Japan Orders Facebook to Improve Data Protection
23.10.2018 securityweek
Social

The Japanese government on Monday ordered Facebook to improve protection of users' personal information following data breaches affecting tens of millions of people worldwide.

Facebook said early this month that hackers accessed the personal data of 29 million users in a breach at the world's leading social network first disclosed late September.

The company had originally said up to 50 million accounts were affected in a cyberattack that exploited a trio of software flaws to steal "access tokens" that enable people to automatically log back onto the platform.

Japan's Personal Information Protection Commission on Monday demanded the social media giant investigate why the personal data was hacked and draw up preventive measures.

Facebook told Japanese authorities the 29 million people hacked in the latest attack may include Japanese users, top government spokesman Yoshihide Suga has said.

Facebook also acknowledged earlier this year that tens of millions of users had their personal data hijacked by Cambridge Analytica, a British political firm which worked for Donald Trump in 2016.

Up to 100,000 Facebook users may have been affected in Japan in that scandal, the commission said.

"It is the first time that the commission, which investigated the data leak with British authorities, has issued warnings to Facebook," an official told AFP.

The commission also ordered Facebook to communicate better with users and respond to them promptly, for example when they request their accounts be deleted.

Facebook pledged to "promptly inform users if the platform was inappropriately used and cooperate with the commission and other countries' regulators" on its website.