Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Irish Watchdog Opens Another Facebook Probe, Over Data Dump

Ireland’s privacy regulator said Wednesday it has opened an investigation into Facebook after data on more than 500 million users was reportedly found dumped online, in a suspected violation of strict European Union privacy rules.

Ireland’s privacy regulator said Wednesday it has opened an investigation into Facebook after data on more than 500 million users was reportedly found dumped online, in a suspected violation of strict European Union privacy rules.

The Data Protection Commission said it decided to start investigating following “multiple international media reports” about the data dump.

News reports earlier this month said the data was found on a website for hackers and contained information on 533 million users from more than 100 countries, including names, Facebook IDs, phone numbers, locations, birthdates and email addresses.

The watchdog said it launched the investigation after it “engaged with Facebook Ireland,” questioning it about compliance with privacy rules. The company responded, the Irish agency said, suggesting it wasn’t satisfied with the answers.

Facebook said it’s “cooperating fully” with the investigation.

The company has previously downplayed the problem, saying “malicious actors” didn’t hack its systems but used automated software to scrape the data from Facebook’s platform.

The problem stemmed from a vulnerability, reported and fixed in 2019, in features that allow users to import contacts.

“These features are common to many apps and we look forward to explaining them and the protections we have put in place,” Facebook said in a statement.

Advertisement. Scroll to continue reading.

Still, it’s another example of the vast amount of information collected by Facebook and other social media sites, and the limits to how secure that information is. And even though Facebook has patched the vulnerability, the user data is already out in the open and could be exploited by fraudsters.

Facebook, based in Menlo Park, California, has its European headquarters in Ireland, making that country’s watchdog its lead privacy regulator for the European Union under a system known as “one-stop shop.”

Irish regulators are already working on a dozen other investigations of Facebook and Instagram over suspected privacy breaches.

RelatedFacebook Paid Out $50K for Vulnerabilities Allowing Access to Internal Systems

RelatedFacebook Fails in Bid to Derail $15 Bn Privacy Suit

Related: Facebook Admits to Tracking Non-Users Across the Internet

Related: Apple to Press Ahead on Mobile Privacy, Despite Facebook Protests

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Compliance

Web scraping is a sensitive issue. Should a third party be allowed to visit a website and use automated tools to gather and store...

Cloud Security

Proofpoint removes a formidable competitor from the crowded email security market and adds technology to address risk from misdirected emails.