![]() ![]() As security researcher Mikko Hypponen pointed out on Twitter, attackers exploited the contact importer flaw to create “an address book with every phone number on the planet and then asked Facebook if his ‘friends’ are on Facebook.”įacebook said it fixed the contact importer flaw in 2019 after it had learned hackers were exploiting it. In 2018, Facebook CEO Mark Zuckerberg was grilled by Congress over Facebook’s role in the Cambridge Analytica scandal, in which a political consulting firm accessed the personal data of nearly 87 million Facebook users.īut a flaw in Facebook’s contact importer tool made it possible for bad actors to see “the phone number linked to every Facebook account,” Gal said. In 2019, a security researcher revealed that the data of 267 million Facebook users was exposed online. The data leak is another major blow to Facebook’s reputation in data privacy. In such attacks, a hacker could theoretically use leaked data like a phone number to build trust with users, eventually persuading them to reveal more significant information like a Social Security number. Gal said that it’s almost certain hackers will use the leaked data for online scams, including “social engineering” attacks. ![]() Some of the leaked information included Facebook IDs, location information, full names, birth dates, email addresses, account creation dates, relationship status, and bios. It currently has 40 inquiries open into such companies, including 13 involving Meta.Data from over half a billion Facebook users was leaked online, potentially exposing personal information such as phone numbers and email addresses to hackers.Īlon Gal, the chief technology officer of cybercrime intelligence firm Hudson Rock, revealed the data leak this past weekend, saying via Twitter “that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.” The DPC regulates Apple, Google, TikTok and other technology platforms owing to the location of their EU headquarters in Ireland. We are likely to see increased debate about whether such fines actually influence corporate behaviour or if some companies simply see them as an added cost of doing business.” ![]() ![]() “GDPR envisaged the imposition of such fines in part to serve as a deterrent to other companies which might consider breaching the law. “By any measure, these are significant fines,” said David Hackett, head of data protection in the Ireland office of law firm Addleshaw Goddard. However, one legal expert questioned whether strong enforcement of the EU’s General Data Protection Regulation would have the deterrent effect that it intended. In September Meta was fined €405m for letting teenagers set up Instagram accounts that publicly displayed their phone numbers and email addresses, while in March the watchdog fined Meta €17m for further GDPR breaches and in September last year it fined Meta’s WhatsApp €225m over “severe” and “serious” infringements of GDPR. The punishment brings the total amount of fines imposed on Meta by the DPC to nearly €1bn since September last year. Unauthorised data scraping is unacceptable and against our rules.” In a statement Meta said: “We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. In addition to the fine, it “imposed a reprimand and an order” requiring Meta to “bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe”. The watchdog said a “significant” number of the users were from the EU. The data appeared on a hacking website last year, prompting an investigation by the DPC, which is responsible for regulating Meta across the EU. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |