Saturday , September 28 2024
photo

Meta fined $101 million for storing passwords in plaintext

infosecbulletin 1 hour ago Hot Topic, International

Meta was fined over $100 million by the EU privacy regulator on Friday due to a security issue with Facebook users’ passwords. The Irish Data Protection Commission fined the U.S. tech company 91 million euros ($101.6 million) after an investigation.

The watchdog opened an investigation in 2019 after Meta reported that some passwords were accidentally stored in plain text, making them searchable by employees.

Meta fined $101 million for storing passwords in plaintext

By infosecbulletin / Saturday , September 28 2024
Meta was fined over $100 million by the EU privacy regulator on Friday due to a security issue with Facebook...
Read More
Meta fined $101 million for storing passwords in plaintext

Microsoft warns Storm-0501 targets hybrid cloud environments

By infosecbulletin / Friday , September 27 2024
Microsoft cybersecurity researchers found that the "Storm-0501" ransomware group is targeting hybrid cloud environments. Storm-0501 Attacking Cloud Environments: Storm-0501 is...
Read More
Microsoft warns Storm-0501 targets hybrid cloud environments

RCE flaw impacts all GNU/Linux System: Details Revealed

By infosecbulletin / Friday , September 27 2024
Simone Margaritelli has discovered a serious remote code execution (RCE) vulnerability in the Common Unix Printing System (CUPS), impacting all...
Read More
RCE flaw impacts all GNU/Linux System: Details Revealed

Octo2: European Banks Already Under Attack by New Malware varient

By infosecbulletin / Friday , September 27 2024
Cybersecurity researchers at ThreatFabric have identified a new and more dangerous variant of the Octo banking malware, called "Octo2." This...
Read More
Octo2: European Banks Already Under Attack by New Malware varient

CISA Releases Guideline mitigating Active Directory compromise

By infosecbulletin / Friday , September 27 2024
To improve cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) has partnered with international agencies to release a guide on...
Read More
CISA Releases Guideline mitigating Active Directory compromise

G7 cyber group warns to prep for quantum computing risks

By infosecbulletin / Friday , September 27 2024
An intergovernmental group urged the financial sector on Wednesday to prepare for potential threats from advancements in quantum computing. The...
Read More
G7 cyber group warns to prep for quantum computing risks

Cloudflare report
India linked hacker to target Bangladeshi Gov.t and law agency

By infosecbulletin / Thursday , September 26 2024
A threat actor likely operating out of India is relying on various cloud services to conduct cyberattacks against energy, defense,...
Read More
Cloudflare report India linked hacker to target Bangladeshi Gov.t and law agency

India launches first Al-powered network solution for spam detection

By infosecbulletin / Thursday , September 26 2024
India's Bharti Airtel has launched India's first AI-powered solution that detects spam calls and messages, alerting customers in real-time. The...
Read More
India launches first Al-powered network solution for spam detection

White Snake to Steal Credit Cards CVC Codes from Chrome

By infosecbulletin / Wednesday , September 25 2024
The White Snake malware has been updated to take advantage of a new feature in the latest Google Chrome version....
Read More
White Snake to Steal Credit Cards CVC Codes from Chrome

Kaspersky Automatically Replaces With UltraAV, Raising Concerns

By infosecbulletin / Tuesday , September 24 2024
Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective September 19, 2024,...
Read More
Kaspersky Automatically Replaces With UltraAV, Raising Concerns

Deputy Commissioner Graham Doyle said it’s “widely accepted” that user passwords should not be stored in plain text, “considering the risks of abuse.”

Meta said a security review found that a “subset” of Facebook users’ passwords were “temporarily logged in a readable format.”

“We took immediate action to fix this error, and there is no evidence that these passwords were abused or accessed improperly,” the company said in a statement. “We proactively flagged this issue to our lead regulator, the Irish Data Protection Commission, and have engaged constructively with them throughout this inquiry.”

Meta has received several large fines from its lead EU regulator in Dublin for data privacy violations. These include a €405 million fine for Instagram’s mishandling of teen data, a €5.5 million penalty for WhatsApp, and a €1.2 billion fine for Meta regarding transatlantic data transfers.

Meta did not immediately respond to a request for comment.

Microsoft warns Storm-0501 targets hybrid cloud environments

Check Also

mobile

India launches first Al-powered network solution for spam detection

India’s Bharti Airtel has launched India’s first AI-powered solution that detects spam calls and messages, …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin