For the first time Japanese commission ordered Facebook to improve security

The Japanese government ordered Facebook to improve the protection of users’ personal information following the recent data breaches that exposed data from millions of people.

At the end of September, Facebook admitted that attackers exploited a vulnerability in the “View As” feature that allowed them to steal Facebook access tokens of 50 Million Users.

A couple of weeks ago, the social network giant announced that hackers accessed data of 29 Million users, a number that is less than initially thought of 50 million.

According to the company, the vulnerability is the result of the chaining of three flaws affecting the “View As” feature and Facebook’s video uploader.

Facebook clarified that the version of the video uploader interface affected by the flaw was introduced in July 2017.

On Monday, Japan’s Personal Information Protection Commission ordered a further investigation of the data breach and asked the company to implement preventive security measures.

This is the first time that the commission has issued warnings to the social network giant after it has conducted an investigation along with British authorities.

According to government spokesman Yoshihide Suga, Facebook told Japanese authorities that the recent data breach also included Japanese users.

The commission also ordered the company to improve communication with users being more transparent of the way it manages their data and promptly responding to request for deleting accounts.

Another incident involving the company that affected up to 100,000 Japanese users was the Cambridge Analytica privacy scandal that affected 87 Million users.

“It is the first time that the commission, which investigated the data leak with British authorities, has issued warnings to Facebook,” an official told AFP.

Facebook added to be committed to “promptly inform users if the platform was inappropriately used and cooperate with the commission and other countries’ regulators” on its website.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – social network, cybersecurity)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.