Believe it or not, we’re still experiencing fallout from the Cambridge Analytica scandal. Although Australia was initially not thought to be affected by the sneaky application, news broke this week that more than 300,000 Australians were affected. Read on for this week’s data breach.
Facebook Sued by Australian Watchdog over Data Breach
In the latest development of the Cambridge Analytica scandal, Australia is now suing Facebook for breaching the data of over 300,000 Australians. Just like in the United States, user data was stolen via the This is Your Digital Life app for political profiling. The vulnerable data included names, location, email addresses, birth dates, lists of friends, and even message information of some users. In another devastating picture of how Cambridge Analytica siphoned data, apparently only 53 people in Australia actually downloaded the app. That means that the final number of 311,127 Australians who had their data stolen were friends of those 53 users, or friends of friends. Each of these breaches can yield a maximum penalty of $1.7 Million, but it’s unclear at this point whether penalties will be sought for all of those affected.
These iPhone Apps are Snooping on Data Copied to Clipboard
When you copy and paste something in your web browser, that text briefly enters your “Pasteboard” or as we refer to it in general parlance, clipboard. In a frankly startling revelation this week, news broke that Apple gives gapps unrestricted access to that text. In fact, a new research report from Talal Haj Bakry and Tommy Mysk proves that many popular apps read the contents of the pasteboard periodically. At this point in time, it’s unclear what these companies are doing with the data they collect this way. The guilty apps this time around include news apps, games, social media apps, and other miscellaneous ones. Perhaps most troubling is the fact that these researchers submitted this problem as an issue earlier this year, and Apple replied that it wasn’t an issue. Time will tell how this all plays out.
Data of Millions of eBay and Amazon Shoppers Exposed
In another major data breach update, it came out this week that a massive database containing millions of European customer records were left unsecured on Amazon Web Services (AWS). A whopping 8 Million records were housed in the database, funnelling in from marketplace API’s from Amazon, eBay, Shopify, PayPal, and Stripe. Bob Diachenko, a data security analyst at Comparitech, discovered the trove of sensitive data on February 3, and it remained open for another 5 days. The vulnerable data included phone numbers, payments, names, email addresses, physical shipping addresses, names, items purchased, order IDs, links to Shopify and Stripe orders, and even some partially redacted credit card numbers. At present, Comparitech is not able to clearly discern how many people were affected.
Mobile Ad-blockers and VPNs Siphoning Data
And lastly, news also broke this week regarding the siphoning of user data ad-blockers and VPNs. The very software that many users download to protect them from harm online may be having the reverse effect. The culprit is an analytics firm called Sensor Tower, a company that purports to analyze app usage across platforms. The firm has also gotten into creating its own applications, such as Luna VPn and Adblock Focus. Sometime shortly after installation, these apps prompt users to install a certification allowing the firm to access certain features. One such certification shows up in Luna VPN, prompting users to add an extension for blocking ads in YouTube, but takes users to an external website to do so, effectively dodging Google and Apple restrictions. The company reportedly told Buzzfeed that they only collect anonymous usage and analytics data to sell to developers, investors, and other entities, but their lack of transparency is troubling and hints at other potential malpractice.