Keepnet Labs Logo
Menu
Keepnet Labs > blog > google-fined-60million-in-penalties-for-misleading-users-on-location-data

Google Fined $60M Over Location Data Misuse

A federal court of Australia has ruled that Google’s Alphabet A.Sh. ordered part of to pay a fine of $ 60 million. The Australian Competition and Consumer Protection Commission (ACCC) filed the case against the company and its local unit in October 2019. ACCC estimates October 1.3 million Google account users in Australia.

Google Fined $60M Over Location Data Misuse

Twitter accidentally disclosed personal information, including phone numbers and email addresses, with 5.4 million accounts. Someone was trying to sell this information. In January 2022, we received a notification of a vulnerability in Twitter systems through our bug bounty program. Vulnerability as a result of an email address or phone number in their system if someone sends Twitter, Twitter, Systems, e-mail address or phone number associated with that person shall notify a Twitter account. This error is the result of updating our code in June 2021. When we heard about this, we immediately conducted an investigation and fixed the problem. We had no evidence at the time that anyone had exploited this vulnerability. In July 2022, we learned from a press release that someone had taken advantage of this and offered to sell the information they had collected.

After reviewing a sample of the data offered for sale, we have confirmed that the attacker took advantage of the issue before it was addressed. This also applies to anonymous accounts. This interpretation is correct: Therefore, after users are forced to enter a phone number to continue using Twitter, they combine phone numbers and related accounts, although Twitter does not need to know the user’s phone number. But things are getting worse … After they became aware of the leak in January, instead of revealing the fact that millions of users’ data were open to any observers, they quietly corrected it and hoped that no one else could find it.

SHARE ON

twitter
twitter
twitter

Schedule your 30-minute demo now

You'll learn how to:
tickAutomate behaviour-based security awareness training for employees to identify and report threats: phishing, vishing, smishing, quishing, MFA phishing, callback phishing!
tickAutomate phishing analysis by 187x and remove threats from inboxes 48x faster.
tickUse our AI-driven human-centric platform with Autopilot and Self-driving features to efficiently manage human cyber risks.
iso 27017 certificate
iso 27018 certificate
iso 27001 certificate
ukas 20382 certificate
Cylon certificate
Crown certificate
Gartner certificate
Tech Nation certificate