Many Disney+ users who have had their accounts stolen and put up for sale on the dark web say that Disney has yet to sort their problems. The firm says it does not believe its systems have been compromised, suggesting that members’ details have been stolen by other means. The BBC reports: On November 12, its first day live, people had…
Tag: two-factor authentication
New Facebook Features Fight Election Lies Everywhere But Ads
Heaven forbid a political candidate’s Facebook account gets hacked. They might spread disinformation … like they’re already allowed to do in Facebook ads … From a report: Today Facebook made a slew of announcements designed to stop 2020 election interference. “The bottom line here is that elections have changed significantly since 2016” and so has Facebook in response, CEO Mark Zuckerberg…
‘Massive’ Coordinated Campaign Hijacked Many YouTube Accounts
An anonymous reader quotes ZDNet: A massive wave of account hijacks has hit YouTube users, and especially creators in the auto-tuning and car review community, a ZDNet investigation discovered following a tip from one of our readers. Several high-profile accounts from the YouTube creators car community have fallen victim to these attacks already… But the YouTube car community wasn’t the only…
Released from Prison, Spammer Who Stole 17.5 Million Passwords Apologizes and Reforms
An anonymous reader quotes ZDNet:
Kyle Milliken, a 29-year-old Arkansas man, was released last week from a federal work camp. He served 17 months for hacking into the servers of several companies and stealing their user databases. Some of the victims included Disqus, from where he stole 17.5 million user records, Kickstarter, from where he took 5.2 million records, and Imgur, with…
Facebook Deceived Users About the Way It Used Phone Numbers, Facial Recognition, FTC To Allege in Complaint
The Federal Trade Commission plans to allege that Facebook misled users’ about its handling of their phone numbers as part of a wide-ranging complaint that accompanies a settlement ending the government’s privacy probe, Washington Post reported Tuesday, citing two people familiar with the matter. From the report: In the complaint, which has not yet been released, federal regulators take issue with…
Slack Resets Passwords For 1% of Its Users Because of 2015 Hack
ZDNet: Slack published more details about a password reset operation that ZDNet reported earlier today. According to a statement the company published on its website, the password reset operation is related to the company’s 2015 security breach. In March 2015, Slack said hackers gained access to some Slack infrastructure, including databases storing user credentials. Hackers stole hashed passwords, but they also…
Should Companies Abandon Their Password Expiration Policies?
In his TechCrunch column, software engineer/journalist Jon Evans writes that last month “marked a victory for sanity and pragmatism over irrational paranoia.”
I’m talking about Microsoft finally — finally! but credit to them for doing this nonetheless! — removing the password expiration policies from their Windows 10 security baseline… Many enterprise-scale organizations (including TechCrunch’s owner Verizon) require their users to change their…