breaches
Judges Approves $9.5 Million Facebook ‘Beacon’ Accord
A federal judge on Wednesday approved a $9.5 million settlement to a class action lawsuit challenging Facebook’s program that monitored and published what users of the social networking site were buying or renting from Blockbuster, Overstock and other locations. The case concerned allegations Facebook’s now defunct “Beacon” program breached federal wiretap and video-rental privacy laws . Terms of the settlement, in which Facebook denied any wrongdoing, require the site to finance what the deal calls a “Digital Trust Fund” that would issue more than $6 million in grants to organizations to study online privacy.
Continue reading »Facebook App Maker Hit With Data-Breach Class Action
RockYou, the popular provider of third-party apps for Facebook, MySpace and other social-networking services, is being hit with a proposed class-action accusing the company of having such poor data security that at least one hacker got away with 32 million e-mails and their passwords. The suit accuses the maker of apps like “Slideshow” for MySpace and “Superwall” for Facebook of making its unencrypted customer data “available to even the least capable hacker.” “RockYou failed to use hashing, salting or any other common and reasonable method of data protection and therefore drastically exacerbated the consequences of a hacker bypassing its outer layer of web security,” according to the Monday complaint in San Francisco federal court. So-called SQL injection vulnerabilities are among the top online security defects.
Continue reading »Twitter DNS Hacked, Redirected
Twitter’s website went offline for about an hour Thursday, with many tweeters redirected to a defacement page boasting “This site has been hacked by Iranian Cyber Army.” Twitter acknowledged the 10 p.m. takeover, one in a series of security lapses to hit the popular microbloging service. Twitter said its DNS records “ were temporarily compromised .” Among other statements, the unknown group wrote: “U.S.A.
Continue reading »Lawmakers Want to Bar Sites From Posting Sensitive Government Docs
Three Republican lawmakers have asked the Department of Homeland Security what can be done to bar or criminally penalize whistleblower sites that reposted a sensitive airport-screening manual that was published on the internet by a government worker. They also asked about enacting regulations that would bar such publication in the future. The congressmen are outraged that sites like Cryptome and Wikileaks republished the manual after it was posted online by a government contractor working for the Transportation Security Administration.
Continue reading »5 TSA Workers Put on Leave Following Screening Manual Leak
The Department of Homeland Security has placed five transportation security employees on leave following the inadvertent leak of a sensitive manual detailing security procedures for screening passengers at airports. The workers, all employees of the Transportation Security Administration, were put on administrative leave while an investigation is being conducted into how the security breach occurred, according to the Associated Press. The TSA manual was posted at a government procurement site last March by a private government contractor and was uncovered by a blogger on Sunday.
Continue reading »