US, EU regulators investigate Google privacy glitch

(Oct 10, 2018) Reuters reports New York and Connecticut attorneys general, the Irish Data Protection Commission, and Hamburg, Germany's data protection authority are all investigating a software glitch at Google that may have exposed the profile data of as many as 500,000 users. The probes come in the wake of a Wall Street Journal report from Monday on the incident. Sens. Mark Warner, D-Va., and Richard Blumenthal, D-Conn., have each expressed concern. Warner noted that since Google is under a Federal Trade Co... Read More

Report: 4.5B records compromised in first half of 2018

(Oct 10, 2018) The latest findings from Gemalto’s Breach Level Index indicates 4.5 billion data records have been compromised in 945 breaches in the first half of 2018. The number of impacted records increased 133 percent compared to the same time period in 2017. The majority of the affected records came from six social media data breaches, including the Facebook-Cambridge Analytica situation. "Obviously, this year social media has been the top industry and threat vector for the compromise of personal data, a ... Read More

Google to clamp down on third-party access after discovering privacy glitch

(Oct 9, 2018) The Wall Street Journal reports Google found a "software glitch" in its Google+ social network that may have exposed user profile data between 2015 and March 2018. Google "opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage, according to people briefed on the incident and documents reviewed" by the Journal. "Internal lawyers advised that Google wasn't legally required to disclose the incident to the... Read More

Toronto law firm proposed class action against Facebook over data breach

(Oct 5, 2018) A Toronto law firm has proposed a class-action lawsuit against Facebook over its recent data breach, The Canadian Press reports. Charney Lawyers PC will lead the class-action lawsuit, alleging it is the duty of the social media company to ensure user information is “properly protected.” Facebook announced 50 million user accounts around the world were accessed by malicious actors. Facebook Canada said it will not provide any further comment on the situation.Full Story... Read More

Facebook breach may put other sites at risk

(Oct 3, 2018) The New York Times reports on the potential impact Facebook’s recent data breach may have on sites linked to the social media platform via Facebook Login. The tool allowed users to log in to other sites using their Facebook credentials, and following the recent breach, companies are working to determine whether those linked accounts on their sites have been affected, as well. “We have now analyzed our logs for all third-party apps installed or logged in during the attack we discovered last week,... Read More

Irish DPC expected to open formal investigation of Facebook breach

(Oct 2, 2018) Politico reports the Irish Data Protection Commission is expected to announce a formal investigation of Facebook after its recent data breach. The Irish DPC told CNBC it is awaiting "more detailed numbers," and that, "Before we would launch any investigation there are steps that would have to be taken in relation to information gathering and preparing the scope of an inquiry. Furthermore, we would need to establish under which provisions of the Data Protection Act 2018 we would conduct it. We ar... Read More

Irish DPC 'concerned' about Facebook data breach

(Oct 1, 2018) Reaction to news Friday that up to 50 million Facebook users were compromised in a data breach rippled through the privacy world over the weekend, prompting comments from the Irish Data Protection Commission, the U.K. Information Commissioner's Officer, Sens. Mark Warner, D-Va., and Ed Markey, D-Mass., as well as FTC Commissioner Rohit Chopra. A class-action lawsuit was also filed within hours of the announcement.  In a blog post responding to the data breach, Facebook said its "investigation i... Read More

Irish DPC awaits further details after Facebook data breach

(Oct 1, 2018) Late last Friday, Facebook announced up to 50 million users' information may have been exposed in a data breach. Though the company said it fixed the vulnerability and notified law enforcement, the identity of the adversary involved is not yet known. In response, several data protection authorities, U.S. lawmakers, consumer groups, and privacy pros all weighed in on the incident. In this report for The Privacy Advisor, Jedidiah Bracy, CIPP, rounds up the latest reaction and commentary, including... Read More

Up to 50M users affected in Facebook network breach

(Sep 28, 2018) The New York Times reports up to 50 million Facebook users may have been exposed after an attack on its network. The company discovered the incident earlier this week, "finding that attackers had exploited a feature in Facebook's code that allowed them to take over user accounts," the report states. Facebook said it has fixed the vulnerability and notified law enforcement, the report states. Accordingly, 90 million Facebook users were forced to log out of their accounts Friday morning. At the ti... Read More

Why we need a broader conversation about ed-tech privacy

(Sep 28, 2018) Fall has arrived in the northern hemisphere, summer has (allegedly) come to an end, and school is back in session. The school year brings anxiety for children and parents alike. We worry about assignments, friendships, grades, and, particularly in the U.S., we worry about safety.  Technology can be an attractive option to school districts that are struggling to react to changing threat models, an increasingly tech-savvy student base, and busy parents seeking convenient access to information. St... Read More