Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Facebook to Offer ‘Bounty’ for Reporting Data Abuse

Facebook said Tuesday it would begin offering rewards to people who report misuse of private information from the social network, as part of an effort to step up data protection in the wake of a firestorm.

Facebook said Tuesday it would begin offering rewards to people who report misuse of private information from the social network, as part of an effort to step up data protection in the wake of a firestorm.

The new program “will reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people’s data to another party to be sold, stolen or used for scams or political influence,” product security chief Collin Greene said in a statement.

Greene said the new offer was inspired by the “bug bounty” offered by Facebook and other online services to reward people who find security flaws.

The reward will be “based on the impact of each report,” Greene said, with a minimum of $500 for verified cases of abuse affecting 10,000 people or more.

“While there is no maximum, high impact bug reports have garnered as much as $40,000 for people who bring them to our attention,” he added.

The announcement comes with Facebook chief Mark Zuckerberg set to begin testimony at congressional hearings Tuesday and Wednesday on abuse of private data collected by the social network.

RelatedWould Facebook and Cambridge Analytica be in Breach of GDPR?

Facebook is under fire in the United States and around the world following disclosures of private data hijacked by the consultancy Cambridge Analytica, which was working for Donald Trump’s 2016 campaign.

Advertisement. Scroll to continue reading.

“We’ll review all legitimate reports and respond as quickly as possible when we identify a credible threat to people’s information,” Greene said of the new program.

“If we confirm data abuse, we will shut down the offending app and take legal action against the company selling or buying the data, if necessary. We’ll pay the person who reported the issue, and we’ll also alert those we believe to be affected.”

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.