Meta

Meta faced a significant privacy breach as the Texas attorney general accused it of capturing biometric data of millions of Texans without consent, utilising a facial recognition feature. Although no explicit data leakage was reported, the breach posed a reputational risk and raised concerns over personal data handling, resulting in a massive $1.4 billion settlement. This incident highlights the increasing scrutiny of tech giants regarding data privacy practices, and their potential financial and reputational impacts.

Source: https://www.wired.com/story/russia-cybercriminal-us-prisoner-swap/

TPRM report: https://scoringcyber.rankiteo.com/company/meta

"id": "met000080424",
"linkid": "meta",
"type": "Breach",
"date": "8/2024",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'customers_affected': 'Millions of Texans',
                        'industry': 'Technology',
                        'name': 'Meta',
                        'type': 'Company'}],
 'attack_vector': 'Facial Recognition Feature',
 'data_breach': {'number_of_records_exposed': 'Millions',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Biometric Data'},
 'description': 'Meta faced a significant privacy breach as the Texas attorney '
                'general accused it of capturing biometric data of millions of '
                'Texans without consent, utilising a facial recognition '
                'feature. Although no explicit data leakage was reported, the '
                'breach posed a reputational risk and raised concerns over '
                'personal data handling, resulting in a massive $1.4 billion '
                'settlement.',
 'impact': {'brand_reputation_impact': 'High',
            'data_compromised': 'Biometric Data',
            'financial_loss': '$1.4 billion',
            'legal_liabilities': 'Significant'},
 'motivation': 'Legal Enforcement',
 'post_incident_analysis': {'root_causes': 'Unauthorized Biometric Data '
                                           'Collection'},
 'regulatory_compliance': {'fines_imposed': '$1.4 billion',
                           'legal_actions': 'Settlement'},
 'threat_actor': 'Texas Attorney General',
 'title': 'Meta Biometric Data Breach',
 'type': 'Privacy Breach',
 'vulnerability_exploited': 'Unauthorized Biometric Data Collection'}