identity management

RockYou Agrees to $250K FTC Fine Over Loss Of 32m Passwords

The Federal Trade Commission announced on Tuesday that it had reached a settlement with RockYou over violations of the Children’s Online Privacy Protection Act (COPPA) after the Web site allowed hackers to gain access to the personal information of its 32 million members.

The “up side” of social networks like Facebook, Twitter and G+ are well known. But the down side of these networks for both users and for organizations that employ them are only now becoming clear. Worms, malware and spam are just the beginning of the security problems engendered by the social net. In this exclusive interview, conducted via e-mail, Threatpost editor Paul Roberts asked Joe Gottlieb, the CEO of security event management firm Sensage, about the many, subtle ways that social networks are eroding organizations’ online defenses.

As Facebook’s population has grown from thousands to millions to hundreds of millions, security has come to be an even greater concern. In recent years, the company has had to respond to threats ranging from spam to Facebook-specific malware like Koobface, all the while keeping scammers and identity thieves at bay.

Mozilla has released a new browser-based federated login mechanism called BrowserID that is designed to replace the login process on Web sites that requires users to supply an email and password. The experimental system relies on the Verified Email protocol and also works on other browsers, including Internet Explorer.

Executives at U.S. defense contractor L-3 Communications warned employees in April about an attempt by unknown assailants to compromise the company’s network using forged SECURID tokens from RSA. The report, if accurate would be the second attack on a leading defense contractor with links back to a high-profile hack at RSA Security, the security division of EMC Corp. in March.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.