Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram
Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.
Covers how social media can expose personal data, spread scams, enable account takeover, and provide channels for influence or abuse.
Search across headline titles and summaries.
Background for this topic.
Social media comprises online services where people and organizations publish content, communicate, and form networks. The term covers public posts, private messages, groups, live streams, advertising systems, and the APIs and third-party applications that process platform data.
For security teams, these platforms expose identity, relationship, and behavioral information that can support targeted phishing, impersonation, or social engineering. Compromised accounts may be used to distribute malicious links or fraud, while excessive sharing and poorly controlled integrations can expose personal or corporate data. Relevant controls include strong authentication, phishing-resistant account recovery, least-privilege access for connected applications, monitoring for brand and executive impersonation, and clear retention and privacy policies. Public posts and platform telemetry can also provide threat intelligence, but collection and use may be constrained by privacy obligations and applicable data-protection rules.
Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.
Latest episode - listen now! (Or read if you prefer - full transcript inside.)
The Cyber Department of the Ukrainian Security Service (SSU) dismantled two more bot farms that spread Russian disinformation on social networks and messaging platforms via thousands of fake accounts. [...]
Instagram allowed children to run business accounts, which showed phone numbers and email addresses
A reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged, promising to steal authentication tokens to bypass multi-factor authentication (MFA) on Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, and even PyPI. [...]
Popular short-form social video service TikTok denied reports that it was breached by a hacking group, after it claimed to have gained access to an insecure cloud server
TikTok denies recent claims it was breached, and source code and user data were stolen, telling BleepingComputer that data posted to a hacking forum is "completely unrelated" to the company. [...]
TikTok denies recent claims it was breached, and source code and user data were stolen, telling BleepingComputer that data posted to a hacking forum is "completely unrelated" to the company. [...]
Also, Microsoft’s one-click TikTok trick, a 14-year old Aussie cracks ASD encryption in an hour, and more In brief NATO officials are investigating after criminals put up some data for sale on dark forums that they claim is "classified" information stolen from European missile maker MBDA.…