Mediaboss Marketing

Hackers have targeted Twitter, gaining limited access to around 250,000 user accounts, the social networking site announced on Friday.

This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data, a blog post by Twitters director of information security said.

The post said hackers may have accessed usernames, email addresses, session tokens and encrypted/salted versions of passwords.

Twitter said it had already reset passwords for affected users, and will notify them soon.

The cyber attack comes days after US newspapers the New York Times and the Wall Street Journal revealed their respective websites had been the target of a well-coordinated hacking effort.

"This attack was not the work of amateurs, and we do not believe it was an isolated incident," Twitter said.

"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked."

The company did not specifically link the attacks to Chinain the blog post, in contrast to the newspapers, which both said the hackers originated in China.

176

Read the original here:
Twitter latest target in cyber attack

By John Eggerton -- Broadcasting & Cable, 2/1/2013 1:52:55 PM Even as he announced he was heading for the exit -- Feb. 15 -- Federal Trade Commission chairman Jon Leibowitz sent a signal that the commission remains focused on online privacy, in this case app privacy. That included a settlement with one app company, a new report on mobile app privacy disclosures and a set of mobile app best practice guidelines for protecting information.

According to the FTC and Justice Department, social networking app Path agreed to pay $800,000 to settle charges that it collected personal information online from kids younger than 13 without securing their parents' consent, which violates the Children's Online Privacy Protection Act.

In a complaint filed Jan. 31 in the Northern District of California, the FTC and DOJ cited over 3,000 instances where Path collected personal information from address books using the mobile app, including names, addresses, phone numbers and email addresses. It also collected info when kids registered or accessed content, the agencies said.

Along with the $800,000 civil penalty, Path agreed to delete all info it had collected from kids younger than 13 and promised not to violate the Children's Online Privacy Protection rule in the future. It must also "implement a comprehensive privacy program, and submit to regular assessments by an independent third party." Those are similar to requirements placed on Google in an FTC settlement over online privacy issues.

Path blogged that the problem has already been corrected. "As you may know, we ask users' their birthdays during the process of creating an account," the company said. "However, there was a period of time where our system was not automatically rejecting people who indicated that they were under 13. Before the FTC reached out to us, we discovered and fixed this sign-up process qualification, and took further action by suspending any underage accounts that had mistakenly been allowed to be created."

"Over the years the FTC has been vigilant in responding to a long list of threats to consumer privacy, whether it's mortgage applications thrown into open trash dumpsters, kids' information culled by music fan websites, or unencrypted credit card information left vulnerable to hackers," said Leibowitz in a statement that had the ring of a valedictory address. "This settlement with Path shows that no matter what new technologies emerge, the agency will continue to safeguard the privacy of Americans."

The court has to accept the settlement for it to be official, though that is essentially a pro forma step.

In addition to the settlement, the FTC Friday released a new study, Mobile Privacy Disclosures, with a host of recommendations -- which could be viewed as the chairman's parting advice on how to avoid regulation. Those included "considering" a do-not-track regime for smartphones, standardized privacy policies, getting affirmative consent before accessing sensitive data -- like geolocation -- and much more.

"The FTC should be applauded for continuing down the path of voluntary recommendations that give companies flexibility to find the best solution for their particular needs," Daniel Castro, a senior analyst with Information Technology and Innovation Foundation said in a statement. "However, while some of these recommendations are in line with current industry best practices, others reflect an overemphasis on privacy at the expense of innovation."

The Future of Privacy Forum (FPF) was accentuating the positive for the most part.

Read more here:
Social Networking App Company Path Settles FTC Privacy Complaint

Athletic director David Brandon suggested Friday that the Michigan athletic department had catfished some of its own student-athletes to teach them a cautionary lesson on the possible perils of social networking, according to Kyle Rowland of ElevenWarriors.com.

While Brandon never actually used the word catfished in describing UMs actions, Rowland reports that the athletic department hired two outside consulting firms to track athletes use of social media. One of the firms used an attractive female to contact Michigan players on Facebook and some of the athletes reported responses were inappropriate.

However, associate athletic director Dave Ablauf denied to SI.com that Michigan catfished its athletes, claiming the university did not try to establish relationships between fake personalities and its athletes. Speaking with Bill Shea of Crains Detroit Business, Ablauf went on to say the female never actually made direct contact with the players.

Ablaufs account of what happened contradicts what Brandon and, more directly, head football coach Brady Hoke have said. According to Kyle Meinke of Annarbor.com, Hoke detailed UMs approach as follows:

Before he came in, we gave him 20 Facebook accounts of guys on our team, said Hoke, in a January speech to Michigan high school coaches. She tried to talk to our guys. Hey, what are ya doin? Whatever it might be.

