Those behind the attack told the BBC Russian Service that they had access to 120 million accounts, although this has been branded “unlikely” by Digital Shadows, whose researchers were called in to investigate.
In fact, the seller, “FBSaler,” provided a total dataset to reporters of around 257,000 profiles.
The largest number of profiles (30%) are Ukrainian, followed by Russia (9%), although users from the US, UK and Brazil are also said to be represented.Just 81,000 are certain to have been compromised, as private messages were included. The remaining 176,000 may have simply had profile information like names, addresses, contact numbers, and interests taken because accounts were left wide open by users.
The accounts are not thought to be linked to the Cambridge Analytica scandal, or the more recent breach of 30 million accounts which occurred after attackers obtained access tokens.
Google will shut down the consumer version of its social network Google+ after announcing data from up to 500,000 users may have been exposed to external developers by a bug that was present for more than two years in its systems.
The company said in a blog on Monday it had discovered and patched the leak in March of this year and had no evidence of misuse of user data or that any developer was aware or had exploited the vulnerability.
Shares of its parent company Alphabet Inc, however, were down 1.5% at US$1150.75 in response to what was the latest in a run of privacy issues to hit the United States’ big tech companies.
Keep calm and don’t panic, GDPR becomes law in 3 days.
In recent days, I have heard various comments that include ”This is like Y2K and it is yet another opportunity for consultants to make money”. To counter this argument, GDPR will go on beyond May 25th and will live on until the next revision. Whilst some will make money or not, this misses the point.
Remember, even if you do not work in Europe, when you manage the personal data of European ‘data subjects’, you have to play by the rules too.We take the protection of your data very seriously at ContinuityLink and as the Data Protection Officer, I share my knowledge with our team and ask for their views. This ensures that everyone can claim ownership for ‘our’ policies and plans.
We would like to help you comply with the GDPR legislation. Whilst Data Protection has been around for many years, one of the important improvement of this EU’s legislation is to have a common set of rules across its 28 members.
Why not enroll in a CDPO course to learn what it is all about, how to implement the procedures and protect your customers’ data?
Data Protection Officer