|
|
|
|
|
Cyber Daily: FTC’s Twitter Settlement Demonstrates New Focus on Data Privacy
|
|
|
|
|
|
Good day. Twitter Inc. agreed to a $150 million penalty and other measures to settle a lawsuit from the Justice Department, brought on behalf of the Federal Trade Commission, that it misused customer data.
The settlement is a major victory for the FTC, which has promised expansive action on data privacy under Chair Lina Khan, appointed last year by President Biden, as my colleague David Uberti reports.
Prosecutors allege the social-media platform collected email addresses and phone numbers ostensibly to secure user accounts, but then fed that information into its advertising engine. As part of the settlement, Twitter will have to institute rigorous compliance measures to improve its data-privacy practices, including regular audits and timely reporting for breaches.
Also today: Broadcom set to buy VMware; Fitch warns on credit impacts for cyber events at utilities; and a Toronto health network says patient data may have been breached.
As a reminder, Cyber Daily won’t be published on Monday, due to the Memorial Day holiday. We will resume regular service on Tuesday. Have a pleasant and relaxing long weekend.
|
|
|
CONTENT FROM OUR SPONSOR: Netscout
|
|
Threat Actors Wage War During Geopolitical Unrest
Although issues surrounding COVID-19 continue to dominate mainstream media, these four DDoS attacks illustrate how threat actors are taking advantage of other geopolitical events to launch attacks.
Read More
|
|
|
|
|
|
|
|
|
Twitter’s $150 million privacy settlement with the FTC represents about 3% of the company’s revenue last year. PHOTO: JUSTIN SULLIVAN/GETTY IMAGES
|
|
|
|
Twitter Inc. on Wednesday agreed to new oversight and a $150 million penalty to settle a federal privacy suit, the first major deal between a large tech company and the Biden administration Federal Trade Commission, which has pledged to more aggressively police data abuses.
Federal prosecutors alleged that Twitter collected phone numbers and email addresses for account security measures and then fed the information into its advertising tools, an additional use of the data the government said it failed to disclose. The alleged activity violated a 2011 consent order between the FTC and Twitter that barred it from misrepresenting how it used individuals’ contact information.
FTC Chairwoman Lina Khan, appointed by President Biden last year, has promised expansive use of her agency’s power to scrutinize companies’ data practices and potentially bar certain behaviors.
The pending Twitter settlement, rather than exploring new ground, suggests an extension of how previous administrations used existing enforcement authorities, current and former officials say.
“This is very much a continuation. But this is a strong order,” said Jessica Rich, a former director of the FTC’s Bureau of Consumer Protection who now works for law firm Kelley Drye & Warren LLP. Ms. Rich, who helped put together the 2011 consent order Twitter allegedly violated, said the new order contains provisions that are “much more robust.”
Read the full story.
|
|
|
|
|
Broadcom said it would acquire VMware for $61 billion and assume its name.
PHOTO: YICHUAN CAO/NURPHOTO/ZUMA PRESS
|
|
|
|
Broadcom’s $61 billion VMware buy is a bet on unsexy software. Broadcom Chief Executive Hock Tan’s $61 billion deal to buy VMware marks the biggest bet yet that the boom in enterprise software demand will endure despite the economic tumult—and that bundling disparate offerings of low-profile products can yield outsize returns. (WSJ)
|
|
|
PHOTO: CHRISTOPHER CAPOZZIELLO FOR THE WALL STREET JOURNAL
|
|
|
Fitch warns hacks could ding utilities’ credit ratings. Lax security practices and the fallout from disruptive cyberattacks could negatively affect electric companies’ ratings through response costs, regulatory fines or reduced earnings, according to a special report by the ratings agency. “Fitch will not make a positive rating action based on good cyber security hygiene and strong controls, but poor cyber security could result in negative rating actions,” it said. (Cybersecurity Dive)
|
|
|
Top darknet market shuts down after vulnerability discovery. The Versus Market, a popular English-language market for hacking services, stolen data and other illicit wares, is shuttering amid its own security scare. Versus’ operators say they closed the platform after finding a vulnerability exposing internal data that could reveal identifying information such as users’ internet-protocol addresses. The marketplace had been online for three years. (Bleeping Computer)
|
|
|
$106 Million
|
The additional funding requested by the Federal Bureau of Investigation in its fiscal year 2023 budget, to address cybersecurity-related issues.
|
|
|
|
|
|
|
PHOTO: SHAWN GOLDBERG/SOPA IMAGES/LIGHTROCKET/GETTY IMAGES
|
|
|
Toronto health network issues data breach warning. Scarborough Health Network said it detected an intrusion to its systems in late January, and that patient data may have been accessed until the breach was closed on Feb. 1. The hospital operator said sensitive information such as insurance policy numbers, procedure details, names and addresses among other things may have been accessed, and is offering credit-monitoring services. (Global News)
|
|
|
|
|
PHOTO: RAFAEL HENRIQUE/ZUMA PRESS
|
|
|
|
|
|
PHOTO: OLIVIER HOSLET/SHUTTERSTOCK
|
|
|
|
|
|
PHOTO: GIUSEPPE PINO FAMA/ZUMA PRESS
|
|
|
|
|
|
|
|
|
|
|
|
|