The announcement sparked a wave of protests on Facebook, Twitter, and other social media platforms, with some users threatening to leave the messaging and voice-over-IP service app for more privacy-oriented alternatives, such as Signal, Telegram, or Threema.
It seems that the backlash has been strong enough to make executives at Facebook reconsider their decisions because the latest announcement from the company contradicts the previous one.
“Given recent discussions with various authorities and privacy experts, we want to make clear that we will not limit the functionality of how WhatsApp works for those who have not yet accepted the update,” said a WhatsApp spokesperson in a statement to The Verge.
One reason why the new policy caused so much outrage was that many WhatsApp users believed that they would be required to share their phone numbers and other sensitive information with various third parties.
In reality, the policy update affects mainly businesses using the platform to sell their goods and services using the messaging app, allowing them to see what you’re saying and use this information for their own marketing purposes.
“We will continue to remind users from time to time and let them accept the update, including when they choose to use relevant optional features like communicating with a business that is receiving support from Facebook,” the WhatsApp spokesperson added.
The entire rollout of the policy update has been mishandled, to say the least, with WhatsApp seemingly not fully realizing how much more security and privacy-oriented have its users become since the messaging app started sharing user data with Facebook in 2016.
LastPass Has Revealed Yet Another Security Breach
It’s been revealed that the popular password manager was hacked using intel gained from a previous August 2022 attack.
The CEO of LastPass, Karim Toubba, has revealed that the leading password manager has suffered another serious data breach. Toubba said that LastPass engineers detected unusual activity from a third-party cloud storage service in August 2022 — a service shared with parent company GoTo, which readers may remember by its former name of LogMeIn.
Security firm Mandiant was hired to investigate the suspicious incident, and together, they uncovered that the unauthorized person(s) gained access to LastPass cloud services using information obtained from a previous security breach in August of this year. The latest incident is thought to be rather serious, giving the criminal party access to “certain elements” of customer information.
When the password manager’s systems were breached back in August, Toubba says that after an investigation, the unauthorized party was found to have had internal access to LastPass systems for four days. The hacker was able to steal source code and some technical information, but security engineers said customer data and password vaults remained safe.
In a separate but related announcement, parent company GoTo has admitted that hackers gained entry into its own development environment of remote work tools. Echoing the statement from LastPass, GoTo has assured customers that its services are functioning fine despite the data breach. Both LastPass and its parent company are still investigating the scope of the incidents, and we’ll likely hear more details over the coming months.