Security News

The U.S. Federal Trade Commission has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. Amazon has also agreed to fork out an additional $5.8 million in consumer refunds for breaching users' privacy by permitting any employee or contractor to gain broad and unfettered access to private videos recorded using Ring cameras.

A VoIP provider was at the heart of billions of robocalls made over the past five years that broke a slew of US regulations, from enabling telemarketing scams to calling numbers on the National Do Not Call Registry, it is claimed. Los-Angeles-based XCast Labs allowed robocalls from telemarketers to flow through its voice-over-IP network to folks despite multiple warnings over several years that many of the calls ran afoul of the America's Telemarketing Sales Rule, the FTC alleged in a 13-page complaint [PDF] filed May 12 in a California federal court.

The US Federal Trade Commission is preparing to take action against Facebook parent company Meta for a third time over claims it failed to protect user privacy, as required under a 2020 agreement Meta made with the regulator. The rules imposed on Meta by the FTC would be extended under the new order to include any future acquisitions by Meta and would expand limits on the use of facial recognition technology included in the 2020 order.

The Federal Trade Commission has proposed to ban the online counseling service BetterHelp from sharing its customers' sensitive mental health data with advertising networks and marketers. A settlement between the FTC and BetterHelp also requires the company to pay $7.8 million as restitution to its users whose sensitive data has been shared with third parties such as Facebook and Snapchat.

BetterHelp - whose business boomed during COVID lockdown - has denied wrongdoing, and claimed in a statement that it merely used "Industry-standard practice... routinely used by some of the largest health providers, health systems, and healthcare brands." The filing alleged: "Between 2017 and 2018, Respondent uploaded lists of over 7 million Visitors' and Users' email addresses to Facebook. Facebook matched over 4 million of these Visitors and Users with their Facebook user IDs, linking their use of the Service for mental health treatment with their Facebook accounts."

Newly released Federal Trade Commission data shows that consumers reported losing nearly $8.8 billion to fraud in 2022, an increase of more than 30 percent over the previous year. Consumers reported losing more money to investment scams - more than $3.8 billion-than any other category in 2022.

The U.S. Federal Trade Commission revealed today that Americans lost almost $8.8 billion to various types of scams in 2022, following a significant surge of over 30% more lost to fraud compared to the previous year. In 2021, Americans also reported losses of more than $5.8 billion to fraud, another massive increase of over 70% compared to 2020.

The U.S. Federal Trade Commission says Americans once again reported record losses of $1.3 billion to romance scams in 2022, with median losses of $4,400. "Last year's romance scam numbers looked a lot like 2021 all over again, and it's not a pretty picture. In 2022, nearly 70,000 people reported a romance scam, and reported losses hit a staggering $1.3 billion," the FTC said.

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game. To that end, the company will pay a record $275 million monetary penalty for breaching the Children's Online Privacy Protection Act by collecting the personal information of Fortnite players under the age of 13 without seeking permission from their parents.

The U.S. Federal Trade Commission has sued education technology company Chegg after exposing the sensitive information of tens of millions of customers and employees in four data breaches suffered since 2017. The agency's proposed order would require Chegg to shore up data security, implement multifactor authentication to help users secure their accounts, limit collected and stored customer data, and allow customers to access and delete their data.