Google Stored G Suite Users’ Passwords in Plain-Text for 14 Years

Posted on May 23rd, 2019 by Responsible Cyber

After Facebook and Twitter, Google becomes the latest technology giant to have accidentally stored its users’ passwords unprotected in plaintext on its servers—meaning any Google employee who has access to the servers could have read them.In a blog post published Tuesday, Google revealed that its G Suite platform mistakenly stored unhashed passwords of some of […]

Read More

Russia Fines Facebook $47 Over Citizens’ Data Privacy Dispute

Posted on April 13th, 2019 by Responsible Cyber

Yes, you read that right!Russia has fined Facebook with 3,000 rubles, roughly $47, for not complying with the country’s controversial Data Localization law.It’s bizarre and unbelievable, but true. In December last year, Russian Internet watchdog Roskomnadzor sent notifications to Twitter and Facebook asking them to provide information about the location of servers that store the […]

Read More

Third Parties in Spotlight as More Facebook Data Leaks

Posted on April 6th, 2019 by Responsible Cyber

Two third-party services left Facebook user data exposed online — in one case, 540 million records of user comments — highlighting the ease with which third-party developers can access data and the risk of lax security. A Mexican media company’s unprotected Amazon S3 container exposed more than 540 million records of Facebook users’ comments and […]

Read More

Facebook Caught Asking Some Users Passwords for Their Email Accounts

Posted on April 6th, 2019 by Responsible Cyber

Facebook has been caught practicing the worst ever user-verification mechanism that could put the security of its users at risk.Generally, social media or any other online service asks users to confirm a secret code or a unique URL sent to the email address they provided for the account registration.However, Facebook has been found asking some […]

Read More

540 Million Facebook User Records Found On Unprotected Amazon Servers

Posted on April 6th, 2019 by Responsible Cyber

It’s been a bad week for Facebook users.First, the social media company was caught asking some of its new users to share passwords for their registered email accounts and now……the bad week gets worse with a new privacy breach.More than half a billion records of millions of Facebook users have been found exposed on unprotected […]

Read More

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

Posted on March 30th, 2019 by Responsible Cyber

Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications.Since almost all Facebook-owned apps by default use security mechanisms such as Certificate Pinning to ensure integrity and confidentiality of the traffic, it makes […]

Read More

Facebook Employees for Years Could See Millions of User Passwords in Plain Text

Posted on March 24th, 2019 by Responsible Cyber

2,000 Facebook engineers or developers reportedly made some nine million internal queries for data elements with plain text passwords. An internal Facebook investigation has found between 200 million and 600 million of its users may have had their account passwords stored in plain text for years, meaning they could have been searched and accessed by […]

Read More

Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years — Krebs on Security

Posted on March 24th, 2019 by Responsible Cyber

Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data. Facebook is probing a […]

Read More

Facebook Mistakenly Stored Millions of Users’ Passwords in Plaintext

Posted on March 24th, 2019 by Responsible Cyber

Holy moly, Facebook is again at the center of a new privacy controversy after revealing today that its platform mistakenly kept a copy of passwords for “hundreds of millions” users in plaintext.What’s more? Not just Facebook, Instagram users are also affected by the latest security incident.So, if you are one of the affected users, your […]

Read More

Facebook stashing plain text passwords is a wake-up call to improve GRC

Posted on March 22nd, 2019 by Responsible Cyber

As details emerged of how Facebook captured hundreds of millions of plain text passwords and stored them on internal company servers, my entire IT career flashed before my eyes. While it is criminal that there is apparently no adult supervision or oversight on what developers at Facebook can do with a user’s credentials when logging […]

Read More