Well, two months later were in a team meeting and were on the topic of what you put out there in the cyber universe you should have seen 115 guys when that young lady she was hot, now; a very, very nice looking young lady when she walked into that meeting room, and the guys looking at each other.

Because some of them didnt use their heads when communicating back and forth with that young lady.

Michigans first social media director, Jordan Miller, resigned in December after it was discovered that she wasnt exactly who she claimed to be. It turned out that Miller did not graduate from Columbia College in Chicago, as stated on her resume. The university hired Miller last February to oversee Michigans social media program at an annual salary of $100,000.

College athletic programs have been tasked with tutoring their athletes during the social media boom, and have also been affected by high school recruits making social media miscues.

This story has been updated from its original version.

View post:
Michigan ‘catfished’ own athletes to teach social media dangers

WASHINGTON - The company behind the popular Path social networking service agreed to pay $800,000 to settle federal charges that it illegally collected personal information from cellphones without the knowledge or consent of its customers, the government said Friday.

Path Inc. of San Francisco collected names, addresses, phone numbers, email addresses and usernames for Facebook and Twitter accounts from its customers' cellphones without permission, the Justice Department and Federal Trade Commission said.

These customers included roughly 3,000 children under 13 and occurred even in cases when a Path customer sought to block the service from collecting the information. The government said Path collected the information the first time a customer signed into the service and upon every subsequent sign-in.

"The user had no meaningful choice as to the collection and storage of personal information from the user's mobile device contacts, and the user interface options were illusory," according to the Justice Department's lawsuit against Path. The Justice Department filed the case against Path on Thursday in federal court in San Francisco at the FTC's request. Path acknowledged the legal settlement on Friday.

Path said in a statement that even before the FTC had contacted the company, it was made aware that its service was allowing children under 13 to register as customers. It said it has suspended all accounts for users under 13.

"There was a period of time where our system was not automatically rejecting people who indicated that they were under 13," the company said. "Before the FTC reached out to us, we discovered and fixed this sign-up process qualification, and took further action by suspending any underage accounts that had mistakenly been allowed to be created."

Path's statement on Friday did not respond to the government's charge that the company had violated privacy assurances that it made to adult customers whose personal information it collected without permission. But it had previously apologized, in February 2012, for what it described as the mistake of collecting that information from adults and said it had deleted its customers' uploaded contact information from its own computers.

Days earlier, the company's chief executive, Dave Morin, had defended the practice in a statement that said, "We believe this type of friend finding and matching is important to the industry and that it is important that users clearly understand it."

The Path fine comes as the FTC adopts new recommendations to make sure companies in the rapidly expanding mobile market are aware of privacy concerns and offer better information to consumers about data practices. The FTC wants app developers and operating system providers, including Apple and Google, to give consumers real-time disclosures and obtain their express consent before accessing sensitive content like geographic location, contact lists and photos.

"This settlement with Path shows that no matter what new technologies emerge, the agency will continue to safeguard the privacy of Americans," said outgoing FTC Chairman Jon Leibowitz, who on Friday formally announced plans to leave the agency.

View original post here:
Operator of 'Path' social networking app fined $800,000 for illegally collecting private info

SAN FRANCISCO -- Mobile social networking app Path has settled Federal Trade Commission charges that it deceived users by collecting personal information from their mobile address books without their knowledge or permission.

The San Francisco company will also pay $800,000 for illegally collecting kids personal information without parents consent, the FTC said Friday.

Path must also establish a privacy program and obtain independent privacy assessments every other year for the next 20 years, according to the settlement.

This settlement with Path shows that no matter what new technologies emerge, the agency will continue to safeguard the privacy of Americans, said outgoing FTC Chairman Jon Leibowitz.

Path Chief Executive Dave Morin apologized last February for uploading iPhone address books to Path servers.

"We believe you should have control when it comes to sharing your personal information," Morin said at the time. "We also believe that actions speak louder than words. So, as a clear signal of our commitment to your privacy, weve deleted the entire collection of user-uploaded contact information from our servers. Your trust matters to us and we want you to feel completely in control of your information on Path."

Path is a mobile social networking app that lets users share moments in their lives with a social circle of up to 150 friends.

The FTC claimed that Paths iPhone app did not give consumers a choice of how their personal information was treated and then automatically collected and stored personal information from mobile address books including names, addresses, phone numbers, Facebook and Twitter user names and birthdates.

Paths privacy policy deceived consumers by saying that it only collected information such as IP address and browser type, the complaint said.

Further, Path collected personal information from about 3,000 children under the age of 13 without their parents permission, the FTC said. Federal law requires online services to notify parents and get their permission before collecting that information.

See the rest here:
Mobile social networking app Path settles with FTC for $800,000