Cloudflare and Twilio targeted by similar phishing attacks
Twilio, which provides two-factor authentication and communication services, was recently targeted by a phishing attack in which hackers acquired employees’ credentials and gained access to sensitive internal systems, according to a statement released by the company. Two days later, Cloudflare, a content delivery network and DDoS mitigation company, was attacked in a similar manner, leading security experts to believe the same group was behind the attacks. Cloudflare ultimately avoided a compromise due to their use of hardware-based multi-factor authentication keys.
Amazon acquires iRobot, gaining access to maps of consumers’ home interiors
Amazon and iRobot recently released a joint statement declaring Amazon’s acquisition of iRobot for $1.7 billion. Should the deal go through, Amazon will gain access to interior maps of consumers’ homes gathered by iRobot’s Roomba product. The acquisition will complement other Amazon products centered on gathering household data and the internet of things, such as Ring.
Adtech giant Criteo faces $65M fine in France for GDPR consent breaches
Criteo, a major French adtech company, has been fined €60 million (~$65 million) by French data protection authorities. After receiving complaints from Privacy International and noyb (also known as none of your business, Max Schrems’ privacy advocacy group), the Commission nationale de l'informatique et des libertés (CNIL) found that Criteo lacked sufficient legal bases for using a suite of tracking techniques and data processing practices designed to profile web users.
Facebook catches lucky break in Europe
After Irish data protection authorities released a draft decision that would block Meta’s data transfers from the EU to the US, the social media company indicated that such a block might force them to shut down Facebook and Instagram in Europe. However, other European data protection authorities have issued technical objections against the draft order, which are anticipated to take several months to resolve.
Data privacy (non)compliance: How enforcement works
Ever wanted to know more about how businesses become noncompliant in the first place? Our most recent blog article breaks down what noncompliance looks like and how data privacy enforcement works.
Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.