Twitter

now browsing by tag

 
 

Forensic review underway after Twitter hack, tips to protect your accounts | #corporatesecurity | #businesssecurity | #

Twitter says a forensic review is underway. “Dr. Fraud” shared these tips on how you can avoid your accounts from being hacked: ·        Use two factor authentication ·        Super strong password ·        Lock […] View full post on National Cyber Security

#comptia | Twitter now bans dehumanizing remarks based on age, disability, and disease

Source: National Cyber Security – Produced By Gregory Evans

Twitter has updated its hate speech policies to cover tweets that make dehumanizing remarks, which are remarks that treat “others as less than human,” on the basis of age, disability, or disease. The changes follow updates to the company’s polices made last July that said Twitter would remove tweets that dehumanize religious groups.

Prior to that, Twitter issued a broad ban in 2018 on dehumanizing speech to compliment its existing hate speech policies that cover protected classes like race and gender. It has since been updating these dehumanization policies to take into account specific cases its original ruleset failed to address, based on user feedback.

Now, Twitter says tweets like the ones in the image below will be removed when they are reported:

Image: Twitter

The company says reported tweets in violation of these new polices but posted before today will be removed but won’t result in account suspensions.

Twitter first rolled out policies banning dehumanizing speech in September 2018. At the time, Twitter asked for feedback and later said it received more than 8,000 responses across more than 30 countries in just two weeks time. Much of the feedback centered around the policies being too broad. So Twitter has begun calling out specific types of speech against specific groups as against its rules, starting with religion and now age, disability, and disease.

In a tweet, the company indicates that more groups will eventually be protected by this policy:

Twitter also does not allow misgendering or naming transgender people by the name they used before they transitioned, also called “deadnaming,” a policy put in place in late 2018. The company said in October 2019 that its automated moderation tools now flag and remove more than half of all abusive tweets before users report them.

Source link

The post #comptia | Twitter now bans dehumanizing remarks based on age, disability, and disease appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Hillicon Valley — Presented by Facebook — FCC fines mobile carriers $200M for selling user data | Twitter verified fake 2020 candidate | Dems press DHS to complete election security report | Reddit chief calls TikTok spyware

Source: National Cyber Security – Produced By Gregory Evans

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Maggie Miller (@magmill95), and the tech team, Emily Birnbaum (@birnbaum_e) and Chris Mills Rodrigo (@chrisismills).

 

FCC FINES TOP MOBILE CARRIERS: The Federal Communications Commission (FCC) is proposing more than $200 million in fines against the country’s top mobile carriers after a lengthy investigation concluded T-Mobile, AT&T, Sprint and Verizon improperly sold access to their customers’ precise location information. 

The agency is alleging the companies broke the law by failing to protect information about the geolocation of their hundreds of millions of customers. 

“The FCC has long had clear rules on the books requiring all phone companies to protect their customers’ personal information,” FCC Chairman Ajit Pai (R) said. “And since 2007, these companies have been on notice that they must take reasonable precautions to safeguard this data and that the FCC will take strong enforcement action if they don’t.”

“Today, we do just that,” Pai said.

The proposed fines — which Verizon, AT&T, T-Mobile and Sprint are now allowed to contest — are some of the largest the FCC has proposed in decades. But since reports began emerging about the fines on Thursday night, consumer advocates and privacy hawks in Congress have accused the regulatory agency of holding back and letting the telecom companies off the hook with fines that amount to a “rounding error” compared to their significant bottom lines.

Sen. Ron WydenRonald (Ron) Lee WydenOvernight Health Care — Presented by American Health Care Association — California monitoring 8,400 people for coronavirus | Pence taps career official to coordinate response | Dems insist on guardrails for funding Schiff presses top intel official to declassify part of report on Khashoggi killing Top Trump advisers discuss GOP need to act on health care at retreat with senators MORE (D-Ore.), who was one of the first to shed light on the companies’ unlawful information sharing, released a statement accusing Pai of going easy on the companies.

“It seems clear Chairman Pai has failed to protect American consumers at every stage of the game – this issue only came to light after my office and dedicated journalists discovered how wireless companies shared Americans’ locations willy nilly,” Wyden said. “He only investigated after public pressure mounted.”

“And now his response is a set of comically inadequate fines that won’t stop phone companies from abusing Americans’ privacy the next time they can make a quick buck,” Wyden said.

