Irish regulators are slapping Instagram with a big fine after an investigation found the social media platform mishandled teenagers’ personal information in violation of strict European Union data privacy rules.
Academics Devise Open Source Tool For Hunting Node.js Security Flaws
A group of academic researchers have designed an open source Node.js bug hunting tool that has already identified 180 security vulnerabilities.
FTC Accuses Data Broker of Selling Sensitive Location Data
Federal regulators have sued a data broker they accuse of selling sensitive geolocation data from millions of mobile devices, information that can be used to identify people and track their movements to and from sensitive locations, including reproductive health clinics, homeless shelters and places of worship.
Facebook Parent Settles Suit in Cambridge Analytica Scandal
Facebook’s corporate parent has reached a tentative settlement in a lawsuit alleging the world’s largest social network service allowed millions of its users’ personal information to be fed to Cambridge Analytica, a firm that supported Donald Trump’s victorious presidential campaign in 2016.
BalkanID Adds $2.3M to Seed Funding Round
BalkanID, a Texas startup building technology in the Identity Governance and Administration (IGA) space, has added $2.3 million to its seed financing round, bringing the total raised to $8.1 million.
Cosmetics Giant Sephora Settles Customer Data Privacy Suit
Sephora Inc., one of the world’s largest cosmetics retailers, has settled a lawsuit claiming that the company sold customer information without proper notice in violation of the California’s landmark consumer privacy law, state Attorney General Rob Bonta said Wednesday.
Privacy Activists Target Google Over French ‘Spam’ Emails
Google is breaking EU law by sending users of its email service Gmail direct advertising messages, activists said in a complaint sent to French regulators on Wednesday.
It is the latest in a long line of complaints filed by the activist group NOYB (None of Your Business), which has fought the tech giant for years on data privacy.
Plex Confirms Database Breach, Data Theft
Popular streaming media platform Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted passwords.
Class Action Lawsuit Filed Against Oracle Over Data Collection Practices
A class action lawsuit filed against Oracle on Friday in the Northern District of California claims that the tech giant has built a worldwide surveillance machine.
GitLab Patches Critical Remote Code Execution Vulnerability
DevOps platform GitLab has issued patches for a critical remote code execution vulnerability impacting its GitLab Community Edition (CE) and Enterprise Edition (EE) releases.
Tracked as CVE-2022-2884 (CVSS 9.9/10 severity), the security flaw can be exploited via the GitHub import API, but requires authentication to be triggered.
