 Data Breach Likely to Cost Equifax Up to $700 Million

In September 2017, hackers broke into credit agency Equifax, compromising almost 150 million Social Security numbers and other personal information. Now, according to sources, under the terms of an agreement with the Federal Trade Commission, Consumer Financial Protection Bureau and most state attorneys general, Equifax will pay about $700 million to settle with these agencies as well as a nationwide consumer class-action lawsuit. The exact amount of the settlement depends on the number of consumer claims ultimately filed. Continue reading 2017 Data Breach Likely to Cost Equifax Up to $700 Million

Google Chrome Extension Alerts Users to Password Issues

To combat data breaches, Google has created a Chrome extension to provide a “password checkup” that compares users’ passwords with a database of four billion unique usernames and passwords that have been compromised. The extension works in the background, only showing a warning if it finds a match. That’s all it does: it is not a password manager that determines how weak or strong passwords are. Google accounts, often the key to a user’s email address, are breached mainly because people reuse passwords on multiple sites. Continue reading Google Chrome Extension Alerts Users to Password Issues

Have You Been Hacked? Very Likely In Light of Mega-Breach

Security researcher Troy Hunt, who offers a way to search if your email addresses or passwords have been breached, maintains Collection #1, the largest breach ever, which holds 772,904,991 unique emails and 21 million unique passwords, all of which have been recently posted to a hacking forum. Those numbers represent a “cleaned-up” version of the raw data, which comprise 2.7 billion rows of email addresses and passwords, including over one billion unique combinations of hacked emails and passwords. Continue reading Have You Been Hacked? Very Likely In Light of Mega-Breach

Facebook Discloses Breach of User Photos to Third-Party Apps

Facebook said it discovered a bug that allowed unauthorized access to third-party apps of private photos, impacting about 6.8 million users. Facebook engineering director Tomer Bar said the company fixed the issue that allowed such apps “access to a broader set of photos than usual.” Starting with the Cambridge Analytica harvesting of user data, Facebook has had a string of problems related to data privacy, most recently with a serious hack in September that compromised the Facebook accounts of millions of users. Continue reading Facebook Discloses Breach of User Photos to Third-Party Apps

Facebook Says Spammers, Not Nation-State, Behind Breach

Facebook’s internal investigation into the recent data breach that affected 30 million user accounts has concluded that the hack was the work of spammers disguised as a digital marketing company, and not foreign nationals. Facebook believes the attack was initiated by a group of Facebook and Instagram spammers that intended to make money by means of deceptive advertising. The FBI is continuing its investigation into the hack, which is the worst security breach in the social network’s 14-year history. Continue reading Facebook Says Spammers, Not Nation-State, Behind Breach

Tidal Streaming Music Service Accused of Falsifying Streams

Jay-Z’s streaming music service Tidal was accused by Norwegian newspaper Dagens Næringsliv and the Norwegian University of Science and Technology (NTNU) of data manipulation, claiming the company faked many millions of streams for Beyoncé’s “Lemonade” and Kanye West’s “The Life of Pablo” albums. That’s considered fraud since labels and rights holders are paid based on the number of streams. Tidal denies the charges but investigators are reportedly looking into the possibility of a data breach. Continue reading Tidal Streaming Music Service Accused of Falsifying Streams

California Passes Tough New Law to Protect Online Privacy

The California State Legislature quickly passed a digital privacy law that gives consumers much more control over their online personal data. Governor Jerry Brown signed the law into effect, narrowly beating a deadline to remove another, tougher initiative headed for the November ballot. Consumers now have the right to know what information tech companies are collecting, and why they’re collecting it, as well as with whom they are sharing it. Consumers can also demand their data be deleted or not sold or shared. Continue reading California Passes Tough New Law to Protect Online Privacy

Hacker Accessed Customer Data From Orbitz Legacy System

Popular travel booking site Orbitz, owned by Expedia, confirmed yesterday that it “identified and remediated a data security incident affecting a legacy travel booking platform.” The company explained that a hack late last year exposed customer data and billing information spanning two years. Personal data may have included birth dates, mailing addresses, email addresses, gender, payment card info, and more. According to Orbitz, about 880,000 credit cards may have been affected. However, the company noted that the current Orbitz.com site was not breached. Continue reading Hacker Accessed Customer Data From Orbitz Legacy System

Debate Erupts After Reports of Access to Facebook User Data

Lawmakers in the U.S. and U.K. are demanding answers from Facebook and CEO Mark Zuckerberg after reports surfaced over the weekend that data analytics company Cambridge Analytica was able to exploit the personal data of 50 million Facebook users without their permission — data that was reportedly used in the 2016 Trump presidential campaign and the Brexit referendum. Facebook announced that it suspended Cambridge Analytica after learning Facebook policies specifying how third-party developers can deploy user data had been violated. Continue reading Debate Erupts After Reports of Access to Facebook User Data

Facebook Lists its Privacy Principles as EU’s Data Laws Loom

Before the European Union’s General Data Protection Regulation (GDPR) goes into effect on May 25, Facebook plans to debut a new privacy center that will be a hub for all its privacy settings. The company also published its “privacy principles” for the first time, with details of how it handles user information. Chief operating officer Sheryl Sandberg says the result will be a “good foundation” for meeting GDPR’s requirements. The GDPR limits how technology companies collect, store and utilize users’ personal information. Continue reading Facebook Lists its Privacy Principles as EU’s Data Laws Loom

New Uber CEO Faces the Impact of Undisclosed Data Breach

Uber Technologies acknowledged that one year ago it paid hackers $100,000 to hide a data breach that impacted 47 million accounts. The company fired then-chief security officer Joe Sullivan and deputy Craig Clark for both the breach itself and concealing it. The hackers got the names, emails and phone numbers of millions of riders as well as 600,000 drivers’ license numbers, although apparently Social Security numbers and credit card numbers were not accessed. Uber says it will inform those impacted by the breach in “coming days.” Continue reading New Uber CEO Faces the Impact of Undisclosed Data Breach

Europe to Employ Stricter Protection Rules for Personal Data

Since 1995, European businesses and organizations have operated under data protection rules specific to an era of much less digital data. To update the rules, the European General Data Protection Regulation (GDPR) will launch on May 25, 2018, and numerous GDPR experts are ready to profit off of their offer to help businesses get ready. U.K. information commissioner Elizabeth Denham dubs much of the activity as “scaremongering,” saying that companies that complied with the older rules won’t have to deal with major changes. Continue reading Europe to Employ Stricter Protection Rules for Personal Data

Under Senate Grilling, Equifax Says It Owns Consumer Data

Members of the Senate Commerce Committee interrogated Equifax interim chief executive Paulino do Rego Barros, but not about the widely reported hack that compromised the personal data of more than 145 million U.S. consumers. The committee wanted to know why Equifax was storing the information to begin with, challenging Equifax’s right to profit from such personal information. The highlight of the meetings thus far has been Barros’ assertion that Equifax, not consumers, own the data collected about them and that people cannot remove themselves from the company files. Continue reading Under Senate Grilling, Equifax Says It Owns Consumer Data

Page 1 of 212