Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Facebook Sues Analytics Firm for Data Misuse

Facebook on Thursday filed a federal lawsuit against oneAudience data intelligence firm over a tactic it used to gather information about users of social media platforms.

Facebook on Thursday filed a federal lawsuit against oneAudience data intelligence firm over a tactic it used to gather information about users of social media platforms.

New Jersey-based oneAudience paid software makers to install “malicious” software in their apps in order to “improperly” collect data about people at Facebook and other social media sites, Facebook said.

“Security researchers first flagged oneAudience’s behavior to us as part of our data abuse bounty program,” director of platform enforcement and litigation Jessica Romero said in a blog post.

“Facebook, and other affected companies, then took enforcement measures against oneAudience.”

Measures taken by Facebook late last year included disabling apps; sending oneAudience legal notification to stop the activity, according to the social network.

Facebook called on oneAudience to cooperate with audit as required the social network’s policies, but the company declined, Romero said.

The world’s biggest social network has faced intense pressure to crack down on improper data usage since revelations that a political consultancy working on Donald Trump’s campaign hijacked personal information on tens of millions of users.

Facebook has since pledged to review deals with all of its partners and apps.

Advertisement. Scroll to continue reading.

Twitter late last year warned users personal information such as email, user name, and most recent tweet could be accessed and taken using a malicious software development kit maintained by oneAudience.

“While we have no evidence to suggest that this was used to take control of a Twitter account, it is possible that a person could do so,” Twitter said in the warning.

Twitter advised users to check the list of apps with permission to access data on their smartphones, and to revoke access being given to any they don’t use or recognize.

People were also advised to be very selective about which apps they link to social network accounts.

The oneAudience website says it works with partners to “identify unique mobile device IDs to pinpoint real, verified mobile users” and “connect billions of offline and online touch points to fully understand the user behind the screen.”

The company did not immediately respond to an AFP query.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.