This Week in Data Breaches — October 22nd
Data breach news keeps on coming. This week, we see a number of tech giants embroiled in the battle on data privacy practices: Facebook, Yahoo, Cathay Pacific and Apple.
Read the latest below.
UK Information Commissioner’s Office fines Facebook $644,000 for failing to protect its users’ data
Facebook data breach news continues this week, as UK watchdog investigates how the company handled user data and found “serious breaches of data protection.”
The Information Commissioner’s Office is an organization in the United Kingdom responsible for consumer data protection. Specifically, it functions as an independent regulatory office dealing with the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 across the UK; as well as the Freedom of Information Act 2000 and the Environmental Information Regulations 2004. The body reports directly to Parliament.
They performed a formal investigation into Facebook’s use of data analytics for political purposes and found serious misconduct, resulting in the organization hitting Facebook with the maximum possible fine it can impose. They found that Facebook failed to safeguard people’s information and was not transparent about the way in which user data was harvested by others. In doing so, the personal information of at least 1 million U.K. users had been harvested by Facebook and subsequently put at risk. The relevant data, processed between 2007 and 2014, was accessible to third-party developers without any consent being granted by the Facebook users.
“Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data. A company of its size and expertise should have known better and it should have done better,” Information Commissioner Elizabeth Denham said in a statement.
Yahoo to pay $50 million to data breach victims
Two of the largest breaches in history occurred in 2013 and 2014. The first affected three billion accounts, while the second affected 500 million accounts.
Yet, Yahoo kept consumers in dark.
Individuals were not aware that their information (including passwords) had been breached until these two events were disclosed by Yahoo in 2016.
This breach came during a sensitive time. Yahoo kept the news quiet throughout their negotiations with Verizon for a $4.83 billion deal to sell its digital services.
For these poor practices, Yahoo will pay $50 million in damages as part of a settlement following these massive data breaches. The amount will go towards compensating “ affected account holders $25 for every hour spent dealing with the fallout from the breach. Those with documented losses can claim up to $375, while those without records of their losses can ask for up to $125. Account holders that paid for a premium email account will also be eligible for a 25 percent refund. The company will also have to pay for at least two years of credit monitoring services for some 200 million users who had personal information stolen.”
9.4 million passengers’ info leaked in Cathay Pacific breach
Hong Kong airliner Cathay Pacific announced this Wednesday that it discovered that up to 9.4 million passenger records were breached this spring.
The leaked information including passport numbers, names, dates of birth, credit card numbers, identity card numbers, and historical travel information was accessed by attackers — and all that could be cross-referenced with other data repositories, putting individuals at risk of identity theft.
“We are in the process of contacting affected passengers, using multiple communications channels, and providing them with information on steps they can take to protect themselves,” Cathay Pacific’s chief executive, Rupert Hogg, said in a statement on the airline’s website.
Apple CEO Tim Cook Comments on Data Privacy
Notable figures like Tim Cook are publicly addressing the data issue. Earlier this week, the Apple CEO shared his thoughts and a few pillars of privacy via a series of tweets.
See his thread of tweets here: https://blog.hellobloom.io/data-belongs-to-users-tim-cook-on-the-global-data-crisis-e4313f12491f
Bloom Creates a Better Future
At Bloom, we are giving you the tools to take back control of your data.
Bloom enables you to own, authorize the use of, and protect your data using the latest advancements in blockchain technology. With Bloom, the risk of your data being exposed in a data breach or leak is greatly reduced. No more centralized data storage. No more selling off your data to the highest bidder. No more risking identity theft. Your identity, and your highly sensitive personal and financial information, is securely safeguarded on your own personal device using cutting-edge cryptography.
