Security Affairs

DECEMBER 23, 2024

Italy’s data protection watchdog fined OpenAI 15 million for ChatGPT’s improper collection of personal data. Italys privacy watchdog, Garante Privacy, fined OpenAI 15M after investigating ChatGPT’s personal data collection practices.

Data collection 107

Data collection Artificial Intelligence Data breaches Hacking 107

Penetration Testing

NOVEMBER 17, 2023

A powerful OSINT web scrapper that allows users to extract various personal information from a website. It leverages web scraping techniques and regular expressions to extract email addresses, social media... The post Uscrapper: powerful OSINT webscraper for personal data collection appeared first on Penetration Testing.

Data collection 111

Data collection Penetration Testing Media 111

Troy Hunt

NOVEMBER 13, 2024

Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. I knew I'd seen a metric about this sometime recently, so I went looking for "7,000", which perfectly illustrates how unaware we are of the extent of data collection on all of us.

Data breaches 342

Data breaches Passwords B2B Technology 342

Schneier on Security

APRIL 3, 2024

The Incognito splash page will explicitly state that Google collects data from third-party websites “regardless of which browsing or browser mode you use,” and stipulate that “third-party sites and apps that integrate our services may still share information with Google,” among other changes.

Data collection 330

Data collection 330

Security Affairs

JUNE 11, 2025

Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. The operation led to the seizure of 41 servers, over 100 GB of data collected, and 32 arrests, dismantling 79% of the identified threats.

Cybercrime 110

Cybercrime Data collection Scams Cyber threats 110

Schneier on Security

JUNE 14, 2021

privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content. This is probably worth paying attention to: A change to TikTok’s U.S.

Data collection 279

Data collection Media 279

Schneier on Security

APRIL 28, 2025

Greek authorities, in cooperation with INTERPOL, traced the IP address to Windscribe’s infrastructure and, unlike standard international procedures, proceeded to initiate criminal proceedings against Sak himself, rather than pursuing information through standard corporate channels.

VPN 242

VPN Internet Internet Data collection 242

Adam Levin

JANUARY 27, 2020

According to a recent joint investigation by Vice’s Motherboard and PCMag, highly granular and sensitive user data from users of Avast antivirus is being repackaged and sold to companies via a subsidiary called Jumpshot which promises buyers of the data information on “Every search. Every click. On every site.”.

Data collection 243

Data collection Antivirus Software Malware 243

Malwarebytes

FEBRUARY 12, 2025

This data was automatically transferred when loading the webpage, before users could even accept or decline the use of their data. The data collection resulted in the reporterwho said they never once agreed to the use of their data for marketing purposes being inundated with ads for gambling websites.

Data collection 116

Data collection Marketing Data privacy VPN 116

Adam Levin

SEPTEMBER 4, 2020

The controversial collection of details on billions of American phone calls by the National Security Agency (NSA) was illegal and possibly unconstitutional, according to a ruling by a federal appeals court. Under the NSA program, information and metadata from calls placed by U.S.

Surveillance 260

Surveillance Data collection Government Cybersecurity 260

Security Affairs

JULY 1, 2025

Germany asked Google and Apple to remove DeepSeek AI from their app stores, citing GDPR violations over unlawful data collection and transfers to China. The Berlin Commissioner for Data Protection requested Google and Apple to remove the DeepSeek AI app from their app stores due to GDPR violations.

Artificial Intelligence 119

Artificial Intelligence Data collection Hacking Cybersecurity 119

Schneier on Security

MARCH 2, 2020

Privacy International has the details : Key facts: Despite Facebook claim, "Download Your Information" doesn't provide users with a list of all advertisers who uploaded a list with their personal data. As a user this means you can't exercise your rights under GDPR because you don't know which companies have uploaded data to Facebook.

Data collection 270

Data collection Advertising Cybersecurity 270

Schneier on Security

MARCH 20, 2020

With that in mind, the EFF has some good thinking on how to balance public safety with civil liberties: Thus, any data collection and digital monitoring of potential carriers of COVID-19 should take into consideration and commit to these principles: Privacy intrusions must be necessary and proportionate.

Surveillance 275

Surveillance Big data Data collection Government 275

ZoneAlarm

JANUARY 30, 2024

Recent investigations have revealed that several iPhone applications have exploited system notifications to illicitly access users’ private information, prompting Apple to enforce stricter oversight and update guidelines within the App Store to prevent such privacy violations.

Data collection 87

Data collection Data privacy 87

Security Affairs

JULY 7, 2025

Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. “The results indicate the existence of security issues, including excessive data collection and privacy infringement. ” reads the NSB’s announcement. Using the v4.0

Risk 97

Risk Data collection InfoSec Mobile 97

Malwarebytes

OCTOBER 15, 2024

Broadly, Malwarebytes found that: 74% of people “consider US election season a risky time for personal information.” Distrust in political ads is broad—62% said they “disagree” or “strongly disagree” that the information they receive in US election-related ads is trustworthy. The reasons could be obvious.

Scams 134

Scams Identity Theft Cybercrime Accountability 134

Security Affairs

OCTOBER 12, 2024

The threat actors used exploits for the above issues in attacks against organizations in various sectors globally, allowing the APT group to access sensitive data and deploy infrastructure for ongoing data collection. The joint advisory includes a list of known vulnerabilities that should be addressed as soon as possible.

Data collection 136

Data collection Authentication Hacking Government 136

Security Affairs

DECEMBER 5, 2024

Gathering information from the huge number of sources inherent in modern IT environments is laborious, mundane, and mentally exhausting. For instance, a simple suspicious login alert might require an analyst to check user activity logs, verify access patterns, and cross-reference data across various security platforms.

Artificial Intelligence 135

Artificial Intelligence Data collection Risk Cybersecurity 135

Krebs on Security

MARCH 20, 2023

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection.

