The Global Surveillance Free-for-All in Mobile Ad Data

Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a powerful surveillance tool that should only be in the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites. Continue reading The Global Surveillance Free-for-All in Mobile Ad Data

FTC warns LGBTQ+ community of extortion scams targeting them on dating apps

Members of the LGBTQ+ community have been warned to be on their guard against extortionists who may attempt to prey on them via online dating apps such as Grindr and Feeld.

Read more in my article on the Hot for Security blog. Continue reading FTC warns LGBTQ+ community of extortion scams targeting them on dating apps

Norway fines Grindr for $7.3 million over privacy breach

Norway’s data protection agency is fining LGBTQ+ social app Grindr nearly $7.1 million for unlawfully disclosing personal data to third parties for marketing. The ruling follows a 2020 complaint by the Norwegian Consumer Council alleging that Grindr shared user device data with third parties that, due to the nature of the app, effectively allowed advertisers to connect those users with information about their sexual orientation. The Norwegian DPA, known as Datatilsynet, concluded that Grindr did not have proper consent mechanisms in place allowing users to specifically opt-in to the sharing of their data for advertisements by third parties. “We consider that data revealing the fact that someone is a Grindr user strongly indicates that they belong to a sexual minority,” the DPA wrote. “Data concerning a person’s sexual orientation constitutes special category data that merit particular protection under the GDPR. As the consents Grindr collected were not valid, Grindr could […]

The post Norway fines Grindr for $7.3 million over privacy breach appeared first on CyberScoop.

Continue reading Norway fines Grindr for $7.3 million over privacy breach

Serial Swatter Who Caused Death Gets Five Years in Prison

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today. Continue reading Serial Swatter Who Caused Death Gets Five Years in Prison

No, your Grindr activity is not necessarily private – just ask the senior Catholic priest who was outed and lost his job

A senior official of the US Catholic Church has resigned after a blog revealed it had cellphone data that showed he was a regular user of the gay dating app Grindr. Continue reading No, your Grindr activity is not necessarily private – just ask the senior Catholic priest who was outed and lost his job

Grindr faces fine of nearly $12 million in Norway for alleged privacy violations

Norway’s data protection agency is proposing a fine of $11.7 million against Grindr for the alleged improper sharing of users’ data to third-party companies for marketing purposes. The Norwegian Data Protection Authority (DPA) said Tuesday that Grindr, which bills itself as “the world’s leading LGBTQ+ social application,” had shared, without full consent, users’ GPS locations, profile data and other information with other companies. Grindr has until Feb. 15 to argue against the decision. The case, which applies to the free version of the app, originated with a 2020 complaint from the Norwegian Consumer Council, and it falls under Europe’s General Data Protection Regulation (GDPR). The DPA said the fine of 100 million Norwegian kroner would represent its largest ever, reflecting that “our findings suggest grave violations of the GDPR.” “Users were not able to exercise real and effective control over the sharing of their data,” the Norwegian authority says. The […]

The post Grindr faces fine of nearly $12 million in Norway for alleged privacy violations appeared first on CyberScoop.

Continue reading Grindr faces fine of nearly $12 million in Norway for alleged privacy violations

Google Play Apps Remain Vulnerable to High-Severity Flaw

Patches for a flaw (CVE-2020-8913) in the Google Play Core Library have not been implemented by several popular Google Play apps, including Cisco Teams and Edge. Continue reading Google Play Apps Remain Vulnerable to High-Severity Flaw

Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

At SAS@Home, Luta Security CEO Katie Moussouris stressed that bug bounty programs aren’t a ‘silver bullet’ for security teams. Continue reading Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

Troy Hunt Flags Up ‘Sensational’ Sextortion Bug in Grindr

Grindr, the popular dating app, had a ridiculous bug in its password-recovery flow. To make matters worse, Grindr ignored the bug for a week.
The post Troy Hunt Flags Up ‘Sensational’ Sextortion Bug in Grindr appeared first on Security Boulevard.
Continue reading Troy Hunt Flags Up ‘Sensational’ Sextortion Bug in Grindr