Facebook outage, ‘superhero passwords’, Twitch breach and other cybersecurity events

We have gathered the most important cybersecurity news of the week.

A major outage hit Facebook services

On 4 October, users worldwide reported issues accessing Facebook and its WhatsApp and Instagram services.

Full restoration was achieved only after six hours. It was one of the company’s most significant product outages in years.

Facebook said that the cause was a change to the configuration of core routers responsible for coordinating traffic between the company’s data centres.

The company also denied reports of a data breach circulating online in the wake of the outage.

Because the company’s services were unavailable, other social networks and messaging apps saw a large influx of users. For example, Pavel Durov reported 70 million ‘refugees from other platforms’ in a single day.

Twitch data breach

An unknown posted on 4chan a link to a torrent file containing almost 130 GB of Twitch data, including source code and payout information for platform streamers.

Twitch confirmed the breach.

Later, the company said that user credentials and card numbers were not affected. The cause of the breach was changes to the server configuration.

Continuing saga of Group-IB founder Ilya Sachkov

Several media outlets reported that investigators have charged Group-IB founder Ilya Sachkov with treason. He is suspected of disclosing information constituting state secrets, according to sources familiar with the matter.

Group-IB co-owner Dmitry Volkov emphasized that the charges concern Sachkov personally, not the company, and client data were not affected by the proceedings.

Russia begins collecting fines from social networks

Federal Bailiffs Service has begun collecting 8.9 million rubles in fines from Twitter for refusing to remove content prohibited in Russia.

In addition, a Moscow court asked the bailiffs to collect 26 million rubles in fines previously imposed on Facebook.

This week it emerged that the company deleted posts containing content banned in Russia on both Facebook and Instagram, according to a Roskomnadzor representative.

Mozilla reveals popular ‘superhero’ passwords appearing in breaches

Mozilla researchers said that users frequently opt for passwords tied to superhero universes, but they do not protect against hacks. For the analysis, the company used data from haveibeenpwned.com.

Google will enable two-factor authentication by default

Google said it plans to enable default two-factor authentication for 150 million users by the end of the year.

In addition, the company will require two-factor authentication for 2 million YouTube users.

Media: U.S. authorities compel Google to disclose data on users’ search queries

U.S. law enforcement agencies secretly compel Google to provide data about everyone who enters certain search queries, Forbes reports.

In 2019 in Wisconsin, suspects in human trafficking and violence against minors were being sought. According to the publication, investigators asked Google to provide information and IP addresses of anyone who searched for the name of one of the victims, two spellings of the mother’s name, and her address over 16 days in that year.

The company provided the information in response to the request in mid-2020, though court documents do not reveal how many users’ data were disclosed.

Although Google processes thousands of such requests each year, Forbes says this is among the most controversial because it violates the privacy of innocent individuals, and the gathered data could be misused.

“Even worse, law enforcement does this in secret, which excludes this practice from public debate and regulation,” experts say.

Android fixes a number of vulnerabilities

Android developers fixed more than 50 vulnerabilities. Among the bugs are critical. For example, one vulnerability could be exploited for remote code execution.

Also on ForkLog:

• In Ukraine, authorities identified a ransomware operator.
• Senator Elizabeth Warren proposed to study the role of cryptocurrency in ransomware.
• In Abkhazia, internet access restrictions for miners were extended.
• Chainalysis announced the acquisition of a company focused on cybercrime investigations.
• Seventeen Bitcoin exchanges face blocking due to a Russian court ruling.

What to read this weekend?

We revisit one of the largest hacks in recent years, which sparked a new wave of government action against hackers.

Read ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, prices and analysis.