Verizon, for instance, boasted a total revenue of $31.4 billion in 2019 and is facing a fine of $48 million.

The FCC is proposing a fine of $91 million for T-Mobile, $57 million for AT&T, $48 million for Verizon and $12 million for Sprint.  

T-Mobile, which is facing the largest fine by far, said in a statement Friday that it intends to dispute the FCC’s conclusions.

“We take the privacy and security of our customers’ data very seriously,” T-Mobile said. “While we strongly support the FCC’s commitment to consumer protection, we fully intend to dispute the conclusions of this NAL and the associated fine.” 

Public Knowledge, a consumer rights group, said the FCC’s fines indicate the chairman is enforcing the law “to the barest degree possible.” 

Read more on the fines here.

 

SPONSORED CONTENT — FACEBOOK

Elections have changed and so has Facebook

Facebook has made large investments to protect elections, including tripling the size of the teams working on safety and security to more than 35,000. But the work doesn’t stop there.

See how Facebook has prepared for 2020.

 

TURN IT IN: House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonRussian interference reports rock Capitol Hill Intel officials warned House lawmakers Russia is interfering to get Trump reelected: NYT Top Democrats demand answers on DHS plans to deploy elite agents to sanctuary cities MORE (D-Miss.) on Friday raised concerns around the Department of Homeland Security’s failure to submit a congressionally mandated election security report on time. 

DHS was required under the 2020 National Defense Authorization Act to submit a report to Congress on successful and attempted cyberattacks on U.S. election infrastructure during the 2016 elections, along with any future cyberattacks on elections that DHS anticipates. 

The agency was required by the NDAA to submit the report within 60 days of the bill being signed into law. President TrumpDonald John TrumpThe Memo: Biden seeks revival in South Carolina Congress eyes billion to billion to combat coronavirus Sanders makes the case against Biden ahead of SC primary MORE signed the NDAA on Dec. 20, with Feb. 18 marking the deadline for the report to be submitted to appropriate congressional committees. 

Thompson, whose committee is among those that DHS is required to submit the report to, said Friday that the failure of DHS to submit the report “further obstructs Congress’ abilities to conduct proper oversight,” and noted this was “in direct violation of the law.”

“The threat to our democracy from foreign governments is real, and the Administration’s pattern of denial must stop,” Thompson added. “With President Trump in office, the American people cannot expect our elections to be secure and free from foreign interference or cyber-attacks with status quo measures in place.”

Read more here.

 

‘WALZ’-ING AROUND: Twitter earlier this month verified an account for a fake 2020 congressional candidate created by a teenager.

The account was for a fictional Republican congressional candidate from Rhode Island named Andrew Walz.

His Twitter bio claimed that Walz was a “proven business leader” and a “passionate advocate for students,” CNN Business first reported.

The owner of the account was a 17-year-old high schooler from upstate New York who, according to the network, made the account over the holidays because he was “bored.”

“During Christmas break I was kind of bored and I learned a lot from history class, but also on the news they were talking more about misinformation,” the high school student told CNN Business.

The teen said it took him about 20 minutes to make the website for his candidate and then another five minutes to create the Twitter account.

He got his profile picture from a website called This Person Does Not Exist, which computer generates realistic photos of fake people.

Then, he filled out a short survey with information about his fake candidate on Ballotpedia, the nonprofit “Encyclopedia for American Politics.” Twitter announced in December that it would be partnering with the nonprofit in an attempt to verify more congressional candidates. 

However, according to the student, neither Twitter or Ballotpedia asked for any further kind of identification to confirm that Walz was, in fact, genuine.

The social media platform has received flak from candidates who say it has been slow to verify them.

Read more on the incident here.

 

REDDIT DINGS TIKTOK: TikTok is under scrutiny from Reddit CEO and co-founder Steve Huffman for practices he calls “fundamentally parasitic,” referring to serious privacy concerns surrounding the app.

The app is a video-sharing social networking service owned by ByteDance, a Beijing-based company established in 2012 by Zhang Yiming. TikTok launched in 2017 for iOS and Android in markets outside of China.

Huffman said one of the suspicious practices the company partakes in is fingerprinting, a method of tracking devices for each unique visitor, according to The Verge.

