September 30, 2024 at 08:08AM The Data Protection Commission in Ireland has fined Meta Platforms Ireland Limited €91 million ($100 million) for storing hundreds of millions of users’ passwords in plaintext, a major violation of data protection regulations. Based on the meeting notes, the Data Protection Commission (DPC) in Ireland has imposed a fine of … Read more
September 30, 2024 at 02:54AM The Irish Data Protection Commission fined Meta €91 million for a security lapse, violating GDPR. Meta stored users’ passwords in plaintext, leading to exposure and potential abuse. The incident affected Facebook and Instagram passwords, prompting prompt DPC notification and technical measures. Meta took immediate action and proactively informed the DPC. … Read more
March 19, 2024 at 07:30PM Security researchers discovered nearly 19 million plaintext passwords exposed due to misconfigured Firebase instances, with millions of sensitive user records including emails, names, phone numbers, and billing information. The trio of researchers scanned over five million domains and found 916 websites with inadequate security rules. They alerted impacted companies and … Read more
November 18, 2023 at 10:32PM A proof-of-concept exploit for a critical remote code execution vulnerability in CrushFTP has been publicly released. Attackers can access files, execute code, and obtain passwords. The developers released a fix in CrushFTP 10.5.2, but applying the patches may not protect against all threats. Users should update to the latest version, … Read more