News that the firm Cambridge Analytica harvested profile data from Facebook users to advertise for Donald Trump’s presidential campaign and other right-wing candidates sparked a major backlash against the social media giant this weekend.
Facebook denies that it was a hack, however, explaining to the New York Times that “no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked.”
In fact, Facebook may have a point. As many have noted, Facebook's own policies didn’t block third parties from accessing user data until 2015, after Cambridge Analytica had already obtained information on an estimated 50 million users.
Facebook’s COO Sheryl Sandberg and CEO Mark Zuckerberg responded to the revelations publicly Wednesday with promises to review their policies. The site has approximately two billion users, or a quarter of the planet.
Universities, companies, and governments
In what the US Attorney’s office says is “one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice,” the DOJ said today that cyber-criminals in Iran stole $3.4 billion worth of data from 144 American universities. They also allegedly targeted 176 foreign universities, 30 private companies and five government agencies over a four-year period.
The DOJ formally indicted the alleged hackers today, though they were not arrested because they are still in Iran. Prosecutors say they could face detention if they ever try to leave the country.
More than 8,000 American professors were targeted in the attack as part of an effort to steal their research, the government says. The hackers allegedly have links to the Mabna Institute, a tech firm that the DOJ says works on behalf of the Iranian government and Iranian universities.
Orbitz, the third-party travel booking site owned by Expedia, announced this week that hackers accessed information on approximately 880,000 credit cards used by customers.
Over a period of several months last year, hackers managed to mine credit information as well as names, birth dates, and addresses on customers who used the site anywhere from from January 2016 to December 2017.
"We are offering affected individuals one year of complimentary credit monitoring and identity protection service in countries where available,” Orbitz said in a statement.
Canadian credit card users
Thieves made off with the rewards points earned by Canadian consumers participating in a grocery store loyalty program.
PC Optimum is a new but popular program in Canada that allows consumers to earn reward points when they shop at certain grocery stores and other retailers.
They may just be points, but they have real value; one victim said she lost more than one million points, allowing hackers to purchase over $1,000 worth of goods with her account. A total of more than 100,000 people had their points stolen.
Physical therapy patients and employees
ATI Physical Therapy, a chain of physical rehabilitation centers across the country, alerted over 35,000 customers yesterday that their data may have been accessed by hackers who were targeting direct deposit data of company employees.
As is becoming the standard when these breaches occur, the company is offering consumers free credit monitoring.