“Maybe I’m going to regret this, but I can’t even get to that level of thinking with [TikTok],” Huffman said at the Social 2030 venture capital conference. “I look at that app as so fundamentally parasitic, that it’s always listening, the fingerprinting technology they use is truly terrifying, and I could not bring myself to install an app like that on my phone.”

Research by data protection expert Matthias Eberl highlights the fingerprinting Huffman refers to as an aggregate of audio and browser tracking, allowing the company to know the types of content each user is following. TikTok parent company ByteDance claims the fingerprinting methods are for recognizing malicious browser behavior, but Eberl offers his skepticism, as the platform seemingly works fine without the scripts enabled.

“I actively tell people, ‘Don’t install that spyware on your phone,’ ” Huffman said of TikTok’s software.

Read more here.

 

SPONSORED CONTENT — FACEBOOK

Elections have changed and so has Facebook

Facebook has made large investments to protect elections, including tripling the size of the teams working on safety and security to more than 35,000. But the work doesn’t stop there.

See how Facebook has prepared for 2020.

 

SCHEMING: Advocates are sounding the alarm over online scams that leave senior citizens particularly vulnerable, urging lawmakers and administration officials to take more steps to protect unsuspecting Americans.

Experts say that threat is heightened during tax season as online options for filing have grown in popularly, opening the door to more scams aimed at obtaining sensitive information or money from victims.

“Consumers should be especially vigilant as we approach tax season,” said Bill Versen, chief product officer at Transaction Network Services, a data services provider.

While there are a slew of scams at tax filing season, experts say that the elderly face a higher risk of being ensnared and experiencing financial hardship.

The most common kinds of tax scams are phishing and calls where a scammer impersonates an IRS official, according to Monique Becenti, a product specialist at cybersecurity firm SiteLock.

Phishing is a tactic used by hackers to get access to private information using fake emails, text messages and social media posts.

These communications are designed to bait unaware users, often the elderly, into giving up their personal information or clicking on links that can download dangerous malware onto computers and phones alike.

But the most common scam between 2014 and 2018 was fraudulent IRS calls, according to a yearly report released by the Senate Committee on Aging.

In those calls, the scammer impersonates an IRS official, demanding payment or sensitive information. In some cases, scammers have been known to threaten to suspend licenses, close businesses or even arrest individuals if they fail to pay fake bills.

“The overall goal is cyber criminals trying to file taxes on behalf of that person,” Becenti told The Hill. And once an individual falls victim, scammers can run further schemes. “Ultimately, they have their Social Security number. … Now they have the ability to open up fraudulent accounts on behalf of that individual.”

Read more here.

 

CHANGE OF PACE: Facebook sued a marketing company Thursday, alleging in federal court that the firm “improperly” collected data from users of the social media platform.

The lawsuit, filed in the Northern District Court of California, claimed oneAudience paid developers to use a malicious software development kit, or SDK, in their apps.

SDKs are tools that let developers make apps more quickly.

OneAudience’s SDK collected data in an improper fashion from Facebook users who opted to log in to certain apps, the lawsuit alleged.

Facebook claimed the data included names, email addresses and gender, in limited cases.

Facebook said it sent a cease-and-desist letter to oneAudience in November, but claimed the company did not cooperate with a requested audit.

OneAudience did not immediately respond to a request for comment.

In a blog post, Jessica Romero, Facebook’s director of platform enforcement and litigation, wrote that the lawsuit was filed to protect the platform’s users.

“This is the latest in our efforts to protect people and increase accountability of those who abuse the technology industry and users,” she wrote. “Through these lawsuits, we will continue sending a message to people trying to abuse our services that Facebook is serious about enforcing our policies.”

Read more here.

 

CAMEO: Former Illinois Gov. Rod Blagojevich (D) joined an app where people can pay for personalized video messages after President Trump commuted his sentence on corruption charges earlier this month. 

Blagojevich is on the app Cameo offering personal messages for $100. 

“Hey it’s Rob Blagojevich. I’m very excited to connect with you on Cameo. If you want a birthday greeting, an anniversary greeting, motivation or any other kind of shoutout, I can’t wait to hear from you,” the former lawmaker said on his account. 

The app features a variety of celebrities and personalities that offer personalized messages for fans upon request. 

Former Trump White House press secretary Sean SpicerSean Michael SpicerRod Blagojevich joins app where people can pay for personalized video message Press: It’s time to bring back White House briefings Rapid turnover shapes Trump’s government MORE also has an account on the app, as does former Trump administration communications director Anthony ScaramucciAnthony ScaramucciRod Blagojevich joins app where people can pay for personalized video message Scaramucci thanks John Kelly for speaking up against Trump Trump lashes out over Kelly criticism: ‘He misses the action’ MORE, former Trump aide Omarosa Manigault and former Trump campaign manager Corey LewandowskiCorey R. LewandowskiRod Blagojevich joins app where people can pay for personalized video message The Hill’s Morning Report – Sanders repeats with NH primary win, but with narrower victory Trump campaign chief relocating to Washington: report MORE

Trump commuted Blagojevich’s sentence earlier this month. He called Blagojevich’s 14-year sentence “ridiculous” 

“He served eight years in jail, a long time. He seems like a very nice person — don’t know him,” Trump said.

Read more here.

 

A LIGHTER CLICK: Hope y’all are happy

 

AN OP-ED TO CHEW ON: Indictment of Chinese hackers is wake-up call for better public-private cooperation

 

NOTABLE LINKS FROM AROUND THE WEB:

Vatican joins IBM, Microsoft to call for facial recognition regulation (Reuters / Philip Pullella, Jeffrey Dastin) 

The World Health Organization has joined TikTok to fight coronavirus misinformation (Verge / Makena Kelly)

Walmart is quietly working on an Amazon Prime competitor called Walmart+ (Recode / Jason Del Rey)

Source link

The post #nationalcybersecuritymonth | Hillicon Valley — Presented by Facebook — FCC fines mobile carriers $200M for selling user data | Twitter verified fake 2020 candidate | Dems press DHS to complete election security report | Reddit chief calls TikTok spyware appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Facebook, Google and Twitter Rebel Against Pakistan’s Censorship Rules

Source: National Cyber Security – Produced By Gregory Evans

Mr. Khan rose to power in Pakistan in 2018 partly because of his party’s strong presence on social media, a fact he acknowledges in his speeches. But now that he is in charge, he has shown little patience for online criticism.

Pakistan’s powerful military is also averse to debates on social media platforms, especially on Twitter, which is used by critics to question human rights violations and the military’s involvement in politics.

Over the past two years, Pakistani government requests for Facebook, Google and Twitter to remove content have increased sharply, according to transparency reports published by the companies. Pakistan disclosed in September that it had blocked more than 900,000 web pages for various reasons, including pornography, blasphemy and sentiments against the state and military.

Separately, regulators in Pakistan have proposed requiring online video sites to obtain licenses from the government.

There is a strong case to be made that the government is overstepping its authority with the new rules, said Muhammad Aftab Alam, executive director of the Institute for Research, Advocacy and Development, a Pakistani public policy group.

“This national coordinator is judge, jury, regulator and executioner as well,” he said.

At least two lawsuits challenging the rules have already been brought in Pakistani courts.

“The main objective of the impugned rules seems to be to control the social media through indirect control by the government and ruling party,” read the petition in one case, filed by Raja Ahsan Masood, who asked the court to declare them unconstitutional.

Vindu Goel reported from Mumbai, and Salman Masood from Islamabad, Pakistan. Zia ur-Rehman contributed reporting from Karachi, Pakistan, and Davey Alba from New York.

Source link

The post #nationalcybersecuritymonth | Facebook, Google and Twitter Rebel Against Pakistan’s Censorship Rules appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Twitter says Olympics, IOC accounts hacked | News

Source: National Cyber Security – Produced By Gregory Evans

(Reuters) – Twitter said on Saturday that an official Twitter account of the Olympics and the International Olympic Committee’s (IOC) media Twitter account had been hacked and temporarily locked.

The accounts were hacked through a third-party platform, a spokesperson for the social media platform said in an emailed statement, without giving further details.

“As soon as we were made aware of the issue, we locked the compromised accounts and are working closely with our partners to restore them,” the Twitter spokesperson said.

A spokesperson for the IOC separately said that the IOC was investigating the potential breach.

Twitter also said Spanish soccer club FC Barcelona’s account faced a similar incident on Saturday.

“FC Barcelona will conduct a cybersecurity audit and will review all protocols and links with third party tools, in order to avoid such incidents,” the soccer club said in a tweet after the hack.

Last month, the official Twitter accounts of several U.S. National Football League (NFL) teams, including the San Francisco 49ers and Kansas City Chiefs, were hacked a few days ahead of the Super Bowl.

