Each week, PrivSec:Report presents the top 5 headlines from the week’s news and upcoming events in the privacy and security industry. Social media giants have popped up throughout the week with various privacy issues, and it’s been revealed that hackers can now alter the sent messages on WhatsApp.
Less speed more haste
This week began with IKEA apologising to its Singapore for the data breach which happened last week and the email blunder which quickly followed. The original breach was in the form of a promotional email which didn’t make use of the BCC function for some 410 customers, and then the second blunder was where a draft version of the apology was sent to recipients. A spokesperson admitted that the company was “embarrassed” about the incidents which took place but have apologised for the mistakes. Read the full story here.
Don’t pin your hopes on Monzo
Monzo has become one of the fastest-growing banks in the UK recently, but that’s no excuse for the oversight they confessed to this week. The digital bank released a statement which urged their customers to change their pins because employees could access at least 480,000 pins which were not stored in a secure part of their systems. According to a spokesperson, only those who had received the email about changing their pin were affected. Read more about the breach here.
What’s happened with my data? (In 280 characters or less)
On Tuesday, Twitter announced that an issue on the platform resulted in the company sharing some user data with advertising partners without consent. Twitter shared the list of ad partners who may have received the information and the full list of user ad data it exposed. However, the social media giant did not reveal the name of the mobile apps which were advertised on its platform. The social media giant apologised and assured customers that it wouldn’t happen again. Read the full story here.
The apple doesn’t fall far from the tree.
An Instagram incident occurred shortly after the Twitter breach. The photo-sharing app allowed a trusted advertising partner to harvest huge swathes of user data to create detailed files on account holders’ physical locations and personal bios. According to reports, the information was put together by Hyp3r, in contradiction of Instagram rules and without Instagram’s knowledge or authorisation. Distance between Instagram and its parent company Facebook will soon shrink as the world learns that Instagram is a chip off the old block when it comes to safeguarding user privacy. Read more here.
Blame the hackers!
A cybersecurity firm has revealed that a vulnerability found on the WhatsApp could permit hackers to “put words in people’s mouths”. The messaging app is owned by Facebook but neither Facebook or WhatsApp have commented on the report. There are three main things that hackers can do, read about the different things they’re able to do here.
Quote of the week:
“If you take the time to really focus on education and awareness it is actually quite straightforward to create that cyberculture”
– Vicki Gavin, Head of Cyber Risk at Artemis Fund Managers discussing awareness in cybersecurity in the latest PrivSec Podcast.
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/