The Verge: Facebook faces class-action lawsuit over massive new hack

That was quick. From The Verge: Facebook faces class-action lawsuit over massive new hack. “Facebook is already facing immense fallout from revelations this morning that a hacker exploited a security flaw in a popular feature of the social network to steal account credentials of as many as 50 million users. The company is now facing a class-action complaint filed on behalf of one California resident, Carla Echavarria, and one Virginia resident, Derick Walker. Both allege that Facebook’s lack of proper security has exposed them and additional potential class members to a significantly increased chance of identity theft as a result of the breach.”

TechCrunch: Chegg resets 40 million user passwords after data breach

TechCrunch: Chegg resets 40 million user passwords after data breach . “Chegg, a technology giant specializing in textbook rental, has confirmed a data breach affecting some 40 million customers. In a filing with the Securities and Exchange Commission, the company said it will reset all user passwords after hackers gained access to the company’s customer database. That database includes users for Chegg’s website but also other products, such as citation service EasyBib, which it owns.”

Mozilla Blog: Introducing Firefox Monitor, Helping People Take Control After a Data Breach

Mozilla Blog: Introducing Firefox Monitor, Helping People Take Control After a Data Breach. “Data breaches, when information like your username and password are stolen from a website you use, are an unfortunate part of life on the internet today. It can be hard to keep track of when your information has been stolen, so we’re going to help by launching Firefox Monitor, a free service that notifies people when they’ve been part of a data breach. After testing this summer, the results and positive attention gave us the confidence we needed to know this was a feature we wanted to give to all of our users.”

ZDNet: Canadian retailer’s servers storing 15 years of user data sold on Craigslist

ZDNet: Canadian retailer’s servers storing 15 years of user data sold on Craigslist. “A security researcher has found customer and employee data belonging to one of Canada’s biggest PC hardware retailers on servers put up for sale on Craigslist. The data, believed to go back as far as 15 years, belongs to NCIX, a PC retailer that filed for bankruptcy and closed shop in December 2017. The massive privacy breach appears to have taken place after the retailer closed its stores last year and retired old servers and employee workstations.”