Mobile 322

Mobile Wireless Advertising Telecommunications 322

Malwarebytes

NOVEMBER 7, 2024

This creates a barrier against unauthorized modifications and traffic interception, making it virtually impossible for anyone to modify or tap the traffic on its servers and share any information about a user. There will continue to be no requirement to share any information to sign up for the service.

VPN 128

VPN Data collection Internet Internet 128

Malwarebytes

JANUARY 20, 2025

Companies are showing customers different prices for the same goods and services based what data they have on them, including details like their precise location or browser history. Probably the most shocking thing is the type of information that could be involved. FTC chair Lina M.

Surveillance 115

Surveillance Artificial Intelligence Consumer Protection Data collection 115

Schneier on Security

DECEMBER 15, 2017

After the app determines what you're doing, it uses the information it collects from the sensors. The accelerometer relays your speed, the magnetometer tells your relation to true north, and the barometer offers up the air pressure around you and compares it to publicly available information. Research paper.

Data collection 279

Data collection 279

Schneier on Security

NOVEMBER 9, 2018

The boundaries between research and grey data are blurring, making it more difficult to assess the risks and responsibilities associated with any data collection. Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII.

Data collection 231

Data collection Cyber Risk Risk Government 231

Security Affairs

MARCH 7, 2025

Rising privacy concerns with Artificial Intelligence have paved the way for secure, ethical, and efficient data analysis. Using AI, organizations increasingly rely on data analytics to extract context from vast amounts of information. Concerns over privacy breaches require robust mechanisms to safeguard sensitive user data.

Artificial Intelligence 62

Artificial Intelligence Healthcare Data privacy Banking 62

Malwarebytes

JANUARY 24, 2025

The Notice delivered to Hyundai discusses covered data, which is defined as any information or data about a vehicle manufactured, sold, or leased by you, regardless of whether deidentified or anonymized. And in August, Paxton sued General Motors for selling customer driving data to third parties.

Manufacturing 109

Manufacturing Insurance Data collection Data privacy 109

Schneier on Security

APRIL 3, 2025

The emphasis on making information available overshadowed other concerns. As Web technologies matured, the focus shifted to protecting the vast amounts of data flowing through online systems. ” authentication mechanisms of today—which ensures that data access is properly verified and authorized at every step.

Architecture 254

Architecture Artificial Intelligence Internet Internet 254

Malwarebytes

JULY 31, 2023

Meta has run into yet another bout of court related issues—two subsidiaries have been ordered to pay $14 million regarding undisclosed data collection. The Australian case, which has rumbled on for the best part of two and a half years, has focused on claims related to a now discontinued Virtual Private Network (VPN).

Data collection 98

Data collection VPN Advertising Mobile 98

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 The law firm pointed out that it has no evidence the exposed data has been misused.

Data breaches 95

Data breaches Identity Theft Consumer Protection Data collection 95

Security Affairs

OCTOBER 10, 2024

. “ The Mongolian Skimmer uses common techniques: DOM monitoring for sensitive input changes, data exfiltration via encoded tracking pixels, DevTools detection to evade debugging, data collection on page unload, cross-browser compatibility, and anti-debugging measures to avoid code tampering.

Data collection 126

Data collection Engineering Malware Hacking 126

The Last Watchdog

JUNE 10, 2024

For instance, it helps online tax services prevent leakage of taxpayers’ personal information via pixels, those imperceptible JavaScripts embedded in a web page to collect information about the user’s interactions.

Data collection 261

Data collection Internet Internet Technology 261

Schneier on Security

APRIL 4, 2024

The ProtonMail people are accusing Microsoft’s new Outlook for Windows app of conducting extensive surveillance on its users.

Surveillance 357

Surveillance Advertising Data collection 357

The Last Watchdog

MAY 21, 2020

Whenever you access a web server, details about your IP address, your browser information, your device information, and other information are recorded in logs. Advertisers are amassing a huge amount of data and creating a comprehensive profile on you as an internet user. More about it can be found on Smartproxy.

Advertising 290

Advertising Accountability Internet Internet 290

Krebs on Security

DECEMBER 20, 2022

In 2017, Equifax disclosed a massive, extended data breach that led to the theft of Social Security Numbers, dates of birth, addresses and other personal information on nearly 150 million people. So far this week, KrebsOnSecurity has received at least 20 messages from readers seeking more information about these notices.

Identity Theft 291

Identity Theft Data breaches Data collection Hacking 291

Schneier on Security

JANUARY 21, 2022

Health customs forms which transmit passport details, demographic information, and medical and travel history are also vulnerable. MY2022 is fairly straightforward about the types of data it collects from users in its public-facing documents.

Surveillance 360

Surveillance Encryption Wireless Government 360

Joseph Steinberg

APRIL 20, 2021

Poorly-designed processes and shoddy information-systems, coupled with a prevailing atmosphere of general mismanagement, have created a privacy nightmare for Americans being vaccinated against COVID-19; some of the problems being created now will likely still impact people many years after the pandemic ends.

Healthcare 233

Healthcare Insurance Computers and Electronics Data collection 233

Schneier on Security

JULY 23, 2021

A growing market of data brokers that collect and sell data from countless apps has made it so that anyone with a bit of cash and effort can figure out which phone in a so-called anonymized dataset belongs to a target, and abuse that information. There is a whole industry devoted to re-identifying anonymized data.

Surveillance 363

Surveillance Marketing Data collection 363

Security Affairs

FEBRUARY 2, 2025

Last week, Italys data protection watchdog blocked Chinese artificial intelligence (AI) firm DeepSeek s chatbot service within the country, citing a lack of information on its use of users personal data. reads the announcement.

Government 78

Government Artificial Intelligence Media Data collection 78