The biggest privacy & security scandals of 2018

From the Facebook–Cambridge Analytica data scandal to Google+ data leaks – unfortunately, there was again plenty of reason to worry about data protection this year. We look back on the biggest issues.

Björn GreifEditor

Towards the end of the year, we take a look back at the most serious privacy & security breaches that have threatened or are threatening the privacy and security of Internet users. In the articles we also provide tips on how you can protect yourself from these threats. For example, one simple and effective way to better protect your personal data on the web is to use an anti-tracking tool such as Ghostery or Cliqz.

Trackers who steal

Credit card theft through tracking scripts: How to protect yourself

Hackers manipulate third-party tracking scripts to steal payment information from millions of consumers. Cliqz and Ghostery block these scripts.

Government websites leak data to trackers

Government websites leak data to Google & Co.

Many European and US government websites contain third-party trackers that collect metadata about citizens. This is revealed by an analysis by

Google+ data leak: just the tip of the iceberg?

The most intimate data about you is stored on Google’s servers. As the recent scandal has shown, there is no 100% security at Google either.

Local Sheriff Logo

Lufthansa data leak: What a single URL can reveal about you

Anyone who knows the URL of a Lufthansa booking details page can view, change or delete all the data listed there, including personal information up to passport numbers.

How easily you can be identified by publicly available Twitter metadata

British researchers were able to identify 1 user in a group of 10,000 with an accuracy of 96.7 % by just analyzing metadata. The data itself is freely accessible via an API.

After Gmail controversy: How to revoke app access to your Google account

If you grant a third-party app access to Gmail, you must expect the developer’s staff to read your private messages. Check access rights now!

(Icons by DinosoftLabs

Third-party trackers misuse Facebook Login to collect user data

Princeton researchers have identified several tracking scripts that abuse the social login system to access Facebook users’ profile information. These data include user ID, email and user name.

Icons by Freepik, Vectors Market

After Cambridge Analytica scandal: How to delete your Facebook account

You want to quit Facebook? We explain step by step how to temporarily deactivate or permanently delete your account.

(Source: iStock / iNueng)

How airlines don’t care about your privacy

Airlines such as Emirates share sensitive user information with third-party trackers – all without users’ consent or any option to opt-out.

Icon made by Freepik from

Cliqz researchers discover privacy issue on and other Microsoft sites

Popular sites like, and leaked an identifier that could be used to deanonymize users. Microsoft acknowledged and fixed this issue. Cliqz users were not affected.

Tracking scripts pull data from password managers

According to researchers at Princeton University, the advertising industry’s new tracking method exploits a weak point of the autofill feature to track users across various websites.

Meltdown and Spectre: processor security flaws affect billions of devices

Almost all Intel chips of the last decade are vulnerable to “Meltdown”. “Spectre” affects virtually all computers, cloud servers and smartphones with modern processors.