Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

UK ICO fines Facebook with maximum for Cambridge Analytica scandal

Facebook has been fined £500,000 by the UK’s Information Commissioner’s Office (ICO) for the Cambridge Analytica privacy scandal that exposed data of 87 million users. The announcement was made by the UK’s data protection regulator, Information Commissioner Elizabeth Denham. “The ICO’s investigation found that between 2007 and 2014, Facebook processed the personal information of users unfairly […]

Facebook

Facebook has been fined £500,000 by the UK’s Information Commissioner’s Office (ICO) for the Cambridge Analytica privacy scandal that exposed data of 87 million users.

The announcement was made by the UK’s data protection regulator, Information Commissioner Elizabeth Denham.

“The ICO’s investigation found that between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent, and allowing access even if users had not downloaded the app, but were simply ‘friends’ with people who had.” she said.

This is the first possible financial punishment that Facebook was facing for the Cambridge Analytica scandal.

According to the ICO data from at least 1 million British citizens was “unfairly processed,” the organization blames Facebook because it has “failed to take appropriate technical and organisational measures” to prevent the abuse of users’ data.

The ICO also accused Facebook to have “failed to make suitable checks on apps and developers using its platform.”

“The ICO’s investigation found that between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent, and allowing access even if users had not downloaded the app, but were simply ‘friends’ with people who had,” states the ICO.

“Even after the misuse of the data was discovered in December 2015,” continues the ICO, “Facebook did not do enough to ensure those who continued to hold it had taken adequate and timely remedial action, including deletion. In the case of SCL Group, Facebook did not suspend the company from its platform until 2018.”

Facebook Data Breach

Social network giant announced it is reviewing the ICO’s penalty and is asking to access Cambridge Analytica servers to analyze data they collected.

“We are grateful that the ICO has acknowledged our full co-operation throughout their investigation and have also confirmed they have found no evidence to suggest UK Facebook users’ data was in fact shared with Cambridge Analytica,” a Facebook spokesperson said.

“Now that their investigation is complete, we are hopeful that the ICO will now let us have access to CA servers so that we are able to audit the data they received.”

I personally believe that this fine is just symbolic if we compare it with potential penalties faced by the social network giant under EU’s General Data Protection Regulation (GDPR). GDPR establishes a maximum fine of 20 million euros or 4% of company annual global revenue (roughly£1.26 billion).

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – ICO, Cambridge Analytica)

[adrotate banner=”5″]

[adrotate banner=”13″]