Category: Facebook

Facebook users who maintained active accounts between May 2007 and December 2022 are urged to take action and submit a claim before the upcoming deadline of August 25th, 2023. This is in relation to the $725 million data privacy settlement that has been established.

The compensation that individuals will receive is contingent upon the total number of claims submitted before the deadline. Potential payouts could vary, ranging from approximately $70 to $260. These sums might prove valuable, covering expenses such as monthly mobile or electricity bills.

Meta, the current owner of Facebook, found itself subjected to a hefty fine of $725 million in the previous year. This penalty arose from the revelation that the company had improperly utilized user data in connection with the Cambridge Analytica Political survey project. The unauthorized sharing of content led to Mark Zuckerberg, the company’s founder, agreeing to shoulder the responsibility for this breach and the subsequent fraudulent marketing activities that employed his company’s user data.

Upon collection of all claims before the specified deadline, a final verdict on the compensation will be delivered by the court’s legal proceedings on September 7th, 2023. These details were shared through an official statement posted on Facebook’s privacy website. It is worth noting that individuals who receive the compensation will forfeit any future rights to initiate privacy-related lawsuits against the social media platform or institute any similar legal actions against the company in the years ahead.

For those who might not be fully informed about the background, a pivotal moment occurred in 2018 when Facebook garnered widespread attention for sharing user data with the now-defunct Cambridge Analytica data consulting firm. This firm proceeded to exploit the collected profile information to gain insights into voter sentiments during the 2016 US presidential election, which ultimately favored the then-President, Donald Trump.

Given the magnitude of the breach of user trust, Mark Zuckerberg appeared before Congress to publicly apologize for the data scandal. He made commitments to fortify the protection of user data and pledged to compensate all those users who had been impacted by these events.

For those interested in pursuing a claim, an official claim form must be completed by August 25, 2023. This form represents an opportunity for affected individuals to seek redress for their experiences.

The post Facebook users have little time left to make $725m data privacy claims appeared first on Cybersecurity Insiders.

In recent times, our focus has been on reporting the aftermath of cyber attacks and the challenges faced by their victims. In this article, we will shift our attention to the cyber attacks that have left a significant impact on millions and billions of online accounts.

1.) Yahoo: Back in September 2018, Yahoo, a pioneer in the world of online search engines, made a troubling announcement. A cyber incident had occurred, resulting in a massive data breach that exposed information from over 3 billion user accounts. It was later revealed that hackers had gained access to data stored on the servers between August 2013 and December 2016. This breach dealt a severe blow to the company’s reputation, prompting its potential buyer, Verizon, to negotiate a lower acquisition price. This incident also led to the resignation of the then-CEO, Marissa Mayer, following the acquisition process.

2.) Aadhaar: Early in 2018, the Indian government faced a significant embarrassment when several media outlets reported that a hacking group had successfully infiltrated and stolen data from over 1.1 billion UIDAI (Unique Identification Authority of India) accounts. Although the Indian Parliament dismissed these claims as sensationalized journalism, some security experts corroborated that the incident had indeed exposed biometric information.

3.) Alibaba Data Theft: The year 2020 witnessed a troubling incident involving Chinese e-commerce giant Alibaba. A developer managed to illicitly access and steal information from a staggering 1.1 billion Alibaba customers using a crawler software. Reports circulated that the developer, in collusion with a marketing company, orchestrated this data collection over an 8-month period. However, it was later clarified that the compromised data pertained to the shopping website Taobao and had no direct connection to Alibaba itself.

4.) LinkedIn: Known as a professional networking platform, LinkedIn became the subject of headlines when data linked to approximately 700 million users appeared for sale on the dark web in June 2021. Subsequent investigations uncovered that the data originated from a marketing firm that had scraped information from LinkedIn users spanning the years 2009 to 2020. Contrary to initial reports, this dataset was not fresh, new information.

5.) Facebook: In May 2021, Facebook, under the leadership of Mark Zuckerberg, found itself in the news as data from 533 million users surfaced on the dark web. Troy Hunt of HaveIBeenPwned and his research team revealed that this information had been harvested between 2017 and 2019 from the platform. The compromised data encompassed account names, phone numbers, and Facebook IDs. The fate of this data—whether it was sold on the dark web for potential phishing attacks—remains uncertain.

6.) Marriott International: Luxury hotel chain Marriott International faced a significant breach in September 2018, as details emerged about hackers accessing data from over 500 million Starwood customers. This sophisticated attack, traced back to unauthorized parties since 2014, led to the exposure of information such as mailing addresses, names, phone numbers, email addresses, passport numbers, Starwood Preferred Guest account particulars, dates of birth, gender details, guest arrival and departure specifics, as well as reservation details including itineraries derived from transportation service data.

7.) Adult Friend Finder: Making headlines in October 2016, hackers executed an unexpected breach, compromising data from users of Adult Friend Finder across six databases that had been collecting information since 2001. In November 2016, LeakedSource.com published data relating to over 413 million accounts, which was subsequently purchased by a representative from an adult-oriented company in March 2020.

8.) MySpace: In 2016, MySpace came under scrutiny as hackers successfully exfiltrated data from more than 360 million accounts. The stolen data was later sold for 6 BTC in 2017, a fact confirmed by LeakedSource.com.

9.) NetEase: The year 2015 witnessed a significant data breach affecting email service provider NetEase. It was estimated at that time that the company suffered a loss of data pertaining to approximately 235 million accounts. This compromised data was ultimately procured by a vendor named DoubleFlag from the dark web.

