LinkedIn has confirmed it will no longer allow advertisers to target users based on data gleaned from their participation in LinkedIn Groups.
In response to the complaint it received in February, the EC wrote to LinkedIn to request further information on how it might be enabling targeted ads based on sensitive personal data such as race, political allegiances, or sexual orientation.
While LinkedIn maintained that it complied with the DSA, the company has now removed the ability for advertisers to “create an advertising audience” in Europe using LinkedIn Group membership data.
“We made this change to prevent any misconception that ads to European members could be indirectly targeted based on special categories of data or related profiling categories,” Corrigan wrote on LinkedIn today.
LinkedIn will still allow targeted advertising, just not using data garnered from LinkedIn groups.
The Indian government has finally resolved a years-long cybersecurity issue that exposed reams of sensitive data about its citizens.
At fault was the Indian government’s cloud service, dubbed S3WaaS, which is billed as a “secure and scalable” system for building and hosting Indian government websites.
With evidence of ongoing exposures of private data, Majumder asked TechCrunch for help getting the remaining data secured.
Majumder said that some citizens’ sensitive data began spilling online long after he first disclosed the misconfiguration in 2022.
The exposed data, Majumder said, potentially puts citizens at risk of identity thefts and scams.
A U.S. government watchdog stole more than one gigabyte of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior.
The good news: The data was fake and part of a series of tests to check whether the Department’s cloud infrastructure was secure.
The experiment is detailed in a new report by the Department of the Interior’s Office of the Inspector General (OIG), published last week.
The tests were conducted between March 2022 and June 2023, the OIG wrote in the report.
The Department of the Interior manages the country’s federal land, national parks and a budget of billions of dollars, and hosts a significant amount of data in the cloud.
An Indian state government has fixed security issues impacting its website that exposed the sensitive documents and personal information of millions of residents.
The bugs existed on the Rajasthan government website related to Jan Aadhaar, a state program to provide a single identifier to families and individuals in the state to access welfare schemes.
One of the bugs allowed anyone to access personal documents and information with knowledge of a registrant’s phone number.
The state’s Jan Aadhaar portal, which launched in 2019, says it has more than 78 million individual registrants and 20 million families.
The portal aims to offer “One Number, One Card, One Identity” to residents in the northern state of Rajasthan for accessing state government welfare schemes.
The U.S. government sanctioned a Russian national for allegedly playing a “pivotal role” in the ransomware attack against Australian health insurance giant Medibank that exposed the sensitive information of almost 10 million patients.
The breach is believed to have impacted several high-profile Medibank customers, including senior Australian government lawmakers.
The U.S. Treasury Department sanctioned Ermakov shortly after the Australian government imposed first-of-its-kind sanctions against the Russian national.
According to the U.S. Treasury, REvil ransomware has been deployed on approximately 175,000 computers worldwide, garnering at least $200 million in ransom payments.
The FSB’s surprise operation came just months after the U.S. Department of Justice charged a 22-year-old Ukrainian citizen linked to the REvil ransomware gang due to his alleged role in the Kaseya attack.
A bug on X, formerly Twitter, was causing numerous posts over the weekend to be flagged as “Sensitive Media,” thwarting the company’s own attempts to make its platform more approachable to advertisers.
Today, a bug in our system caused X to incorrectly label numerous posts as Sensitive Media.
— Safety (@Safety) January 21, 2024“Sensitive media” is a label X uses to denote content that others may not wish to see, like violence or nudity.
X asks its users who want to regularly post such items, to adjust their media settings to appropriately mark their images.
This is being fixed.” An hour later, he reposted the message from the X safety team which referred to the issue as a bug.
About 16.6 million LoanDepot customers had their “sensitive personal” information” stolen in a cyberattack earlier this month, which the loan and mortgage giant has described as ransomware.
The loan company said in a filing with federal regulators on Monday that it would notify the affected customers of the data breach.
LoanDepot did not say what kind of sensitive and personal customer data was stolen.
When reached by email, LoanDepot spokesperson Jonathan Fine declined to tell TechCrunch what specific types of customer data was taken.
LoanDepot said it has “not yet determined” whether the cybersecurity incident will materially impact the company’s financial condition.
The U.S. Federal Trade Commission has continued its crackdown on data brokers with a settlement banning data aggregation company InMarket from selling consumers’ precise location data.
Texas-based InMarket, which debuted as CheckPoints at TechCrunch Disrupt 2010, provides a marketing platform that collects sensitive consumer data — including location data, purchasing history, and demographic information — which brands and advertising agencies use to facilitate targeted advertising on mobile devices.
Based on the data that InMarket collects, brands can target shoppers who are likely to be low-income millennials or Christian churchgoers, according to the FTC.
In its proposed order unveiled Thursday, the FTC accused InMarket of failing to obtain users’ consent before using their location data for marketing and advertising purposes.
That order marked the first time the regulator struck a deal to prohibit a company from selling sensitive location data.
The U.S. Federal Trade Commission has banned the data broker X-Mode Social from sharing or selling users’ sensitive location data, the federal regulator said Tuesday.
The settlement will also require the data broker to delete or destroy all the location data it previously collected, along with any products produced from this data, unless the company obtains consumer consent or ensures the data has been de-identified.
X-Mode buys and sells access to the location data collected from ordinary phone apps.
While just one of many organizations in the multibillion-dollar data broker industry, X-Mode faced scrutiny for selling access to the commercial location data of Americans’ past movements to the U.S. government and military contractors.
Since its inception, X-Mode has imposed strict contractual terms on all data customers prohibiting them from associating its data with sensitive locations such as healthcare facilities.
Elon Musk’s X, the social media platform formerly known as Twitter, is facing a new privacy complaint in Europe related to its ad targeting tools.
The complaint, which is being lodged with the Dutch data protection authority by privacy rights not-for-profit noyb, accuses X of failing to enforce its own its advertising guidelines.
“After we filed our first complaint in this matter, the EU Commission has already confirmed to stop advertising on X.
“In November, this unlawful use of micro-targeting already prompted noyb to file a complaint against the EU Commission itself.
“It remains to be seen if the Commission may take action against X itself under the DSA,” noyb further added.
