Tag: users

By Emily Glazer, Deepa Seetharaman and AnnaMaria Andriotis for Wall Street Journal 

The social-media giant has asked large U.S. banks to share detailed financial information about their customers, including card transactions and checking-account balances, as part of an effort to offer new services to users.

Facebook increasingly wants to be a platform where people buy and sell goods and services, besides connecting with friends. The company over the past year asked JPMorgan Chase JPM 0.37% & Co., Wells Fargo & Co., Citigroup Inc. C 0.01% and U.S. Bancorp USB 0.70% to discuss potential offerings it could host for bank customers on Facebook Messenger, people familiar with the matter said.

Facebook has talked about a feature that would show its users their checking-account balances, the people said. It has also pitched fraud alerts, some of the people said.

Data privacy is a sticking point in the banks’ conversations with Facebook, said people familiar with the matter. The talks are taking place as Facebook faces several investigations over its ties to political analytics firm Cambridge Analytica, which accessed data on as many 87 million Facebook users without their consent.

One large U.S. bank pulled away from the talks due to privacy concerns, some of the people said.

Facebook has told banks that the additional customer information could be used to offer services that might entice users to spend more time on Messenger, a person familiar with the discussions said. The company is trying to deepen user engagement: Investors shaved more than $120 billion from its market value in one day last month after it said its growth is starting to slow.

Facebook said it wouldn’t use the bank data for ad-targeting purposes or share it with third parties.

“We don’t use purchase data from banks or credit-card companies for ads,” spokeswoman Elisabeth Diana said. “We also don’t have special relationships, partnerships or contracts with banks or credit-card companies to use their customers’ purchase data for ads.”

Facebook shares climbed sharply Monday on the news, rising 4.45%, marking the biggest one-day gain since last month’s historic drop.

Banks face pressure to build relationships with big online platforms, which reach billions of users and drive a growing share of commerce. They also are trying to reach more users digitally. Many struggle to gain traction in mobile payments.

Yet banks are hesitant to hand too much control to third-party platforms such as Facebook. They prefer to keep customers on their own websites and apps.

As part of the proposed deals, Facebook asked banks for information about where their users are shopping with their debit and credit cards outside of purchases they make using Facebook Messenger, the people said. Messenger has some 1.3 billion monthly active users, Chief Operating Officer Sheryl Sandberg said on the company’s second-quarter earnings call last month.

Alphabet Inc.’s Google and Amazon.com Inc. also have asked banks to share data if they join with them, in order to provide basic banking services on applications such as Google Assistant and Alexa, according to people familiar with the conversations.

Facebook has taken a harder public line on privacy since the Cambridge Analytica uproar. A product privacy team has announced new features such as “clear history,” which would allow users to prevent the service from collecting their off-Facebook browsing details. It also is making efforts to alert users to its privacy settings.

That hasn’t assuaged concerns over Facebook’s privacy practices. Bank executives are worried about the breadth of information being sought, even if it means their bank might not being available on certain platforms their customers use. Bank customers would need to opt-in to the proposed Facebook services, the company said in a statement Monday.

JPMorgan isn’t “sharing our customers’ off-platform transaction data with these platforms, and have had to say no to some things as a result,” spokeswoman Trish Wexler said.

Banks view mobile commerce as one of their biggest opportunities but are still running behind technology firms such as PayPal Holdings Inc. PYPL 0.62% and Square Inc. Customers have moved slowly, too; many Americans still prefer using credit or debit cards, along with cash and checks.

In an effort to compete with PayPal’s Venmo, a group of large banks last year connected their smartphone apps to money-transfer network Zelle. Results are mixed so far: While usage has risen, many banks still aren’t on the platform.

In recent years, Facebook has tried to transform Messenger into a hub for customer service and commerce, in keeping with a broader trend among mobile messaging services.

A partnership with American Express Co. AXP 1.04% allows Facebook users to contact the card company’s representatives. Last year, Facebook struck a deal with PayPal that allows users of that payment service to send money through Messenger. And Mastercard Inc. MA 0.54% cardholders can place online orders with certain merchants through Messenger using the card company’s Masterpass digital wallet. (A Mastercard spokesman said Facebook doesn’t see the card users’ information.)

57-million Uber users hacked

Hackers stole the personal data of 57 million customers and drivers and the ride-hailing company allegedly paid them $100,000 to delete the information and “go away”.

The data was compromised in October 2016, and Uber has managed to conceal the breach for more than a year, according to Bloomberg.

Uber claims they were involved in negotiations with US regulators about separate privacy violations at the time of the breach.

But the company now admits they were legally required to report the hack to regulators and to drivers whose license numbers were taken.

However, Uber reportedly paid the hackers $100,000 to delete the data instead.

Joe Sullivan, Uber’s chief security officer, was fired this week for his role in keeping the hack quiet. One of Sullivan’s deputies was also fired for helping.

Ex-CEO and co-founder, Travis Kalanick, reportedly found out about the hack in November 2016, but at the time Uber had just settled a lawsuit with the New York attorney general over the company’s privacy practices.

Dara Khosrowshahi took over as Uber’s new CEO in September.