Earlier this month, some of Facebook’s official Twitter accounts were briefly compromised.

(Reporting by Akshay Balan in Bengaluru, Editing by Rosalba O’Brien)

Source link

The post #nationalcybersecuritymonth | Twitter says Olympics, IOC accounts hacked | News appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | Two information-disclosing bugs found in Twitter Android

Source: National Cyber Security – Produced By Gregory Evans In the span of five days, reports of two Twitter Android app vulnerabilities have surfaced: one that could cause attackers to view nonpublic account information or control accounts, and another that reportedly allowed a researcher to look up details on 17 million accounts. In a Dec. […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | First Amendment Fight: Twitter Threat Ends in Conviction

Source: National Cyber Security – Produced By Gregory Evans First amendment rights in the United States only go so far. Shout “fire” in a crowded room for thrills or threaten to kill someone and you will find yourself on the wrong side of the First Amendment interpretation of what constitutes free speech. Joseph Cecil Vandevere […] View full post on AmIHackerProof.com

#cybersecurity | #infosec | Facebook and Twitter warn some users’ private data accessed via SDK

Source: National Cyber Security – Produced By Gregory Evans

Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts.

According to a report by CNBC, users of Android apps that made use of a software development kit (SDK) named oneAudience may have unwittingly shared information such as their email addresses, usernames and recent tweets.

CNBC says that amongst the offending Android apps are the photo-editing tools Giant Square and Photofy. Presently there is no indication that iOS users are affected by the issue.

According to an advisory published by Twitter, data extracted from accounts via the use of the oneAudience SDK (which it describes as “malicious”) in a smartphone app could be used to take control of a Twitter account, although it has seen no evidence that this has occurred.

Twitter was keen to emphasise that the “issue is not due to a vulnerability in Twitter’s software, but rather the lack of isolation between SDKs within an application,” and says it will be notifying users of the Twitter for Android app who may have been affected.

Furthermore, Twitter says it has “informed Google and Apple about the malicious SDK so they can take further action if needed.” I presume what they mean by that is that so Google and Apple can kick any offending apps out of their respective app stores.

In response, oneAudience has issued a statement claiming the “data was never intended to be collected, never added to [its] database and never used.”

According to the company, it “proactively” updated its SDK in mid-November so user data could not be collected, and asked developer partners to update to the new version. However, it has now announced it is shutting down the offending SDK.

Facebook meanwhile has issued a statement saying that it is taking action against not only the oneAudience SDK, but also an SDK from marketing company MobiBurn:

“Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores.”

“After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn. We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender. We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”

On its website, MobiBurn describes how it helps app developers generate revenue – not by placing more ads within an app, but through the “monetization of your applications’ valuable data in a safe and confidential way.”

However, in light of the revelations and action taken by Facebook and Twitter, MobiBurn says it has “stopped all its activities” until investigations are complete.

mobiburn statement

This is all very well and good, but what are users supposed to do to protect themselves?

When they install an app, they have no way of knowing whether the developers chose to make use of a malicious SDK which might leave personal information exposed.

All you can realistically do is exercise restraint regarding which third-party apps you connect to your social media profiles. The fewer apps you connect to your Facebook and Twitter, the smaller the chance that someone’s code will be abusing that connection to access information you would rather not share.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Source link

The post #cybersecurity | #infosec | Facebook and Twitter warn some users’ private data accessed via SDK appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | Former Twitter employees charged with using access to spy for Saudi Arabia

Source: National Cyber Security – Produced By Gregory Evans

A pair of former
Twitter employees – one an engineer and the other a media partnership manager –
were busted for accessing users’ account and personal data on behalf of Saudi
Arabia to ferret out opponents of the kingdom.

Engineer Ali Alzabarah and manager Ahmad Abouammo were charged with operating within the U.S. as agents of a foreign power, the Justice Department said Wednesday. In charges filed in a San Francisco court, the FBI noted the two defied Twitter policies and used their “access to proprietary and confidential Twitter information,” including the email addresses, phone numbers, birthdates and IP addresses of Twitter users, on behalf of the Saudi government. Abouammo is linked to Saudi Crown Prince Mohammad bin Salman (MbS), who U.S. intelligence officials say ordered the murder of journalist Jamal Khashoggi.

