fbpx

Download free GDPR compliance checklist!

Tag Archives for " phone "

Data on 533 million Facebook users leaked on hacking forum

A threat actor has published the phone numbers and account details for an estimated 533 million Facebook users —about a fifth of the entire social network’s user pool— on a publicly accessible cybercrime forum.

The leaked data includes information that users posted on their profiles. Information leaked today includes Facebook ID numbers, profile names, email addresses, location information, gender details, job data, and anything else users might have entered in their profiles.

Furthermore, the database also contains phone numbers for all users, information that is not always public for most profiles.

Source: Phone numbers for 533 million Facebook users leaked on hacking forum | The Record by Recorded Future

Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out

Google’s Pixel and Apple’s iPhone both in privacy hot seat for siphoning mobile device data without consent.

Mobile device-tracking by Apple and Google take center stage in a report revealing that, despite both allowing users to opt out of sharing telemetry data – they do anyway.

The research, entitled Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google (PDF), also found that Google collects up to 20 times more data from its Android Pixel users compared to the amount of data that Apple collects from iOS users.

Source: Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out | Threatpost

A Hacker Got All My Texts for $16

A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages.

Once the hacker is able to reroute a target’s text messages, it can then be trivial to hack into other accounts associated with that phone number. In this case, the hacker sent login requests to Bumble, WhatsApp, and Postmates, and easily accessed the accounts.

The method of attack, which has not been previously reported or demonstrated in detail, has implications for cybercrime, where criminals often take over target’s phone numbers in order to harass them, drain their bank account, or otherwise tear through their digital lives. The attack also brings up issues around private, corporate, and national security, where once a hacker gains a foothold on a victim’s phone number, they may be able to intercept sensitive information or personal secrets.

Source: A Hacker Got All My Texts for $16

Apple’s App Tracking Transparency feature will be enabled by default and arrive in ‘early spring’ on iOS

Apple first announced at WWDC in June that app developers would have to ask users for permission in order to track and share their IDFA identifier for cross-property ad targeting purposes.  The plan is to launch these changes in early spring, with a version of the feature coming in the next iOS 14 beta release.

The App Tracking Transparency feature moves from the old method where you had to opt-out of sharing your Identifier for Advertisers (IDFA) to an opt-in model. This means that every app will have to ask you up front whether it is ok for them to share your IDFA with third parties including networks or data brokers.

Source: Apple’s App Tracking Transparency feature will be enabled by default and arrive in ‘early spring’ on iOS | TechCrunch

Bot Lets Hackers Easily Look Up Facebook Users’ Phone Numbers

A user of a low-level cybercriminal forum is selling access to a database of phone numbers belonging to Facebook users, and conveniently letting customers look up those numbers by using an automated Telegram bot.

Although the data is several years old, it still presents a cybersecurity and privacy risk to those whose phone numbers may be exposed—one person advertising the service says it contains data on 500 million users. Facebook told Motherboard the data relates to a vulnerability the company fixed in August 2019.

 

Source: Bot Lets Hackers Easily Look Up Facebook Users’ Phone Numbers

Military Intelligence Agency Says It Monitored U.S. Cellphone Movements Without Warrant

In a new document made public Friday, the Defense Intelligence Agency acknowledged monitoring the location of U.S.-based mobile devices without a warrant through location data drawn from ordinary smartphone apps.

The Defense Intelligence Agency told congressional investigators that the agency has access to “commercially available geolocation metadata aggregated from smartphones” from both the U.S. and abroad. It said it had queried its database to look at the location information of U.S.-based smartphones five times in the last 2½ years as part of authorized investigations.

Such data is typically drawn from smartphone apps such as weather, games and other apps that get user permission to access a phone’s GPS location.

Source: Military Intelligence Agency Says It Monitored U.S. Cellphone Movements Without Warrant – WSJ

Irish murderer appeals conviction on grounds of EU data law breach

When Graham Dwyer was convicted of murder in 2015 it was a triumph for Ireland’s police and judicial system. Phone data helped clinch murder conviction for Graham Dwyer in 2015.

Five years later, however, the conviction risks unravelling over the use of phone data – a twist that could see Dwyer walk free, and also have an impact on data privacy rules across Europe. Dwyer has now appealed on the grounds the retention and accessing of his mobile phone data breached EU law.

Court of Justice of European Union (CJEU) has ruled in recent cases involving Belgium, France and the UK that governments and service providers do not have broad rights to retain data on citizens, and legal experts expect the Dwyer decision to follow that pattern.

Source: Irish murderer appeals conviction on grounds of EU data law breach | Ireland | The Guardian

U.S. Schools Are Buying Cellebrite Phone-Hacking Tech

A Gizmodo investigation has found that schools in the U.S. are purchasing phone surveillance tools from Cellebrite and companies that offer similar tools just four years after the FBI used it to crack a terrorism suspect’s iPhone.

Known as mobile device forensic tools (MDFTs), this type of tech is able to siphon text messages, photos, and application data from student’s devices. Together, the districts encompass hundreds of schools, potentially exposing hundreds of thousands of students to invasive cell phone searches.

Source: U.S. Schools Are Buying Cellebrite Phone-Hacking Tech

Apple takes aim at adtech hysteria over iOS app tracking change

Apple has used a speech to European lawmakers and privacy regulators today to come out jabbing at what SVP Craig Federighi described as dramatic, “outlandish” and “false” claims being made by the adtech industry over a forthcoming change to iOS that will give users the ability to decline app tracking.

The iPhone maker had been due to introduce the major privacy enhancement to the App Store this fall but delayed until early 2021 after the plan drew fire from advertising giants.

Source: Apple takes aim at adtech hysteria over iOS app tracking change

Most Americans Object to Government Tracking of Their Activities Through Cellphones

A new survey found widespread concern among Americans about government tracking of their whereabouts through their digital devices, with an overwhelming majority saying that a warrant should be required to obtain such data.

A new Harris Poll survey indicated that 55% of American adults are worried that government agencies are tracking them through location data generated from their cellphones and other digital devices. The poll also found that 77% of Americans believe the government should get a warrant to buy the kind of data.

Source: Most Americans Object to Government Tracking of Their Activities Through Cellphones – WSJ

1 2 3 4
>