‘None of this should have happened, and I will not make excuses for it,’ Khosrowshahi said in a press statement on Tuesday. ‘We are changing the way we do business.’

‘At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals.

‘We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts,’ Khosrowshahi said.

The hackers stole names, email addresses, and phone numbers from 50 million Uber riders worldwide, said in the statement.

Personal information from 7 million drivers was also compromised. That figure includes about 600,000 US driver’s license numbers that were stolen.

Uber claims that no one’s Social Security numbers, credit card details, or trip location information was stolen.

The company said they don’t believe the information was ever used. Uber also declined to release the identities of the hackers.

‘While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection,’ Khosrowshahi said.

Dara Khosrowshahi took over as Uber’s new CEO in September. ‘None of this should have happened, and I will not make excuses for it,’ Khosrowshahi (pictured last month) said. ‘We are changing the way we do business’ +5
Dara Khosrowshahi took over as Uber’s new CEO in September. ‘None of this should have happened, and I will not make excuses for it,’ Khosrowshahi (pictured last month) said. ‘We are changing the way we do business’

Uber’s hack joins the ranks of other massive hacks such as Yahoo and Equifax. In September, Equifax reported that the hack compromised the sensitive information of 145.5 million people and the Yahoo hack affected three billion +5
Uber’s hack joins the ranks of other massive hacks such as Yahoo and Equifax. In September, Equifax reported that the hack compromised the sensitive information of 145.5 million people and the Yahoo hack affected three billion

According to Bloomberg, Sullivan, who joined Uber in 2015, was the guy who spearheaded the response to the hack last year.

Last month, an investigation was launched into the activities of Sullivan’s security team. During the investigation, the hack and cover-up were discovered.

Uber said two attackers gained access to private GitHub coding site used by Uber software engineers, according to Bloomberg.

From there, the hackers used login credentials they obtained from GitHub to access data stored on an Amazon Web Services account.

The hackers then found an archive of rider and driver information. Once the information was accessed, the attackers asked Uber for money.

Khosrowshahi said he’s bringing on board Matt Olsen, a co-founder of a cybersecurity consulting firm and former general counsel of the National Security Agency and director of the National Counterterrorism Center, for guidance on ‘how best to guide and structure our security teams and processes going forward’.

The company is currently in the process of ‘individually notifying the drivers whose driver’s license numbers were downloaded’. Uber will also provide these drivers with free credit monitoring and identity theft protection.

Uber’s hack joins the ranks of other massive hacks such as Yahoo and Equifax. In September, Equifax reported that the hack compromised the sensitive information of 145.5 million people.

And last month, Yahoo admitted that three billion Yahoo users were affected by the 2013 data theft that the company originally said had only affected 1 billion users.

By Valerie Edwards for Daily Mail

Yahoo triples likely scope of hack to 3bn

Yahoo, the Internet company acquired by Verizon Communications this year, now believes a 2013 security breach exposed all 3 billion of its users at the time.

The assessment, based on new intelligence obtained after the $4.5bn acquisition, compares with Yahoo’s initial estimate that 1 billion accounts were compromised.

The information stolen didn’t include passwords in clear text, payment data or bank accounts. Yahoo is notifying users.

Verizon, which is combining Yahoo with its AOL business to attract more internet advertising, had negotiated a $350m price cut on the deal after Yahoo disclosed the 2013 breach and a subsequent hack in 2014.

Verizon and Altaba, the former owner of the Yahoo Internet assets Verizon acquired, agreed earlier this year to split evenly the liability costs of consumer and business lawsuits related to the breach.

Altaba also has to cover any shareholder liability costs.While the attacks exposed user accounts and threatened Yahoo’s trust with consumers, most users have already moved on, said Jan Dawson, an analyst at Jackdaw Capital.

“Certainly this makes the hack look worse than Verizon and the rest of us thought, but I don’t know that that materially changes the valuation of Yahoo as a company or the ongoing cost of dealing with the hack,” Dawson said.

Verizon, based in New York, and Altaba, based in Sunnyvale, California, were little changed in late trading.The Senate Commerce Committee will call on representatives of Yahoo to testify about recent breaches, whether there are steps they should have taken earlier and whether there is potentially more bad news to come, John Thune, the panel’s chairperson, said on Tuesday in a statement.

The committee is also calling representatives of Equifax, the consumer credit agency involved in a data breach that compromised information on 145.5 million US consumers. The date and witness list will be announced later this month.

Yahoo has said it wasn’t able to identify who was responsible for the 2013 breach, though the US government has accused Russia of directing the 2014 hack. The 2013 intrusion was discovered by Andrew Komarov, chief intelligence officer for InfoArmor, who had been tracking a prolific Eastern European hacker group that he spotted offering 1 billion Yahoo accounts for $300 000 in a private sale.

By watching the group’s communications, he was able to determine that it sold the database three times. Two buyers were large spamming groups.The third buyer provided a list of 10 names of US and foreign government officials and business executives to verify that their logins were part of the database, Komarov said.

The unusual request, Komarov said, indicated that the buyer might be linked to a foreign intelligence agency.

By Scott Moritz for Fin24

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top