“The criminal complaint unsealed today alleges
that Saudi agents mined Twitter’s internal systems for personal information
about known Saudi critics and thousands of other Twitter users,” U.S. Attorney
David L. Anderson said in a statement. “U.S. law protects U.S. companies from
such an unlawful foreign intrusion. We will not allow U.S. companies or U.S.
technology to become tools of foreign repression in violation of U.S. law.”

The Justice
Department charges lay out a scheme in which Abouammo spied on three Twitter
accounts while Alzabarah accessed 6,000 accounts to suss out Saudi dissidents
and activists in the U.S. who opposed Saudi Arabia’s policies in exchange for
monetary compensation.

A third man,
Ahmed Almutairi, who worked for a social media firm associated with the Saudi
government, served as an intermediary and is being sought by authorities. Alzabarah
and Almutairi are both Saudi citizens while Abouammo is a citizen of the U.S.

“We
recognize the lengths bad actors will go to try and undermine our service,”
Twitter said in a statement. “Our company limits access to sensitive account
information to a limited group of trained and vetted employees.”

The charges
were first reported
by the Washington Post.

Original Source link

The post #cybersecurity | hacker | Former Twitter employees charged with using access to spy for Saudi Arabia appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Twitter Admits User Phone Numbers, Email Data Used For Ads

Source: National Cyber Security – Produced By Gregory Evans

Email addresses and phone numbers might have been misused

No personal data was shared externally by Twitter

No reports on the number of people impacted have come out yet

In a recent incident of a data breach, Twitter has confirmed that user data like email addresses and phone numbers provided by users for security purposes may have been unintentionally used for advertising purposes. 

According to a news report, currently, Twitter is unable to share with certainty the number of people impacted by the breach. However, the US-based company also asserted that no personal data was ever shared externally with their partners or any other third parties.  

In a statement, Twitter highlighted that the personal data, which were provided for safety or security purposes (for example, two-factor authentication) may have been inadvertently used for advertising purposes, specifically in their Tailored Audiences and Partner Audiences advertising system, which helps in creating relevant remarketing campaigns. 

While explaining how the breach occurred, Twitter is a statement said, “When an advertiser uploaded their marketing list, it may have matched people on our platform to that list based on the email or phone number that the user had provided for safety and security purposes.”

As of September 17, Twitter has acknowledged the problem and claimed that it has stopped using numbers or email addresses collected for safety or security purposes, for advertising. 

Although Twitter apologised for this error, it also shared that they have no idea how many people were impacted by this. “We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again,” the microblogging site added in the statement. 

Twitter’s average monetisable daily active usage (mDAU) has grown from 122 million in 2018 June quarter to 139 million (29 Mn in the US and 110 Mn from international markets) in 2019 June quarter. Even in the previous quarter, it had a mDAU of 134 million.  

Data Breach On Rise: How Is India Protecting Itself? 

Indian Prime Minister Narendra Modi has touted data as the new oil and new gold and rightly so as it has become very lucrative for hackers to steal and sell the same. Earlier, online food delivery startups Zomato, and FreshMenu, fintech startup EarlySalary, McDonald’s India, Oyo, Ashley Madison, Sony, and many others have been the victims of data breaches.

Social media sites like Instagram and Facebook have also been affected by a data breach by advertisers. Recently, Instagram Ad partner was banned for scraping user data without consent. Even Facebook-linked phone numbers of over 419 Mn users were found on unsecured servers.

Whatsapp, which was planning to introduce its payments feature WhatsApp Payments by the end of this year, is also facing difficulties because of the government’s concerns over the messaging platform’s data localisation compliance. In September, National Payments Corporation of India (NPCI) had asked WhatsApp to make changes in its policy to get the final approval for the launch of payments in India. NPCI had asked the instant messaging app to make changes in its data-compliance framework that prohibits storing payment data outside of India.

In May, India was reported as the second most cyberattacks affected country between the years 2016 to 2018. With the average cost for a data breach in India increased to 7.9% since 2017, the average cost per breached record has mounted to INR 4,552 ($64).

The Reserve Bank of India too recorded a total of 2,059 cases of cyber fraud in 2017-18 as compared to 1,372 cyber fraud cases in 2016-17.

Source link

The post #cyberfraud | #cybercriminals | Twitter Admits User Phone Numbers, Email Data Used For Ads appeared first on National Cyber Security.

View full post on National Cyber Security