10. Adobe: In October 2013, American software services provider Adobe issued a disconcerting statement. Hackers had managed to pilfer information from over 153 million user accounts, including some credit card data and login credentials. The company faced consequences for failing to safeguard user data, resulting in a penalty of $1.1 million for violating customer records regulations. In an effort to avert legal complications, Adobe subsequently released an official statement confirming a settlement of $1 million with its affected customers.

The post Cyber Attacks that impacted billions and millions of online accounts appeared first on Cybersecurity Insiders.

Facebook is found accessing information being reported to the Metropolitan Police database and is doing it without the authorization from the law enforcement agencies. This includes info related to se$ual offenses and domestic abuse case sheets and crimes lodged onto the database.

Digging deep into the issue, a report compiled by ‘The Observer’ states that the information related to offenses is being siphoned by the social media giant through its Meta Pixel tracking tool loaded onto the website of the Met Police.

As soon as a user or a victim lodges the complaint via online forum, the data gets leaked to the Facebook database through the profile code.

Concerningly, the embedded tool is also keeping a tab of data that is being viewed and clicked on the webpages linked to the service and advice pages linked to crimes such as physical assaults, stalking, fraud, and r$pe.

Venessa Moldova, one of the victims who reported to The Observer says that she was fooled by the authorities that she was dealing with a web page related to public agency. But in fact, the webpage was colluding with Facebook that might sell the data to any analytics or marketing firms in no time. It is like playing with the trust factor of the public and then issuing a sorry note that doesn’t ameliorate or satiate the situation.

Met Pol has reacted to the media concerns and assured that it will remove the analytics tool from all its web pages and will seek a 3rd party forensics estimation on risks associated with the Facebook Meta Pixel campaign that tracks down the IP address of the reporting victim and sends it to its servers located offshore.

Now, to those who think that there is no harm in keeping a tab of internet protocol address, here’s a fact. The IP address can reveal the location of the device and its mac address with which network infiltration becomes easy. It also helps build a profile of the online users based on the surfing and content pattern that is being accessed. If we get a support with the right automated software, it takes only a couple of hours to 1 day to track down an online user, even if they are using a VPN.

The post Facebook steals crimes information from Police Database appeared first on Cybersecurity Insiders.

To those interested in known news bits on the technology of Artificial Intelligence, here some fuel for thought. According to a report published in New York Post, a woman located in the same city has married a virtual man generated to the Artificial Intelligence. The woman named Rosanna Ramos, mother of two children, married a man named Eren Kartal, a person she met through an online dating app.

Information is now out that her boyfriend, now her husband was created by using an AI chatbot software named Replika. And the lady replies that she has found her love of her life and has succeeded in knowing his likes like his favorite color is apricot, his music love is indie pop, and the man likes to write voraciously and is a medical professional…. wonder how she came to know about this so-called man’s virtual profession.

Disclosing her thoughts about her lover to New York Magazine’s The CUT, she said that her current relationship is enigmatic and the man looks like the character from the Japan Manga Collection “Attack on Titan”.

So, all these days we have witnessed job losses with AI. Thus, with the latest development we might also witness loss of love life in coming days.

Second is the news that seems pathetic. According to the report compiled by Challenger, Gray & Christmas, AI usage has led to the loss of over 4000 jobs in US alone and that in the month of May this year.

Surprisingly, the report released on Thursday last week confirmed that they were appx 417,550 jobs losses in between January and May this year and since the onset of corona pandemic in 2020 the job loss reported to be more than 1.4 million.

According to some reliable sources from Facebook, the company has stopped using the tech-nology of machine learning to track down fake accounts spreading disinformation as they fear that they might loose users.
 
After the news was published in the media, some news journalists felt that the issue could trig-ger panic at the end of next year, as the presidential elections are scheduled in November next year.

However, a senior staff member from the Mark Zuckerberg company has dismissed the news media- mentored by Frances Haugen as baseless, and confirmed that the social media giant was doing its best to curb spread of disinformation on and through its platform and was weeding out content based on certain keywords induced into the sentences.

The post AI news trending on Google appeared first on Cybersecurity Insiders.

13 years jail for spoofing scammer, a rogue IT security expert’s Bitcoin blackmail goes wrong, and Facebook’s eyewatering GDPR fine may be only the beginning of its problems. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast’s Zoë Rose.
Personal information is going for a song, and the banks want social media sites to pay when their users get scammed. All this and much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Meta, the parent company of Facebook, has uncovered a new social media espionage campaign in which cyber criminals launch social engineering attacks on Facebook and Instagram users by asking them to click on malevolent links, download malware, or share personal details.

According to the security teams’ analysis, three different threat actors were involved in this campaign and were assigned to focus their malicious goals on users from South Asian countries such as India, Bangladesh, Pakistan, Maldives, Sri Lanka, Nepal, Bhutan, Afghanistan, and others.

Guy Rosen, the CIO of Meta, confirmed the news and added that fake accounts created by impersonating beautiful women were taken down, and those who were contacted by criminals in the name of journalists, recruiters, or romance seekers were also taken down.

As the espionage was conducted at a high level, it remained concealed from many app verification software programs on Apple and Android devices.

Iran-based cyber hacking group Bahamut, Indian threat actor named Patchwork, and two state-funded actors from China are found to be behind the campaign.

It is unclear why the threat actors focused their campaign on South Asian countries, but some threat analysts say that all the countries targeted were either developing or lowly developed nations, where law enforcement is not much capable of detecting such attacks promptly.

NOTE: It is better not to click on links sent by unknown connections and to avoid downloading apps from unofficial web resources.

The post Facebook Meta uncovers Social Media Espionage appeared first on Cybersecurity Insiders.